Skip to content

Your Privacy Matters at Contrast Security

Back to Careers

 

Career Site Privacy Policy

Last Updated: 12 July 2024
About Contrast

At Contrast Security (“Contrast”), we pride ourselves on being the best and being the best requires hiring the best. We are looking for new motivated team members to be a part of our mission to empower security and development teams to get secure code moving.  Because we are committed to privacy and information security for our personnel as well as our customers, we want to help you understand our practices surrounding the collection, use disclosure, and other processing of  of your personal information and to inform you for your choices regarding the personal information that we collect about you and your rights under applicable law.

This Privacy Policy addresses the following topics:
Equal Employment Opportunity Statement

Contrast is an equal employment opportunity employer. Contrast does not discriminate against any applicant or employee on the basis of race, color, sex, religion, national origin, age, disability, or any other consideration made unlawful by applicable federal, state, or local laws. Contrast also prohibits harassment of applicants and employees based on any of these protected categories. 

For U.S. Applicants: It is also Contrast‘s policy to comply with all applicable laws respecting consideration of unemployment status in making hiring decisions. The complies with the Americans with Disabilities Act (“ADA”), the ADA Amendments Act of 2008 (“ADAAA”) and applicable state law, and considers reasonable accommodation measures that may be necessary for qualified applicants/employees to perform the essential functions of the job. Hire may be contingent upon a post-offer medical examination, and to skill and agility tests, as appropriate for the position.

Assistance for Disabled Applicants

Alternative methods of applying for employment are available to individuals unable to submit an application through this Site because of a disability. Contact hiring@contrastsecurity.com to discuss modifications.

Your consent

By agreeing to the terms of this Privacy Policy, you consent to the collection, use, disclosure, transfer across borders and other processing of your personal information as described below. Before you agree to the terms of this Policy by clicking “I Agree” please read this Policy carefully.  Once you agree, your consent will continue to apply to our collection, use, disclosure, cross-border transfer and other processing of your personal information unless you revoke your consent by contacting us at privacy@contrastsecurity.com

Scope of this policy

This Privacy Policy applies only to information collected for recruitment purposes through the Site and from other sources. The other sources might include information that you provide other than through the online application page as well as information obtained, for example, from prior employers, other references, pre-employment screening providers, and educational institutions.  This Policy does not apply to any other site or page that we own or operate. Our other sites have their own privacy policies.

Personal information we collect about you

If you choose to apply for a position with us, the categories of personal information that we may collect about you through the Site and other sources are listed below.  Please remember that you are responsible for providing information that is accurate, complete and up to date when you disclose information to us during the employment process. 

  • Identifiers: First and last name, postal address, telephone number, e-mail address, Internet Protocol (IP) address, and signature.
  • Professional or Employment-Related Information: Your resume and information about your employment history (e.g., dates of employment and last position held), educational history (e.g. degrees earned, certifications obtained), professional licenses and/or certifications, and any information you disclose through your LinkedIn profile.
  • Internet or Other Similar Network Activity: We may collect information regarding your interaction with the Site, including through the use of cookies.  Please review our Cookies statement to learn about the information we collect automatically using cookies when you visit the Site. If you visit our offices during the recruitment process and use our guest WiFi, we may collect information about that use, such as type of device used and start/stop time.  
  • Other Information Submitted With Your Online Application: (a) any personal information submitted as part of your response to our question asking why you chose to apply for a position with Contrast; (b) your eligibility to work in the country where you reside; and (c) your salary expectations.  

Information About Protected Classification

When you apply for a position in the United States, or indicate the U.S. as a preferred location when registering your profile, you will have the opportunity to provide information about your  protected classification, i.e., gender, race/ethnic origin and/or veteran status in order for us to conduct equal opportunity monitoring. The provision of this information is entirely voluntary.  If you decline to provide this information, your application(s) will not be affected in any way. If you do choose to provide this information, you consent to our using it for equal employment opportunity monitoring purposes. This information will be held and stored anonymously and will not be used to evaluate your application for employment and also will not be used to infer any characteristics about you.

Except as described above, we will not request or otherwise collect information about your health, race or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, or sexual orientation or your genetic information or biometric information through the on-line application or during the application process unless the law, as an exception, requires us to do so. We, or a third-party background check company under our direction, may check criminal history records for information about convictions, but only if and to the extent permitted by applicable law.

