For IndividualsFor Employers
goEducate-logo

GoEducate Employer Privacy Policy

Effective Date: July 1, 2024

Last Updated: December 5, 2024

1. Introduction

GoEducate Inc. (“GoEducate,” “we,” “us,” or “our”) is committed to safeguarding the privacy and confidentiality of employer entities, workforce organizations, chambers of commerce, and nonprofit organizations (collectively, “Organizations” or “you”). This Employer/Organization Privacy Policy (“Policy”) describes the categories of information we collect from or about Organizations, the purposes for which we use such information, the circumstances under which it may be shared, and the rights and responsibilities of Organizations regarding that information. This Policy applies specifically to Organizations and supplements the GoEducate Consumer Privacy Policy. By accessing or using the GoEducate platform, including any websites, mobile applications, portals, or services we control or operate (collectively, the “Platform”), you acknowledge and consent to the data practices set forth in this Policy and the GoEducate Consumer Privacy Policy.

2. Categories of Information Collected

To facilitate and enhance our services, and to maintain the integrity and security of the Platform, we may collect and process the following information:

2.1 Account Information:
  • Business name
  • Employer Identification Number (EIN)
  • Primary contact details (name, email, telephone)
  • Business address
  • Employer type, industry classification, and related business profile details
2.2 Profile Data:

At your discretion, you may provide additional information to refine your Organizational profile, such as:

  • Company descriptions and related branding materials
  • Corporate logos, job listings, and position details
  • Recruitment-related optional data and supporting materials
2.3 Payment Information:

For subscription management, billing, and related administrative functions, we may collect:

  • Preferred payment methods, billing addresses, and associated payment credentials
  • Subscription details and transactional histories
2.4 Usage and Technical Data:

To optimize Platform performance and detect potential misuse, we collect:

  • IP addresses, device identifiers, operating systems, and browser types
  • Activity logs, feature usage metrics, session data, and other technical diagnostics

3. How We Use Organization Data

We use Organization data for the following purposes:

  • Account Authentication and Management: Verify, maintain, and administer Organization accounts to ensure a trusted and secure environment.
  • Recruitment Facilitation: Enable job postings, access to candidate materials (e.g., GoResume), and Talent Hub utilization.
  • Billing and Payments: Process subscriptions, issue invoices, handle billing inquiries, and maintain accurate transaction records.
  • Analytics and Reporting: Generate insights on candidate engagement, Platform performance, industry trends, and other analytics that help improve our offerings.
  • Notifications and Communications: Inform Organizations about updates, service modifications, policy changes, compliance obligations, and other important notices.

4. Data Sharing Practices

4.1 Authorized Third-Party Providers:

We may engage reputable third-party service providers (e.g., payment processors, analytics firms, technical support) to support Platform operations. These providers are contractually obligated to:

  • Use Organization data solely to deliver agreed-upon services.
  • Implement industry-aligned data protection and security measures.
4.2 Legal and Regulatory Compliance:

We may disclose Organization data as required by law or legal process, including in response to subpoenas, court orders, or governmental inquiries. We may also share information as necessary to investigate, prevent, or take action regarding suspected fraud, cybersecurity threats, policy violations, or other illegal activities.

4.3 Anonymized and Aggregated Data:

We may anonymize and aggregate Organization data for research, statistical, product development, and other legitimate business purposes. Such aggregated data does not identify any individual Organization. We also employ technical and organizational safeguards designed to prevent the re-identification of previously anonymized data.

4.4 Obligation to Report Security Incidents:

Organizations must promptly notify GoEducate of any unauthorized access, data breaches, or misuse of candidate data obtained through the Platform. Failure to provide timely notice may result in account suspension, termination, or potential legal consequences.

5. Responsibilities Regarding Candidate Data

5.1 Confidentiality and Security:

Organizations accessing candidate information through the Talent Hub must:

  • Maintain strict confidentiality and adopt robust data protection measures (including encryption, restricted access, and compliance with applicable data privacy regulations).
  • Use candidate data solely for legitimate purposes related to recruitment, workforce development, or authorized career-related activities.
5.2 Prohibited Uses:

Organizations shall not:

  • Disclose, distribute, sell, or transfer candidate data to third parties without explicit authorization from both GoEducate and the candidate.
  • Use candidate data for non-recruitment purposes, unrelated marketing, or any other commercial exploitation not expressly permitted by this Policy.
5.3 Respecting Candidate Privacy Controls:

Organizations must adhere to candidate privacy preferences as reflected in the Platform. A candidate may change their visibility setting at any time (e.g., switching from “Employers Can Find You” to “Employers Can’t Find You”). GoEducate does not provide separate notifications for such changes. If a candidate no longer appears in the Talent Hub:

  • Implicit Withdrawal of Visibility: The absence of the candidate’s profile in the Talent Hub, even if previously visible, must be treated as a revocation of the candidate’s consent to be viewed, contacted, or otherwise engaged based on data previously accessed.
  • Discontinuing Use of Old Data: Upon noticing that a previously saved or “favorited” candidate is no longer visible, the Organization must immediately cease using, retaining, or redistributing that candidate’s data. Any data collected during the candidate’s previously visible state is now considered subject to the candidate’s updated preference.
  • Continuous Compliance: Organizations are expected to periodically review their candidate lists and contact methods to ensure ongoing alignment with each candidate’s current visibility settings, as reflected on the Platform.

