Introduction

HR HOUDINI, Inc. (“HR HOUDINI”) respects your privacy and is committed to protecting it in accordance with applicable laws and using generally-accepted industry practices. This Privacy Policy explains who we are, how we collect, share, and use personal information about you, and how you can exercise your privacy rights. For purposes of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual (e.g., name, address, email address, or phone number).

If you have any questions or concerns about our use of your Personal Information, please contact us at using the contact details provided below.

HR HOUDINI, Inc., headquartered in Milton, MA. For clarity, we have separated this Privacy Policy into two sections, one that explains how HR HOUDINI collects and uses the Personal Information of visitors to our website (the “Website Privacy Policy”), www.hrhoudini.ai, and one that explains how our customers use our AI-powered Insight Engine (the “Services”) to collect Personal Information from individuals who are either job applicants or employees of our customers (the “Services Privacy Policy”). Please note that the data controller of Personal Information collected through our website is HR HOUDINI, Inc., and the data controller of Personal Information collected through our Services is the HR HOUDINI customer who has purchased our Services.

Website Privacy Policy

PERSONAL INFORMATION WE COLLECT

HR HOUDINI may collect the following information, including Personal Information from and about you:

From your interaction with Sales, Marketing, and Customer Support: We collect Personal Information such as your name, company name, email address, phone number, and billing information when you request a demo of our Services, or request sales information or customer service.

Cookies, Scripts and Related Technologies: When you visit our website, www.hrhoudini.ai, we and our third-party service providers receive and record Personal Information that you may have provided and your digital signature, such as your IP address. The technologies we use to track your movements around our website include cookies, tracking scripts and pixels, and tagging technologies, which we may employ to understand your preferences, improve your experience on our website, etc. You can control the use of cookies at the individual browser level. If you want to learn more about cookies, or how to control, disable, or delete them, please visit http://www.aboutcookies.org for detailed guidance.

Collection of Data by Advertisers: We may also use third parties to serve ads on our website or to manage our advertising on other sites. Certain third party partners may automatically collect information about your visits to this and other websites, your IP address, your ISP, the browser you use to visit our website (but not your name, address, e-mail address or telephone number). They do this by using cookies, pixel tags or other technologies. Information collected may be used, among other things, to deliver advertising targeted to your interests and to better understand the usage and visitation of our website and the other sites tracked by these third parties. This policy does not apply to, and we are not responsible for, cookies or pixel tags in third party ads, and we encourage you to check the privacy policies of advertisers and/or ad services to learn about their use of cookies and other technologies. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here: http://www.aboutads.info/choices or http://www.networkadvertising.org.

HOW HR HOUDINI USES YOUR PERSONAL INFORMATION

We may use the information that we collect about you and from you, including Personal Information, for the following purposes:

To customize our website: We seek to improve your experience with our website. As a result, we will analyze data we collect about your use of the website.

To communicate with you: If you request more information about our products, we will contact you using the information you provide us. We may also send you information about products and services that may be of interest to you, with your prior opt-in consent where required by applicable law.

To aggregate data: We may anonymize and aggregate data collected through our website and to create statistics that may be used for any purpose, provided that such statistics do not identify any customers or individuals or contain any Personal Information.

HOW HR HOUDINI MAY DISCLOSE OR SHARE YOUR INFORMATION

We do not sell or otherwise disclose Personal Information we collect about you, except as described in this Website Privacy Policy or as we disclose to you at the time this information is collected. As described in more detail below, we may share your Personal Information:

• with our partners and third-party service providers. We authorize these service providers to use or disclose the information only as necessary to perform services on behalf of HR HOUDINI (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website). We require these service providers by contract to safeguard the privacy and security of Personal Information that they process on our behalf;
• to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
• to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, provided that we inform such third parties that they must use your Personal Information only for the purposes disclosed in this Website Privacy Policy; and
• to any other person with your consent to the disclosure.

Our website may contain links to third party websites or third party applications (“apps”). When you click on a link to any other website, app or location, you will leave our website and go to another site and another entity may collect Personal Information or anonymized data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Website Privacy Policy do not apply to these outside websites, apps or content, or to any collection of your Personal Information after you click on links to such outside websites or apps. We encourage you to read the privacy policies of every website you visit or app you use. The links to third party websites, apps or locations are for your convenience and do not signify our endorsement of such third parties or their products, apps, content or websites.

