Privacy Policy

This Privacy Policy (“Privacy Policy” or “Policy”) informs you of important information about how NextByte, Inc. (“we”, “us” or “our”) processes the personal data that we collect in online and offline formats, that directly or indirectly identifies you (“Personal Data”), the privacy practices we undertake, the types of data we collect, how we use and secure that data, and how long we retain that data.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will process it. If you do not agree with our policies and practices, your choice is not to use our Sites and/or Services (defined below).

This Policy may change from time to time. Your continued use of the Sites after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

Data Controller

NextByte, Inc.
2261 Market Street STE 22963
San Francisco, CA 94114
USA

When we use the term “Service(s)” we refer collectively to:

  1. The provision of online programming, interviewing and communication tools and related services to those who purchase such tools and services in order to evaluate candidates’ skills (“Subscriber(s)”);
  2. The information provided through websites owned and controlled by us, including the website at nextbyte.ai and www.trynextbyte.com (the “Sites”);
  3. The use by candidates of online programming tools for assessments, interviewing and related practice (“Authorized Users”).

II. Privacy Policy Table of Contents

  1. HOW WE COLLECT YOUR PERSONAL DATA
  2. TYPES OF PERSONAL DATA WE COLLECT
  3. HOW AND WHY WE USE YOUR PERSONAL DATA
  4. HOW WE SHARE AND DISCLOSE PERSONAL DATA
  5. DATA SECURITY
  6. RETENTION OF PERSONAL DATA
  7. CHILDREN’S PRIVACY
  8. FINANCIAL INFORMATION
  9. E-MAIL MARKETING
  10. YOUR PERSONAL DATA CHOICES
  11. WITHDRAWAL OF YOUR CONSENT
  12. COOKIES NOTICE
  13. YOUR CALIFORNIA PRIVACY RIGHTS
  14. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM AND SWITZERLAND
  15. DATA PROTECTION FRAMEWORK (DPF : EU, UK, SWISS)
  16. LINKS TO OTHER SITES
  17. HOW TO CONTACT US

HOW WE COLLECT YOUR PERSONAL DATA

We may collect your Personal Data through different means, when you:

It is up to you whether you want to provide us with information or authorize third parties to provide us with information. When we ask you to provide information, you can decline and still visit the Sites to learn more about us and what we do. However, if you choose not to provide information to us, we may be unable to provide you our Services. This Privacy Policy does not apply to any third-party sites that may link to or be accessible from the Sites.

TYPES OF PERSONAL DATA WE COLLECT

Types of Information You May Provide to Us:

If you submit any Personal Data to us relating to other people, you represent that you have the authority to do so, that you obtain his or her consent, and permit us to use the information in accordance with this Privacy Policy. By submitting Personal Data, you grant us the right to transmit, monitor, retrieve, store and use your information in connection with the operation of the Sites.

Types of Information We Collect Through Technology:

When you use our Sites, we use technologies to gather information on how visitors are using the Sites and Services (the dates you access the Service, the amount of time you spend on the Service, the originating site when you arrive at the Service, your selections, what you click on, and how you navigate from page to page on the Sites). Specifically, we use technology to gather information about the following:

An IP address is a number automatically assigned to your computer whenever you access the Internet. IP addresses allow computers (including mobile devices and tablets) and servers to recognize and communicate with one another. We collect IP address information so that we can properly manage our system and gather information about how our Sites are being used. This includes the device type and browser you are using, location data, the pages you are viewing and your interactions on the page. Your IP address may be associated with records containing Personal Data. We collect details of visits to our Sites, including the volume of traffic received, logs and the resources that you have accessed. We may also collect certain location information such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.

We also record keystrokes and monitor cut and paste activity for the code playback for use by in our Services.

Types of Information We May Collect From Third Parties:

Our Subscribers electronically submit (or cause to be submitted) Personal Data to the Services, which may include names, email addresses, and/or notes about an interview.

Our business partners may process and submit analytics and/or enhancing data.

HOW AND WHY WE USE YOUR PERSONAL DATA

Our employees only collect and process the information reasonably necessary to respond to inquiries about our Services, to provide you the Services, to carry out our operations, as required by law, and for the other legitimate business purposes, under Applicable Laws, as provided below:

To prevent cheating during tests, recruiters can optionally request to collect images from the candidate's webcam at regular intervals during the test.

Candidates are informed that the person responsible for the processing of his or her Data in the context of a recruitment process is the recruiting organization that invited him/her to take the test. They are therefore invited to consult the recruiter's privacy policy.

