DEEPX Privacy Policy
1. Introduction
This Privacy Policy (the “Privacy Policy“) sets forth the terms and conditions governing the collection, use, and disclosure of information provided to DEEPX Co., Ltd. and its subsidiaries (collectively, “DEEPX,” “we,” “us,” or “our“), as well as the rights and choices available to you in relation to such information.
Unless otherwise defined herein, all capitalized terms used in this Privacy Policy shall have the meanings ascribed to them in the Website Terms of Use (the “Site Terms of Use“), into which this Privacy Policy is incorporated by reference.
This Privacy Policy is intended to supplement, and shall be read in conjunction with, the Site Terms of Use and our Cookie Policy (the “Cookie Policy“). DEEPX reserves the right to amend or update this Privacy Policy from time to time by issuing additional privacy statements, terms, or notices, as deemed necessary.
Unless otherwise defined herein, all capitalized terms used in this Privacy Policy shall have the meanings ascribed to them in the Website Terms of Use (the “Site Terms of Use“), into which this Privacy Policy is incorporated by reference.
This Privacy Policy is intended to supplement, and shall be read in conjunction with, the Site Terms of Use and our Cookie Policy (the “Cookie Policy“). DEEPX reserves the right to amend or update this Privacy Policy from time to time by issuing additional privacy statements, terms, or notices, as deemed necessary.
2. Scope and Applicability
This Privacy Policy governs the collection, use, and disclosure of information obtained through access to and use of the websites operated by DEEPX Co., Ltd. and its subsidiaries (collectively, “DEEPX,” “we,” “us,” or “our“), located at https://DEEPX.ai/ and any subdomains thereof (each, a “Website” and collectively, the “Websites“), the use of our artificial intelligence processors and any associated software (the “Solution“), and any services provided by DEEPX in connection with the Websites or the Solution (collectively, the “Services“).
This Privacy Policy is intended to describe and govern DEEPXâs practices with respect to the collection, processing, use, and disclosure of information, including Personal Data (as defined below), that may be collected from or about individuals when accessing or using the Services, as well as the rights and choices available to such individuals.
For purposes of this Privacy Policy, users of the Services (collectively referred to as “Users” or “you,” unless expressly stated otherwise) may include the following categories:
IMPORTANT NOTICE: To the extent that DEEPX processes the Personal Data of Customer End-Users, such processing is conducted solely on behalf of, and under the instruction of, the applicable Customer. In such circumstances, the Customer acts as the “data controller,” and DEEPX acts in the capacity of a “data processor” as defined under applicable data protection laws. Such a Customer may include your employer or any other entity on whose behalf you access or utilize the Services. Further details regarding DEEPXâs role as a data processor, and the implications for your Personal Data, are set forth below.
The provisions of this Privacy Policy relating to DEEPXâs independent data processing activities in its capacity as a “data controller” apply exclusively to the processing of Personal Data of Visitors and Candidates. Such provisions do not apply to the processing of Personal Data of Customer End-Users. If you are accessing or using the Services as a Customer End-User or have any inquiries or requests concerning the processing of your Personal Data as a Customer End-User, you are advised to contact the relevant Customer (typically your employer or the entity on whose behalf you are utilizing the Services) directly.
This Privacy Policy is intended to describe and govern DEEPXâs practices with respect to the collection, processing, use, and disclosure of information, including Personal Data (as defined below), that may be collected from or about individuals when accessing or using the Services, as well as the rights and choices available to such individuals.
For purposes of this Privacy Policy, users of the Services (collectively referred to as “Users” or “you,” unless expressly stated otherwise) may include the following categories:
(i) individuals utilizing the Solution in their capacity as employees, representatives, or other personnel of DEEPXâs business customers (each, a “Customer“), including individuals designated as administrative users (“admin users“) of a Customer or those accessing or using the Services on behalf of a Customer (each, a “Customer End-User“);
(ii) individuals accessing or visiting the Websites (each, a “Visitor“); and
(iii) employment candidates (each, a “Candidate,” as further defined below).
IMPORTANT NOTICE: To the extent that DEEPX processes the Personal Data of Customer End-Users, such processing is conducted solely on behalf of, and under the instruction of, the applicable Customer. In such circumstances, the Customer acts as the “data controller,” and DEEPX acts in the capacity of a “data processor” as defined under applicable data protection laws. Such a Customer may include your employer or any other entity on whose behalf you access or utilize the Services. Further details regarding DEEPXâs role as a data processor, and the implications for your Personal Data, are set forth below.
