Privacy Policy

This Privacy Policy (“Privacy Policy” or “Policy”) informs you of important information about how NextByte, Inc. (“we”, “us” or “our”) processes the personal data that we collect in online and offline formats, that directly or indirectly identifies you (“Personal Data”), the privacy practices we undertake, the types of data we collect, how we use and secure that data, and how long we retain that data.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will process it. If you do not agree with our policies and practices, your choice is not to use our Sites and/or Services (defined below).

This Policy may change from time to time. Your continued use of the Sites after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

Data Controller

When we use the term “Service(s)” we refer collectively to:

1. The provision of online programming, interviewing and communication tools and related services to those who purchase such tools and services in order to evaluate candidates’ skills (“Subscriber(s)”);
2. The information provided through websites owned and controlled by us, including the website at nextbyte.ai and www.trynextbyte.com (the “Sites”);
3. The use by candidates of online programming tools for assessments, interviewing and related practice (“Authorized Users”).

II. Privacy Policy Table of Contents

1. HOW WE COLLECT YOUR PERSONAL DATA
2. TYPES OF PERSONAL DATA WE COLLECT
3. HOW AND WHY WE USE YOUR PERSONAL DATA
4. HOW WE SHARE AND DISCLOSE PERSONAL DATA
5. DATA SECURITY
6. RETENTION OF PERSONAL DATA
7. CHILDREN’S PRIVACY
8. FINANCIAL INFORMATION
9. E-MAIL MARKETING
10. YOUR PERSONAL DATA CHOICES
11. WITHDRAWAL OF YOUR CONSENT
12. COOKIES NOTICE
13. YOUR CALIFORNIA PRIVACY RIGHTS
14. ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM AND SWITZERLAND
15. DATA PROTECTION FRAMEWORK (DPF : EU, UK, SWISS)
16. LINKS TO OTHER SITES
17. HOW TO CONTACT US

HOW WE COLLECT YOUR PERSONAL DATA

We may collect your Personal Data through different means, when you:

• Decide to interact with us, either by providing us your information through the registration page, login page, forms or demo page on the Sites; by email; regular mail; social media or telephone;
• Contact us via online submission, telephone, electronic mail or regular mail,
• Visit our Sites, through automated data tracking technology;
• Complete surveys via the Service;
• Become a Subscriber or an Authorized User or set up an account and provide us with information directly;
• Join an interview session or a test session;
• Are invited to join a team account;
• Post comments or opinions (e.g., on our LinkedIn page); or
• Authorize third parties to provide us Personal Data.

It is up to you whether you want to provide us with information or authorize third parties to provide us with information. When we ask you to provide information, you can decline and still visit the Sites to learn more about us and what we do. However, if you choose not to provide information to us, we may be unable to provide you our Services. This Privacy Policy does not apply to any third-party sites that may link to or be accessible from the Sites.

TYPES OF PERSONAL DATA WE COLLECT

Types of Information You May Provide to Us:

• Name, alias, email address, postal address, telephone numbers, communication preferences, unique personal or online identifier, account name, employer, job title;
• Information that you authorize third parties to release to us;
• Persistent or probabilistic identifiers that organizations use to identify a particular consumer (cookies);
• Records of your correspondence with us, including support correspondence;
• Images from the candidate's webcam (during Tests), to prevent cheating (but you can oppose by refusing or deactivating the webcam);
• Video conference (during interview), which may include visual information from which inferences may be drawn related to age, race, color, sex, gender identity, gender expressions, pregnancy or childbirth, medical conditions
• Audio recordings (during interview), for transcription, summary, and review purposes (but participants can refuse by not accepting at the beginning of the interview);
• Level of competence of the persons concerned (score, rank); and
• Technical job application information

If you submit any Personal Data to us relating to other people, you represent that you have the authority to do so, that you obtain his or her consent, and permit us to use the information in accordance with this Privacy Policy. By submitting Personal Data, you grant us the right to transmit, monitor, retrieve, store and use your information in connection with the operation of the Sites.

