BusinessOL.Com, Inc. dba BusinessOnline
600 B Street, Suite 300
San Diego, CA 92101
Types of Processed Data
- Inventory data (eg, names, addresses).
- Contact details (eg, e-mail, telephone numbers).
- Provided content data (eg, text input, resume, docs).
- Usage data (eg, visited websites, interest in content, access times).
- Meta / communication data (eg, device information).
Category of Affected Persons
- Visitors and users of our website and services.
Reasons for Processing Data
- For improving, creating and providing better offers, content, and services for our visitors/users
- Communication outreach to visitors/users via newsletters, direct contact and/or email
- Digital analytics and performance measurement
- Digital marketing and content personalization
- Controller – determines the purposes and means of processing personal data. Ensures and validates the processes and system implement through and from related processors.
- Personal Data
- “Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. (Article 4(1) of GDPR)
- “Personal Identifiable Information” (PII), is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information. (NIST)
- “Non-Personal Identifiable Information” (Non-PII), is data that cannot be used on its own to identify, trace, or identify a person, so basically the opposite of PII. For example IP Addresses, Device ID, etc.
- Processing – any process performed with or without automated systems or any such process associated with handling data, including personal data.
- Pseudonymisation – the processing of scrubbing personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.
- Profiling – an automated processing of personal data to evaluate certain personal aspects relating to a person, in particular aspects relating to job performance, economic situation, health, personal to analyze or predict preferences, interests, reliability, behavior, whereabouts or relocation of that person.
- Responsible Person – means the person, public authority, body or commanding body that authorizes the purposes and means of processing personal data.
- Processor – is responsible for processing personal data on behalf of a controller. They are required to maintain records of personal data and processing activities.
- “Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store the information about a user (or the device on which the cookie is stored) during or after his visit to an online offer.
- Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online service and closes his browser. For example, the content of a shopping cart in an online shop or a login status can be saved.
- The term “permanent” or “persistent” refers to cookies that remain stored even after the browser has been closed. For example, the login status can be saved, if users visit them after several days.
- A cookie can store the interests of the users, which are used for a range of measurement or marketing purposes.
- A “first-party cookie” refers to cookies that are directly offered and implemented by the person who manages the online offer.
- A “third-party cookie” refers to cookies that are offered by providers other than the person who manages the online offer.
Relevant Legal Basis
The processing of personal data requires a legal basis. There are different forms of legal basis.
A legal basis for processing personal data is, for example…
- The end-user has given consent to the processing of his or her personal data for one or more specific purposes.
- The processing is necessary for the performance of a contract to which the end-user is party or in order to take steps at the request of the end-user prior to entering into a contract.
- The processing is necessary for compliance with a legal obligation to which the controller is subject.
- The processing is necessary in order to protect the vital interests of the data subject or of another natural person.
- The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
- The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the end-user is a child.
We have taken technical and organizational measures to ensure that we protect and secure your data in accordance with the Data Protection Regulations.
Measures include, in particular, ensuring the privacy, confidentiality, integrity, and availability of data by controlling physical and online access to the data, as well as their access, input, disclosure, availability, and separation. We have set up procedures to ensure the end-users data subject rights, data deletion and data vulnerability. Furthermore, we consider the protection of personal data throughout our whole development and creation of any new systems, services, software, and procedures.
All end-user information will be stored on secured servers. Access to and from our servers are only accessible by authorized persons. If you send us data via web forms, the data is always transmitted via an encrypted connection.
Collaboration with Processors and Third-Parties
In order to be able to provide our services, we use the support of service providers from third parties. In order to ensure the protection of your personal data in this case, we conclude with each – carefully selected – service provider special order processing contracts.
We use the support of the following providers:
- 6Sense – leads data and analysis for sales and marketing
- AdStage – campaign marketing analytics and reporting
- Amazon Web Services (AWS) provider for Virtual Servers, Cloud Storage, RedShift, etc.
- Box – cloud storage service
- Datorama - cloud-hosted analytics and data reporting
- Dreamhost provider for web hosting
- Google G-Suite service provider for email, instant messenger, analytics, ads, storage, optimize, data studio, etc.
- HotJar – analytics and performance measurement tool
- Hubspot – web hosting, marketing automation, campaign marketing, and marketing tracking
- Microsoft Bing – adcenter
- Microsoft Office 365 provider for Office Online and Office Suite Software
- Pantheon provider for web hosting
- Salesforce – customer relationship management (CRM), sales and marketing analytics
Transfers to Third-Countries
In order to be able to provide our services, we use the support of third-country service providers (outside of U.S.). In order to ensure the protection of your personal data in this case, we review each providers access, input, disclosure, availability and separation of data processes, to ensure they align with our level of security and risk.
