Paradox Privacy Policy

This Privacy Policy ("Policy") is effective as of July 8, 2024

You can click on the following links to go directly to the corresponding sections of this privacy policy.

1. About This Privacy Policy

2. Privacy Policy Scope

3. Processing Activities

4. Collection of Personal Data

5. How we use your Personal Data

6. Sharing and Other Disclosures of Personal Data

7. Accessing and Managing Your Personal Data

8. Your California Privacy Rights

9. Global Privacy

10. Additional Privacy Info

11. Contact Paradox

1. ABOUT THIS PRIVACY POLICY

Paradox, Inc. (“Paradox”) is a cloud software company that provides recruiting products and services (the “Services”) to employers that have entered into a written agreement with Paradox (each a “Client” and collectively “Clients”).

At Paradox, we take data privacy seriously. This Policy describes our privacy practices for the activities set out in this Policy, including with respect to users of our Website, suppliers, and job applicants. Please read this Policy carefully, as it outlines how we collect, use, share, and otherwise process personal information from which an individual (and in some jurisdictions, a household) can be identified (“Personal Data”). Additionally, this Policy outlines your choices and rights with respect to our processing of your Personal Data.

‍

2. PRIVACY POLICY SCOPE

This Policy does not apply to the information we process on behalf of our Clients, which is governed by the agreement(s) we have in place with the applicable Client. If you are a potential candidate, job applicant, or employee, who has submitted data to a Client, the use of your data is governed by the policies of that Client. For detailed privacy information regarding the use of your data by a Client, or to exercise your rights regarding such Personal Data, please reach out to that organization directly. Our Clients control the use of data we process on their behalf and determine their own privacy practices and security settings. Paradox may only access, share, distribute, or otherwise process personal data submitted to us by or on behalf of a Client as provided in the agreement between Paradox and that Client, as instructed by the Client, or as required by law.

We are not responsible for the privacy or data security practices of our Clients, which may differ from those set forth in this Policy.

This Policy does not apply to employees of Paradox.

The Website (as defined below) and Services may contain links to other websites, applications and services maintained by third parties. The privacy and data protection practices of such third parties are governed by the privacy policies of those organizations. Please review the privacy policies of those organizations to better understand their privacy practices.

3. PROCESSING ACTIVITIES

Paradox may process your Personal Data in a number of online and offline circumstances, including, without limitation, when you: (i) visit our websites that display or link to this Policy (the “Website”); (ii) visit our offices; (iii) communicate with Paradox via email, phone, or fax; (iv) interact with Paradox as a representative of a company that provides Paradox with goods or services (e.g. you are a Paradox supplier); (v) fill out a form online, at a conference, or at an event; (vi) register to attend an event or webinar; (vii) access or download certain content (such as a whitepaper); or (viii) apply for a job at Paradox.

4. COLLECTION OF PERSONAL DATA

4.1 PERSONAL DATA THAT YOU PROVIDE

The type of Personal Data that we may collect from you directly depends on how you interact with Paradox, including, without limitation, via phone, in person, or via the Website, and for what purposes, including as a:

Client or Potential Client: If you are a representative of a company that has or is exploring a business relationship with Paradox, we may collect your business contact information and the types of Personal Data you may choose to provide to Paradox including, without limitation: full name, your email address, job title, company information, mailing address, IP address, general location, telephone number, professional information, device and usage information, unique identifiers and cookie data (as described below in this Section 4), or any other Personal Data that Paradox requests or you elect to provide.
Potential Job Applicant: As a potential applicant for employment, the types of Personal Data you may choose to provide to Paradox include, without limitation: your full name, email address, job title, company information, mailing address, IP address, general location, telephone number, professional and educational information, background information included in a CV/resume, device and usage information, unique identifiers, and cookie data (as described below in this Section 4), or any other Personal Data that Paradox requests or you provide.
Paradox Supplier: As a Paradox supplier the types of Personal Data you may choose to provide includes, without limitation: full name, your email address, job title, company information, mailing address, general location, telephone number, professional information, or any other Personal Data that Paradox requests or you elect to provide.
Webinar or Event attendee: When you register for an event or webinar, we may ask you to provide us with your contact information such as your name, business email, telephone number, and company name; your health and safety information such as your emergency contact and your dietary preferences; and/or a photo of yourself.