The provisions of this Privacy Policy relating to DEEPXâs independent data processing activities in its capacity as a “data controller” apply exclusively to the processing of Personal Data of Visitors and Candidates. Such provisions do not apply to the processing of Personal Data of Customer End-Users. If you are accessing or using the Services as a Customer End-User or have any inquiries or requests concerning the processing of your Personal Data as a Customer End-User, you are advised to contact the relevant Customer (typically your employer or the entity on whose behalf you are utilizing the Services) directly.
3. Your Acknowledgement
PLEASE READ THIS PRIVACY POLICY CAREFULLY PRIOR TO ACCESSING OR USING THE SERVICES, OR ANY PART OR COMPONENT THEREOF.
By accessing or using the Services, or any part or component thereof, you expressly acknowledge that you have read, understood, and agreed to be bound by the terms and conditions set forth in this Privacy Policy, including the collection, use, and processing of your Personal Data (as defined herein). If you do not agree to any provision of this Privacy Policy, you are hereby instructed not to access or use the Services.
PLEASE BE ADVISED THAT YOU ARE UNDER NO LEGAL OBLIGATION TO PROVIDE US WITH ANY PERSONAL DATA.
You hereby acknowledge and agree that any provision of Personal Data by you is done voluntarily and at your sole discretion. You further agree that DEEPX may collect, use, and process such Personal Data in accordance with the terms of this Privacy Policy and in compliance with applicable laws and regulations.
To the extent that you provide DEEPX with any Personal Data relating to any third party, including but not limited to your personnel, colleagues, or customers, you expressly represent and warrant that you have obtained, and shall maintain at all times, all necessary consents, permissions, and authorizations from such third parties or entities, and that you have provided such parties with all necessary disclosures required under applicable law to enable DEEPX to access, store, collect, analyze, and process such Personal Data as described in this Privacy Policy.
4. Collection of Personal and Non-Personal Data
DEEPX collects both Personal Data and Non-Personal Data, as defined below.
For the purposes of this Privacy Policy, âPersonal Dataâ shall mean any information that directly identifies an individual or that, when combined with other information lawfully available to DEEPX, may reasonably enable the identification of a natural person, or relates to an identified or identifiable natural person and is of a private or sensitive nature. Identification of an individual includes, without limitation, the association of such individual with a persistent identifier, such as a name, identification number, persistent cookie identifier, or similar unique reference. For the avoidance of doubt, Personal Data shall not include information that has been anonymized or aggregated, provided that such information can no longer be used, whether alone or in combination with other data, to identify a specific natural person.
âNon-Personal Dataâ refers to information that is collected without reference to the identity of the specific individual from whom such information was collected. Non-Personal Data may be collected while the User is accessing or using the Services and may include technical, behavioral, and aggregated information such as: the Userâs activity on the Website, operating system type, click-stream data, browser type and characteristics, keyboard features, demographic information, traffic patterns, and similar data.
It is hereby clarified that the majority of information collected by DEEPX through your use of the Services constitutes Non-Personal Data. Notwithstanding the foregoing, DEEPX may collect and process various categories of Personal Data as further detailed in this Privacy Policy through the applicable methods of collection described herein.
In the event that Personal Data is combined with Non-Personal Data, DEEPX shall treat the combined information as Personal Data for as long as such combination persists. Furthermore, Personal Data shall only be stored and processed by DEEPX if it is voluntarily provided by you, including, but not limited to, by way of submission through contact forms or other means of communication made available through the Services.
5. Sources of Personal Data Collection
In the course of your access to or use of the Services, DEEPX may collect and receive your Personal Data from the following sources:
(a) Personal Data Actively Provided by You:
This category includes any information, data, or content that you actively and voluntarily submit, create, upload, or otherwise provide through your use of the Services. For the avoidance of doubt, such Personal Data may be provided by you when you:
(a) Personal Data Actively Provided by You:
This category includes any information, data, or content that you actively and voluntarily submit, create, upload, or otherwise provide through your use of the Services. For the avoidance of doubt, such Personal Data may be provided by you when you:
- Submit information via the âProduct Inquiry,â âContact Us,â or any similar contact forms available on the Websites;
- Communicate with our customer support representatives;
- Apply for employment through the âCareersâ page of the Website; or
- Use the Solution, during which you may be requested to provide Personal Data.
Such Personal Data may include, but is not limited to, your full name, professional email address, the identity of your employer or the Customer on whose behalf you access or use the Services, the industry in which you operate, your role or job title, and any additional Personal Data contained within the content you voluntarily submit or create in connection with your use of the Services.