HOW HR HOUDINI HOLDS AND SECURES YOUR INFORMATION

We care about the security of your Personal Information, and take appropriate steps including technical and organizational measures to ensure that your Personal Information is treated securely and in accordance with this Website Privacy Policy. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information.

INTERNATIONAL DATA TRANSFERS

Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our Website servers are located in the United States, and our third party service providers and partners operate around the world. This means that when we collect your personal information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Website Privacy Policy. For transfers of personal information from the European Economic Area, the United Kingdom, and Switzerland to the United States, HR HOUDINI relies on Standard Contractual Clauses approved by the European Commission, and where applicable, the EU-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. We implement appropriate technical and organizational measures to ensure an adequate level of protection for personal data transferred internationally.

If you have any questions or concerns about the international transfer of your personal information, please contact us at info@yjp.4c1.myftpupload.com.

If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person.

If we ask you to provide Personal Information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at info@yjp.4c1.myftpupload.com.

HOW LONG HR HOUDINI RETAINS YOUR PERSONAL INFORMATION

We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

YOUR DATA PROTECTION RIGHTS

You have the following data protection rights:

If you wish to access, correct, update or request deletion of your Personal Information, you can do so at any time by contacting us at info@yjp.4c1.myftpupload.com.

In addition, if you are a resident of the European Union, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. Again, you can exercise these rights by contacting us at info@yjp.4c1.myftpupload.com.

You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us at info@yjp.4c1.myftpupload.com.

Similarly, if we have collected and processed your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Services Privacy Policy

This Services Privacy Policy does not apply to our customers, who manage the Personal Information they collect through our Services in accordance with their own privacy policies. HR HOUDINI only processes the Personal Information that is stored in our Services as a data processor on behalf of our customers and in accordance with their instructions (as defined in our customer agreements), and we have no direct relationship with the individuals whose Personal Information we process in connection with our customers’ use of our Services. For example, if you apply to a job posted on a career page of a prospective employer that is one of our customers, your Personal Information will be automatically transferred to HR HOUDINI. However, the prospective employer is the data controller and you should contact that entity directly with any questions you may have regarding its privacy policies or data processing practices, and if you want to modify your Personal Information, restrict its processing, or delete it from our Services.

PERSONAL INFORMATION WE PROCESS

HR HOUDINI processes certain Personal Information input or uploaded into our Services by our customers’ employees and prospective employees, including contact information, employment history, education information, resumes, interview feedback, and communications.

HR HOUDINI will use such Personal Information only as necessary to provide and deliver the Services to the customer, to prevent or address any service or technical issues, to respond to a customer’s support request, or for any other purpose provided for in the customer agreement, or in accordance with or as may be required by law.

ABOUT OUR AI-POWERED INSIGHT ENGINE

What Our AI Does: HR HOUDINI’s Insight Engine uses artificial intelligence to help our customers analyze and understand their human capital management (HCM) data. The Services process HCM data including employee rosters, candidate and job information, performance scores, employee engagement data, and related information. Our AI provides the following capabilities:

• Data Visualizations: Creates charts and visual representations of HR data • AI-Generated Insights: Analyzes patterns and trends in HR data and provides insights • Interactive Chat Interface: Allows users to ask questions and interact with their data through natural language • Suggested Actions: May suggest potential actions or recommendations based on data analysis

Human Oversight and Responsibility: HR HOUDINI’s AI Insight Engine is designed as a decision-support tool, not an automated decision-making system. The AI:

• Does NOT make final decisions about employment, hiring, promotions, terminations, or other personnel matters • Provides suggestions and insights that must be reviewed and verified by qualified human professionals • Requires human oversight and judgment before any action is taken based on AI-generated insights • Should have all outputs fact-checked and validated by appropriate personnel before being relied upon

Customers and their authorized users remain fully responsible for all employment-related decisions and must ensure compliance with all applicable employment laws and regulations. Any insights, suggestions, or recommendations provided by the AI must be independently verified and should not be the sole basis for any employment decision.

Third-Party AI Processing: Our Insight Engine relies on enterprise API services from third-party AI providers to deliver AI-powered features. When you interact with our AI features (including data visualizations, insights generation, and chat interface), your HCM data is transmitted to these external AI providers for processing.

Current AI providers may include, but are not limited to: Anthropic (Claude), Google (Gemini), and OpenAI (ChatGPT). We may add or change AI providers as technology evolves and our Services improve.