4.2 PERSONAL DATA WE COLLECT FROM OTHER SOURCES

We also collect Personal Data about you from other sources including third parties from whom we have purchased business contact information and from publicly accessible websites, such as LinkedIn or your company’s website, professional network services, or press releases, which we may combine with Personal Data that you have provided to Paradox. Such Personal Data may include, without limitation, company information, phone numbers, job titles, mailing addresses, email addresses, employment history, and Personal Data available at public facing websites and/or social media profiles. Please note that publicly available information is not considered Personal Data in some jurisdictions.

4.3 DEVICE AND USAGE DATA

When you visit the Website, our servers automatically record information that may include Personal Data. Personal Data we collect may include, without limitation: the web address you came from or are going to, your device model, your operating system, the type of web browser you are using, your internet service provider/mobile carrier, unique identifiers, your IP address, general location your mobile network carrier, the duration of your visit, your time zone, and additional information provided by your web browser or device. Whether we collect some or all of this information depends on the type of device you are using and your device settings. To learn more about what information your browser or device makes available to us, please check the policies of your device manufacturer or software provider. You may be able to control the Personal Data you provide to us through your settings and/or as described below.

4.4 COOKIES, AND OTHER TRACKING MECHANISMS

Like many companies, we and our third party providers use cookies and other technologies to receive and store certain types of information, which may include Personal Data, when you interact with us through your computer or mobile device. Using these technologies helps us customize your experience with the Website and/or our services and improve your experience and our Website and services through analytics and advertising services. Some information on these technologies, as well as the types of information we may use these technologies to collect, is included below:

Cookie Data: A cookie is a small amount of data that a website stores on your device that we can later retrieve. When we use cookies, we may use cookies that last until you close your browser (“Session Cookies”) or cookies that last until they are deleted by you or your browser (“Persistent Cookies”). Depending on how you are accessing the Website, we may use cookies or similar technology to administer the Website, store your preferences for certain kinds of information, analyze trends and gather information about Website visitors, or to make emails more useful or interesting (for example, we may receive a confirmation when you open an e-mail from us, if your device or settings support such capabilities). For further information about how cookies work, visit www.aboutcookies.org or www.allaboutcookies.org. The Help portion of the toolbar on most browsers will tell you how to manage your cookies as well. Visitors to the Website who disable cookies will be able to browse certain areas of the Website, but some features may not function as well. For information on how you can manage your cookie and/or email preferences, please review Section 7 “Accessing and Managing Your Personal Data” below.
Cross-Device Use: We and our third party providers, including Google, may use the Personal Data collected about you (whether directly from the Website, through your device(s), or from a third party) to help us and our third party providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). We and our third party providers also may use cross-device and other information we learn about you to serve targeted advertising on your devices and to send you e-mails.
Social Plugins: We may use social plugins on the Website, such as plugins for Facebook, LinkedIn, Twitter, and Instagram. When you view a Website that contains a plugin, your browser will create a direct link to the third parties’ servers. If you are logged into your social media account, the social media platform will record the visit to your social media account. Please visit the social media platform’s privacy policy for more information.
Third-Party Ad Networks: We also use the Personal Data that we learn about you to assist us in advertising our Services on third-party websites and social media and to assist us in evaluating the success of our advertising campaigns on various platforms. You can control these settings as described below in Section 7.

5. HOW WE USE YOUR PERSONAL DATA

We collect and process Personal Data for the following purposes, such as:

Providing the Website or Services: To provide the Website to you, to communicate with you about your use of the Website, to respond to your inquiries, and for other customer service purposes.
Tailoring Content: To tailor the content and information that we may send or display to you and to personalize your experiences while using the Website.
Recruiting, Hiring, and Evaluating Applicants: to review, assess, recruit, consider or otherwise manage Applicants, candidates and job applications, including:

scheduling and conducting interviews;
identifying candidates, including by working with external recruiters;
reviewing, assessing and verifying information provided, and otherwise screening or evaluating applicants’ qualifications, suitability and relevant characteristics;
extending offers, negotiating the terms of offers, and assessing salary and compensation matters;
satisfying legal and regulatory obligations;
communicating with applicants regarding their applications and about other similar position(s) for which they may be interested;
maintaining applicant Personal Data for future consideration; and
in support of our equal opportunity employment policy and practices.

