It is recommended to check this page from time to time, referring to the date of the last modification listed at the top, to ensure that you accept any changes.
We collect information from you when, for example but without limitation, you install and use our App, perform search settings, place an order, respond to the XORbot's survey, open a support ticket, enter other information on chat with the XORbot, or otherwise use our Website or Service.
Failure or refusal to provide certain Personal Data may make it impossible for you to use our Services.
Users are responsible for any Personal Data of third parties obtained, published or shared through the Application and confirm that they have such third party's consent to provide such Data to the Company.
If you are an Employer, Company may request that you provide certain personal information in order to verify your account. This information includes, but is not limited to your Federal Employer Identification Number (EIN), Business Registration information, or a utility bill. This information will be used for internal purposes only, subject to any request by law enforcement or a court order.
An aspect of our Service permits communication between Company and job seekers (Applicants), Company and prospective employers (Clients), as well as communication directly between job seekers and prospective employers on the Website but also via third-party services and applications such as SMS, on Facebook Messenger, Viber, and Telegram. PLEASE NOTE THAT YOUR RELATIONSHIP WITH ANY OTHER THIRD-PARTY SERVICE, APPLICATION OR WEBSITE IS GOVERNED SOLELY BY YOUR AGREEMENT WITH SUCH THIRD-PARTY OR GDPR WHERE APPLICABLE.
We process the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
We process the Data of two categories of users of our Services: employers (business entities) and job applicants (natural persons). An employer has to create a profile in order to use our Service, while job applicants are not entitled to creating a profile and use or services by visiting a web address (URL) where they can apply for a job position.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Company and its staff involved with the operation of the Website or Services (e.g., administration, sales, marketing, legal or system administration staff), in some cases, the Data may be accessible to third parties (such as technical service providers, mail carriers, hosting providers, IT companies or communications agencies) appointed by us, if necessary, as "Data Processors". Our data servers are located in the Netherlands, EU, however data may be processed by Data Processors in any other country.
You acknowledge and agree that PII you provide to us may be transferred outside of the country in which you reside. Providing such Personal Information will constitute your consent to any such transfer. Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organization shall take place only if the conditions laid down in Chapter V of GDPR are complied with by the Company and the Data Processor, including for onward transfers of personal data from the third country or an international organization to another third country or to another international organization.
We may store Data indefinitely, however you may request that we suspend or remove your PII at anytime. Our Company is GDPR compliant and all data subjects’ requests are duly processed.
The information we collect from you when you use our Services, Website or App is collected and stored to allow us to better provide our Services, as well as for the following purposes:
Any Personal Information and other information shared by you with us may be shared with or transferred to any Company-affiliated entity (including those located outside the European Union or Switzerland), no matter where located, for the purpose of providing you Services and improving the Website. By using the Services, Website or App, you consent to this transfer and acknowledge that the Services provided to you and the functionality of the Website and App could not be provided without such a transfer. If you do not wish your Data to be transferred in this way you should not use our Services, Website or App. Special rules in this regard apply to data subjects under GDPR.
You give us explicit consent that
Our Website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our Website as safe as possible.
We do not use Malware Scanning.
Your Personal Information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We follow generally accepted industry standards to protect against the unauthorized access to, retention of, and disclosure of Data. This includes undertaking necessary physical, electronic, and management activities required to protect data integrity, access, and use. Any Data that is stored on our servers is treated as confidential information.
Please keep in mind, however, that despite these reasonable efforts to protect Data on our servers, no method of transmission over the Internet is guaranteed to be 100% secure. Therefore, while we strive to protect your Data at all times, we cannot guarantee its absolute security and shall not be liable for any breach of security by an outside party.
We may collect non-personally identifiable information (hereinafter "Non-PII") regarding the User’s behavior on the Website to understand and save a User's preferences for future visits or to compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. For tracking purposes, we may also use trusted third-party services that track this information on our behalf.