(b) Personal Data Collected Automatically Through Use of the Services:
While you access or use the Services, DEEPX may employ, or authorize third parties to employ, various tracking technologies and tools to collect information regarding your interaction with the Services. Such technologies include, without limitation, web beacons, cookies (including essential, non-essential, and functionality cookies), pixel tags, scripts, tags, and similar technologies (collectively, the âTracking Technologiesâ). These Tracking Technologies enable the automatic collection of certain data, including but not limited to Internet Protocol (IP) addresses, unique device identifiers, and click-stream data. For further information regarding our use of Tracking Technologies, please refer to our Cookie Policy.
Information collected through Tracking Technologies may include the following:
(b) Personal Data Collected Automatically Through Use of the Services:
While you access or use the Services, DEEPX may employ, or authorize third parties to employ, various tracking technologies and tools to collect information regarding your interaction with the Services. Such technologies include, without limitation, web beacons, cookies (including essential, non-essential, and functionality cookies), pixel tags, scripts, tags, and similar technologies (collectively, the âTracking Technologiesâ). These Tracking Technologies enable the automatic collection of certain data, including but not limited to Internet Protocol (IP) addresses, unique device identifiers, and click-stream data. For further information regarding our use of Tracking Technologies, please refer to our Cookie Policy.
Information collected through Tracking Technologies may include the following:
- Usage and Impression Data: Information relating to your interaction with the Services, such as session duration, pages visited, navigation patterns, methods used to exit pages, as well as details of your impressions of and reactions to content, products, or advertisements displayed on the Website, including click and view data.
- Device and Technical Information: Data collected from or about the device(s) you use to access the Services, including but not limited to:
- Identifiers: Such as IP addresses, device-specific identifiers, advertising identifiers, and geolocation data inferred from the IP address.
- Device Signals: Including Wi-Fi access points, connection speed, and similar data.
- Cookie Data: Information derived from cookies stored on your device, including cookie identifiers and settings.
For additional details on our use of cookies and similar technologies, please refer to the section entitled âUsing Cookies and Other Tracking Technologiesâ below.
(c) Personal Data Collected from Third-Party Sources:
DEEPX may also obtain Personal Data about you from third parties, who have represented and warranted to us that they have obtained all necessary consents or are otherwise legally permitted to disclose such information to DEEPX. By way of example, we may receive your contact details from our Customer, your employer, or from another User who has invited you to access or use the Services, subject always to applicable laws and regulations governing such data sharing.
6. Our Legal Basis for Use of Your Data
a. Legal Basis for the Collection and Processing of Personal Data
DEEPX shall collect and process Personal Data solely in accordance with applicable data protection laws and regulations, and based on the following legal grounds:
(i) Performance of a Contract and Provision of the Services:
Subject to your acceptance of this Privacy Policy, we process your Personal Data as necessary for the performance of our contractual obligations, including but not limited to providing, operating, and maintaining the Services; improving and enhancing the Services; developing new features, functionalities, and services; and personalizing your experience with the Services, all in accordance with the terms of this Privacy Policy and applicable law, while implementing appropriate technical and organizational measures to protect your data.
(ii) Legitimate Interests:
We process your Personal Data where such processing is necessary for the purposes of our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms. Such legitimate interests include, without limitation: detecting, preventing, or addressing fraud, abuse, security vulnerabilities, functionality issues, or technical problems; safeguarding the rights, property, or safety of DEEPX, our Users, or the general public as permitted or required by law; and exercising or defending legal claims, including investigating potential breaches of this Privacy Policy or responding to claims asserted against us.
(iii) Consent:
Where required by applicable law, we process your Personal Data based on your explicit consent. You may withdraw such consent at any time, subject to legal or contractual restrictions and reasonable notice. For instance, your consent may be requested for the purpose of receiving marketing communications or promotional materials.
(iv) Compliance with Legal Obligations:
We may process your Personal Data where such processing is necessary for compliance with applicable laws, regulations, guidelines, governmental orders, industry standards, or other legal obligations. This includes responding to legal proceedings, complying with regulatory inquiries, preventing fraud, enforcing our Terms and Conditions, and investigating any alleged violations thereof.
b. Purposes of Processing Personal Data
We may use your Personal Data for the following purposes, to the extent permissible under applicable law:
DEEPX shall collect and process Personal Data solely in accordance with applicable data protection laws and regulations, and based on the following legal grounds:
(i) Performance of a Contract and Provision of the Services:
Subject to your acceptance of this Privacy Policy, we process your Personal Data as necessary for the performance of our contractual obligations, including but not limited to providing, operating, and maintaining the Services; improving and enhancing the Services; developing new features, functionalities, and services; and personalizing your experience with the Services, all in accordance with the terms of this Privacy Policy and applicable law, while implementing appropriate technical and organizational measures to protect your data.