Contacting you about Potential Positions: to identify other positions for which an applicant may be suited or interested, and to contact applicants about such positions. (If you do not wish to be contacted about potential positions, please let us know using the contact information in Section 11 or as otherwise described in this Policy.)
Marketing and Communications: For marketing, advertising and promotional purposes, for example, we may use your Personal Data, such as your email address, to send you news and newsletters, special offers, events, surveys, and promotions, or to otherwise contact you about services or information we think may interest you. We also use the Personal Data that we learn about you to assist us in advertising ourServices on third-party websites and social media and to assist us in evaluating the success of our advertising campaigns on various platforms.
Improving the Website, Services and Security: To improve the Website and/or Services and for other internal business purposes, such as detecting security incidents, debugging to identify and repair errors.
Webinars and Events: To manage, plan, and host the event; to send related communications and improve your experience at the event (including fostering communications and interactions among attendees); and to improve and enhance your experience in interacting with Paradox, including at future events.
Research and Analytics: To better understand how users access and use the Website and/or Services in order to improve the Website and/or Services and respond to user preferences, to administer surveys, programs and questionnaires, and for other research and analytical purposes.
Legal Compliance: To comply with legal obligations, as part of our general business operations, and for other business, compliance and administration purposes.
Protecting Rights and Interests: Where we believe necessary to investigate, to prevent or take action regarding suspicious, harmful or illegal activities, suspected fraud, situations involving potential threats to the safety of any person or us or violations of our agreements or this Policy.
Health and Safety: For health and safety purposes, such as contact tracing or including conducting appropriate screenings of applicants and visitors prior to entering or accessing certain locations or premises.
Managing Potential Supplier and Supplier Relationships: Paradox may collect and maintain Personal Data when vetting and reviewing potential vendors, purchasing products or services, or managing its relationships with its suppliers or potential suppliers.
Notice: For other purposes we may notify you of or that you consent to from time to time.

For UK and EU residents, further detail regarding these purposes and the associated lawful bases are set out in the European Addendum available at the following location: https://www.paradox.ai/legal/eu-addendum.

‍6. DISCLOSING OF PERSONAL DATA

6.1 Disclosure of Personal Data

Paradox may disclose Personal Data and other information as follows:

Affiliates: We may disclose the Personal Data to our affiliates or subsidiaries; however, if we do so, their use and disclosure of your Personal Data will be subject to this Policy.
Service Providers: We may disclose Personal Data to third-party service providers who use this information to perform services for us, such as hosting providers, cloud services providers, customer service providers, event planners advisors, consultants, and/or support providers.
Advertising, Social Media and Analytics Providers: We share your Personal Data with advertising, social media and analytics providers as described above.
Webinars, Events, and Other Activities Related to Paradox Offerings: We may offer the following solely or jointly with third parties or partners: webinars, events, whitepaper downloads, or other resources related to Paradox Services. We may share your contact information and interests in these offerings or services with third parties to communicate with you about such resources and Paradox’s offerings.
Credit, Finance, and Background Check Providers: We may share your information with credit, background checking or credit reporting agencies during the recruiting process as described in the notice/consent provided at that time
Third Parties that Help Provide the Messaging Service: We will not share your opt-in to an SMS short code campaign with a third party for purposes unrelated to supporting you in connection with that campaign. We may share your Personal Data with third parties that help us provide the messaging service, including, but not limited to, platform providers, phone companies, and other vendors who assist us in the delivery of text messages.
Additional Disclosures: Paradox may also disclose your Personal Data when you direct us to, or otherwise give your specific consent, or with others for any legitimate business purpose that does not conflict with the statements made in this Policy or applicable law.

6.2 Disclosure of Personal Data as Required by Law, Acquisition or Merger

We may disclose your Personal Data if we are required to do so by law or we, in good faith, believe that such action is necessary to: (i) comply with the law or with legal processes; (ii) protect and defend our rights and property; (iii) protect against misuse or unauthorized use of the Websites and/or Services; or (iv) protect the safety or property of our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).

