Go to Home Page
Home
Contact Us
GET STARTED Log On
Privacy Policy
Privacy Policy
Back


HR Avatar Privacy Policy - Updated June, 2018.
HR Avatar is committed to the security, availability, confidentiality, and processing integrity of all information collected. This privacy policy is applicable to all its online platforms, including its commercial website and application products, administrative tools, assessment portals, and e-commerce sites. As a result, by visiting any of our sites you are accepting the practices described in this Privacy Policy.

What this Privacy Policy Covers

This policy covers how this website treats personal information that we collect and receive, including information related to your past use of this website and its services. Personal information is information about you that is personally identifiable like your name, address, email address, or phone number, and that is not otherwise publicly available. This policy does not apply to the practices of companies that the company owning this website does not own or control, or to people that the company that owns this website does not employ or manage.

Information Collection and Use

General

This website uses information for the following general purposes: to customize the content you see, fulfill your requests for services, including pre-employment testing, improve our services, contact you, and conduct research.

Information you provide

The information collected is determined by your role: CUSTOMER or TEST-TAKER.

Role Definitions

CUSTOMER - Employers and account users who register with the site to administer assessments to learn more about test-takers and job applicants.

TEST-TAKER - Individuals who are asked to perform an assessment for employment or skills evaluation. HR Avatar offers assessment services that can be used to make inferences about a test taker’s knowledge, skills, abilities, personality, and behavioral history to assist with the pre-employment decision-making process. Test takers are informed that they are providing data for the stated purposes, and they consent to an information disclosure and release form before they begin. Test takers may choose to provide this data by answering questions, sharing audio recordings, video recordings, and other related methods.

Automatic information

This website automatically receives and records information on our server logs from your browser, including your IP address, this website cookie information, the page you request, login info, e-mail address, password, photos, telephone number, computer, and connection information such as browser type and version, operating system and platform, purchase history, the full Uniform Resource Locators (URL) clickstream to, through, and from our website, including date and time, cookie number, and products you viewed or searched for. If you have any other questions about our Privacy Policy, please e-mail us at privacy@hravatar.com.

HR Avatar does not link IP addresses to personally identifiable information on its website; however, we reserve the right to link IP addresses and other information supplied by the Internet Service Provider (ISP) to personally identifiable information in order to protect the integrity of our system and for security purposes.

The Internet is a global environment. By using this site and sending information to us electronically, you consent to trans-border and international transmission of any data that you may choose to supply us. Information transmissions to this site and emails sent to us may not be secure. Given the inherent operation and nature of the Internet, all Internet transmissions are done at the user’s own risk.

E-mail Communications

If you do not want to receive e-mail or other mail from us, please unsubscribe using the links found at the bottom of various emails we send, or by contacting us at privacy@hravatar.com.

Children

HR Avatar does not offer services to children. Should we determine a test-taker or account owner is under 13 years of age, we will deny further access to the system. This website is designed for pre-employment testing, and it is unlikely that persons under employable age will use its services. This website does not collect information on age, with the exception of demographic data, which is provided voluntarily with the test taker’s consent for HR Avatar to comply with EEOC guidelines to ensure tests do not discriminate against protected groups. Demographic data is not routinely shared with prospective employers and does not affect test scores.

Information Sharing and Disclosure

This website does NOT rent, sell, or share personal information about you with other people or non-affiliated companies except to provide services you've requested, when we have your permission, or under the following circumstances: We provide the information to trusted partners who work on behalf of or with this website and with whom we maintain confidentiality agreements. These companies may use your personal information to help us communicate with you about offers from us and from our marketing partners. However, these companies do not have any independent right to share this information. We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, or as otherwise required by law. We transfer information about you if our company is acquired by or merged with another company. In this event, we will notify you before information about you is transferred and becomes subject to a different privacy policy. This website currently does not, but reserves the right to, display targeted advertisements based on personal information.

Information Security

HR Avatar is dedicated to safeguarding the confidentiality of your information. We use a variety of industry-standard administrative, physical, and security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. We also require you to enter a password to access your account information. HR Avatar strives to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input on protected sites.

All payment transactions are processed through a gateway provider and credit card information is not stored or processed on our servers.

It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.