(ii) Legitimate Interests:
We process your Personal Data where such processing is necessary for the purposes of our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms. Such legitimate interests include, without limitation: detecting, preventing, or addressing fraud, abuse, security vulnerabilities, functionality issues, or technical problems; safeguarding the rights, property, or safety of DEEPX, our Users, or the general public as permitted or required by law; and exercising or defending legal claims, including investigating potential breaches of this Privacy Policy or responding to claims asserted against us.
(iii) Consent:
Where required by applicable law, we process your Personal Data based on your explicit consent. You may withdraw such consent at any time, subject to legal or contractual restrictions and reasonable notice. For instance, your consent may be requested for the purpose of receiving marketing communications or promotional materials.
(iv) Compliance with Legal Obligations:
We may process your Personal Data where such processing is necessary for compliance with applicable laws, regulations, guidelines, governmental orders, industry standards, or other legal obligations. This includes responding to legal proceedings, complying with regulatory inquiries, preventing fraud, enforcing our Terms and Conditions, and investigating any alleged violations thereof.
b. Purposes of Processing Personal Data
We may use your Personal Data for the following purposes, to the extent permissible under applicable law:
- To provide, operate, maintain, and improve the Services, and to manage our business operations;
- To personalize, optimize, and enhance your experience while using the Services and to tailor the Services to the device you are utilizing;
- To communicate with you regarding updates, notices, notifications, announcements, and other information pertaining to the Services;
- To generate aggregated statistical data or other anonymized or de-identified information, which may be used to improve our Services and related offerings;
- If you are a Customer End-User, to communicate with you for the purpose of managing the relationship with the applicable Customer, providing technical support and assistance, responding to complaints, and collecting feedback;
- If you are a Visitor, to respond to your inquiries, provide support, and furnish you with information regarding our Websites, the Solution, and related services;
- To verify your identity in connection with any request you may submit to exercise your rights under this Privacy Policy or applicable law;
- To prevent, detect, mitigate, and investigate fraud, security breaches, or other potentially unlawful or prohibited activities, including any violations of this Privacy Policy or the Site Terms of Use;
- To perform any function or provide any service as otherwise described to you at the time of data collection;
- To conduct marketing activities, including contacting Users or potential Users with promotional materials regarding our Services, tracking the effectiveness of marketing campaigns, and analyzing marketing performance metrics;
- To comply with any applicable law, regulation, or legal process; protect our legal rights and interests; and respond to or defend against any actual or potential legal proceedings initiated against us or our affiliates;
- To facilitate and manage your application for employment with DEEPX, as further detailed in Section 8 below.
Additionally, we may analyze and utilize Personal Data, in anonymized or aggregated form, for purposes of product development, performance analysis, troubleshooting, service optimization, and ensuring the best possible user experience across our Services.
7. Disclosure of Personal Data to Third Parties
We may disclose or otherwise grant access to your Personal Data to third parties strictly under the following circumstances and in accordance with applicable data protection laws:
(a) Internal Affiliates and Authorized Personnel:
We may share your Personal Data with our affiliated companies and authorized personnel, including employees, solely for the purposes set forth in this Privacy Policy and subject to the terms herein. Furthermore, in the event of a change in control of DEEPX or any of its affiliates, including but not limited to a merger, acquisition, or sale of all or substantially all of its assets, your Personal Data may be shared with the parties involved in such transaction under strict confidentiality and security obligations for the sole purpose of evaluating or completing the contemplated transaction, and always in accordance with the terms of this Privacy Policy. Where such change in control is reasonably likely to materially affect your Personal Data, we shall provide notice of such event and inform you of any choices available to you, by email and/or a prominent notice within the Services.
(b) Protection of Rights and Safety:
We may disclose Personal Data as necessary to enforce this Privacy Policy, our Site Terms of Use, or any other agreement executed with the Customer, including investigation of potential breaches thereof. Additionally, we may share Personal Data to detect, prevent, or otherwise address fraud, security vulnerabilities, or technical issues; to respond to claims or allegations that any content available through the Services infringes the rights of third parties; or otherwise if we, in good faith, determine that such disclosure is reasonably necessary to protect the rights, property, or personal safety of DEEPX, its users, or the general public.
