NAILBITER Data Privacy Policy


Purpose

The purpose of this policy is to maintain the privacy of and protect the personal information of employees, contractors, associates, consumers, candidates, third-party vendors, clients and business partners of NAILBITER. This Privacy Policy is meant to help to understand what information NAILBITER collects, the purpose of collection, and how to access, modify, manage, restrict and delete information. By accessing or using the Services via any means (PC, mobile, or other devices), the data subject consents to NAILBITER’s collection and use of personal information as specified in this Privacy Policy. Personal Data or Personal Information shall mean any information or set of information that can be used to personally identify a living, identified, or identifiable individual (a “data subject”).

Scope

This policy is applicable to all NAILBITER employees, contractors, associates, consumers, candidates, third-party vendors, clients, and business partners who receive, access, collect, or process the personal information or who provide information to NAILBITER.

Responsibility

Compliance with the data privacy policy rests with the heads of the individual functions, business units, and departments together with any individual employees collecting, using, or otherwise processing personal information and shall be reviewed on an annual basis by the Chief Technology Officer to monitor through the implementation of security measurements and periodic review processes.

Data Privacy Principles

These principles shall govern the use, collection, disposal, and transfer of personal information, except as specifically provided by this policy

Notice- When collecting Personal Information directly from individuals, NAILBITER strives to provide clear and appropriate notice about the:
  • Purposes for which it collects and uses their Personal Information
  • Types of non-agent third party vendors to which NAILBITER may disclose that information
  • Choices and means if any, NAILBITER offers individuals for limiting the use and disclosure of their Personal Information

Choice- NAILBITER shall give data subjects the choices and obtain their consent regarding how it collects, uses, and discloses their personal information

Data Privacy Policy:

Accountability for Onward Transfer- In regard to the transfer of Personal Information, NAILBITER strives to take reasonable and appropriate steps to transfer such personal information only for specified purposes in a secured manner

Security- NAILBITER takes reasonable and appropriate measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal information.

Use, Retention and Disposal- NAILBITER shall only use personal information that has been collected for the purposes identified in the privacy notice / SOW/contract agreements/pre-employment process/offer discussion and in accordance with the consent that the data subject shall provide. NAILBITER shall not retain personal information longer than is necessary to fulfill the purposes for which it was collected and to maintain reasonable business records. NAILBITER shall dispose of the personal information once it has served its intended purpose or as specified by the data subject. If you are given and accept an offer of employment by NAILBITER, personal data collected during your pre-employment period will become part of your NAILBITER personnel records, to be retained throughout and for a period after your employment with NAILBITER. If NAILBITER does not employ you, NAILBITER may nevertheless continue to retain and use personal data collected during the recruitment process in order to consider you for new positions, and, if appropriate, to refer back to an earlier application if you submit a resume or other information to NAILBITER again in the future, as well as for system administration, to perform research and analysis.

NAILBITER determines the retention period of your information based on the following retention criteria:
  • NAILBITER retains your personal data as long as it has an ongoing relationship with you;
  • For as long as allowed by applicable law, NAILBITER retains your personal data to match them against future open roles that we may want to inform you about;
  • NAILBITER retains your personal data where it is required to do so by a legal obligation to which it is subject;
  • NAILBITER retains your personal data where this is advisable to safeguard or improve NAILBITER’s legal position (for instance in relation to statutes of limitations, litigation, or regulatory investigations).

To the extent that the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time by contacting security@nailbiter.com Please note that this will not affect NAILBITER’s lawfulness of processing based on consent before your withdrawal of consent, nor its right to continue parts of the processing based on other legal bases than your consent.

Disclosure to Third Party vendors- NAILBITER shall disclose personal information to Third Party vendor/ partner firms only for purposes identified in the privacy notice / SOW/contract agreements. NAILBITER shall disclose personal information in a secure manner, with assurances of protection by those pares, according to the contracts, laws, and other segments, and, where needed, with the consent of the data subject.