The HR Avatar data is housed in secure data storage hosted by Amazon Web Services AWS, a secure cloud-based service for data storage and persistence. Data access is restricted to a members of a virtual private cloud that includes application servers and administrators who log on using both Amazon secure authentication and encrypted passwords. Data is also backed up using Google Cloud for data redundancy.

Cloud Service Provider Terms and Conditions are available here:
Amazon AWS https://aws.amazon.com/service-terms/
Google Cloud: https://cloud.google.com/terms/.

Cookies

This website may set and access cookies on your computer. This website may, in the future, let other companies that show advertisements on some of our pages set and access their cookies on your computer. Other companies' use of their cookies is subject to their own privacy policies, not this one. Advertisers or other companies do not have access to this website's cookies.

Your Ability to Edit and Delete Your Account Information and Preferences

General

CUSTOMERS can edit your account Information at any time to maintain accuracy. We reserve the right to send you certain communications relating to this service, such as service announcements and administrative messages that are considered part of your account, without offering you the opportunity to opt-out of receiving them. However, you can opt-out from our promotional emails and periodic newsletter at any time. You can deactivate your account by filling out a contact request form.

TEST TAKERS cannot change inputs once they are submitted. If a test taker requests to make a change, it has to be provided as a supplement and will be coordinated with the CUSTOMER.

Email Opt-Out

We reserve the right to send you certain communications relating to this service, such as service announcements and administrative messages that are considered part of your account, without offering you the opportunity to opt-out of receiving them. However, you can deactivate your account by filling out a contact request form. Additionally, we may send promotional emails including our periodic newsletter, which you can opt-out from at any time by clicking on the Unsubscribe link at the bottom of each email, or by unchecking the appropriate checkbox on your account information page.

Confidentiality and Security

We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide services to you or in order to do their jobs. We have physical, electronic, and procedural safeguards that comply with federal regulations to protect personal information about you. Your Account Information is password-protected. In certain areas this website may use industry-standard SSL-encryption to protect data transmissions.

Privacy Shield (HR Avatar is Currently in the Process of Self-Certifying)

HR Avatar complies with the U.S.–EU Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information from European Union member countries. HR Avatar is in the process of certifying that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/.

Principles

Notice

When HR Avatar collects your personal information, we’ll give you timely and appropriate notice describing what personal information we’re collecting, how we’ll use it, and the types of third parties with whom we may share it.

Onward Transfer

HR Avatar will not disclose your information to unaffiliated third parties without first obtaining your permission, unless of course it’s to meet national security or law enforcement requirements. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, we are liable for appropriate onward transfers of personal data to third parties.

Security

HR Avatar takes appropriate physical, technical, and organizational measures around security, availability, processing integrity, and confidentiality to protect personal information from loss, misuse, unauthorized access or disclosure, alteration or destruction.

Data Integrity

HR Avatar takes appropriate steps to make sure the personal information in our records is accurate.

Relevance

HR Avatar collects only as much personal information as we need for specific, identified purposes, and we won’t use it for other purposes without obtaining your consent.

Retention

HR Avatar keeps your personal information for as long as required to fulfill the purposes for which it was collected, or as permitted by law.

Access

HR Avatar acknowledges that EU individuals have the right to access the personal information that we maintain about them. HR Avatar provides ways for you to access your personal information, as required by law, so you can correct inaccuracies.

Enforcement

HR Avatar regularly reviews how we’re meeting these privacy promises, and we provide an independent way to resolve complaints about our privacy practices. HR Avatar is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Independent Recourse

In compliance with the Privacy Shield Principles, HR Avatar commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact HR Avatar.

HR Avatar commits to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. If your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

Standard Contractual Clauses

The European Commission’s SCCs, otherwise known as model contracts or clauses, are contract terms developed and approved by the European Commission as ensuring adequate protection for data subjects in accordance with the EU Data Protection Directive 95/46/EC when transferring personal data from the EEA to the U.S. If you are an HR Avatar client, or the client of one of HR Avatar’s authorized distributors or partners, transferring personal data in connection with HR Avatar products and services, please promptly complete, sign and return a copy of the HR Avatar Standard Contractual Clauses to privacy@HRAvatar.com.

European Union General Data Protection Regulation (GDPR)

HR Avatar is currently in the process of implementing updates to comply with GDPR guidelines.

The General Data Protection Regulation (GDPR) creates consistent data protection rules across Europe. It applies to all companies that process personal data about individuals in the EU, regardless of where the company is based. Processing is defined broadly and refers to anything related to personal data, including how a company handles and manages data, such as collecting, storing, using and destroying data.