If Paradox goes through a business transition, such as a merger, acquisition, or sale of all or a portion of its assets, your Personal Data may be among the assets transferred.

6.3 Aggregate or De-identified Information

We may disclose aggregate, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.

6.4 Cross-Border Transfers

We may transfer your Personal Data across borders to fulfil any of the purposes described in this Policy, which may make that Personal Data subject to applicable laws in those jurisdictions. You may contact us (as set out in Section 7, below) to obtain more information about our policies and practices regarding our transfer of Personal Data across borders, or to ask questions about the collection, use, disclosure or storage of Personal Data by us or our providers. Please visit Section 9 for additional information on how we transfer data in accordance with EU/UK requirements.

7. YOUR PRIVACY CHOICES; ACCESSING AND MANAGING YOUR PERSONAL DATA

You may have the right to change your preferences or exercise certain control over your Personal Data. Where you have consented to our processing of your Personal Data, you may withdraw that consent at any time and prevent further processing by contacting us as described below subject to certain exceptions as described to you and/or allowed by law.

7.1 EMAIL

As described above, if you do not wish to receive promotional e-mails from us, you may change your preferences by following the unsubscribe link contained in the e-mail itself or contacting us as described below. Please also note that if you opt out of receiving promotional communications from us, we may continue to communicate with you regarding service-related issues. We maintain and process requests for telephone “do-not-call”, “do-not-mail”and do-not-contact lists as required by law

7.2 SMS

If you do not wish to continue receiving SMS messages, you may opt-out of receiving mobile message services by replying STOP, STOP ALL, UNSUBSCRIBE, CANCEL, END or QUIT to any mobile message that you have received from Paradox. After sending such message, you may receive an additional mobile message confirming your decision to opt-out.

7.3 Cookies and Industry Programs

You may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences or by visiting the “Your Privacy Choices” link in the footer of the Website. Please note that blocking or deleting non-essential cookies may affect the Websites’ functionality and that any choice with regards to cookie-based advertising only applies to the web browser and device through which you exercise that choice. If you delete your cookies, you may need to reapply your choices. Additionally, you will still continue to see certain advertising, including potentially from Paradox, even if you opt-out of personalized advertising.

You can also control how participating third-party ad companies use the Personal Data that they collect about your visits to our Websites, and those of third parties, in order to display more relevant targeted advertising to you. If you are in the U.S., you can obtain more information and opt out of receiving targeted ads from participating third-party ad networks at aboutads.info/choices (Digital Advertising Alliance). You may also download the DAA AppChoices (https://youradchoices.com/appchoices) tool in order to help control interest-based advertising on apps on your mobile device). In addition, users in other countries may obtain more information at the following links:

EU Users: youronlinechoices.eu (European Interactive Digital Advertising Alliance)
Canada Users: youradchoices.ca/choices/ (Digital Advertising Alliance of Canada)
Japan: http://www.ddai.info/optout (Data Driven Advertising Initiative in Japan)

8. YOUR CALIFORNIA PRIVACY RIGHTS

In this section, we provide additional information to California residents about how we handle their Personal Data as defined under California privacy laws including the California Consumer Privacy Act, as amended (“CCPA”). This section does not apply to our handling of information that is exempt under the CCPA such as publicly available information, de-identified or aggregated information or information that is covered under another law such as HIPAA or the FCRA. This Policy also does not apply to the Personal Information we collect from our contractors, or our employees, which are subject to different notices.

Where we have committed to maintaining and using Personal Data in a deidentified form, we agree not to reidentify deidentified data except as permitted by applicable law.

8.1 Our Role as a Service Provider Under CCPA

As a Service Provider under the CCPA, we process or maintain Personal Data on behalf of our business Clients that provide Personal Data to us in compliance with written contracts that we enter into with our business Clients directly. Please note that for Personal Data that we process on behalf of a Client, in our capacity as a processor or service provider, we will provide reasonable assistance to that Client as necessary to enable them to respond to your requests to exercise your privacy rights.

