Strategic HR Technology Investment: A Comprehensive Checklist for Global HR Teams
Engagedly, Inc. is committed to protecting the privacy of our customers. This Privacy Policy outlines the information collected and how it may be used and applies to Engagedly services, platforms, and applications.
For our client data privacy policy, please see our Engagedly App Privacy Policy.
Engagedy is a cloud platform for progressive performance management and employee engagement built for organization with visionary leadership. With Engagedly’s gamification, engagement and continous improvement-based approach, organizations can align, motivate, engage and optimize employee performance. Engagedly believes that as organizations becomes more digital and networked, the traditional performance and talent management system approaches fall short of optimizing their talent pool.
Category | Examples | Collected |
---|---|---|
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | Yes Email address, full name, IP address, unique employee identifier. |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Yes Name, telephone number, and employment details like title, physical characteristics, like if the employee has any disabilities. Do not capture what the disability is. |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes Age, Ethnicity, Gender, Veteran status (checkbox) |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | No |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | No |
F. Internet or other similar network activity. | Browsing history, search history, and information on a consumer’s interaction with a website, application, or advertisement. | No |
G. Geolocation data. | Physical location or movements. | No |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | No |
G. Geolocation data. | Physical location or movements. | No |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | No |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | Yes Performance evaluation |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No |
K. Inferences are drawn from other personal information. | Profile reflects a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | No |
SECURITY
Engagedly has stringent state‐of‐the‐art security controls designed to protect your data. Specifically, cybersecurity risks are taken very seriously at Engagedly and are managed daily by our CISO. All employees are required to review and agree to Engagedly’s strict IT Security Policies, which are annually reviewed to incorporate periodic updates. Engagedly is also annually audited by 3rd party auditors for SSAE‐18 SOC2 Type 2 compliance as well as annually audited by 3rd party auditors for penetration and vulnerability testing. All data transacted by Engagedly is encrypted when in transit and at rest.
19. Google Limited Use Policy
“Engagedly’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.”
20. Compliance with Google API Terms of Service and Google User Data Policy
20.1 Transparency
Engagedly will always ask for both the minimum scope and the minimum amount of data that is strictly necessary for providing our services.
Engagedly offers customers the ability to integrate with their Google Calendar. This integration will give users the ability to read, create, and update Google calendar items within the Engagedly application.
Engagedly will collect and use your Google data only for the purposes listed in Sections 2-4 of this Policy.
Our application and website do not share any data with third-party tools or AI models.
The URL for this Privacy Policy is included in the OAuth client configuration for all Engagedly applications that interact with Google User Data.
Any changes to Engagedly’s use of Google User Data will be added to this Privacy Policy and will require fresh user consent to this Policy.
20.2 Relevant Permissions
Integrating your Google Calendar with the Engagedly application will grant the following permissions to Engagedly:
Read calendar items
Create calendar items
Update calendar items
21. Google Limited Use Requirements
21.1 Allowed Use
Engagedly will only use restricted scope data to provide or improve user-facing features that are prominent from Engagedly’s application. user interface
21.2 Allowed Transfer
Enagedly will only transfer restricted scope data to others if that transfer is (a) necessary to provide or improve user-facing features that are prominent from the requesting app’s user interface, (b) to comply with applicable laws, or (c) a part of a merger, acquisition or sale of assets of the developer.
21.3 Advertising
Engagedly will never use or transfer restricted scope data to serve users advertisements. This includes personalized, re-targeted and interest-based advertising.
21.4 Human Interaction
Engagedly does not allow developers or users to read restricted scope user data, including email, Google Drive, or Google Calendar information.
Security
Engagedly has stringent state‐of‐the‐art security controls designed to protect your data. Specifically, cybersecurity risks are taken very seriously at Engagedly and are managed daily by our CISO. All employees are required to review and agree to Engagedly’s strict IT Security Policies, which are annually reviewed to incorporate periodic updates. Engagedly is also annually audited by 3rd party auditors for SSAE‐18 SOC2 Type 2 compliance as well as annually audited by 3rd party auditors for penetration and vulnerability testing. All data transacted by Engagedly is encrypted when in transit and at rest.
In compliance with the EU-US Data Privacy Framework Principles, Engagedly commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union and Swiss individuals with DPF inquiries or complaints should first contact Engagedly.
Engagedly has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.