(c) Third-Party Service Providers and Business Partners:
If you are a Customer End-User, we may disclose your Personal Data to the applicable Customer with whom you are affiliated and on whose behalf we process your information, strictly in accordance with the contractual obligations between DEEPX and such Customer.
We also engage third-party service providers and business partners (“Service Providers“) to perform certain services necessary for the operation and enhancement of our Services. Such Service Providers may access, process, or otherwise handle Personal Data on our behalf, solely for the purpose of providing these services. Service Providers may include, without limitation, providers of hosting and server co-location services, data analytics services, marketing and customer relationship management services, internal workflow and communication platforms, payment processing services, user registration and website management platforms, community platforms, and our business, legal, and financial advisors.
DEEPX remains responsible for the processing of Personal Data performed on its behalf by Service Providers, except in circumstances beyond our or their reasonable control and except where such Service Providers engage with you independently, either through a prior direct contractual relationship or through your acceptance of their privacy policies and terms of use.
(d) Compliance with Legal Obligations and Law Enforcement:
We cooperate with government authorities, regulatory agencies, and law enforcement officials to comply with applicable laws and regulations. Accordingly, we may disclose Personal Data where we, in our sole discretion, deem such disclosure necessary or appropriate: (i) to comply with legal processes, including subpoenas or court orders; (ii) to protect our rights, property, or interests, or those of any third party; (iii) to ensure the safety and security of the public or any individual; or (iv) to prevent or investigate any activity that we reasonably consider to be illegal, unethical, inappropriate, or legally actionable.
(a) Internal Affiliates and Authorized Personnel:
We may share your Personal Data with our affiliated companies and authorized personnel, including employees, solely for the purposes set forth in this Privacy Policy and subject to the terms herein. Furthermore, in the event of a change in control of DEEPX or any of its affiliates, including but not limited to a merger, acquisition, or sale of all or substantially all of its assets, your Personal Data may be shared with the parties involved in such transaction under strict confidentiality and security obligations for the sole purpose of evaluating or completing the contemplated transaction, and always in accordance with the terms of this Privacy Policy. Where such change in control is reasonably likely to materially affect your Personal Data, we shall provide notice of such event and inform you of any choices available to you, by email and/or a prominent notice within the Services.
(b) Protection of Rights and Safety:
We may disclose Personal Data as necessary to enforce this Privacy Policy, our Site Terms of Use, or any other agreement executed with the Customer, including investigation of potential breaches thereof. Additionally, we may share Personal Data to detect, prevent, or otherwise address fraud, security vulnerabilities, or technical issues; to respond to claims or allegations that any content available through the Services infringes the rights of third parties; or otherwise if we, in good faith, determine that such disclosure is reasonably necessary to protect the rights, property, or personal safety of DEEPX, its users, or the general public.
(c) Third-Party Service Providers and Business Partners:
If you are a Customer End-User, we may disclose your Personal Data to the applicable Customer with whom you are affiliated and on whose behalf we process your information, strictly in accordance with the contractual obligations between DEEPX and such Customer.
We also engage third-party service providers and business partners (“Service Providers“) to perform certain services necessary for the operation and enhancement of our Services. Such Service Providers may access, process, or otherwise handle Personal Data on our behalf, solely for the purpose of providing these services. Service Providers may include, without limitation, providers of hosting and server co-location services, data analytics services, marketing and customer relationship management services, internal workflow and communication platforms, payment processing services, user registration and website management platforms, community platforms, and our business, legal, and financial advisors.
DEEPX remains responsible for the processing of Personal Data performed on its behalf by Service Providers, except in circumstances beyond our or their reasonable control and except where such Service Providers engage with you independently, either through a prior direct contractual relationship or through your acceptance of their privacy policies and terms of use.
(d) Compliance with Legal Obligations and Law Enforcement:
We cooperate with government authorities, regulatory agencies, and law enforcement officials to comply with applicable laws and regulations. Accordingly, we may disclose Personal Data where we, in our sole discretion, deem such disclosure necessary or appropriate: (i) to comply with legal processes, including subpoenas or court orders; (ii) to protect our rights, property, or interests, or those of any third party; (iii) to ensure the safety and security of the public or any individual; or (iv) to prevent or investigate any activity that we reasonably consider to be illegal, unethical, inappropriate, or legally actionable.
8. Job Candidate Information
DEEPX hereby invites all qualified individuals (âCandidatesâ) to submit applications for any open positions listed on our official website, social media platforms (including but not limited to Facebook and LinkedIn), or other designated recruitment channels, by providing their contact information, full name, curriculum vitae (CV), LinkedIn profile, professional portfolio, and any additional information voluntarily provided by the Candidate, whether through a personal note, cover letter, or any similar document (collectively, “Candidate Information“).