Categories of sources of your personal information

We may collect the categories of personal information listed above from the following sources:

  • You, for example, in your job application, forms you fill out for us, assessments you complete, surveys you complete, and any information you provide us during the course of your application and interview process.
  • Vendors and service providers, for example, recruiters.
  • Third parties, for example, job references, affiliated companies, professional employer organizations or staffing agencies.
  • Public internet sources, for example, social media, job boards, public profiles, and other public online sources
  • Public records, for example, court records, and credentialing and licensing organizations.
  • Automated technologies on Company’s electronic resources, for example, to track logins and activity on Company’s careers page.
  • Recording technologies installed by Company, for example, voicemail technologies and audio/video recording technologies with consent to the extent required by law.
  • Government or administrative agencies, for example, law enforcement or public health authorities.  
  • Acquired company, if Company acquired your employer, Company might collect personal information from that employer
How we may use your personal information

We will use the information that we collect about you for purposes of the hiring process, including:

Recruiting

  • To evaluate your qualifications or suitability for employment with Company
  • To communicate with you
  • To check your references
  • To conduct a pre-employment or criminal history background check
  • For identification purposes
  • For diversity and inclusion purposes where permitted by applicable law
  • For record keeping purposes
  • To demonstrate your agreement to, or acceptance of, documents presented to you, e.g., pre-employment arbitration agreement, acknowledgment of employment application, offer letter
  • To evaluate and improve the recruiting process
  • To comply with our legal obligations and to defend against administrative charges or legal claims

If you visit our facilities

  • To make travel arrangements
  • To reimburse travel expenses
  • To manage access to the facility
  • To issue an access badge or fob 
  • To maintain security during the visit  
  • To monitor your use of the corporate internet access if you connect to our guest WiFi during a visit to our offices

When you submit your application, you can indicate to us your willingness to be considered for other open and upcoming positions. If you are not hired for the position to which you initially applied, we may use the information that we collect about you through the recruiting process to evaluate your suitability for future job openings. Based on that evaluation, we may use your personal information to contact you to find out whether you are interested in applying for new job openings.

Contrast‘s employees involved in the evaluation of your application and, if you are hired, in the administration of your employment relationship with Contrast will have access to your personal information on a need–to-know, principle of least privilege basis.

Lawful Basis For Processing: Where applicable information protection law requires a lawful basis for collecting, using and otherwise processing your personal information, Contrast relies on your consent to do so. The processing of your personal information may also be necessary for Contrast to determine whether to enter into an employment agreement with you. If you do not provide requested information, Contrast may not be able to consider you for employment. In addition, the processing of your personal information is necessary for Contrast to pursue its legitimate interests in recruiting and hiring suitable personnel.

If a current Contrast employee submits your application on your behalf as a referral, we process your personal information on the basis of our legitimate interest in assessing your candidacy for an open position with Contrast. You can withdraw your application at any time by emailing privacy@contrastsecurity.com.

How we may disclose your personal information

Company will not sell, lease, or license your personal information to any third party.  There are limited circumstances when Company may disclose the personal information we collect about you to third parties, most notably:

  • Service Providers: With third-party service providers. We may, for example, retain a service provider to host all or portions of this Careers site, to assist in the recruiting process, or to conduct pre-employment screening or applicant tracking. Service providers will be permitted to use your personal information only for the purpose(s) for which it was disclosed to them and in accordance with Contrast’s instructions. Service providers generally will be located only in the United States or in the country where you are applying for a position;
  • Required By Law: When required by law, such as when we respond to subpoenas, court orders, legal process, or a discovery request in civil litigation;
  • Legal Violations: If we believe that your actions violate applicable law, or threaten the rights, property, or safety of Contrast, our users, or others;
  • Corporate Transactions: If we sell some or all of our business, we may disclose all of the information that we have collected about you to a purchaser or, in due diligence, to a potential purchaser, but subject to a confidentiality agreement.

Contrast will make such disclosures only as permitted by applicable information protection laws. Your mobile telephone number and your consent to be contacted by us via text message will not be shared with third parties for marketing or promotional purposes.

Retention of your personal information

If Contrast hires you, the information that you submitted through the online application and the information that we collect during the application process will become part of your personnel file and may be used to administer the employment relationship and for related reporting and recordkeeping purposes. Contrast will retain this information for the entire duration of your employment relationship with Contrast and for the period thereafter identified in Contrast’s Data Retention Schedule.