These AI providers represent that they:

• Process data only to fulfill the specific API request
• Do not store customer data beyond the API call duration
• Do not use customer data to train or improve their AI models
• Operate on secure cloud infrastructure (AWS US-East-1 Virginia)

Important Notice: While we select AI providers that maintain enterprise-grade security and privacy practices according to their published policies, HR HOUDINI does not have direct control over these third-party providers’ data handling practices beyond what is specified in their terms of service. Customers should review the privacy policies of these AI providers and assess whether the use of such services aligns with their own data protection requirements and risk tolerance.

AI Accuracy and Limitations: Our AI-powered Insight Engine uses advanced artificial intelligence technology, but it has inherent limitations that users must understand:

• AI outputs are probabilistic and not guaranteed to be accurate. The AI may produce incomplete, inaccurate, or misleading information, insights, or recommendations.
• AI may hallucinate or generate plausible-sounding but incorrect information. All AI-generated content must be independently verified by qualified personnel before being relied upon.
• AI performance depends on data quality. Poor quality, incomplete, or biased input data will result in unreliable outputs. Customers are responsible for ensuring data accuracy.
• AI may reflect biases present in training data or input data. While we work to minimize bias, AI systems can inadvertently perpetuate or amplify biases in ways that may not be immediately apparent.
• AI should not be the sole basis for any employment decision. All insights, suggestions, and recommendations require human judgment, verification, and oversight.
• AI capabilities and limitations evolve. As we update our AI models and providers, performance characteristics may change.

HR HOUDINI makes no warranties regarding the accuracy, completeness, reliability, or suitability of AI-generated outputs for any particular purpose. Users assume all risk associated with relying on AI-generated information and must exercise appropriate professional judgment.

AI Bias, Fairness, and Non-Discrimination: HR HOUDINI is committed to the responsible and ethical use of artificial intelligence in human resources applications. However, users must understand the inherent risks and limitations related to bias and fairness in AI systems:

Bias Risks in AI:

• AI systems can reflect and amplify biases present in training data, input data, and societal patterns, potentially resulting in discriminatory outcomes.
• Bias may not be immediately apparent and can manifest in subtle ways that affect protected classes including race, color, religion, sex, national origin, age, disability, genetic information, and other protected characteristics under federal, state, and local laws.
• HR and employment decisions carry significant legal risk under laws including Title VII of the Civil Rights Act, the Americans with Disabilities Act (ADA), the Age Discrimination in Employment Act (ADEA), and similar state and local laws.
• No AI system is completely free from bias, and eliminating all bias is not technically feasible with current technology.

Our Approach to Bias Mitigation: HR HOUDINI takes steps to address potential bias in our AI Insight Engine, including:

• Selecting AI providers that implement bias testing and fairness measures in their models
• Monitoring AI outputs for potential discriminatory patterns
• Designing our Services to support rather than replace human decision-making
• Providing transparency about AI limitations and the need for human oversight
• Continuously evaluating and updating our practices as technology and best practices evolve

However, HR HOUDINI cannot guarantee that AI-generated insights will be free from bias or compliant with all applicable employment laws in all contexts.

Customer Responsibilities: Customers using HR HOUDINI’s Services for employment-related purposes are solely responsible for:

• Ensuring compliance with all applicable employment discrimination laws, including federal, state, and local requirements
• Conducting their own bias testing and adverse impact analysis on AI-generated insights as they apply to their specific use cases and employee/applicant populations
• Implementing appropriate human oversight and review processes to prevent discriminatory outcomes
• Never using AI-generated insights as the sole basis for employment decisions including hiring, promotions, terminations, compensation, or performance evaluations
• Training personnel on the appropriate and lawful use of AI tools in employment contexts
• Maintaining documentation of decision-making processes to demonstrate compliance with anti-discrimination laws
• Consulting with legal counsel to ensure their use of AI tools complies with applicable laws

EEOC and Regulatory Guidance: The U.S. Equal Employment Opportunity Commission (EEOC) and other regulatory bodies have issued guidance on the use of AI and automated systems in employment decisions. Customers are responsible for staying informed about and complying with such guidance. HR HOUDINI’s Services are intended as decision-support tools and must be used in accordance with all applicable legal requirements.

Disclaimer: HR HOUDINI does not provide legal advice regarding employment law compliance or the appropriate use of AI in employment decisions. Customers should consult with qualified legal counsel to ensure their use of our Services complies with all applicable laws and regulations. HR HOUDINI is not liable for any discriminatory outcomes, legal violations, or damages resulting from customers’ use of AI-generated insights in employment decisions.