Non-PII we collect may include information such as the information related to the Website and web pages a User is viewing when specific information is shown on them. We collect Non-PII through the use of pixels. No PII is collected or used in this process. A pixel is a line of code that is used by a website or third party ad server to track a User's activity. The use of a pixel allows us to record that a User has visited a particular webpage along with additional Non-PII that we may choose to include with the pixel. Your Non-PII will not be linked with your PII.
We may automatically receive and store certain types of information about you through the data sources listed above.
We may also add third party cookies. Cookies contain anonymous, segmented data about a user’s demographics (like age, gender, and location), interests, lifestyle, household details, social media memberships, and online influences. The date in the cookies do not contain individual-level information, but rather general audience segments.
We also collect information through our web server applications. This information includes your Internet Protocol or “IP” address, date/time stamp, browser type, and referring URL.
If you turn cookies off, some features will be disabled. It may affect the User's experience that make your Website visit more efficient and may not function properly.
However, you will still be able to install and use our App.
Any PII and other information shared by you with us may be shared with or transferred to relevant, prospective employers that match your employment goals. GDPR data subjects give their consent for this purpose of processing of their personal data and they are informed of their right to request access, rectification, erasure (‘right to be forgotten’), restriction of processing, objection against processing and data portability.
In addition, we may use other companies, including affiliates and third parties, to help us perform the Services and to improve the Website, App, and any other products and services. These third parties may include, but are not limited to, service providers and vendors.
In the course of providing such services, those companies may have access to Personal Information, and such Personal Information may be transferred to other countries.
In addition, we may disclose a User's information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including, but not limited to, fraud and threats, including potential or perceived threats, to ours or others' rights, property or safety.
Non-PII may be provided to other parties for marketing, advertising, or other uses. We may disclose Non-PII collected through our Services, and information derived from it, to our customers. This information cannot be used to contact or identify any person individually. Further, all of our customers have warranted that they shall use any Non-PII they receive in compliance with applicable laws and regulations.
We do not include or offer third-party products or services on our Website.
Users have the right, at any time, to know whether their PII has been stored and can contact the Company regarding the contents and origin of such Data; to verify its accuracy; to request such Data be supplemented, cancelled, updated or corrected; or to transform such Data into an anonymous format. Such requests should be sent to the Company at the contact information set out below at the end of this page.
We honor Do Not Track ("DNT") signals on our Website and refrain from tracking, or using advertising when a DNT browser mechanism is in place. Note that our App allows third-party behavioral tracking. To determine whether any of the third party services used by our App honor the DNT requests, please read the privacy policies of such third party service provider.
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur: we will notify Users via email - within 7 business days, or we will notify the Users via in-site notification - within 7 business days.
We also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The following section pertains to Users who are located in the European Union and Switzerland.
In the context of an onward transfer of data to a third party, a Privacy Shield organization has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Company shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Company proves that it is not responsible for the event giving rise to the damage.
Company has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to the BBB EU PRIVACY SHIELD, a nonprofit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. There may be a possibility, under certain limited conditions, for EU and Swiss individuals to invoke binding arbitration before the Privacy Shield Panel.
The Federal Trade Commission has jurisdiction over Company’s compliance with the Privacy Shield.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com and we will promptly remove you from all future correspondence.
According to CalOPPA, we agree to the following:
When it comes to the collection of Personal Information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We are sensitive to the issue of children’s privacy. Therefore,
our Website, products, and Service are neither developed for, nor directed at, children under the age of 13 years old.
If you believe your child has provided us with PII, and you would like to have the data removed, please get in touch with us at the contact information set out below.
We honor the following principles relating to processing of personal data, which data are:
For the purposes of this section “personal data” means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person and “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Representative in EU and Data Protection Officer of the Company is Trifonov Law Offices LLC which can be contacted at firstname.lastname@example.org or 21, Mali Bogdan Str., Plovidv, Bulgaria.
The Company collects the following personal data:
The Company processes personal data for the following purposes:
We have legitimate interests to process your personal data with the purpose of improving our Services to meet the needs of our users except where such interests are overridden by the interests or fundamental rights and freedoms of data subjects which require protection of personal data.