8.2 Our Role as a Business Under the CCPA

In general, under the CCPA, we are a Business (as defined under the CCPA) when we operate our Website and act as an employer (employee notices are available on the intranet). As described in more detail in Section 5 “How We Use Your Personal Data”, we collect, use and otherwise process the above personal information in order to provide our Services to you, respond to and fulfil your orders and requests, as otherwise directed or consented to by you, and for the following business or commercial purposes: services and support, analytics and improvement, customization and personalization, marketing and advertising, planning and managing events, research and surveys, security and protection of rights, legal proceedings and obligations, and general business and operational support.

As a Business, we notify and provide California residents with the following rights with respect to their Personal Data, which are subject to certain exceptions:

Do-not-sell (opt-out): to opt out of the sale of Personal Data, if any. For information on how to opt out of “sales”or “sharing” of Personal Data (as these terms are defined under the CCPA or other applicable US state privacy laws, and as applicable to Paradox), please refer to Section 8.5, below.
Limit uses and disclosures of sensitive personal information: to limit certain uses or disclosures of sensitive personal information to those uses authorized by the CCPA (as described below).
Right of deletion: to request deletion of their Personal Data that we have collected about them and have such Personal Data deleted (without charge), subject to certain exceptions. For information on how to exercise such right of deletion, please refer to Section 8.5, below.
Right to correct: to request the correction of inaccurate Personal Data.
Right to know/access: to confirm whether we are processing your Personal Data and to access such Personal Data and obtain a copy of the Personal Data in a portable and, to the extent technically feasible, readily usable format and with respect to the Personal Data that the Business has collected about them to require disclosure by the Business of the following (up to twice per year and subject to certain exemptions):

categories of Personal Data collected,
categories of sources of Personal Data,
categories of Personal Data that the Business has disclosed or shared with a third party for a business purpose or sold,
categories of third parties with whom Personal Data has been disclosed or shared,
the business or commercial purposes for collecting or selling Personal Data,
a copy of the specific pieces of Personal Data collected

For information on how to exercise such rights, please refer to Section 8.5, below.

Right to non-discrimination: the right not to be subject to discriminatory treatment for exercising their rights under the CCPA.

8.3 Categories of Personal Data Under the CCPA Collected and Disclosed

While our collection, use and disclosure of Personal Data varies based upon our relationship and interactions with you, we describe, generally, the categories of Personal Data that we have collected about California residents in the prior twelve (12) months, as well as the categories of third parties to whom we may disclose this Personal Information for a business or commercial purpose. For more information about the business and commercial purposes, for which we may disclose your Personal Information, please see Section 5. How We Use Your Personal Data section above.

Personal Information Collected

Third Party Disclosures for Business or Commercial Purposes

8.4 Sources of Personal Data.

We may collect Personal Data from the sources and in the manner set out in Section 4 including: directly from the individual, advertising networks, data analytics providers, social networks, internet service providers, operating systems and platforms, government entities, and data brokers.

8.5 Privacy Requests and Choices

Exercising Rights to Know/Access, Correct, or Delete: To exercise applicable rights to know/access, correct, or delete, please submit a request by: (i) emailing privacy@paradox.ai with the subject line “California Privacy Request”; (ii) contacting us via postal mail at the address listed in Section 11 “Contact Paradox”, below or calling us at (888) 283-4817.
Do Not Sell or Share my Personal Information: To opt out of Paradox’s sale or sharing of your Personal Data, as applicable, visit the “Do Not Sell or Share My Personal Information” link in the footer of the Website or use a Global Privacy Control (“GPC”) enabled browser or plug-in. If our website detects that your browser is transmitting a GPC signal, we will apply that to opt-out that browser on your device from targeting cookies on our Website. If you visit our Website from a different device or browser on the same device, you will need to apply GPC for that browser and/or device as well. To learn more about GPC, please visit http://globalprivacycontrol.org.

8.6 Verification Process

As a Business, Paradox takes all reasonable precautions to verify your identity in connection with fulfilling its responsibilities under the CCPA. The verification steps may vary — depending on the right and the nature and sensitivity of the Personal Data.

We will process your request based upon the information in our records that is linked or reasonably linkable to the information provided in your request. In some cases, additional information may be requested in order to verify your request or where necessary, to process your request. If we are unable to adequately verify a request, we will notify the requestor. Authorized agents may initiate a request on behalf of another individual by following the instructions above. Authorized agents will be required to provide proof of their authorization and/or we may also require that the relevant individual directly verify their identity and the authority of the authorized agent.

