Latest update: October 19, 2020
As the operators of the Bryq website, Idalto registered in Cyprus and having its registered office address at 1, Lampousas St., 1095, Nicosia (“We”, “Us”, “Bryq”) is committed to protecting and respecting your privacy.
We have a few fundamental principles:
- We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
- We store personal information for only as long as we have a reason to keep it.
- We aim for full transparency on how we gather, use, and share your personal information.
Personal Data: any data that can directly or indirectly identify a living individual
Candidate: the party undergoing the Bryq assessment
Client: the party requesting and paying for selected service from Bryq, including recruitment agencies
Bryq is the Data Controller in respect of the personal data of users of the Services, candidates and business contacts of Bryq. To the extent that Candidates’ contact details are provided by a Client and with respect to Candidates’ assessment reports, Bryq and such Client are deemed to be Joint Controllers for this information.
INFORMATION WE COLLECT FROM YOU
We collect and process some or all of the following types of information from you:
If you are a Candidate for employment or are otherwise participating in an assessment process involving Bryq, you will have been in contact with another party who is our Client (typically a potential employer, current employer or recruiter). Bryq and/or a Client will forward a link in an email which will enable you to sign in to the Bryq app. When you sign in and activate your user account (“Account”) on the Bryq website, you may be asked to provide or confirm certain pieces of personal information, which may include one or more of the following: First and last name, e-mail address. You may also be asked to provide your demographic information or evaluation information for Bryq itself. However, providing such information will always be voluntary and you will always be asked to give your consent before providing this type of data. You have the right to refuse to provide such data and doing so will not have any consequences on your progression through the Candidate journey, completing the Bryq assessment or your results.
In certain cases we collect a Candidate’s first name, last name and email address in relation to a Client that is operating an initial web-based version of the service or in other cases where Candidates contact us directly with a technical support query, we may receive their name, email, and telephone number.
When you consent to the recording of video (“Videos”) on the Bryq website, we will collect and retain images, video, voice and audio information and a transcript of your audio information in the Video.
We collect access credentials in relation to authorized users of the Client including title, first name, last name, email, password and Company (employer) Name and details.
- You are under no obligation to provide your personal information, with the caveat that your refusal to do so may prevent you from using certain of Bryq’s features and services for which your information is required.
- If you contact Us, We may keep a record of that correspondence.
- We may also ask you to complete surveys that We use for research purposes, although you do not have to respond to them.
With regard to each Candidate who visits the Bryq website or a Client contact accessing to we may automatically collect the following information:
- Technical information, including a device identifier, the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our Services (including date and time), download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number or social media handle used to connect with our customer service team.
We further collect the following information automatically:
- Log Information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Services.
- Usage Information: We collect information about your usage of our Services. We also collect information about what happens when you use our Services along with information about your device (e.g., mobile screen size). We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
The provision of your full name and e-mail address, your employer and/or your place of work and the url of the business that you work for is required from you when you register to use our Services. We will inform you at the point of collecting information from you, whether you are required to provide the information to Us.
SPECIAL CATEGORY DATA FOR CANDIDATES
The Special Category Data we collect includes the results of the Bryq assessment, such as cognitive skills and personality traits. While doing the Bryq assessment we may also collect information and data collected from your behavior and actions in the course of the Bryq assessment, including metadata about your real-time user interaction with the Bryq Assessment. The data collected from the Bryq assessment may be subject to profiling and automated decision making.
All profiling is undertaken by suitable algorithms that act in the same way for every individual. The only information used to create profiles is the information you as candidate provide, we do not include information from third parties. Profiles are designed to help aid the decisions of humans, the platform does not make automatic decisions itself. Consent will be required from the candidate prior to any assessment taking place. On completion of the Bryq assessments, reports are generated with the following information visible to the Client: Name of candidate (unless we are requested to keep this confidential); position applied for; cognitive score and personality traits; while there is no overall score, a match score will be provided by Bryq for any position as requested by our Client.
