Privacy Policy

SilkRoad Technology, Inc. dba Rival (“Rival”) is committed to protecting your privacy. This privacy policy applies to www.rival-hr.com and the Rival software-as-a-service (SAAS) applications and related services which are hosted and operated by Rival and provided to its customers. This privacy policy describes how Rival collects and uses the personal information you provide on our web site at www.rival-hr.com and our SAAS applications and related services. It also describes the choices available to you regarding our use of your personal information and how you can exercise your privacy rights regarding this information.

Personal Information Collection, Use, and Sharing

When you register with www.rival-hr.com website or use the services made available to the public on the www.rival-hr.com website, personal information is needed such as your name, company name, and email address. Rival uses and shares personal information for purposes such as processing and fulfilling your request, billing, service improvement, research, marketing, communicating with you and other general purposes. Regarding use of Rival SAAS solutions purchased by our customers, see the section below entitled Data Collected Through Rival Purchased Solutions.

Rival will not sell, rent, exchange, or share personal information with any third parties without permission or except as described in this privacy policy. Rival will share personal information with government authorities and others in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, violations of Rival’s terms of service, or as otherwise required by law. If Rival is involved in a merger, acquisition, or sale of all or substantially all of its assets, you will be notified via email and/or a prominent notice on our web site of any such change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Rival may also anonymize and aggregate data collected and use and disclose it for general purposes.

Data Security

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and when we store and process it in our data center. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security and do not take responsibility for any third-party actions when we have endeavored to follow generally accepted standards. In addition, we do not take responsibility for your systems, the Internet itself or any third-party networks or services used to transmit data which are outside the firewall of the data center we use to process and store your personal data. If you have any questions about the security on our web site or our services, please contact us.

Email Marketing Choices

You may choose to stop receiving our marketing emails by following the unsubscribe instructions included in these emails or you can contact us. If you purchase a service, you can still opt out of marketing related emails however you cannot opt out of service related announcements.

If your personal information changes, you may correct, update, amend, delete/remove or deactivate it by contacting us by email or postal mail at the contact information listed below. We will respond to your request within 30 days. Note that different rules apply to personal information processed or stored in our purchased solutions. (See section below entitled Data Collected Through Rival Purchased Solutions).

Data Storage

We will retain your personal information for as long as your account is active or as needed to provide you services and for archival and marketing purposes. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Note that different rules apply to personal information stored in our purchased solutions. (See section below entitled Data Collected Through Rival Purchased Solutions).

Cookies

Rival uses a technology called “cookies” to store session information. A cookie is a small amount of data, which often includes an anonymous unique identifier, which is sent to your browser from a web site’s computers and stored on your computer’s hard drive. We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. We use Session Cookies to track your Login status. This cookie is only ever transmitted over HTTPS. A persistent cookie remains on your hard drive for an extended period of time. We use Persistent Cookies to determine from where you were referred to our site, as well as the last user ID that you used to login to our site. Rival may set and access Rival cookies on your computer. Cookies are required to use certain services provided on the Rival website. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.

The use of cookies by our partners and affiliates is not covered by our privacy policy. We do not have access or control over these cookies. Our partners and affiliates use session ID and persistent cookies to better gauge our customers’ interest in our products and their products.

As is true of most web sites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We also gather, parse, and retain data related to the provision of our web site and related services for internal and service-related purposes.

We do link automatically collected data to personally identifiable information. IP addresses are tied to personally identifiable information to better gauge our customers’ needs and provide specific information to best serve them.

Third Party Advertising

We may partner with a third-party ad network to manage our advertising on other sites. Our ad network partner would use cookies and web beacons to collect non-personally identifiable information about your activities on this and other web sites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by contacting us. We may use Google AdSense to publish ads on this site. When you view or click on an ad, a cookie will be set to help better provide advertisements that may be of interest to you on this and other web sites. You may opt-out of the use of this cookie by visiting Google’s Advertising and Privacy page: www.google.com/privacy_ads.html.

Blogs and Community Forums

Our web site may offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us.

Social Media Features

Our web site may include social media features, such as the Facebook ‘Like’ button, and widgets, such as the ‘Share This’ button or interactive mini programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our web site. Your interactions with these features are governed by the privacy policy of the company providing it.

Other Web Sites

Our web site includes links to other web sites whose privacy practices may differ from those of Rival. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any web site you visit.

Updates to the Privacy Policy

Rival may update this Privacy Policy and we may notify registered users of significant changes in the way we treat any personal information by sending a notice to the primary email address specified in your Rival account or by placing a notice on our web site or within our solutions. However, we nevertheless reserve the right to amend our privacy practices and policy from time to time without prior notice. We encourage you to periodically review this page for the latest information on our privacy practices.

Data Collected Through Rival Purchased Solutions

Rival is in the business of providing SAAS solutions and associated services and in connection with providing such offerings to its customers. Rival collects information (including personal information) under the direction of its customers about their business activities, employees, contractors, affiliates, and applicants (“Customer Data”). Rival has no direct relationship with the individuals whose personal data it processes and stores for Rival customers, and Rival will process, store and retain Customer Data as per our agreement with our applicable customer (including transferring the Customer Data to the applicable customer). Therefore, if you are an employee/contractor/applicant of one of our customers and would no longer like to be involved with one of our customers that use our solutions or otherwise have issues related to your data that is included in Customer Data (such as to correct, amend, or delete such data), please contact the customer that you interact with directly. For the purposes of the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to EU-U.S. DPF, and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) and other global privacy laws, Rival acts as a processor/instruction taker which accesses and processes Customer Data on behalf of its customers, which are the controllers/owners of such data.

