Notice/Use of Information
Sortifix does not sell or publish PII provided by its Customers. Sortifix maintains Customer PII only for the purposes of contracting and communicating with Customers.
Sortifix may collect and aggregate demographic data that is not associated with an individual’s PII for use in statistical analysis, algorithmic learning, software performance metrics, or for other training purposes.
Sortifix operates as a data processor for its Customers. Customers fill the role of data controller, retaining the PII of Candidates. Candidates interact with Customers rather than directly with Sortifix. Generally, as data processor, Sortifix does not maintain any Candidate PII collected by Customers. For each failed transaction processed at Sortifix.com, where the Code is something other than “Success,” Sortifix may, unless prohibited to do so by the Customer, log the Candidate PII for a period of up to 14 days, after which the document is automatically purged from Sortifix’s AWS server. Sortifix may retain Candidate PII that it obtains in the course of providing troubleshooting, performance feedback, or to assist in software improvements for Customers. This retained Candidate PII is maintained locally, securely and used only for the purposes of internal testing, research and development. At the Customer’s request, Sortifix will not retain Candidate PII that Customers share with it during the course of providing troubleshooting, performance feedback, or to assist in software improvements. It is the Customer’s responsibility to ensure that the data the Customer collects can be legally collected in the country of origin. The Customer is responsible for properly notifying its employees and Candidates if, when and how PII is being collected and maintained, and for providing them a choice as to whether or not we use PII in the manner described herein.
Regarding transactions processed through Sortifix.com, Sortifix may log the Customer account and transaction metadata including source IP address, processing codes, sizes and timings.
If Sortifix goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, information collected through our website(s) may be among the assets transferred. A prominent notice will appear on our website(s) for 30 days after any such change in ownership or control of your personal information.
Notification of Changes/Choice
We will maintain information in accordance with this Policy. If we decide to change the Policy, we will post those changes to this Policy on Sortifix’s website, and other places we deem appropriate so our Customers are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. Customers, in turn, are responsible for notifying Candidates and providing them a choice as to whether or not we use their information in this different manner.
Third-Parties and Platform Security
At our discretion, we link to third party sites on our website. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Sortifix will use PII only in ways compatible with the purpose for which it was collected or subsequently authorized by our Customers. Sortifix will take reasonable steps to ensure that PII is relevant for its intended use, accurate and complete.
Sortifix is committed to ensuring the security of the information it processes and maintains. To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of PII, Sortifix, in conjunction with AWS, has put in place appropriate physical, electronic, and managerial procedures, as described in more detail above, to safeguard and secure the PII we process. In addition, Candidate PII that we maintain is only accessible by designated Sortifix development employees and is encrypted at rest. Sortifix strives to protect the privacy of the PII we process, and inadvertent disclosure is extremely unlikely. In the event of such an inadvertent disclosure, Sortifix will take all commercially reasonable steps to limit and remedy the disclosure. However, we cannot guarantee that unauthorized third parties will never be able to defeat those procedures or use PII for improper purposes.
Customers may contact Sortifix to access or correct Customer PII, at any time. In its role as a data processor, Sortifix normally processes and returns Candidate PII to Customers without it being retained by Sortifix. When Sortifix collects and maintains Candidate PII, we do so with the permission of our Customer and only for the purposes described herein. If you are a Candidate, and you wish to request access to or correction of the information you provided to a Sortifix Customer, please contact the company to which you provided it. Sortifix will either delete or correct this information, at the request of its Customers.
Any questions, comments or complaints about the data practices (including without limitation, compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement) of a Sortifix Customer who processes data or who provides data to Sortifix for training, troubleshooting and/or testing purposes should be directed to that Sortifix Customer.
We may disclose PII when required by law or in the good faith belief that such action is necessary in order to conform to the edicts of the law, comply with legal mandates, enforce the TOS of our websites, or to protect the rights, property, or personal safety of Sortifix, its users and the public.
Sortifix will give Customers prompt notice of any legal or governmental demand for PII and will reasonably cooperate with Customers in any effort to seek a protective order or otherwise to contest such required disclosure, at Customer’s expense.