Types of Information We Collect Through Technology:

When you use our Sites, we use technologies to gather information on how visitors are using the Sites and Services (the dates you access the Service, the amount of time you spend on the Service, the originating site when you arrive at the Service, your selections, what you click on, and how you navigate from page to page on the Sites). Specifically, we use technology to gather information about the following:

• Device
• Internet connection
• IP address
• Browser version
• Time zone/presumed country and presumed city
• Operating system and platform
• Referring/exit pages
• Account access date/time stamp
• Cookie data previously stored on your device
• Information about your interaction with the Sites

An IP address is a number automatically assigned to your computer whenever you access the Internet. IP addresses allow computers (including mobile devices and tablets) and servers to recognize and communicate with one another. We collect IP address information so that we can properly manage our system and gather information about how our Sites are being used. This includes the device type and browser you are using, location data, the pages you are viewing and your interactions on the page. Your IP address may be associated with records containing Personal Data. We collect details of visits to our Sites, including the volume of traffic received, logs and the resources that you have accessed. We may also collect certain location information such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.

We also record keystrokes and monitor cut and paste activity for the code playback for use by in our Services.

Types of Information We May Collect From Third Parties:

Our Subscribers electronically submit (or cause to be submitted) Personal Data to the Services, which may include names, email addresses, and/or notes about an interview.

Our business partners may process and submit analytics and/or enhancing data.

HOW AND WHY WE USE YOUR PERSONAL DATA

Our employees only collect and process the information reasonably necessary to respond to inquiries about our Services, to provide you the Services, to carry out our operations, as required by law, and for the other legitimate business purposes, under Applicable Laws, as provided below:

• To provide the Services, enforce our Terms of Service, Subscription Agreement, and other agreements; to manage your account, validate and keep your Personal Data accurate
• To inform you about the Services in which you have indicated an interest or to which you’ve subscribed; respond to your questions and requests and improve customer service; to provide you with notices about your account and/or subscription, including expiration and renewal notices;
• To assist in business development and general marketing and building relationships; to create a list of actual and prospective users and Subscribers; to compile statistics regarding how the Sites are used in order to improve our products and Services;
• To record your name and contact information, and other Personal Data for legitimate business purposes, so that we can provide our Services;
• To authorize and manage access to the Sites;
• To ensure that content from the Service is presented in the most effective manner for you and your device and to provide you with content and features customized to your interests and the way you use the Service;
• To perform our contract with you if you become a Subscriber or Authorized User; satisfy contractual necessity to conduct our operations and provide you with the services and products we offer; to perform essential business operations and to manage your account; to contact you with information that may be of interest to you;
• To improve the Sites to provide you with better services, for example, we may use your Personal Data to improve the layout of our Sites based on the click path you utilized to access certain information within the Sites; and
• To comply with legal obligations and professional responsibilities;
• To verify your identity or conduct internal audits or reviews;
• To detect or prevent security incidents or other illegal activity; debug; verify or maintain quality or safety or improve or upgrade a service or device owned or controlled by us;
• To process data from websites or social networks (e.g., LinkedIn, Facebook, GitHub, etc.) in order to better understand your profile.

To prevent cheating during tests, recruiters can optionally request to collect images from the candidate's webcam at regular intervals during the test.

Candidates are informed that the person responsible for the processing of his or her Data in the context of a recruitment process is the recruiting organization that invited him/her to take the test. They are therefore invited to consult the recruiter's privacy policy.

As a processor, NextByte processes:

• Name, email address,
• Alias, employer (events);
• Persistent or probabilistic identifiers (cookies);
• Correspondences with the recruiters;
• Images from the candidate's webcam (during tests), to prevent cheating (but you can oppose by refusing or deactivating the webcam);
• Interview audio, transcript, and summary (but participants can oppose by not accepting at the beginning of the interview);
• Level of competence of the persons concerned (score, rank); and
• Technical job application information

We do not monitor or profile users of our Sites or collect any special categories of sensitive Personal Data about you.