We use the support of the following providers:
- HotJar is a tracking tool service measuring user behavior, which is located in Malta. We do not process or utilize them for any personal data tracking. Only data processed through them is the general behavioral statistical interaction data from site interaction tracking.
Rights of Visitors/Users
You have the right to ask for…
- Confirmation as to whether the relevant data in question is being processed.
- Request a copy of the relevant data.
- Relevant data concerning you is correct or incorrect.
- Relevant data be deleted immediately or, alternatively, to require a restriction of the processing of data.
- Relevant data to you, can be requested to be transferred or communicated to other persons/entities.
- Filing a complaint with the competent supervisory authority.
- You have the right to grant consent and withdrawal of your data.
- Right To
- You can object to any or part of future processing of your data, at any time.
- The objection may in particular be made against processing for direct marketing purposes.
- If users do not want cookies stored on their computer, they will be asked to disable the option in their browser’s system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
- Furthermore, the storage of cookies can be achieved by switching them off in the settings of the browser. Please note that not all features of this online offer may be used.
- Deletion of Data
- The data processed by us are deleted or limited in their processing.
- Data that is non-PII and it is required for other and legitimate purposes, are kept in processing until no longer required.
Tracking Services Used
6sense is a predictive prospect analysis and lead scoring software that gathers data on your prospective buyers, analyzes their requirements and predicts their behavior across various stages of the buyer journey. The data provided by 6sense can be used by marketing and sales teams to target leads with the right campaigns and products at the right moments. 6sense utilizes a custom-built predictive model for each customer to help meet your company’s needs and goals.
The Facebook pixel is an analytics tool that provides ability to measure the effectiveness of advertising by understanding the actions people take on a website. Data is used to, make sure ads are being shown to the right people, build advertising audiences, and unlock additional Facebook advertising tools.
- Google Adwords
Google Adwords is a conversion tracking tool that shows you what happens after a customer interacts with our ads — whether they purchased a product, signed up for our newsletter, called our business, or downloaded our app. When a customer completes an action that we’ve defined as valuable, these customer actions are called conversions.
- Google Analytics
Google Analytics is used for website traffic analysis. It provides data for real-time statistics and analysis of user interaction with the website. Provides reporting tools to analyze our visitor traffic, with the objective of interpreting and optimizing website’s performance.
- Google Tag Manager
Google Tag Manager is a tag management system that allows for quickly and easily update tracking codes and related code fragments collectively known as “tags” on the website or mobile app. It contains natural integrations with Google services such as Google Analytics and Adwords.
Hotjar provides analysis tools to measure and observe user behavior and trends. Tools include the use of heatmaps and visitor recording, conversion funnel and form analytics. Data here is used to improve performance and experiences on the website based on user behavior and interactions.
Hubspot allows for tracking of end-user page visits and clicks to Hubspot emails, landing pages and web pages. These are recorded in Hubspot as marketing and performance activities, which can subsequently be used in triggers and filters for Campaigns and Smart Lists. This is used in tandem with Hubspot automation capabilities to generate personalized and predictive content experiences.
LinkedIn conversion tracking is an analytical function powered by the LinkedIn Insight Tag. It tracks member actions called conversions, which are valuable to your business. The conversion tracking gathers insights into the post-click and view-through conversions of your LinkedIn ads campaigns, giving you the ability to measure the impact and ROI of your ads and campaigns.
NewRelic is a performance tracking tools for our website. It provides performance data on the ability of our website and how healthy it is doing in delivering the website experience.
Third-Party Services Used
AddThis provides tools for connecting and sharing our site content more easily, by providing users the ability to connect and share socially through a single widget available in our resources section. In turn we get some basic statistical data on how our content is doing with social platform, by how many times they are shared and distributed. This helps us better generate and create innovative content for the future.
- Google Fonts
Google Fonts is a library of web available fonts, that we use to enrich the look and feel of our fonts used throughout the website, such as headers and content.
Greenhouse widget is used to display and share our available job/career opportunities on our site more easily and through their network of job/career seeking outlets. Interest seekers will be taken to Greenhouse where they can sign up and create a profile and we can interact and communicate effectively with potential recruits.