As a processor, NextByte processes:

We do not monitor or profile users of our Sites or collect any special categories of sensitive Personal Data about you.

Additional Uses of Personal Data:

In addition to the uses described above, we may use your Personal Data for the following purposes if you become a Subscriber or Authorized User. Some of these uses may, under certain circumstances, be based on your consent:

Some other uses are necessary to serve our legitimate interests in the following business operations:

HOW WE SHARE AND DISCLOSE PERSONAL DATA

We share Personal Data with the following categories of recipients:

In case of any request addressed to us coming from any public, governmental, regulatory, judicial or administrative body, authority, agency, court or tribunal to access the users or Subscribers' Personal Data, we commit to first check and, if relevant, challenge the legality of such request.

NextByte, Inc. certifies that it has not purposefully (or due to local laws or practices) (i) created backdoors or similar programming that could be used to access Personal Data and/or (ii) put in place business processes which facilitate access to Personal Data.

We shall remain responsible for any Personal Data that we transfer to a third party and remain liable if such third party processes any such Personal Data in a manner inconsistent with the Applicable Laws, unless we can demonstrate that we are not responsible for such violation.

We keep Personal Data on file, but do not share, sell, license or transmit this information to third parties or external vendors unless required to do so by legal, judicial or governmental proceedings, or to provide the Services.

We may also disclose aggregated information that does not identify any individual (therefore, is not deemed to be Personal Data) without restriction.

DATA SECURITY

We use reasonable organizational, technical and administrative measures to maintain the privacy and security of your Personal Data within our organization. Accordingly, we prevent unauthorized access by a secure firewall and use of security technologies to protect the integrity and privacy of any Personal Data you provide. Although we work hard to protect your Personal Data by implementing appropriate technical and organizational measures, we cannot guarantee the full security of any information you transmit to us through online forms and applications, but in case of problem, and if required by Applicable Laws, we will inform you of any breach of Personal Data.

The Sites are not designed to store sensitive personal information such as financial, health or educational records and you should not use the Sites for that purpose. Please note that email is considered a non-encrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use email to communicate information that you consider confidential.

Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How to Contact Us” section below. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.

RETENTION OF PERSONAL DATA

We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy and in order to provide you the Services, and for as long as your account is active or as needed to provide Services. We will also retain your information to comply with our legal obligations, to conduct audits, resolve disputes, and enforce our agreements.

CHILDREN'S PRIVACY

The Sites are only intended for individuals who are at least 16 years of age. We do not knowingly encourage or solicit visitors who are under the age of 16 or knowingly collect Personal Data from anyone under the age of 16 without parental fiduciary consent. If we learn we have collected or received Personal Data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us in accordance with the How to Contact Us section below. We are committed to complying with the Children's Online Privacy Protection Act (COPPA). Our Service is not directed to children under the age of 13 and children under the age of 13 are not to use the Sites or provide any information to our Service without express parental consent. We do not knowingly collect personal information from children under the age of 13. If we receive personal information that we discover was provided by a child under the age of 13, we will promptly destroy such information.

FINANCIAL INFORMATION

NextByte uses Stripe to process online payments made to us (or we may use a similar online payment processor). We may also receive payments directly from you. In connection with the processing of online payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is submitted directly to the payment processor. Any account information received from your direct payment by check or wire transfer to us is kept confidential.

E-MAIL MARKETING

We may periodically send you relevant alerts and newsletters by e-mail. To help improve our marketing activities, we often receive a confirmation when you open an e-mail or click on a link included in one of these emails, if your computer supports such capabilities.

We give users the option to use some of our Services free of charge or for a low cost. These free Services are made possible by the fact that some users upgrade to one of our paid Services or higher priced plans. If you register for our Services, we will, from time to time, send you information about upgrades when permissible. Users who receive these marketing materials can opt out at any time.

If you don't want to receive a particular type of marketing material from us, click the "unsubscribe" link in the corresponding emails.

YOUR PERSONAL DATA CHOICES AND RIGHTS

You have choices in how your Personal Data is used and shared. You have the right to:

You also have the right to portability of your Personal Data, the right to give instructions concerning your Personal Data in the event of your death and the right to withdraw your consent.

Account Information: If you are a Subscriber and have an account with us, you may update, correct, or delete your Personal Data, or deactivate your account at any time by emailing us at contact@trynextbyte.com.

Certain Exceptions to Deletion Request Rights:

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

Choice and Opt-Out:

Exercising Access, Data Portability, Deletion or other privacy Rights:

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:

Verification of Your Identity: Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may make a verifiable consumer request for access or data portability twice within a 12-month period. You must:

We cannot respond to your request or provide you with personal information if we have a doubt on your identity or authority to make the request and confirm the personal information relates to you.