DEEPX is committed to maintaining the confidentiality of all Candidate Information and shall use such information solely for legitimate internal recruitment purposes. These purposes include, but are not limited to, identifying suitable Candidates, assessing their qualifications, evaluating their applications, making hiring decisions, and communicating with Candidates, whether by telephone, email, or other means of correspondence.
Candidates are hereby advised that DEEPX may retain Candidate Information for a reasonable period following the closure or fulfillment of the position for which the application was initially submitted. Such retention is for the purpose of considering Candidates for future employment opportunities with DEEPX, referencing prior applications, and, in the event of employment, for additional employment-related purposes and ongoing business needs.
Should any Candidate wish to access, update, or request the deletion of their Candidate Information from DEEPXâs records, they may submit such a request by contacting us. DEEPX will process such requests in accordance with applicable data protection laws and regulations.
DEEPX is committed to maintaining the confidentiality of all Candidate Information and shall use such information solely for legitimate internal recruitment purposes. These purposes include, but are not limited to, identifying suitable Candidates, assessing their qualifications, evaluating their applications, making hiring decisions, and communicating with Candidates, whether by telephone, email, or other means of correspondence.
Candidates are hereby advised that DEEPX may retain Candidate Information for a reasonable period following the closure or fulfillment of the position for which the application was initially submitted. Such retention is for the purpose of considering Candidates for future employment opportunities with DEEPX, referencing prior applications, and, in the event of employment, for additional employment-related purposes and ongoing business needs.
Should any Candidate wish to access, update, or request the deletion of their Candidate Information from DEEPXâs records, they may submit such a request by contacting us. DEEPX will process such requests in accordance with applicable data protection laws and regulations.
9. International Data Storage, Processing, and Transfer
Information relating to Users may be maintained, processed, and stored by DEEPX, its authorized affiliates, and third-party Service Providers. Where DEEPX processes Personal Data on behalf of a Customer (including, without limitation, the Personal Data of Customer End-Users), such processing shall occur in the locations permitted or instructed by the Customer, as further described herein.
While the data protection laws of the jurisdictions in which such information is processed and stored may differ from those applicable in the jurisdiction of your residence or current location, DEEPX, its affiliates, and its Service Providers are each committed to protecting and securing your Personal Data in accordance with the provisions of this Privacy Policy, applicable industry standards, and relevant data protection laws, irrespective of any lesser legal requirements that may apply in the respective jurisdictions.
Specifically, each of DEEPX’s third-party Service Providers that stores or processes your Personal Data on DEEPX’s behalf has provided assurances that they implement appropriate safeguards to ensure the protection of your privacy rights.
By providing your Personal Data to DEEPX, you expressly acknowledge and consent to the storage, processing, and transfer of your Personal Data as described herein, including transfers to jurisdictions outside the country or region in which the data was originally collected.
While the data protection laws of the jurisdictions in which such information is processed and stored may differ from those applicable in the jurisdiction of your residence or current location, DEEPX, its affiliates, and its Service Providers are each committed to protecting and securing your Personal Data in accordance with the provisions of this Privacy Policy, applicable industry standards, and relevant data protection laws, irrespective of any lesser legal requirements that may apply in the respective jurisdictions.
Specifically, each of DEEPX’s third-party Service Providers that stores or processes your Personal Data on DEEPX’s behalf has provided assurances that they implement appropriate safeguards to ensure the protection of your privacy rights.
By providing your Personal Data to DEEPX, you expressly acknowledge and consent to the storage, processing, and transfer of your Personal Data as described herein, including transfers to jurisdictions outside the country or region in which the data was originally collected.
10. Data Retention
We shall retain the Personal Data collected or received from you for such duration as is necessary to fulfill the purposes for which it was collected, including the provision of the Services, and as otherwise required to comply with applicable laws, regulations, and legal obligations.
In the event that you withdraw your consent to the processing of your Personal Data, including by deleting your account, we shall, subject to the provisions herein, delete such Personal Data from our systems. Notwithstanding the foregoing, such deletion shall not apply to any portion of the Personal Data that we are required to retain in whole or in part in order to comply with applicable legal or regulatory obligations, or to respond to or defend against actual or potential legal claims or proceedings asserted against us or any of our affiliates.
For the avoidance of doubt, where we process Personal Data solely on behalf of a Customer, including where your employer is a Customer utilizing the Services, the retention of such Personal Data shall be subject to the instructions of the respective Customer, in accordance with the terms of our agreement with such Customer.
