Data transparency and privacy
Our goal is to be transparent about our data privacy practices and help you make informed decisions about sharing your information with us or obtaining information from us. We care about personal data protection, security and are committed to complying with applicable data privacy laws and regulations.
On this page, you will learn about Coresignal's web data collection principles, privacy-related practices, and our company's approach to privacy-associated matters. Should you have specific data privacy-related concerns, don't hesitate to contact us at [email protected].
![Data transparency and privacy](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/65fc404867db1efde8e4e7fb_data-secure.webp)
What data does Coresignal collect?
![data we don't collect](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac492f113a38a8b01d6fc_Data%20we%20don%E2%80%99t%20collect.webp)
Data we don’t collect:
- Private data about individuals: any information that is not publicly available and remains private upon the decision of the individual;
- Sensitive data about individuals even if it is publicly available. This includes information like social security numbers, home addresses, telephone numbers, geolocation data, biometric data or photos of individuals.
![Data we collect](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac4923f97bf5f78bdb42a_Data%20we%20collect.webp)
Data we collect:
- Publicly available, strictly business-related data that has been published or released by companies or individuals themselves online.
Information for businesses
We abide by the highest standards in the industry and follow the latest developments in case law regarding data collection, including privacy-related matters. The field of personal data protection is subject to potential new developments, rapid changes and clarifications with case law, and decisions submitted by various supervisory authorities worldwide.
Data privacy regulations vary by jurisdiction, and it is of crucial importance for us to be aware of the relevant laws and regulations that impact our business, as well as to put our best efforts into complying with them and following current best practices.
Coresignal collects exceptionally publicly available data from publicly available online sources, widely distributed media. The collected data generally includes business-related information such as details about companies (such as firmographics, startup information, funding details, job postings, and product reviews), and limited business-related data about individual professionals that disclose their data to the general public. In its data collection practices, Coresignal strictly refrains from any data collection that involves any kind of data aggregation from within secured login areas.
Privacy regulations around the world are continuously evolving and can differ from one jurisdiction to another. While many regulations, like the U.S. California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR), generally agree on the definition of personal data as any information that directly or indirectly identifies an individual, there are some specific requirements and exceptions. For instance, some U.S. state privacy laws, such as those in California, Colorado, Utah, and others, do not consider publicly available information as personal data and therefore do not classify it as such.
We have made significant efforts to establish, implement, and maintain a privacy strategy that aligns with the major current privacy regulations, including those in the U.S. and EU. Here are a few key measures we've taken to ensure our data collection processes are secure and compliant with applicable requirements:
![Clear data processing purpose](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac496ade4b6308042754f_Purpose.webp)
We have defined specified, explicit, and legitimate purposes for data processing, and we do not use the data in a manner incompatible with those primary defined purposes.
![Responsible data collection](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/6667032fe2b6683ba083a213_Safety.webp)
An established Coresignal information security policy describes the implementation of appropriate technical and organizational security measures, including but not limited to encryption, data breach response procedure, web application security, server security, and restricted access control.
![Privacy related rights](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac4963e5d60148d309e95_Log%20in.webp)
Following data protection regulations, individuals are entitled to specific rights, such as the right to access, rectify, erase, or restrict the processing of their data, subject to statutory conditions, limitations, and exceptions. We ensure the enforcement of individuals’ rights, by providing individuals with the option to exercise privacy rights by contacting us at [email protected].
![Transparency and data protection awareness](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac492f4671bb071b0f41e_Data%20protection.webp)
We transparently disclose our data processing practices on our website in our Privacy Policy, which is easily accessible to all website visitors.
![Data we collect](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac4923f97bf5f78bdb42a_Data%20we%20collect.webp)
We control the vendors that may access our data during service provision. We have confidentiality and data processing agreements in place with them when that is required under applicable data protection laws.
![Data protection impact assessment](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/666ac49258d52a5da9d49dee_Data%20protection%20impact%20assessment.webp)
We have conducted a data protection impact assessment for Coresignal as an accountability measure in accordance with privacy laws. The assessment shows that data processing is in alignment with the key data protection principles of fairness and lawfulness, purpose limitation, and data minimization.
Ethical Web Data Collection Initiative
Coresignal is a proud founding member of the Ethical Web Data Collection Initiative (EWDCI). Here's what EWDCI does:
- Advocates for responsible web data collection and use of personal data
- Educates and guides the industry on the use of ethical resources and tools used in web data collection
- Fosters consumer confidence in data collection through transparency and accountability
- Enables commercial innovation and promotes online safety
Also, Coresignal has received a certificate for aligning with the ethical standards demanded by the EWDCI.
![Ethical Web Data Collection Initiative](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/660199fd0e506b3385adbbf8_EWDCI-coresignal.webp)
Data protection awareness & training
We strive to ensure our employees are well informed about personal data protection and the latest developments in privacy regulations. We are supported by legal counsels, who regularly conduct data protection training sessions for our employees to ensure they stay updated. Additionally, we implemented an online privacy training module that is mandatory for all new employees and is repeated regularly.
![Data protection awareness & training](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/66019b5271c06c5f38375f4f_How%20to%20Build%20a%20Candidate%20Database.webp)
![Cyber security insurance](https://cdn.prod.website-files.com/65cdf74a7bd27bfabec90175/66151acfb5d9ca47611e93af_Quality%20of%20Hire%20Improve%20Your%20Hiring%20Process%20in%202023.webp)
Cyber security insurance
By possessing cyber security insurance, our business can better protect ourselves, our stakeholders, and our customers from the devastating effects of cyber threats.
It helps us identify and mitigate cyber risks and comply with regulatory requirements, including such regulations as GDPR and CCPA, that require businesses to have adequate data protection measures in place and build customer trust.
Information for individuals
In this section, you will find information for individuals about their personal information. Privacy regulations vary by jurisdiction, providing definitions of personal data and relevant exemptions.
For instance, California and some other U.S. state privacy laws exclude publicly available information from the category of personal data. However, here, at Coresignal, we maintain robust internal procedures to ensure the effective enforcement of individuals' data protection rights and are dedicated to handling data subject requests with the utmost diligence.
- Privacy Policy. It is important for us to be transparent with individuals. Therefore our Privacy Policy describes how Coresignal collects, uses, discloses, and stores personal information and what statutory rights individuals have under applicable data protection laws.
- Rights concerning personal information. Following data protection regulations, individuals are entitled to specific rights, such as the right to access, rectify, erase, or restrict the processing of their data, subject to conditions, limitations, and exceptions established by statutory data protection provisions. You may exercise these rights by completing the web form or by submitting a request at [email protected]. Please visit Coresignal’s Privacy Policy to learn more about how we collect, handle, use, and protect personal information.
- What is my right to opt out of the sale or sharing of personal information? Coresignal collects exceptionally publicly available data from publicly available online sources across the internet. The collected data may include limited business-related information about individual professionals who disclose their data to the general public.
- If you want to check if Coresignal collected your publicly available data and direct us to stop selling your publicly available data, please fill in the web form or contact us at [email protected].