Recourse, Enforcement, and Liability- Violation of this policy by an employee or contractor of NAILBITER shall result in appropriate disciplinary action including termination. Violation of this policy by any other party of this policy or NAILBITER’s privacy requirements shall result in exercising appropriate legal remedies available at law or in equity including termination for material breach of contract.

Quality-NAILBITER shall take steps to ensure that personal information in its records is accurate and relevant to the purposes for which it was collected.

Collection of Personal Information

What personal data does NAILBITER collect?
  • Information that data subject knowingly chooses to disclose;
  • Information collected while contacting us, using applications or services, or visiting the website.
  • Information NAILBITER gets from another third-party vendor who has obtained consent to share

Personal information may be collected online or offline. Regardless of the collection method, the same privacy protection shall apply to all personal information. NAILBITER does not take any responsibility for personal information that is collected by a third-party vendor and provided to us for processing.

1) Personal information shall not be collected unless either of the following is fulfilled:
  • The data subject has provided a valid, informed, and free consent;
  • Processing is necessary for the performance of a service to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
  • Processing is necessary for compliance with the NAILBITER legal obligation;
  • Processing is necessary in order to protect the vital interests of the data subject;

2) Data subjects shall not be required to provide more personal information than is necessary for the provision of the product or service that data subject has requested or authorized. If any data not needed for providing a service or product is requested, such fields shall be clearly labeled as optional. Collection of personal information shall be avoided or limited when reasonably possible.

3) Personal information shall be de-identified when the purposes of data collection can be achieved without personally identifiable information, at a reasonable cost.

4) When using third-party vendors to collect personal information on the behalf of NAILBITER, it shall ensure that the vendors comply with the privacy requirements of NAILBITER as defined in this Policy.

5) The project team/support function shall obtain approval from the IT Security team before adopting the new methods for collecting personal information electronically.

6) NAILBITER shall review the privacy policies and collection methods of ThirdParties before accepting personal information from Third-Party data sources.

Sources for collection of personal information for recruitment and hiring

NAILBITER may obtain data about you from the following sources:
  • From you when you submit resumes or other information online;
  • From other NAILBITER affiliates;
  • From employees via NAILBITER Employee Referral Policy
  • From conversations with recruiters and interviews with hiring managers and other NAILBITER personnel or representatives, some of which may be recorded as well as from Internet searches that these individuals may perform (where allowed by applicable law), or data that they may obtain from job search or professional networking websites (e.g. monster.com, LinkedIn, etc.) where you may have made data about yourself publicly available;
  • From previous employers;
  • From social media (where allowed by applicable law)
  • From third-party recruiters, staffing companies, or websites where you are introduced to NAILBITER through one. NAILBITER does not accept unsolicited resumes from 3rd party recruitment agencies but does sometimes use such agencies subject to a written agreement. Any resume or other candidate information submitted outside of established candidate submission guidelines (including through the Careers website or via email to any NAILBITER employee) and without a written agreement or otherwise will be deemed to be provided for NAILBITER’s use, and no fee will be paid should the candidate be hired by NAILBITER; and
  • From background checks, as applicable. Where permitted by law, NAILBITER may contract with a third party to perform a pre-employment background screening. The content of background check information varies by country to comply with local requirements but may include information gathered from publicly available sources, your former employers or colleagues, schools you have attended, credit reporting agencies, and criminal records databases. You will receive more information about the nature of such a background check before it begins. Where required by applicable local law, you may be asked to provide certain background check information, (which may include sensitive data) directly to NAILBITER.

Purpose of collection of personal information

NAILBITER Inc. uses the Personal Data of its Data subjects for the following broad purposes:
  • The general running and business administration of NAILBITER Inc.
  • For market research purposes to guide our clients on how to improve their products to meet consumer needs.
  • To provide services to NAILBITER Inc stakeholders and clients
  • The ongoing administration and management of NAILBITER services.