The Company may forward your personal data to third parties but we minimize the amount of personal data we disclose to what is relevant and necessary to accomplish the specified purpose. We do not send your personal data to third parties for their own marketing and advertising purposes without your consent. We may send personal data to the following recipients:
We do not intend to transfer personal data to a third country or international organization. If we transfer personal data to a third country, it shall take place only if, subject to the other provisions of GDPR, the conditions laid down in Chapter V of GDPR are complied with by the Company or other third parties in their capacity of processors, including for onward transfers of personal data from the third country or an international organization to another third country or to another international organization.
In the general case we store your personal information for as long as necessary to provide the Services but we have fixed storage duration for the cases in which data subjects manually provide personal data, incl. sensitive data. Personal data of candidates who explicitly provide it to XORbots for the purpose of job interviews (questions, answers, any other text information, documents, audio or video files, etc.) is kept for 3 months and then deleted. Candidates’ behavior is not tracked as part of their interaction with XORbots.
We care about the following rights of data subjects:
We can provide an electronic copy of the personal data undergoing processing free of charge to data subjects but for any further copies requested by data subjects we may charge a reasonable fee based on administrative costs.
(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) a data subject withdraws his consent on which the processing is based and there is no other legal ground for processing;
(c) a data subject objects to the processing and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing.
(d) the personal data is proven to have been unlawfully processed;
(e) the personal data have to be erased for compliance with a legal obligation in EU or Member State law to which the Company is subject;
(f) the personal data have been collected in relation to the offer of information society services.
(a) the accuracy of personal data is contested by a data subject, for a period enabling us to verify the accuracy of the personal data;
(b) the processing is found to be unlawful and a data subject opposes the erasure of the personal data and requests the restriction of their use instead;
(c) we no longer need the personal data for the purposes of the processing, but they are required by a data subject for the establishment, exercise or defense of legal claims;
(d) a data subject has objected to processing, pending the verification whether the legitimate grounds of the Company override those of the data subject.
If we honor such request, personal data shall only be stored by us but not processed, unless with the data subject's consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
(a) right to object to processing of their personal data which processing is necessary for the performance of a task carried out in the public interest or is necessary for the purposes of the legitimate interests pursued by the Company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data;
(b) if personal data are processed for direct marketing purposes, data subjects have the right to object at any time to processing of their personal data in which case the personal data shall no longer be processed for such purposes.
Data subjects agree that they have no obligation to provide personal data while using our Services. If no data is provided some aspects of our Services may be limited (for example in cases when cookies are not allowed by data subject’s browser) or useless (for example if a candidate does not provide personal data to XORbot, then the respective employer cannot contact the job applicant to hire him which is the main purpose of job interviews).
Data subjects agree that automated decision-making is a core function of our XORbot Service and will be used for the purpose of selecting and hiring staff by employers. XORbots involve job applicants in interactive conversations that both ask questions (predefined by employers) to candidates, while answering questions that applicants may have. In the end recruiters at employers’ companies can focus on candidates that make it through the XORbots’ selection process, which saves time by allowing HR specialists to personally get in touch with only the best candidates, selected by XORbots, for any given position, which hiring process includes profiling of candidates.
Data subjects have the right not to be subject to decisions based solely on automated processing, including profiling, which could lead to rejection of job applicants by employers. In this regard candidates are free to ask for human intervention if they are not happy with the results of the automated decision-making.
We do not intend to further process your personal data for any purpose other than that for which the personal data are collected. Should we decide to use your personal data for other purposes, we will ask for your consent prior to using it.
More details concerning the collection or processing of Personal Data may be requested from XOR Inc. at any time. Please see the contact information below at the end of this page.
701 Brazos St.,
Please also feel free to contact us if you have any questions, concerns or complaints about our data collection or processing practices of our Application or this Website, or if you want to report any security violations to us.