Kenexa's Application Service Provider (ASP)
Personal Information Privacy Policy


Kenexa is a leading end-to-end provider of software, proprietary content, services and process outsourcing that enable organizations to more effectively recruit and retain employees. This ASP Privacy Policy applies only to the transfer of personally identifiable information ("Personal Information") received by Kenexa in any format through its hosted software, whether supplied directly by Kenexa customers or by employees or users of the hosted software anywhere in the world, including transfers from the European Economic Area (EEA) to the United States.

Kenexa abides by the EU Safe Harbor framework as set forth by the United States Department of Commerce regarding collection, use, and retention of data received from the European Union. For more information about Safe Harbor, go to www.export.gov/safeharbor/. Accordingly, we operate as a data processor for our customers. Kenexa's customers act as data controllers. Kenexa maintains only that Personal Information which its customers have asked it to process. This ASP Privacy Policy does not reflect the privacy practices of Kenexa's customers and Kenexa is not responsible for its customers' privacy policies or practices. Kenexa does not review, comment upon or monitor its customers' privacy policies or their compliance with their respective privacy policies, nor does Kenexa review its customers' instructions to determine whether they are in compliance with or conflict with the terms of a customer's published privacy policy.

Notice/Use of Personal Information
Because it supplies a hosted system, Kenexa operates as a data processor for its customers. Kenexa's customers act as data controllers. Individual users involved in employment activities may interact directly with Kenexa's customers rather than with Kenexa. Kenexa provides its customers with the option of disclosing their relationship with Kenexa by providing notice to individual employees and candidates of the customer regarding the Kenexa technology that they use. Kenexa maintains only that Personal Information which its customers have asked Kenexa to process. It is the Kenexa customer's responsibility to ensure that the data the customer collects can be legally collected in the country of origin. The Kenexa customer is responsible for giving its employees, applicants and users the appropriate level of notification that Personal Information is being collected and maintained.

Notification of Changes/Choice
Kenexa will maintain Personal Information in accordance with this ASP Privacy Policy. If Kenexa decides to change this Policy, Kenexa will post the changes on this page so our customers and/or their employees, applicants and users are aware of what Personal Information Kenexa processes, how Kenexa uses it, and under what circumstances, if any, Kenexa discloses it. If at any point Kenexa decide to retain or use Personal Information in a different manner, Kenexa will notify its customers by way of email or by posting a notice on Kenexa's website for at least 30 days prior to the change in use. Customers, in turn, are responsible for their users and providing them a choice as to whether or not Kenexa uses their Personal Information in this revised manner.

Onward Transfer
We are a global corporation with operations in several countries. We have developed global data practices designed to assure Personal Information is appropriately protected. While our primary data centers are in the USA, we may transfer Personal Information to Kenexa offices outside of the United States. In addition, we may employ other companies and individuals to perform functions on our behalf. If we disclose Personal Information to a third party or to Kenexa employees outside of the United States, we will ensure that such party has agreed to abide by the Safe Harbor principles or is subject to the Data Directive, or can otherwise assure adequate protection of such Personal Information.

Data Integrity
Kenexa will use Personal Information only in ways compatible with the purpose for which it was collected or authorized by our customers.

Security
Kenexa is committed to ensuring the security of the Personal Information that it processes. To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of Personal Information, Kenexa has put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the Personal Information we process. Kenexa strives to protect the privacy of the Personal Information it processes, and inadvertent disclosure is unlikely. In the event of such an inadvertent disclosure, Kenexa will take all commercially reasonable steps to limit and remedy the disclosure.

Access/Correction
In most cases, when Kenexa collects Personal Information, it does so on behalf of another company (as an agent or data processor). To request access to, correction, amendment or deletion of this Personal Information, a user should contact the company to which it was provided.

Oversight/Enforcement
Kenexa has a Privacy Officer who is responsible for Kenexa's compliance with and enforcement of this Policy. Kenexa's Privacy Officer is available to any of its employees, customers, vendors, business partners, or others who may have questions concerning this Policy or data security practices. Kenexa's Privacy Officer may be contacted by email Privacy@Kenexa.com.

With regard to Personal Information, Kenexa has agreed to cooperate with Data Protection Authorities. Any questions, comments or complaints about the data practices (including, without limitation, compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement) of a hosted software customer for which Kenexa processes data should be addressed to that customer.

General


Legal Disclaimer
We may disclose Personal Information when required by law or regulation or in the good faith belief that such action is necessary in order to conform to the edicts of the law, comply with legal mandates, or to protect the rights, property, or personal safety of Kenexa, its users and the public.

Cookies and Links to Other Sites
We may use cookies to enhance a user's experience while using our hosted software. Cookies are a small piece of data stored locally by your browser that saves information and helps identify you to web sites upon subsequent visits. Cookies are uniquely assigned to a computer, and can only be read by a Web server in the domain that issued the cookie. Cookies generally assist users by performing certain functions such as saving passwords and personal preferences regarding the sites.

You may have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline all cookies if you prefer. Alternatively, you may be able to modify your browser setting to notify you each time a cookie is tendered and permit you to accept or decline cookies on an individual basis. If you choose to decline cookies, however, that may hinder performance and negatively impact the use of the hosted software.
Our hosted software may contain links to other sites. Please be aware that we are not responsible for the privacy practices or content of such other sites.

Children's privacy
Kenexa is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children's online activities and interests. Kenexa does not knowingly collect information from children under the age of 13 and Kenexa does not target its website or its products to children under the age of 13.

Last updated on: -- May 11, 2007

© 2008 Kenexa. All Rights Reserved