NAILBITER shall use that Personal Information to provide contractors, associates, consumers, third-party vendors, clients, and business partners with information and services and to help NAILBITER personnel understand their needs and interests.

NAILBITER uses the information to help complete a transaction or order, facilitate communication, market and sell products and services, deliver products/services, the bill for purchased products/services, and provide ongoing service and support. Occasionally NAILBITER personnel may use Personal Information to contact employees, contractors, associates, consumers, third-party vendors, clients and business partners to complete surveys that are used for market research and quality assurance purposes.

Sharing personal information with others

NAILBITER may share Personal Information as necessary to:
  • To help us in providing market research services to our clients
  • To support the other business need
  • To help us protect our rights or property, e.g., fraud prevention or information security
  • Comply with laws and regulations or respond to litigation
  • Enforce the terms and conditions of the Terms of Use made available on the Website.

NAILBITER may share Personal Information with its employees, contractors, associates, third-party vendors, clients, and business partners to the extent needed. All such parties shall keep the personal Information confidential that is received from NAILBITER and shall not use it for any purpose other than as originally intended or subsequently authorized or permitted.

Exercising access, data portability and deletion rights

Data Subjects have personal data rights, including
  • Access to the personal data NAILBITER holds about data subjects.
  • Request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted.
  • Ask NAILBITER to provide data in a format that transfers it to another service provider.
  • Withdraw consent at any time wherever relying on consent for the processing of personal information.
  • Object to our processing of personal data where that processing is based on our legitimate interest request correction, deletion, or transfer of personal information

To exercise the access, data portability, and deletion rights described above, Data Subject shall submit a request at security@nail-biter.com by complying with below measures:
  • Provide sufficient information to reasonably verify the person about whom NAILBITER has collected personal information or an authorized representative.
  • Describe a reason for such a request to properly understand, evaluate, and respond to it.

NAILBITER shall not respond to a request or provide personal information if NAILBITER cannot verify identity or authority to make the request and confirm the personal information related to the requestor. Making a verifiable request does not require creating an account. NAILBITER shall only use personal information provided in a verifiable request to verify the requestor's identity or authority to make the request.

Cookies

NAILBITER may also store information using cookies that can be accessed when the data subject visits or uses the services. It may include information about the pages viewed, the links clicked, and other actions taken using our services or e-mail content. This information shall be used to improve the experience of the services.

Children’s Privacy

This site is not designed for or intentionally targeted at children under the age of 18, and we do not knowingly collect application Personal Data about anyone under the age of 18. If we become aware that we have collected Personal Data relating to a child, we will take reasonable steps to delete it.

Response timing and format of request

NAILBITER endeavors to respond to a verifiable request within 30 days of its receipt. If it requires more me (up to 90 days), It shall be informed to the requester of the reason and extension period in writing.
  • If the requester has an account, NAILBITER shall deliver a written response to that account.
  • If the requester does not have an account, NAILBITER shall deliver a written response by mail or electronically, at their option.

Any disclosures shall only cover the 12-month period preceding the verifiable request's receipt. The response shall also explain the reasons if cannot comply with a request, if applicable.
NAILBITER shall not charge a fee to process or respond to verifiable requests unless it is excessive, reprieve, or manifestly unfounded. If it is determined that the request warrants a fee, NAILBITER shall inform the requester why that decision has been made and provide a cost estimate before completing any request.

Notification of data breach

NAILBITER shall notify the data subject about any data breach that happens along with all the details within 2 business days.

Changes to this policy

NAILBITER reserves the right to make changes to this Privacy Policy. If any material changes are made to this Privacy Policy, NAILBITER shall notify by posing the new version of the policy on the Website. It is the data subject’s responsibility to check the Website for such postings from me to me. Continued use of the Services following the posting of changes to this Privacy Policy shall constitute an acceptance of such changes.

Grievance Redressal

If the data subject is not satisfied with our data handling, processing or any other policies, the data subject has a right to inform at security@nail-biter.com