Privacy Policy

Last update: 12/22/2020

This privacy policy outlines the type of information that Glide Holdings, Inc. (dba Welcome) collects through Welcome's websites, including any and all subdomains (“Website”), products and services, and other interactions you may have with Welcome, such as onboarding calls, emails, surveys, and customer success (collectively, the "Platform"). Our Privacy Policy is intended to provide coverage for US-based customers and users only.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Privacy Policy Subject to Change). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Please contact us at privacy@heywelcome.com with any questions regarding this Privacy Policy.

Information You Provide
We may collect your‎ name, physical address, email address, phone number, login credentials for the platform, demographic information (such as your occupation, level, location, or title), role information, compensation information, compensation history, equity or cap table information, industry profile, as well as other information you directly give us on the Platform or through manual uploads, forms, surveys, spreadsheets, emails, PDFs, or cloud storage platforms.

Information From Integrations
We may collect information you provide us through API, webhook, or credentialed access to your Applicant Tracking System (ATS), Human Resource Information System (HRIS), or other platforms, products, services, or systems that you explicitly grant Welcome access to.

Information We Get From Others
We may get information about you from other sources, including your website, news or public sources. We may add this to information you provide us through the Platform.

Information Automatically Collected
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

Visitor and Usage Information
We collect information about you and your devices when visiting or accessing the Platform. This is information we collect from every visitor to the Platform, whether they have an account or not. This information may include personal information, subject to consents when necessary. We may log your device type, unique identifiers, operating system, browser information, pages you viewed or interacted with, interactions on the pages you viewed, actions taken, how long you spent on a page, physical location, IP address, the dates and times you access the Platform, and other information about your use of, interactions with, and actions on the Platform.

Cookies
A cookie is a small file placed on the hard drive of your computer. We automatically collect information from cookies and similar technologies to personalize the experience, keep you logged in, to remember your preferences, and to identify you and your device. We may, at our discretion, allow third parties to use cookies on the Platform to enable access to third party features or integrations.

You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, it may affect how our website works for you. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

Pixels
Pages of our the Website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Third party data
Welcome may receive data about you or about companies, organization, industries, visitors, marketing campaigns, and other matters related to our products and services from integrations, partners, or others that we use to make our own information more impactful. This data may be combined with other information we collect and might include aggregate level data.

How we use your information:
-To operate, maintain, and improve the Platform.
-To send communications including account invites, confirmations, technical notices, security alerts, notifications, system updates, upcoming events, and other news about products and services.
-To respond to questions and provide customer or technical support.
-To aggregate or combine user information with other information and data we collect. An example is when we combine the information a company has provided about their industry profile, compensation history, role, and level with the information entered by candidates to improve and personalize the user experience, including providing anonymized, real-time compensation benchmarks and metrics to help make better offers.
-To provide and deliver products and service requests.
-To protect against any fraudulent, unauthorized, or illegal activity on the Platform.

When we share your information
-To comply with applicable laws, regulations, or regulatory requests (if applicable).
-To protect the rights and property of Welcome, our employees, agents, customers, and others.
-To fulfill explicit customers instructions.
-For legal, security, and safety purposes.
-When customers' administrators need access to customer, candidate, and user access information on their account.
-With those who need it to do work for Welcome, such as granting a Welcome employee necessary access in order to do their job.
-We may share aggregated or anonymized data through the product or content. We may disclose or use aggregated or anonymized data for any purpose, including but not limited to, benchmarking, reporting, analytics, real-time compensation data, marketing, content purposes.
-Customers agree to allow Welcome to anonymize the customer's data and provide it to other customers as long as it is aggregated, de-identified, and is not associated with a given individual or company.
-When Customers authorize access to customer data through third parties that Welcome works with or integrates with.
-We will not share personal information with investors of the Company beyond any personal information that such investors are entitled to for customary legitimate business purposes.
-If we engage in or negotiate a merger, acquisition, or bankruptcy transaction or proceeding of some or all of Welcome’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities, some or all personal information may be shared or transferred subject to reasonable confidentiality restrictions with respect to personal information.
-We may share other information with third parties when we have consent to do so, or when engaged with third parties as service providers to process information and support the Platform.

Access to customer information
Welcome limits its teams access to customer data and information as follows:

-All data is encrypted at rest for all data stores (databases, cache, etc)
-Welcome requires and enforces user access and authorization through secure logins and passwords
-Customer data access is audited, and limited to Welcome employees on a "least privilege" principle
-Welcome limits access to production environments on the basis of business need
-Welcome provides training to employees who are involved in the processing of Customer data to prevent data being used in an unauthorized manner, and to ensure the data is kept confidential
-Welcome immediately revokes all access to critical and non-critical systems upon employee termination (voluntary or involuntary)

California Privacy Rights
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@heywelcome.com.

California Consumer Privacy Act (CCPA)
You can review our CCPA Notice here.

Data security
-All Customer information and data is stored entirely within Amazon Web Services (AWS) infrastructure
-Welcome separates each of our customers' information and data and also maintains measures to prevent information or data from being exposed, accessed, or shared with other customers or partners
-Welcome uses standard SSL/TLS security on all web requests
-Welcome leverages AWS cloud security through Fargate in a designated VPC
-Welcome securely routes and manages traffic using CloudFlare
-Welcome stores all sensitive documents in a private S3 bucket, which requires authentication credentials and permissions to access
-Welcome does not store passwords, API keys, or credentials in plain text

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Security Assessments
-All code is reviewed before being added to the service, including third party tools and integrations
-Welcome has implemented real-time error logging, system monitoring, and security alerts
-Welcome undergoes annual vulnerability and security audits conducted by independent third party experts

Deleting Customer Information
- We delete all of a Customer's identifiable data and information after one year once the relationship has been terminated, or earlier if requested by contacting us at privacy@heywelcome.com.

Marketing Communications
When creating an account or visiting the Platform or any of our websites, including any subdomains, and providing your email to sign up for a demo or join the waitlist, you are opting into our marketing communications and emails. Our marketing communications give you the option to unsubscribe. If you unsubscribe, we may still send you transactional (non-marketing) communications, if applicable. Transactional communications include emails about your accounts and our business dealings with you that are necessary for fulfilling our obligations to you. This includes, but not limited to, notifications about platform engagement and usage that is critical to your successful usage of the Platform.

Privacy Policy Subject to Change
We may modify this Privacy Policy over time without prior notice by posting a new version, which is your responsibility to review. Any changes to the Privacy Policy will be reflected on this page and will become effective immediately upon posting. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the personally identifiable information we collect. If we make any substantive changes to the Privacy Policy, we will change the effective date above.