Should you not consent to any or all of this data being exchanged with the Client on your behalf, said data shall not be sent. If a candidate withdraws consent to process data during an assessment, that assessment will be closed and no processing activities or data exchange with the client will occur. We will store assessment results for the duration of their validity (two years). If you wish to remove these test results prior to the two-year retention period, you can do so by submitting a written request via email. We may require you to confirm your identity prior to deleting these files, after which, all files in question will be deleted within five (5) working days. You may also view your Bryq assessment results at any time by logging into the candidate portal at candidates.bryq.com.
Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects. How we help: The data we collect is not necessarily used in automatic decision making. In case our client uses automated decision making, you may require human intervention. Please contact the Client who invited you to complete a Bryq assessment.
INFORMATION WE COLLECT FROM OTHER SOURCES
From time to time we also obtain personal data from other sources as follows:
names and contact details of Client personnel who will be added as account members for the Client’s account, may be added by existing account members;
names and contact details of individual contacts at prospective Client from third party data providers and/or public sources, such as social networks, company websites and other online sources.
We may also get information about you from other sources. For example, if you create or log into your Bryq.com account through another service (like Google) or if you connect your website or account to a social media service (like LinkedIn), we will receive information from that service (such as your username and basic profile information) via the authorization procedures used by that service. The information we receive depends on which services you authorize and any options that are available.
LEGAL BASIS FOR PROCESSING YOUR INFORMATION
You have the right to withdraw your consent at any time, we will always comply unless forced by reasons of law not to.
HOW WE USE INFORMATION
We use information about you as mentioned above and as follows:
- Specifically for Candidates: We process the contact and assessment data that you provide us with for the purpose of providing services to our Clients. We use your information to:
- Identify you on Bryq. The contact details you provide will be used to differentiate you from other participants or administrators on the system.
- Assess your skills and personality. We collect, process and store the responses you provide to the Bryq assessment.
- Produce reports. We use the responses you provide to create individual reports to give to the Client who has requested you complete the Bryq assessment.
- Improving our products and services. Once anonymized and aggregated, we may use your responses for the purpose of refining the exercises and analysis on the reliability and validity of the tools.
- To notify users about changes to our service;
- To administer the Services under our terms and for internal operations, including troubleshooting;
- To improve our Services to ensure that content is presented in the most effective manner for Candidates and Clients;
- To allow participation in any interactive features of our Service;
- To keep our site safe and secure;
- To monitor and analyze trends and better understand how users interact with our Services, which helps us improve our Services and make them easier to use;
- To monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Bryq.com and others; and
- To communicate with you about offers and promotions offered by Bryq.com and others we think will be of interest to you, solicit your feedback, or keep you up to date on Bryq and our products.
HOW WE SHARE INFORMATION
We will never sell or rent your information to third parties, or share your information with third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order for the purposes of prevention of fraud or other crime.
Other instances where we share information about you in the limited circumstances spelled out below and with appropriate safeguards on your privacy:
- Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information) and those that help us understand and enhance our Services (like analytics providers). We require vendors to agree to privacy commitments in order to share information with them. When we use third party vendors, we disclose only the personal information that is necessary to deliver the service and only use reputable organisations with their own Privacy Policies in place.
- As Required by Law: We may disclose information about you in response to a court order, or other governmental request.
- To Protect Rights and Property: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Bryq, third parties, or the public at large, for the purposes of obtaining legal advice, to prevent fraud or cybercrime or other threats to the Bryq Website or Services.
- With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorize us to do so, such as the social media services that you connect to your site through our Services.
- Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
- Information Shared Publicly: Information that you choose to make public is disclosed publicly. That means, of course, that information like your public company profile, positions you post in your company job page, other content that you may post in your company page. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.
HOW WE STORE YOUR PERSONAL DATA
We take appropriate measures to ensure that all Personal Data is kept secure including security measures to prevent Personal Data from being accidentally lost, or used or accessed in an unauthorised way, for the duration of your use of our Services. We limit access to your Personal Data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so.
The data that We collect from you and process using our Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your orders, the processing of your payment details and the provision of support services.
Your Personal Data may be collected, transferred to and stored by us in the United States and by third parties disclosed above, that are based in other countries.