HOW HR HOUDINI USES YOUR PERSONAL INFORMATION

HR HOUDINI may access or use the Personal Information collected through the Services for a range of reasons, which may include:

• To provide, operate, optimize and maintain the Services; • To address customer questions and support requests; • To manage HR HOUDINI’s platform, system administration and security; • To compile aggregated statistics about the operation and use of the Services and to better understand the preferences of our customers; • To send customers technical alerts, reports, updates, security notifications and other Service-related communications; • To carry out research and development to improve our products and services; • To investigate and prevent fraud, unauthorized access or use of Services, breaches of terms and policies, and other wrongful behavior; • To carry out other legitimate business purposes, as well as other lawful purposes about which HR HOUDINI will notify You.

HOW HR HOUDINI MAY DISCLOSE OR SHARE YOUR INFORMATION

We do not sell or otherwise disclose Personal Information we process in our Services, except as described in this Services Privacy Policy or as we disclose to you at the time this information is collected. As described in more detail below, we may share your Personal Information:

• with third-party AI service providers. To power our AI Insight Engine, we transmit customer data to third-party artificial intelligence providers (which may include providers such as Anthropic, Google, and OpenAI, among others). These providers process data temporarily to generate AI-powered insights and responses. According to their published terms of service, these providers do not retain customer data after processing API requests or use it to train their general AI models. All processing occurs on cloud infrastructure located in the United States (AWS US-East-1 Virginia region). The specific AI providers used may change from time to time as we enhance our Services; • with third-party data subprocessors. We authorize these sub processors to use the information only as necessary to assist HR HOUDINI in providing the Services (for example, to provide cloud storage services, support ticketing, or to help to enhance security). We require these sub processors by contract to safeguard the privacy and security of any Personal Information that they process on our behalf; • to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person; • to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, provided that we inform such third parties that they must use your Personal Information only for the purposes disclosed in this Services Privacy Policy; and • to any other person with your consent to the disclosure.

Our customers may choose to integrate their HR HOUDINI accounts with other third party service providers. While we try to choose integration partners that share our standards for privacy, their websites and services are outside of our control and are not covered by this Services Privacy Policy, and we are not responsible for their content, security, or privacy practices.

HOW HR HOUDINI HOLDS AND SECURES YOUR INFORMATION

We care about the security of your Personal Information, and take appropriate steps including technical and organizational measures to ensure that your Personal Information is treated securely and in accordance with this Services Privacy Policy. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information, and to protect it loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Such measures shall include, as appropriate:

• the pseudonymization and encryption of Personal Information; • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; • the ability to restore the availability and access to Personal Information in a timely manner in the event of a physical or technical incident; • a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

DATA BREACH NOTIFICATION

In the event of a data breach involving Personal Information processed through our Services that is likely to result in a risk to the rights and freedoms of individuals, HR HOUDINI will:

• Notify affected customers without undue delay and, where feasible, within 72 hours of becoming aware of the breach; • Provide information about the nature of the breach, including the categories and approximate number of individuals and data records affected; • Communicate the likely consequences of the breach and the measures taken or proposed to address the breach and mitigate its potential adverse effects; • Cooperate with customers in meeting their own notification obligations to individuals and regulatory authorities as required by applicable law.

Notifications will be sent to the primary account contact email address on file. Customers are responsible for notifying affected individuals (employees, candidates, etc.) as required by applicable data protection laws. HR HOUDINI will provide reasonable assistance to customers in fulfilling their breach notification obligations.

For security incidents involving our website, we will notify affected individuals directly in accordance with applicable breach notification laws.

INTERNATIONAL DATA TRANSFERS

Your Personal Information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, Services are hosted on servers located in the United States, and HR HOUDINI and its sub processors are in the United States as well. This means that your Personal Information is processed in the United States.

However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Services Privacy Policy. For transfers of personal information from the European Economic Area, the United Kingdom, and Switzerland to the United States, HR HOUDINI relies on Standard Contractual Clauses approved by the European Commission, and where applicable, the EU-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. We implement appropriate technical and organizational measures to ensure an adequate level of protection for personal data transferred internationally.

We will ensure that where other non-EEA service providers, including subprocessors, have access to Personal Information outside of the EEA, appropriate safeguards are in place to protect such information in accordance with applicable data protection laws, including through the use of Standard Contractual Clauses or other approved transfer mechanisms.

If you have any questions or concerns about the international transfer of your personal information, please contact us at info@yjp.4c1.myftpupload.com.