Only a small percentage of HR Avatar test-takers reside within the EU. However, HR Avatar takes GDPR compliance seriously first because it’s a legal requirement for any testing of EU residents, and second because it is a practical way to enhance our privacy protection for all of our clients.

HR Avatar’s system was designed from the start with a "Privacy By Design" philosophy. To ensure full GDPR compliance, we are committed to the following guidelines, in addition to the aforementioned principles regarding Information Collection and Use:

Transparency

Where personal data is collected, HR Avatar explains the purpose for the data collection, and the submitter provides consent to providing the data.

Information and Access to Personal Data

In addition to information users why their data is collected, every HR Avatar site provides a link to a form, contact information, and phone number to contact HR Avatar for questions relating to technical support, privacy, and personal data questions.

Test results are property of the CUSTOMER

HR Avatar does use third party processors in order to analyze data, or provide data backup and redundancy services. These third-party processors are VoiceVibes (receives encrypted data), Amazon AWS, Google Cloud Services.

Rectification and Erasure

CUSTOMERS, or account owners, have the ability to update their account information as needed, to ensure information is accurate and up to date. CUSTOMERS may also notify HR Avatar to request updates. CUSTOMERS may also notify HR Avatar if they would like to close accounts and request immediate data pseudonymization.

TEST-TAKERS have the right to complete incomplete personal data, for example complete an incomplete test event, as permitted by CUSTOMERS.

A test taker can request information provided, including personal identifying information, photos/videos, and test responses - but not scores. However, TEST-TAKERS cannot update information in the test once submitted. These data are treated as one-time submissions and obfuscated after a specified period of time. TEST-TAKERS may request data obfuscation. This process requires confirmation of the request will be coordinated through the HR Avatar Data Protection Officer and the CUSTOMER.

Right to Object

At any time, a person may decline to register for an account or complete the assessment or survey. CUSTOMERS may also withdraw consent by notifying support@hravatar.com. This process requires confirmation of the request will be coordinated through the HR Avatar Data Protection Officer and the CUSTOMER.

Closed Testing Accounts

CUSTOMERs may request that a testing account be placed in Closed status. Additionally, any testing account may be placed in Closed status after the maximum allowed period of inactivity has been reached (see below). As of 1 July 2018, pseudonymization of user names, email addresses, and phone numbers for administrative users of closed testing accounts, as well as all TEST-TAKERS in that account, will occur. If users re-open their accounts, they will be able to access reports, but they will not be able to identify the personal information tied to the reports. Videos and audio recordings tied to reports, as well as any stored PDF reports, will be permanently deleted.

Automatic Closure of Inactive Accounts

As a protection against unauthorized access, any testing account that has been inactive for more than two years is automatically placed in Disabled status. When an account is in disabled status, users may not log on to their account, but all data is preserved. Users can re-activate their account at no cost and without losing any data by contacting HR Avatar.

Any testing account (in any status) that has exceeded the maximum allowed period of inactivity of 60 months (5 years) is automatically placed in Closed status. All user information for administrative users and TEST-TAKERS within Closed accounts will be pseudonymized immediately upon closure. PDF reports, videos and audio recordings tied to test results will be permanently deleted.

TEST-TAKER Data

As of July 2018, account-specific pseudonymization of test taker name, email, phone number will occur in all test results based on parameters set by the CUSTOMER. To be clear, individual test results are not deleted, however, all identifying information is pseudonymized after a account-administrator-defined period of months. For TEST-TAKERS determined to be located within the EU, all identifying information is pseudonymized after a maximum of 24 months (2 years), regardless of the account setting. Videos and audio recordings tied to reports, as well as PDF-formatted reports are permanently deleted during the pseudonymization process. The default time period prior to pseudonymization for accounts created before 1 July 2018 is 5 years, and the default setting for all accounts created after 1 July is 3 years. Administrative users for active accounts are never pseudonymized unless requested directly or unless the account is closed either by request or because of inactivity.

Data Protection Officer

HR Avatar’s Data Protection Officer has knowledge of GDPR guidelines as well as knowledge about the internal processes that involve personal information. Questions can be sent to privacy@hravatar.com and will be addressed by the Data Protection Officer.

Go to Home Page