In the event that you withdraw your consent to the processing of your Personal Data, including by deleting your account, we shall, subject to the provisions herein, delete such Personal Data from our systems. Notwithstanding the foregoing, such deletion shall not apply to any portion of the Personal Data that we are required to retain in whole or in part in order to comply with applicable legal or regulatory obligations, or to respond to or defend against actual or potential legal claims or proceedings asserted against us or any of our affiliates.
For the avoidance of doubt, where we process Personal Data solely on behalf of a Customer, including where your employer is a Customer utilizing the Services, the retention of such Personal Data shall be subject to the instructions of the respective Customer, in accordance with the terms of our agreement with such Customer.
11. Data Security
We exercise diligent efforts in implementing and maintaining appropriate administrative, technical, and physical safeguards designed to protect the security and integrity of the Services and your Personal Data. Such measures are intended to prevent unauthorized access, use, disclosure, alteration, or destruction of Personal Data in our possession.
Your Personal Data is stored on secured servers and is not made publicly available. Access to your Personal Data is strictly limited to those employees, authorized third-party service providers, and other partners who require such access on a need-to-know basis solely for the purpose of fulfilling our contractual obligations and providing the Services in accordance with this Privacy Policy.
Notwithstanding the foregoing, you acknowledge and agree that no method of transmission over the Internet or method of electronic storage is entirely secure, and we cannot guarantee the absolute security of your Personal Data. Accordingly, DEEPX does not warrant or represent that the Services will be immune from any unauthorized access, security breaches, or other information security risks.
Should you have any questions or concerns regarding the security of your Personal Data, you may contact us.
Your Personal Data is stored on secured servers and is not made publicly available. Access to your Personal Data is strictly limited to those employees, authorized third-party service providers, and other partners who require such access on a need-to-know basis solely for the purpose of fulfilling our contractual obligations and providing the Services in accordance with this Privacy Policy.
Notwithstanding the foregoing, you acknowledge and agree that no method of transmission over the Internet or method of electronic storage is entirely secure, and we cannot guarantee the absolute security of your Personal Data. Accordingly, DEEPX does not warrant or represent that the Services will be immune from any unauthorized access, security breaches, or other information security risks.
Should you have any questions or concerns regarding the security of your Personal Data, you may contact us.
12. Data Subject Rights
If you wish to exercise any rights to which you are entitled under applicable data protection laws, you may do so by submitting a request to us. In processing such requests, we may require you to provide additional information as necessary to verify your identity and the nature of your request.
Subject to applicable laws and regulations, the rights available to you may include, without limitation, the following:
1. Right of Access: You may have the right to obtain confirmation as to whether or not we process Personal Data relating to you and, where applicable, to request access to such Personal Data. We reserve the right to request reasonable evidence to verify your identity prior to the disclosure of any such information.
2. Right to Rectification: You may have the right to request the correction or amendment of inaccurate, incomplete, or outdated Personal Data concerning you. We shall make reasonable efforts to ensure that any Personal Data in our possession is accurate and current and will rectify any inaccuracies as soon as practicable upon receiving a valid request.
3. Right to Erasure: Subject to certain conditions and limitations under applicable laws and regulations, you may have the right to request the deletion, anonymization, or de-identification of certain Personal Data that we hold about you.
4. Right to Data Portability: In certain circumstances and where legally required, you may have the right to request that Personal Data you have provided to us be made available to you in a structured, commonly used, and machine-readable format, so that you may transmit such data to another data controller.
For any inquiries or to exercise your rights, you may contact us and we will handle your request in accordance with applicable data protection laws.
13. Minors
In order to accept this Privacy Policy and access or use the Services, Users must be at least eighteen (18) years of age. Accordingly, we do not knowingly collect, solicit, or process Personal Data from any individual under the age of eighteen (18), nor do we intend to do so. We reserve the right to request proof of age at any time to verify compliance with this requirement and to ensure that individuals under the age of eighteen (18) are not utilizing the Services.
In the event that you believe we may be in possession of Personal Data relating to an individual under the age of eighteen (18), you are required to promptly notify us. Should we become aware that a person under the age of eighteen (18) has accessed or used the Services, we reserve the right to immediately prohibit such individual from further access or use of the Services and shall make reasonable efforts to promptly delete any Personal Data associated with such individual from our records.
Furthermore, if you submit or otherwise provide any Personal Data concerning a minor to the Services, you hereby represent and warrant that you have obtained all necessary legal consents, permissions, or approvals required under applicable law, or that you are the parent or legal guardian of such minor and possess the lawful authority to upload, submit, disclose, or otherwise share such Personal Data or any other sensitive information on behalf of the minor.