9. GLOBAL PRIVACY

Personal Data collected by Paradox may be stored and processed in the United States or in any other country where Paradox or its affiliates, subsidiaries, or third party service providers maintain facilities. When you provide Personal Data to Paradox, you consent to the processing and transfer of your information within the United States and around the world. We follow data protection laws applicable to us when transferring Personal Data.

9.1 EUROPEAN PRIVACY RIGHTS

A summary of applicable European privacy rights is set out below. You can find a detailed description of such rights as well as more detail regarding how Paradox processes Personal Data in compliance with European laws at the following location: https://www.paradox.ai/legal/eu-addendum.

Lawful Bases for Processing: Paradox will process your Personal Data for the legitimate interests of Paradox, or, when needed, with your explicit consent. If you have provided consent for the processing of your Personal Data, you have the right to withdraw consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. Paradox may also process your Personal Data for other legal basis, for example, we may have a legal obligation to process your Personal Data, such as in response to a court or regulator order. We also may need to process your Personal Data to protect vital interests, or to exercise, establish, or defend legal claims.
Data Subject Rights: You have the right to request access to and rectification or erasure of your Personal Data, as well as the right to restrict processing, object to processing, and, under certain circumstances, exercise the right to data portability. You have the right to lodge a complaint as described under Section 9.2 and with a data protection supervisory authority if you believe that we have not complied with the requirements of the EU General Data Protection Regulation or UK law with regard to your Personal Data.
Contacting Paradox: EU and UK individuals with GDPR complaints are encouraged to contact our Data Protection Officer, whose contact information is listed under Section 11.2. Those individuals also have the right to file a grievance directly with their local Data Protection Administrator (“DPA”). To find out more about the relevant DPA’s:

EU individuals can refer to https://edpb.europa.eu/about-edpb/board/members_en
UK individuals can find information about the Information Commissioner’s Office by going to https://ico.org.uk.

9.2 Transfers of EU OR UK Personal Data

Paradox may process your Personal Data outside of your jurisdiction, and in countries that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction, such as the EEA. Paradox ensures that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data, such as those approved by the European Commission (Art. 46 GDPR).

9.3 EU-U.S., UK-U.S., and Swiss-U.S. Data Privacy Framework

Paradox complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Paradox has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Paradox has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. The following US based entities adhere to the DPF principles and are covered under Paradox’s
DPF submission:

Woofound, Inc. d/b/a Traitify, 6330 E. Thomas Road, Suite #200, Scottsdale, Arizona 85251

If there is any conflict between the terms in this privacy policy and the DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Paradox is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the DPF Program, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF, should direct their query to privacy@paradox.ai. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@paradox.ai.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Paradox’s accountability for personal data that it receives in the United States under the DPF and subsequently transfers to a third party is described in the DPF Principles. In particular, Paradox remains responsible and liable under the DPF Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the DPF Principles, unless Paradox proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Framework Principles, Paradox commits
to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, United Kingdom, and Swiss individuals with DPF inquiries or complaints should first contact Paradox by email at
privacy@paradox.ai.

Paradox has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge
to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction for more information on this process.

9.4 Privacy Rights in Canada

The following apply to individuals in Canada:

Consent: We will obtain your consent to collect, use or disclose Personal Data except where we are authorized or permitted by law to do so without consent. For example, we may collect, use or disclose Personal Data without your knowledge or consent where:
- the information is publicly available, as defined by statute or regulation;
- we are obtaining legal advice; or
- we reasonably expect that obtaining consent would compromise an investigation or proceeding.
Other exceptions may apply. Your consent can be express, implied or given through an authorized representative such as a lawyer, agent or broker. Consent may be provided orally, in writing, electronically, through inaction (such as when you fail to notify us that you do not wish your Personal Data collected/used/disclosed for various purposes after you have received notice of those purposes) or otherwise. You may withdraw consent at any time, subject to legal, contractual and other restrictions, provided that you give reasonable notice of withdrawal of consent to us. On receipt of notice of withdrawal of consent, we will inform you of the likely consequences of the withdrawal of consent, which may include the inability of us to provide portions of the Website or other services for which that information is necessary.
Limits on Collection of Personal Data: We will not collect Personal Data indiscriminately but will limit collection of personal information to that which is reasonable and necessary. We will also collect Personal Data as authorized by law.
Limits for Using, Disclosing and Retaining Personal Data: Your Personal Data will only be used or disclosed for the purposes set out herein and as authorized by law.