In short, if a candidate cannot be found in the Talent Hub, the Organization must assume the candidate has opted out of visibility and must not use or rely on any previously obtained information.

5.4 Communications and Unsubscribe Requests:

Organizations may communicate with candidates through the Platform’s authorized communication features (such as sending emails via our system). However:

  • Opt-Out and Unsubscribe: If a candidate unsubscribes, opts out of communications, or otherwise indicates they no longer wish to receive messages, Organizations must immediately cease all communications to that candidate. Continuing to send messages after a candidate opts out may result in enforcement actions by GoEducate.
  • No Circumvention: Organizations shall not attempt to contact candidates who have opted out through alternate means or otherwise circumvent the candidate’s communication preferences.
5.5 Data Retention and Secure Disposal:

Organizations must limit the retention of candidate data to what is necessary for the specified recruitment or workforce-related purpose. Once the data is no longer needed, or if a candidate requests deletion, Organizations shall securely delete or anonymize the candidate data. Failure to comply with these retention and disposal requirements may result in enforcement action by GoEducate.

5.6 Compliance with Candidate Rights:

If a candidate exercises rights such as access, correction, or deletion of their personal data, Organizations must respect and facilitate these rights. Upon receiving such a request directly from a candidate or from GoEducate, Organizations shall promptly take appropriate action to comply, including deleting or correcting the candidate data as instructed.

5.7 Handling Youth and Underage Data:
  • Stricter Standards for Under-18 Candidates: If Organizations access data related to candidates under the age of 18, they must handle such data with heightened care and in strict compliance with applicable laws governing the protection of minors. This includes adhering to all parental or guardian consent requirements and using such data solely for authorized educational or career-related purposes.
  • Reporting Under-13 Users: Under no circumstances are individuals under the age of 13 permitted to appear in the Talent Hub or receive recruitment-related communications. If an Organization becomes aware that a candidate under 13 is using or is represented within the Platform without verified parental or institutional consent, the Organization must immediately refrain from accessing or using that data and must notify GoEducate at privacy@goeducate.com. GoEducate will take steps to remove any unauthorized under-13 profiles and data in compliance with applicable laws, such as the Children’s Online Privacy Protection Act (COPPA).
5.8 No Automated Decision-Making that Violates Law or Policy:

If Organizations use automated tools, including AI-based analytics or resume parsing, they must ensure these tools do not produce discriminatory outcomes or violate applicable law. Organizations agree to monitor and evaluate automated decision-making processes to maintain fairness, transparency, and compliance with legal standards.

5.9 Third-Party Data Recipients:

If Organizations share candidate data with their own contracted service providers (e.g., background check companies, HR vendors), they must ensure these third parties adhere to data protection standards comparable to those in this Policy. Organizations remain accountable for any misuse of candidate data by their third-party recipients.

5.10 Audit and Compliance Monitoring:

GoEducate reserves the right to monitor, audit, or investigate Organization accounts for compliance with this Policy. We may initiate inquiries or audits in response to credible reports of misuse, unauthorized data sharing, or other violations.

6. Organization Rights

6.1 Access and Accuracy:

You may request access to, and correction of, data we maintain about your Organization.

6.2 Data Portability:

You may request copies of data you have provided to the Platform in a commonly used, machine-readable format, subject to applicable laws and technical feasibility.

6.3 Deletion Requests:

You may request deletion of your account and associated data, subject to our legal, regulatory, and operational retention obligations. Submitting Requests: Please direct all data-related requests to privacy@goeducate.com. We will address requests within legally permissible timeframes and may require verification of your identity.

7. Organizational Responsibilities

Organizations agree to:

  • Maintain Data Accuracy: Ensure that all provided information, including job postings and company profiles, is accurate, current, and complete. Misleading or false information harms candidate trust and the integrity of the Platform.
  • Adhere to Applicable Laws: Comply with all relevant labor laws, anti-discrimination statutes, data privacy regulations, and any other applicable legal frameworks.
  • Implement Security Controls: Employ appropriate administrative, technical, and physical safeguards to protect candidate data, including encryption, access controls, and periodic security assessments.