In the event that you believe we may be in possession of Personal Data relating to an individual under the age of eighteen (18), you are required to promptly notify us. Should we become aware that a person under the age of eighteen (18) has accessed or used the Services, we reserve the right to immediately prohibit such individual from further access or use of the Services and shall make reasonable efforts to promptly delete any Personal Data associated with such individual from our records.
Furthermore, if you submit or otherwise provide any Personal Data concerning a minor to the Services, you hereby represent and warrant that you have obtained all necessary legal consents, permissions, or approvals required under applicable law, or that you are the parent or legal guardian of such minor and possess the lawful authority to upload, submit, disclose, or otherwise share such Personal Data or any other sensitive information on behalf of the minor.
14. Roles under Applicable Data Protection Laws
Pursuant to various data protection, privacy, and similar legal frameworksâsuch as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable lawsâtwo distinct roles typically govern the processing of Personal Data:
- The âData Controllerâ (or under the CCPA, the âBusinessâ), which determines the purposes and means of processing Personal Data; and
- The âData Processorâ (or under the CCPA, the âService Providerâ or âContractorâ), which processes Personal Data on behalf of the Data Controller.
Set forth below is an explanation of how these roles apply to our Services, where such laws and regulations are applicable:
DEEPX shall act as the Data Controller with respect to the Personal Data of Visitors and Candidates, as further detailed herein. Accordingly, DEEPX assumes the obligations and responsibilities of a Data Controller, solely to the extent required by applicable law, and as described in this Privacy Policy.
DEEPX shall act as the Data Processor with respect to Personal Data submitted to or otherwise made available to DEEPX by its Customers and/or Customer End-Users, including Personal Data relating to Customer End-Users. In such instances, DEEPX processes Personal Data solely on behalf of the applicable Customer, which is the Data Controller, and in accordance with the Customerâs reasonable written instructions and the terms of the applicable commercial agreement executed between DEEPX and such Customer.
Each Customer shall remain solely and fully responsible for determining the manner and means by which it utilizes the Services, and for ensuring compliance with all applicable laws and regulations governing the collection, use, and processing of Personal Data. This includes the obligation to ensure that any individuals acting on the Customerâs behalf or at the Customerâs direction, as well as any individuals whose Personal Data may be included in any data processed through the Services, have been provided with all necessary and appropriate notices, and where required, have given informed consent to the processing of their Personal Data. Customers are also solely responsible for responding to and fulfilling any data subject rights requests under applicable laws submitted by their Customer End-Users or any other individuals whose Personal Data they process through the Services.
Accordingly, if you are a Customer End-User or any other individual whose Personal Data has been provided to DEEPX in connection with a Customerâs use of the Services, please be advised that DEEPX does not directly provide you with the rights set forth in Section 10 above. Any such requests or inquiries regarding the exercise of data subject rightsâincluding but not limited to requests to access, rectify, or delete Personal Dataâmust be directed to the applicable Customer or Customer End-User, who serves as the Data Controller with respect to such Personal Data.
15. Modifications to this Privacy Policy
This Privacy Policy may be amended, modified, or updated from time to time at our sole discretion. The most current version of this Privacy Policy shall be made available on our Services and identified by the “Last Revised” date indicated herein. You are encouraged to review this Privacy Policy periodically to remain informed of any changes.
In the event of material or substantial changes to the terms of this Privacy Policy, we shall provide notice of such changes by posting a notice on the homepage of our Website and/or by sending an electronic notification to the email address you have provided to us, if applicable. Any such material changes shall become effective seven (7) days following the provision of such notice, whether posted or delivered via email.
All other non-material modifications shall become effective as of the date stated in the “Last Revised” heading of this Privacy Policy. Your continued access to or use of the Services following the effective date of any changes shall be deemed to constitute your acceptance of and agreement to be legally bound by the terms of the revised Privacy Policy.
In the event of material or substantial changes to the terms of this Privacy Policy, we shall provide notice of such changes by posting a notice on the homepage of our Website and/or by sending an electronic notification to the email address you have provided to us, if applicable. Any such material changes shall become effective seven (7) days following the provision of such notice, whether posted or delivered via email.
All other non-material modifications shall become effective as of the date stated in the “Last Revised” heading of this Privacy Policy. Your continued access to or use of the Services following the effective date of any changes shall be deemed to constitute your acceptance of and agreement to be legally bound by the terms of the revised Privacy Policy.