We will keep Personal Data used to make a decision affecting you for at least one year after using it to make the decision, except to the extent that you delete or remove that information yourself. We will destroy, erase or make anonymous documents or other records containing Personal Data as soon as it is reasonable to assume that the original purpose is no longer being served by retention of the information and retention is no longer necessary for a legal or business purpose. We will take due care when destroying Personal Data so as to prevent unauthorized access to the information.
Access: Upon written request to our Privacy Officer and authentication of identity, we will provide you your Personal Data under our control. We will also give you information about the ways in which that information is being used and a description of the individuals and organizations to whom that information has been disclosed. We may charge you a reasonable fee for doing so.

We will make the information available within 30 days of receiving a written request or provide written notice where additional time is required to fulfil the request. In some situations, we may not be able to provide access to certain Personal Data (e.g., if disclosure would reveal Personal Data about another individual, the Personal Data is protected by solicitor/client privilege, the information was collected for the purposes of an investigation or where disclosure of the information would reveal confidential commercial information that could harm the competitive position of us). We may also be prevented bylaw from providing access to certain Personal Data. Where an access request is refused, we will notify you in writing, document the reasons for refusal and outline further steps which are available to you.
Accuracy: We will make a reasonable effort to ensure that Personal Data we are using or disclosing is accurate and complete. If you demonstrate the inaccuracy or incompleteness of Personal Data, we will amend the information as required. If appropriate, we will send the amended information to third parties to whom the information has been disclosed. When a challenge regarding the accuracy of Personal Data is not resolved to your satisfaction, we will annotate the Personal Data under our control with a note that the correction was requested but not made.

10. ADDITIONAL PRIVACY INFO

10.1 SECURITY

Paradox employs reasonable and appropriate physical and logical security measures designed to protect Personal Data. Please be aware that despite these measures, no data security measures can guarantee 100% security.

You should take steps to protect against unauthorized access to your password, mobile device, and computer by, among other things, signing off after using a shared computer, choosing a robust and unique password for each account that nobody else knows or can easily guess, and keeping your log-in and password private. You are responsible for maintaining the security of your password or other form of authentication involved in accessing password-protected or secured resources. In order to protect you and your information, Paradox may suspend your use of the Website and/or services without notice, pending an investigation, if any suspicious activity or security breach is suspected. We are not responsible for any lost, stolen, or compromised passwords or for any unauthorized account activity that may result.

10.2 DATA RETENTION

We will retain your Personal Data as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements, subject to certain exceptions as described to you and/or allowed by law. Our Clients and other third parties may have different practices, and you should refer to their privacy policies.

We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation or other lawful basis.

To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, compliance or other requirements.

10.3 Children’s Personal Data

Paradox does not direct any of its communications to, or knowingly collect Personal Data from, children. If we discover that a child has provided us with Personal Data, we will promptly delete such Personal Data from our systems

10.4 CHANGES TO THIS PRIVACY STATEMENT

We reserve the right to change or update this Policy at any time. Changes to the Policy will be posted at this URL. We encourage you to periodically review this Policy for any changes.

11. CONTACT PARADOX

11.1 UPDATING YOUR CHOICES

If you have any questions regarding our Policy, or if at any time after providing your Personal Data to Paradox, you want to change your Personal Data, or if you would like to assert any of the rights listed above, please direct your request to privacy@paradox.ai, call us at (888) 283-4817, or contact us via postal mail at the contact information listed below

11.2 PARADOX CONTACT INFORMATION

You may reach our Data Privacy Officer at privacy@paradox.ai or by calling us at (888) 283-4817.

Alternatively, you may reach us by addressing regular mail to the following addresses:

Paradox, Inc.
Attention: Privacy or Data Protection Officer
6330 E. Thomas Rd., Suite #200
Scottsdale, Arizona 85251
United States

Every great hire starts with a conversation.

Request demo