Additional Uses of Personal Data:

In addition to the uses described above, we may use your Personal Data for the following purposes if you become a Subscriber or Authorized User. Some of these uses may, under certain circumstances, be based on your consent:

• Providing you with newsletters, articles, alerts and announcements, and other information that we believe may be of interest to you;
• Providing you with marketing information about our services; and
• Conducting research, surveys, and similar inquiries to help us understand Subscriber or authorized user needs;
• Setting certain cookies;

Some other uses are necessary to serve our legitimate interests in the following business operations:

• Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Data, our Sites or data systems; or to meet legal obligations; and
• Preventing, detecting and investigating breaches of any agreements entered into between you and us and threats to the security of the Service.
• Analyzing some interactions with us and our Sites, and improving our products, services, programs, and other offerings;
• Serving marketing and business development activities, including any social media properties we create, and emails that we send.

HOW WE SHARE AND DISCLOSE PERSONAL DATA

We share Personal Data with the following categories of recipients:

• Third-party Vendors: Your Personal Data will only be shared with and processed by our affiliates and non-affiliated third-party service providers as permitted by law and for the purposes described in this Privacy Policy. We may disclose Personal Data to certain non-affiliated specialized service providers, including professional advisors, consultants, cloud provider, other technical service providers, and other third parties, who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. We may disclose your Personal Data to third-party service providers to provide us with services such as Sites hosting, including information technology and telephony services, and related infrastructure, customer service, e-mail delivery, auditing, AI-powered services and other similar services.
• Corporate Affiliates: We may share your information with our corporate affiliates that are subject to this policy, and the employees, agents, officers, directors and contractors of the foregoing entities.
• Business Transfers: When applicable, we may share your information in connection with a substantial corporate transaction, such as the sale of a Site, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.
• With Your Consent or at Your Direction: We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
• Other Legal Reasons: In addition, we may use or disclose your Personal Data as we deem necessary or appropriate: (1) under applicable law; (2) to respond to requests from public and government authorities; (3) to pursue available remedies or limit damages we may sustain; (4) to protect our operations or those of any of our affiliates; (5) to protect our rights, privacy, safety or property; and (6) to enforce our terms and conditions.
• Recruiting organizations that invite candidates to carry out a test.

In case of any request addressed to us coming from any public, governmental, regulatory, judicial or administrative body, authority, agency, court or tribunal to access the users or Subscribers' Personal Data, we commit to first check and, if relevant, challenge the legality of such request.

NextByte, Inc. certifies that it has not purposefully (or due to local laws or practices) (i) created backdoors or similar programming that could be used to access Personal Data and/or (ii) put in place business processes which facilitate access to Personal Data.

We shall remain responsible for any Personal Data that we transfer to a third party and remain liable if such third party processes any such Personal Data in a manner inconsistent with the Applicable Laws, unless we can demonstrate that we are not responsible for such violation.

We keep Personal Data on file, but do not share, sell, license or transmit this information to third parties or external vendors unless required to do so by legal, judicial or governmental proceedings, or to provide the Services.

We may also disclose aggregated information that does not identify any individual (therefore, is not deemed to be Personal Data) without restriction.

DATA SECURITY

We use reasonable organizational, technical and administrative measures to maintain the privacy and security of your Personal Data within our organization. Accordingly, we prevent unauthorized access by a secure firewall and use of security technologies to protect the integrity and privacy of any Personal Data you provide. Although we work hard to protect your Personal Data by implementing appropriate technical and organizational measures, we cannot guarantee the full security of any information you transmit to us through online forms and applications, but in case of problem, and if required by Applicable Laws, we will inform you of any breach of Personal Data.

The Sites are not designed to store sensitive personal information such as financial, health or educational records and you should not use the Sites for that purpose. Please note that email is considered a non-encrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use email to communicate information that you consider confidential.

Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How to Contact Us” section below. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.