If your use of the Services requires HR HOUDINI to process Personal Information falling within the scope of GDPR, you may obtain and execute HR HOUDINI’s Data Processing Addendum (“DPA”) by contacting us at info@yjp.4c1.myftpupload.com.

If you are a visitor from the EEA, our legal basis for collecting and using the personal information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person.

If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we (or the relevant third party) will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at info@yjp.4c1.myftpupload.com.

HOW LONG HR HOUDINI RETAINS YOUR PERSONAL INFORMATION

We retain Personal Information we process where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Any Personal Information we process on behalf of our customers through the Services is retained only for the duration of the active customer relationship. Upon termination of a customer’s account or service agreement, all Personal Information associated with that customer account will be securely deleted within 24 hours, except where retention is required by applicable law or to resolve disputes. This includes all data stored in our primary systems and processing environments. Data in backup archives will be deleted in accordance with our standard backup rotation schedules, which typically result in complete deletion within 90 days of account termination.

YOUR DATA PROTECTION RIGHTS

You have the following data protection rights:

If you wish to access, correct, update or request deletion of your Personal Information, you can do so at any time.

In addition, if you are a resident of the European Union, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.

Similarly, if Personal Information was collected with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about the collection and use of your Personal Information. For more information, please contact your local data protection authority.

Please note that you should direct any requests related to the data protection rights described above to the HR HOUDINI customer who holds the relevant HR HOUDINI account. As a data processor of any Personal Information stored and processed on the Services, HR HOUDINI will not be able to respond directly to such requests and will refer any such requests to the relevant Customer.

U.S. STATE PRIVACY RIGHTS

If you are a resident of certain U.S. states, including California, Virginia, Colorado, Connecticut, or Utah, you may have additional privacy rights under applicable state laws.

CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides California residents with specific rights regarding their Personal Information.

Categories of Personal Information We Collect: We may collect the following categories of Personal Information as described in this Privacy Policy:

• Identifiers (name, email address, IP address)
• Professional or employment-related information
• Commercial information (billing information)
• Internet or network activity information (website usage data)
• Inferences drawn from the above to create profiles

How We Use Personal Information: We use Personal Information for the business and commercial purposes described in the “How HR HOUDINI Uses Your Personal Information” sections above, including to provide our Services, improve our website and Services, and communicate with customers.

Sharing of Personal Information: We share Personal Information with third-party service providers (including AI providers and subprocessors) as described in this Privacy Policy. We do not “sell” or “share” (as those terms are defined under California law) Personal Information.

Your California Privacy Rights: California residents have the right to:

• Right to Know: Request disclosure of the categories and specific pieces of Personal Information we have collected, the categories of sources, the business or commercial purposes for collection, and the categories of third parties with whom we share Personal Information.
• Right to Delete: Request deletion of Personal Information we have collected from you, subject to certain exceptions.
• Right to Correct: Request correction of inaccurate Personal Information.
• Right to Opt-Out: Opt-out of the “sale” or “sharing” of Personal Information (Note: We do not sell or share Personal Information).
• Right to Limit Use of Sensitive Personal Information: Limit the use of sensitive Personal Information (if applicable).
• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA rights.

How to Exercise Your Rights: To exercise your California privacy rights, please contact us at info@yjp.4c1.myftpupload.com. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf by providing written authorization. We will respond to verifiable requests within 45 days, or notify you if we require additional time (up to 90 days total).

For Services Users (Employees/Applicants): If your Personal Information is processed through our Services by an HR HOUDINI customer (your employer or prospective employer), you should direct your privacy rights requests to that organization, as they are the data controller of your information.

OTHER U.S. STATE PRIVACY RIGHTS

Residents of Virginia, Colorado, Connecticut, and Utah have similar rights under their respective state privacy laws, including rights to access, correct, delete, and obtain a copy of your Personal Information, as well as to opt-out of certain processing activities. To exercise these rights, please contact us at info@yjp.4c1.myftpupload.com.

CHILDREN’S PRIVACY

We do not knowingly collect, maintain, or use Personal Information from children under 13 years of age, and no part of our website is directed to children under the age of 13. We will take steps to delete it if we learn we have inadvertently collected it.

If you learn that your child has provided us with Personal Information without your consent, you may alert us at info@yjp.4c1.myftpupload.com. If we learn that we have collected any Personal Information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.

UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy.

CONTACT US

If you want to provide comments or questions about our Privacy Policy, or to exercise your rights, feel free to contact us at info@yjp.4c1.myftpupload.com.