Contrast will retain the information of applicants who are not hired for one year after the hiring decision has been made unless (a) the applicant indicates that we may maintain the information on file until the applicant asks to delete the information, or (b) a shorter or longer retention period is legally required. These records will be retained for our internal record keeping and reporting purposes. During that time, we may use your personal information to consider you for positions in addition to the position(s) for which you initially applied. If you wish to withdraw your application from consideration at any time during this retention period, you can do so by contacting us at privacy@contrastsecurity.com.

International transfer of your personal information

If you are applying for a position with us from outside the U.S., the personal information that we collect about you in the recruitment process will be transferred to, and stored on, our servers, located in the U.S., and on servers maintained by our applicant tracking service provider, Lever, in the U.S. Authorized employees of Contrast and/or affiliated companies at locations outside the United States may have access to your personal information as part of the recruitment process. These employees may use and disclose your personal information only for recruitment purposes, and must handle that information in accordance with this Privacy Policy and applicable information protection laws and guidance. The information protection laws where these companies are located may be less stringent than the laws of your home country. Contrast is an active participant in the US-EU Data Privacy Framework, and the UK extension to the Data Privacy Framework for HR data, including personal information submitted as part of a job application. 

The European Commission has determined that the information protection laws of Canada, Japan and the UK, provide an adequate level of protection for personal information. 

Security for your personal information

The security and confidentiality of your personal information is important to us.  We have technical, administrative, and physical security measures in place to protect your personal information from unauthorized access or disclosure and improper use.  

For example, we use Transport Layer Security (TLS) encryption to protect the information collection forms on our Site. In addition, we restrict access to your personal information. Only employees who need the personal information to perform a specific job (for example, a Talent Acquisition specialist) are granted access to personal information. Employees with access to personal information are kept up-to-date on our security and privacy practices, and all employees acknowledge Contrast’s Privileged User Agreement and Acknowledgement of Responsibilities policy. This policy is predicated on the NIST Rules of Behaviour. For more information regarding Contrast’s comprehensive information security program, please visit our Trust Center

You can help us protect the security of your personal information in several ways:

  • Protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Site. 
  • Do not provide personal information or other confidential information such as a Social Security number, My Number or National ID to anyone claiming to represent Contrast. If you encounter such a situation, please notify privacy@contrastsecurity.com
  • If you believe you have discovered a security vulnerability at Contrast or with one of our products or services, please click here: Vulnerability Disclosure and/or email security@contrastsecurity.com

Please note that despite our reasonable efforts, no security measure is ever perfect or impenetrable, so we cannot guarantee the security of your personal information.

How to access, correct, or delete your your personal information in your account

You can access, update, correct or delete your account information and any information in your profile by emailing privacy@contrastsecurity.com. If you would like to access the information that you have submitted through the online application page; wish to request that we update, modify, or delete your information; or if you have any questions about this Privacy Policy, please contact privacy@contrastsecurity.com

Region-specific information

California

This section applies only to individuals who reside in the state of California in the United States (“California residents”). This section applies to personal information collected through Site and in any other way, such as when California residents visit our offices.  

California Notice at Collection: Contrast collects the categories of personal information identified in Section 1, above, for the purposes identified in Section 2, above, and retains personal information for the period described in Section 2: “Data Retention”. We do not, and will not, sell your personal information or disclose it to third parties for cross-context behavioral advertising. We also do not collect or process sensitive personal information for the purpose of inferring characteristics about you. 

Your California Privacy Rights

Subject to applicable exceptions, California residents have the following rights under the amended California Consumer Privacy Act (“CCPA”):

  • Right to Know: You have the right to submit a verifiable request for specific pieces of your personal information obtained from you and for information about Contrast’s collection, use, and disclosure of categories of your personal information.   
  • Right to Delete: You have the right to submit a verifiable request to delete  personal information that Contrast has collected from or about you.
  • Right to Correct: You have the right to submit a verifiable request to correct inaccurate personal information about you maintained by Contrast, taking into account the nature of the personal information and the purposes of processing the personal information.

Non-Discrimination: Contrast will not unlawfully discriminate against you for exercising your privacy rights under the CCPA.  

How to Exercise Your California Privacy Rights

Contrast will respond to requests to know, delete, and correct in accordance with applicable law if it can verify the identity of the requestor.  You can exercise these rights in the following ways:

How We Will Verify Your Request

The processes that we follow to verify your identity when you make a request to know, correct, or delete are described below. The relevant process depends on how and why the request is submitted.

For a general request, such as a request to know how we handle your personal information, we will match at least two information points that you provide against information about you that we already have in our records and that we have determined to be reliable for purposes of verifying your identity.