RETENTION OF PERSONAL DATA

We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy and in order to provide you the Services, and for as long as your account is active or as needed to provide Services. We will also retain your information to comply with our legal obligations, to conduct audits, resolve disputes, and enforce our agreements.

CHILDREN'S PRIVACY

The Sites are only intended for individuals who are at least 16 years of age. We do not knowingly encourage or solicit visitors who are under the age of 16 or knowingly collect Personal Data from anyone under the age of 16 without parental fiduciary consent. If we learn we have collected or received Personal Data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us in accordance with the How to Contact Us section below. We are committed to complying with the Children's Online Privacy Protection Act (COPPA). Our Service is not directed to children under the age of 13 and children under the age of 13 are not to use the Sites or provide any information to our Service without express parental consent. We do not knowingly collect personal information from children under the age of 13. If we receive personal information that we discover was provided by a child under the age of 13, we will promptly destroy such information.

FINANCIAL INFORMATION

NextByte uses Stripe to process online payments made to us (or we may use a similar online payment processor). We may also receive payments directly from you. In connection with the processing of online payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is submitted directly to the payment processor. Any account information received from your direct payment by check or wire transfer to us is kept confidential.

E-MAIL MARKETING

We may periodically send you relevant alerts and newsletters by e-mail. To help improve our marketing activities, we often receive a confirmation when you open an e-mail or click on a link included in one of these emails, if your computer supports such capabilities.

We give users the option to use some of our Services free of charge or for a low cost. These free Services are made possible by the fact that some users upgrade to one of our paid Services or higher priced plans. If you register for our Services, we will, from time to time, send you information about upgrades when permissible. Users who receive these marketing materials can opt out at any time.

If you don't want to receive a particular type of marketing material from us, click the "unsubscribe" link in the corresponding emails.

YOUR PERSONAL DATA CHOICES AND RIGHTS

You have choices in how your Personal Data is used and shared. You have the right to:

• Update, access, and delete your Personal Data and/or account information;
• Limit a processing;
• Decline recording and webcam access;
• Choose whether you wish to receive promotional and newsletter communications

You also have the right to portability of your Personal Data, the right to give instructions concerning your Personal Data in the event of your death and the right to withdraw your consent.

Account Information: If you are a Subscriber and have an account with us, you may update, correct, or delete your Personal Data, or deactivate your account at any time by emailing us at contact@trynextbyte.com.

Certain Exceptions to Deletion Request Rights:

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the personal information, fulfill the terms of a written warranty, keep archives for our Subscribers, or otherwise perform our contract with our Subscribers.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Choice and Opt-Out:

• You can choose to opt out of sharing your Personal Data with any third party that is not our agent/service provider.

Exercising Access, Data Portability, Deletion or other privacy Rights:

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:

• Emailing us at contact@trynextbyte.com

Verification of Your Identity: Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may make a verifiable consumer request for access or data portability twice within a 12-month period. You must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we have a doubt on your identity or authority to make the request and confirm the personal information relates to you.

WITHDRAWAL OF YOUR CONSENT

Where you have provided consent to process personal information, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You may do this by emailing us at contact@trynextbyte.com.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Except if you are a European individual, any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

YOUR CALIFORNIA PRIVACY RIGHTS

As of January 1, 2020, under the California Consumer Privacy Act (CCPA), California consumers (as defined in the CCPA) have the following additional rights regarding your Personal Information (as defined in the CCPA) that NextByte has collected, used, disclosed or sold:

A. The right to request the following information from NextByte:

• The categories of Personal Information NextByte collects about you, including what categories of Personal Information NextByte collected about you in the previous 12 months;
• The categories of sources from which your Personal Information is collected;
• The business purpose for collecting your Personal Information;
• The categories of Personal Information that NextByte disclosed for a business purpose and the categories of third parties to whom NextByte disclosed your Personal Information; and
• The specific pieces of Personal Information NextByte collected about you.