8. Data Use After Revocation

Once candidate data is accessed or exported, GoEducate cannot enforce its deletion by third parties external to the Organization. However, Organizations are responsible for respecting any subsequent changes in candidate visibility settings or preferences and must promptly delete or cease use of candidate data if required by law, candidate request, or Platform policy.

9. Force Majeure

GoEducate shall not be liable for delays, interruptions, or failures to perform due to events beyond its reasonable control, including acts of God, cyberattacks, labor disputes, governmental actions, or other unforeseeable disruptions.

10. Arbitration and Dispute Resolution

All disputes arising from or related to this Policy or use of the Platform shall be resolved exclusively through binding arbitration under the rules of the American Arbitration Association (AAA) in Round Rock, Texas. By using the Platform, Organizations waive the right to participate in class actions or other collective litigation.

11. Data Retention

We retain Organization data as long as necessary to fulfill our service commitments, comply with legal obligations, and meet operational requirements. Upon account closure, we will securely delete or anonymize data within approximately ninety (90) days, except where retention is required by law or for legitimate business purposes.

12. Governing Law

This Policy, and any disputes arising hereunder, shall be governed exclusively by the laws of the State of Texas, without regard to conflict of law principles.

13. Contact Information

For privacy-related inquiries or to exercise your rights, please contact: Email: privacy@goeducate.com Address: GoEducate Inc., 1311 Chisholm Trail, Round Rock, TX

14. U.S.-Based Services Only

The Platform is offered solely to Organizations operating within the United States. By using the Platform, you represent and warrant that your Organization is domiciled in and conducts business primarily within the U.S., and that you will not use the Platform to access, store, or transfer data outside of the United States.

15. U.S. State Privacy and Regulatory Compliance

We strive to comply with applicable U.S. federal and state laws governing the privacy and security of personal and candidate data, including the California Consumer Privacy Act (as amended) and other emerging state-level privacy regulations. You are responsible for understanding and complying with all laws and regulations related to data and employment practices in your jurisdiction.

16. Security Measures, Certifications, and Data Security Standards Compliance

GoEducate maintains a comprehensive information security program aligned with industry standards (e.g., ISO 27001, SOC 2, or NIST frameworks) to protect against unauthorized access, alteration, disclosure, or destruction of Organization data. These measures may include, but are not limited to, encryption (in transit and at rest), regular system audits, and access controls based on the principle of least privilege. While we endeavor to maintain robust safeguards, no security measure is infallible. By using the Platform, you acknowledge that data transmission over the internet carries inherent risks. If GoEducate becomes aware of a data security incident affecting Organization data, we will promptly investigate, assess its scope and impact, and take appropriate remedial actions. Where required by applicable law, we will notify affected Organizations and/or relevant authorities within legally mandated timeframes.

17. No Third-Party Beneficiaries

This Policy is not intended to create any third-party beneficiary rights, except as otherwise expressly provided. Its terms benefit only GoEducate and the Organizations using the Platform.

18. Enforcement and Remedies

If GoEducate becomes aware of any violation of this Policy, including but not limited to unauthorized access, theft, sharing, sale, distribution, or other improper use of candidate data or any data provided by GoEducate, we reserve the right to take appropriate action, including:

  • Account Suspension or Termination: Immediate suspension or termination of the Organization’s account, without prior notice.
  • Legal Action: Initiation of legal proceedings, which may include seeking injunctive relief, damages (including compensatory, statutory, and punitive damages to the extent permitted by law), and recovery of attorneys’ fees and costs.
  • Regulatory Reporting: Reporting the violation to relevant regulatory bodies or law enforcement authorities if we believe it may involve criminal activity or pose a substantial risk of harm.
  • Cooperation with Authorities: Providing relevant information to law enforcement agencies, regulatory bodies, or courts in connection with investigations or legal proceedings arising from the violation.

All obligations contained herein are contractual in nature and form a part of the binding agreement between GoEducate and each Organization. By using the Platform, Organizations acknowledge that these enforcement measures are necessary to protect the integrity, trust, and security of the GoEducate environment and its users, and agree to bear any resulting liability from violations of this Policy.

19. Changes to This Policy

GoEducate reserves the right to modify or update this Policy at any time to reflect changes in our business practices, technology, legal requirements, or other factors. Material changes will be communicated through reasonable means, such as posting an updated version of the Policy on the Platform or sending an email notification. Your continued use of the Platform following such changes constitutes acceptance of the revised Policy.

20. Severability and Waiver

If any provision of this Policy is held invalid, illegal, or unenforceable, it shall be enforced to the maximum extent permissible, and the remaining provisions shall remain in full force and effect. Any waiver of a provision must be in writing and signed by an authorized representative of GoEducate. Failure to enforce any provision does not constitute a waiver of that or any other provision. By accessing or using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Employer Privacy Policy and the GoEducate Consumer Privacy Policy.