Therefore, your Personal Data may be processed outside your jurisdiction, and in countries that may not provide for the same level of data protection as your jurisdiction, such as the European Economic Area (EEA). We ensure that the recipient of your Personal Data offers an adequate level of protection. In case your personal data is transferred to countries located outside of the EEA, we will ensure that appropriate safeguards are taken, such as:
- The country to which the personal data are transferred has benefited from an adequacy decision by the European Commission under Article 45 of the GDPR; or
- Standard data protection contractual clauses as approved by the European Commission pursuant to Article 47 of the GDPR have been established; or
- Binding corporate rules have been put in place in accordance with Article 47 of the GDPR.
By submitting your personal data, you agree to this transfer, storing or processing.
In particular, your data may be accessible to i) Bryq’s staff in the USA or ii) may be stored by Bryq’s hosting service provider on servers in the USA as well as in the EU. A Data Processor Agreement has been signed between Bryq and each of its data processors. These data processor agreements are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
DATA RETENTION PERIOD
- All website logs are retained for 12 months.
- Account and payment information will be held for three months after a subscription has been canceled.
- All other data (including assessment data) will be held for 24 months. Specifically for assessment data, this is for a maximum of 24 months, after which time it is anonymised and archived. This means that you will no longer be identifiable from the archived data, we keep anonymised data for research purposes. This period of 24 months may be less if requested by the client but will never be longer than 24 months.
Your personal information will be deleted on one of the following occurrences:
- deletion of your personal information by you (available to Candidates only); or
- receipt of a written request by you to Us.
You have several choices available when it comes to information about you:
- Limit the Information that You Provide: If you have an account with us, you can choose not to provide the optional account information, profile information, and transaction and billing information. Please keep in mind that if you do not provide this information, certain features of our Services may not be accessible.
- Opt-Out of Electronic Communications: You may opt-out of receiving promotional messages from us. Just follow the instructions in those messages. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices.
- Set Your Browser to Reject Cookies: At this time, Bryq does not respond to “do not track” signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using Bryq’s Services, with the drawback that certain features of Bryq’s Services may not function properly without the aid of cookies.
OTHER THINGS YOU SHOULD KNOW
Third Party Software
If you’d like to use third party software with our Services, please keep in mind that when you interact with them you may provide information about yourself to those third parties. We don’t own or control these third parties and they have their own rules about collection, use and sharing of information. You should review their rules and policies when installing and using third party software.
Our Site may contain links to third-party owned and/or operated websites or mobile applications. We do not own nor control these third-party websites or mobile applications, and accordingly assume no responsibility for the information practices of those sites or apps. We suggest that you review their privacy, security, and data collection and distribution policies, if any, prior to providing such websites or apps with any information.
Visitors under eighteen (18) years of age are not permitted to use and/or submit their personal information at the Bryq website. We do not knowingly solicit or collect information from visitors under eighteen (18) years of age. We encourage parents and guardians to spend time online with their children and to participate and monitor the interactive activities of their children.
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- access to your Personal Data and to certain other supplementary information that this Policy is already designed to address
- require Us to correct any mistakes in your information which We hold
- require the erasure of Personal Data concerning you; Candidates may also login to the candidate portal and completely remove their data (under settings you will find the option to delete all your personal data)
- receive the Personal Data concerning you which you have provided to Us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of Personal Data concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your Personal Data
- otherwise restrict our processing of your Personal Data in certain circumstances
- claim compensation for damages caused by Our breach of any data protection laws.
If you would like to exercise any of those rights, please:
- contact us using our Contact details below
- let Us have enough information to identify you
- let Us have proof of your identity and address. Where you are a user of our Services you should email us from the email address that you used to register with Bryq. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases we may request one or more identification documents, such as a copy of your driving licence or passport and a recent utility or credit card bill; and
- let Us know the information to which your request relates.
If a revision meaningfully reduces or alters your rights, we will notify you, and you might be asked to renew your given consents in terms of what we can do and how we process your personal data.
September 1, 2019 – Initial GDPR version
September 16, 2020 – Privacy Shield updates
October 19, 2020 – Updates to clarify privacy details plus adjustments GDPR article 47