B. The right to request that NextByte delete your Personal Information collected by NextByte.

C. The right to opt-out of the sale of your Personal Information.

Under the current definition of “sale”, NextByte does not sell your Personal Information.

Consumers can make these requests by emailing contact@trynextbyte.com and NextByte will respond to your request upon verification of your identity. NextByte will accept these requests from your authorized agent. Before NextByte will accept requests from an authorized agent, the authorized agent must provide NextByte with a Power of Attorney signed and dated by the consumer and notarized by a notary public naming the authorized agent as your authorized representative, and including your full name, physical California address, and month/year of birth. Alternatively, NextByte will accept a written authorization document that includes your full name, physical California address, telephone number and valid email address, signed by you and authorizing the authorized agent to act on your behalf in making such request(s).

Consumers may opt out of any marketing by us and from the disclosure of your Personal Information to third parties at any time by emailing contact@trynextbyte.com.

In addition, please refer to the following section of this Privacy Policy: TYPES OF PERSONAL DATA WE COLLECT, HOW AND WHY WE USE YOUR INFORMATION, HOW WE SHARE AND DISCLOSE PERSONAL DATA, and CHILDREN'S PRIVACY.

You agree that we may combine Personal Information for the purposes of detecting data security incidents or protecting against fraudulent or illegal activity. This combined Personal Information may include IP addresses, preferences, web pages visited prior to coming to your or another Business' website, information about browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), and information about how other users interact with you (such as timestamps, clicks, scrolling, browsing times and load times).

Non-Discrimination: If you elect to exercise any of your rights under CCPA or CPRA, NextByte will not discriminate against you for exercising any of your CCPA/CPRA rights. Unless otherwise permitted by the CCPA or CPRA, we will not: deny you goods or services, charge you a different price or rate for our goods or services, or provide you a different level or quality of goods or services because you exercised such rights.

As of January 1, 2023, under the California Privacy Rights Act (CPRA), California consumers have the additional right to request that NextByte correct inaccurate Personal Information about you that NextByte maintains. This right may be exercised in the same manner described above, by emailing contact@trynextbyte.com.

The CPRA adds California consumer rights to Sensitive Personal Information (as defined in the CPRA); however, NextByte does not collect, use, or maintain Sensitive Personal Information. In addition, NextByte does not share (as defined under the CPRA) Personal Information.

ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA, THE UNITED KINGDOM AND SWITZERLAND

The Personal Data we collect or process may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. We only transfer your Personal Data to countries that ensure an adequate level of protection. If not, we will take all steps reasonably necessary to ensure that Personal Data is treated securely and in accordance with this Privacy Policy and article 46 of GDPR. You can obtain a communication of the safeguards we have implemented to protect your data in countries outside the EEA, by sending an email to contact@trynextbyte.com.

DATA PROTECTION FRAMEWORK (DPF : EU, UK, SWISS)

NextByte commits to resolve complaints about our collection or use of your personal information. European Union, UK or Swiss individuals with inquiries or complaints regarding our Privacy Policy should first contact NextByte at: contact@trynextbyte.com.

We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your Personal Data within 30 days of receiving your complaint.

You may have the option to select (1) the independent dispute resolution mechanism identified above or (2) to raise the issue through the data protection authority of your country or to bring a legal proceeding before the courts of the Member State in which you have your habitual residence.

You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance that are not resolved by any of the other DPF mechanisms. You can find additional information in DPF ANNEX-I-introduction.

The Federal Trade Commission has jurisdiction over NextByte's compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

LINKS TO OTHER SITES

Occasionally we may provide links to other sites for your convenience and information. These sites operate independently from our Sites and are not under our control. These sites may have their own privacy notices or terms of use, which you should review if you visit any sites linked through our Sites. We are not responsible for the content or use of these unrelated sites.

HOW TO CONTACT US

If you have any queries, questions or concerns about this Privacy Policy or our Personal Data handling practices, please contact us at contact@trynextbyte.com.