Service Providers and Sub-Processors

Rival may transfer personal information to companies that help us provide our services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our customers.

Data Retention

Rival will retain personal information from our web site and that we process on behalf of our customers for as long as needed to provide services to our customers. Rival will also retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Children’s Privacy

Rival does not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our web site is directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at Privacy@rival-hr.com. We will take steps to delete it if we learn we have collected it.

Locations where personal information is processed

Your personal data may be stored and processed in the United States and in any other country where Rival or its affiliates, subsidiaries, or third-party service providers maintain facilities or personnel. When you provide personal data to Rival, we may process and transfer your data within the United States and around the world. We follow applicable data protection laws when transferring personal data.

Rival may transfer, store, or process your personal data in a country outside your jurisdiction, including ones that are not subject to an adequacy decision by the European Commission. However, we have taken appropriate safeguards to require that your personal data will remain protected in accordance with this Privacy Statement. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of personal data between our group companies, thus requiring all group companies to protect personal data they process from the EEA in accordance with European Union data protection law.

To the extent permitted by law, by choosing to visit our web site or otherwise provide information to us, you agree to the processing and transfer of your personal information in accordance with this Privacy Policy.

EU-U.S., UK Extension to EU-U.S. and Switzerland-U.S. Data Privacy Framework (DPF)

Rival complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-US Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Rival has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Rival has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework program, and to view Rival’s certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Rival commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

Rival is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to Rival and following the procedures and subject to conditions set forth in Annex I of Principles.

This also serves as notice that Rival is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Exercising your rights relating to your personal information

To exercise your rights with regard to personal information collected and stored by Rival in connection with your use of the services made available to the public by Rival on the www.rival-hr.com website, Rival is the “controller” with regard to the processing of your personal information and you should contact us directly in connection with the exercise of your rights under applicable privacy laws. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you to honor your request. Occasionally it may take us longer than a month, considering the complexity and number of requests we receive.

To exercise your rights regarding personal information collected and stored by Rival in connection with the use of Rival SAAS solutions purchased by one of our customers, please inquire with the applicable customer directly. Since Rival serves as a “processor” and such customer is the “controller” Rival may only make changes to a customer’s data upon instruction from that customer unless otherwise required by applicable law. If you make your request directly to us, please provide to us the name of the Rival customer who is the controller for your personal data, and we will refer your request to that customer.

Description of your rights relating to your personal information

You have certain rights relating to your personal information under the local data protection laws that apply to you. Depending on the applicable laws and, in particular, if you are located in the European Economic Area, California or Nevada or otherwise covered under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act of 2018 (CCPA) or the Nevada Security and Privacy of Personal Information statute these rights may include the following, subject to the requirements and limitations of those laws:

  • To access your personal information held by us (right to access).
  • To rectify inaccurate personal information and, considering the purpose of processing the personal information, ensure it is complete (right to rectification).
  • To erase/delete your personal information, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten).
  • To restrict our processing of your personal information, to the extent permitted by law (right to restriction of processing).
  • To transfer your personal information to another controller, to the extent possible (right to data portability).
  • To object to any processing of your personal information carried out based on legitimate interests (right to object). Where we process your personal information for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection.
  • To the extent we base the collection, processing and sharing of your personal information on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.
  • Receive a copy of your personal data in an electronic and machine-readable format
  • Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects or otherwise significantly affects you (“Automated Decision-Making”). Rival does not perform Automated Decision-Making as part of the processing activities covered by this Privacy Statement.
  • Receive the categories of sources from whom we collected your personal data
  • Opt out of marketing communications at any time by clicking on the “Unsubscribe” or “opt out” link in marketing emails we send you or by contacting us
  • Complain to a regulator or data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.

Rival will not discriminate against you for exercising your rights.

If your personal data has been submitted to us by or on behalf of a Rival customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly.

If you are a resident of California, under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our websites. Please note that your request does not ensure complete or comprehensive removal of the content or information, because, for example, some of your content may have been reposted by another visitor to our websites.

Legal basis for processing personal information

Our legal grounds for collecting and using your personal information as described in this Privacy Statement fall into the following four categories.

Consent: In some cases, we ask you for your consent to process your personal information, such as when we need your consent for marketing purposes. You can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. If you would like to withdraw your consent, you can do so by emailing Privacy@rival-hr.com.

Legitimate Interest: We process certain data for the legitimate interests of Rival, our affiliates, our partners, or our customers. These legitimate interests include, for example, contacting you to provide support or sending you marketing information (subject to applicable law); detecting, preventing, and investigating illegal activities and potential security issues; and maintaining and improving the Website and mobile applications. We will rely on our legitimate interests for processing personal information only after balancing our interests and rights against the impact of the processing on individuals.

Performance of a Contract: Sometimes we process personal information to perform our obligations under an agreement with you or your employer or prospective employer.

Other Legal Bases: In some cases, we may have a legal obligation to process your personal information, such as in response to a court or regulator order. We also may need to process your personal information to protect vital interests, or to exercise, establish, or defend legal claims.

Contact Us

For questions related to this Privacy Policy, contact Privacy@rival-hr.com or at:

Rival Technology
C/O: Security Department
311 W. Monroe Street, Suite 402
Chicago, IL 60606
USA

Reviewed and Revised: July 2024