Where you have provided consent to process personal information, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You may do this by emailing us at contact@trynextbyte.com.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Except if you are a European individual, any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

YOUR CALIFORNIA PRIVACY RIGHTS

As of January 1, 2020, under the California Consumer Privacy Act (CCPA), California consumers (as defined in the CCPA) have the following additional rights regarding your Personal Information (as defined in the CCPA) that NextByte has collected, used, disclosed or sold:

A. The right to request the following information from NextByte:

B. The right to request that NextByte delete your Personal Information collected by NextByte.

C. The right to opt-out of the sale of your Personal Information.

Under the current definition of “sale”, NextByte does not sell your Personal Information.

Consumers can make these requests by emailing contact@trynextbyte.com and NextByte will respond to your request upon verification of your identity. NextByte will accept these requests from your authorized agent. Before NextByte will accept requests from an authorized agent, the authorized agent must provide NextByte with a Power of Attorney signed and dated by the consumer and notarized by a notary public naming the authorized agent as your authorized representative, and including your full name, physical California address, and month/year of birth. Alternatively, NextByte will accept a written authorization document that includes your full name, physical California address, telephone number and valid email address, signed by you and authorizing the authorized agent to act on your behalf in making such request(s).

Consumers may opt out of any marketing by us and from the disclosure of your Personal Information to third parties at any time by emailing contact@trynextbyte.com.

In addition, please refer to the following section of this Privacy Policy: TYPES OF PERSONAL DATA WE COLLECT, HOW AND WHY WE USE YOUR INFORMATION, HOW WE SHARE AND DISCLOSE PERSONAL DATA, and CHILDREN'S PRIVACY.

You agree that we may combine Personal Information for the purposes of detecting data security incidents or protecting against fraudulent or illegal activity. This combined Personal Information may include IP addresses, preferences, web pages visited prior to coming to your or another Business' website, information about browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), and information about how other users interact with you (such as timestamps, clicks, scrolling, browsing times and load times).

Non-Discrimination: If you elect to exercise any of your rights under CCPA or CPRA, NextByte will not discriminate against you for exercising any of your CCPA/CPRA rights. Unless otherwise permitted by the CCPA or CPRA, we will not: deny you goods or services, charge you a different price or rate for our goods or services, or provide you a different level or quality of goods or services because you exercised such rights.

As of January 1, 2023, under the California Privacy Rights Act (CPRA), California consumers have the additional right to request that NextByte correct inaccurate Personal Information about you that NextByte maintains. This right may be exercised in the same manner described above, by emailing contact@trynextbyte.com.

The CPRA adds California consumer rights to Sensitive Personal Information (as defined in the CPRA); however, NextByte does not collect, use, or maintain Sensitive Personal Information. In addition, NextByte does not share (as defined under the CPRA) Personal Information.

ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM AND SWITZERLAND

The Personal Data we collect or process may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. We only transfer your Personal Data to countries that ensure an adequate level of protection. If not, we will take all steps reasonably necessary to ensure that Personal Data is treated securely and in accordance with this Privacy Policy and article 46 of GDPR. You can obtain a communication of the safeguards we have implemented to protect your data in countries outside the EEA, by sending an email to contact@trynextbyte.com.

DATA PROTECTION FRAMEWORK (DPF : EU, UK, SWISS)

NextByte commits to resolve complaints about our collection or use of your personal information. European Union, UK or Swiss individuals with inquiries or complaints regarding our Privacy Policy should first contact NextByte at: contact@trynextbyte.com.

We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your Personal Data within 30 days of receiving your complaint.

You may have the option to select (1) the independent dispute resolution mechanism identified above or (2) to raise the issue through the data protection authority of your country or to bring a legal proceeding before the courts of the Member State in which you have your habitual residence.

You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance that are not resolved by any of the other DPF mechanisms. You can find additional information in DPF ANNEX-I-introduction.

The Federal Trade Commission has jurisdiction over NextByte's compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Occasionally we may provide links to other sites for your convenience and information. These sites operate independently from our Sites and are not under our control. These sites may have their own privacy notices or terms of use, which you should review if you visit any sites linked through our Sites. We are not responsible for the content or use of these unrelated sites.

HOW TO CONTACT US

If you have any queries, questions or concerns about this Privacy Policy or our Personal Data handling practices, please contact us at contact@trynextbyte.com.