For an escalated request, such as a request for specific pieces of your personal information, we will match at least three information points that you provide against information that we already have about you in our records and that we have determined to be reliable for purposes of verifying your identity. 

We have implemented the following additional procedures when verifying the identity of requestors:

  1. If we cannot verify your identity based on the processes described above, we may ask you for additional verification information. If we do so, we will not use that information for any purpose other than verification.
  2. If we cannot verify your identity to a sufficient level of certainty to respond to your request, we will let you know promptly and explain why we cannot verify your identity.

Authorized Agent

If an authorized agent submits a request to know, correct, or delete on your behalf, the authorized agent must submit with the request a document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you to follow the applicable process described above for verifying your identity. You can obtain an “Authorized Agent Designation” form by contacting us at privacy@contrastsecurity.com.

European Economic Area, United Kingdom, and Switzerland

The information in this section applies to users in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland (collectively, “Europe”). Individuals in Europe (“European Individuals”) are not required by statute or by contract to provide any personal information to the Site.  

No Automated Decision-Making

Contrast will not use European Individuals’ personal information submitted through the Site for automated decision-making, including profiling, that produces legal effects or similarly significantly affects the European Individual.  

Your Rights

To the extent provided by applicable law and subject to any relevant exceptions, European Individuals  have the following rights:

  • Access:  You have the right to request access to your personal information.

More on the right of access:  European Individuals’ right to access their personal information includes their right to receive a copy of all, or a portion, of their personal information in Contrast’s possession as long as Contrast’s providing the personal information would not adversely affect the rights and freedoms of others.

  • Rectification/Deletion: You have the right to request that Contrast update, correct or delete your personal information, i.e., to rectify personal information that is incomplete or inaccurate or to erase your personal information.
  • Restrict Processing: You have the right to request restriction of processing of your personal information in certain situations, such as while a dispute concerning the accuracy of personal information is being resolved.
  • Data Portability: You have the right to request that Contrast transfer your personal information to a third party. 

More on the right to information portability: Subject to certain limitations, the right to information portability allows you to obtain from Contrast, or to ask Contrast to send to a third party, a copy of your personal information in electronic form that you provided to Contrast in connection with your interactions with Contrast.

  • Objection: You have the right to object to the processing of your personal information.

More on the right to object: You have the right to object when processing of your personal information is based solely on Contrast’s legitimate interests. If you do object in these circumstances, the processing of your personal information will be stopped unless there is an overriding, compelling reason to continue the processing or the processing is necessary to establish, pursue or defend legal claims. 

  • Withdraw Consent: You have the right to withdraw your consent to the processing of your personal information, at any time, where you previously consented to the processing of your personal information.

More on the right to withdraw consent: If Contrast requests your consent to process your personal information and you do consent, you may use the contact information below to withdraw your consent. Any withdrawal shall not affect the lawfulness of processing based on your consent before its withdrawal, and Contrast will continue to retain the personal information that you provided us before you withdrew your consent for as long as allowed or required by applicable law.   

How To Exercise Your Rights

EEA Individuals can exercise these rights by contacting Contrast at privacy@contrastsecurity.com.  Contrast will respond to such requests in accordance with applicable information protection law.  

Right to Lodge a Complaint: If European Individuals believe that their personal information has been processed in violation of applicable information protection law, they have the right to lodge a complaint with the competent supervisory authority in the country where they reside, where they work, or where the alleged violation occurred.

Changes to this policy

Company may change this Privacy Policy from time to time in its sole discretion.  If we make a material change to this Policy, we will inform you by posting a notice on this Site. Those changes will go into effect on the effective date posted in the revised notice. The new policy will apply to all current and past users of the online application page and to all information collected before the date of the change. The new policy will replace any prior policies that are inconsistent. Please check periodically for changes to this Policy, and especially before you provide any personal information to us. If we materially change how we use, disclose or otherwise process your personal information, we will contact you before doing so and obtain your consent before using, disclosing or otherwise processing your personal information other than as described in this Policy. 

Inquiries and complaints

Please direct any questions, request for removal of personal information, and comments or complaints you may have about this Privacy Policy to privacy@contrastsecurity.com or contact our Data Protection Office:

David Lindner
Chief Information Security Officer and Data Protection Officer
6800 Koll Center Parkway
Ste. 235 Pleasanton, California 94566 USA
Phone: 651-334-4873
privacy@contrastsecurity.com