Here at Payscale, Inc. (“Payscale,” “we,” “our,” or “us”) we care about transparency (especially pay transparency). This Privacy Statement is an integral piece of our commitment to transparency with our visitors and users about the information we collect and how we use that information when you visit our Websites, access or use our products or services, or attend any of our webinars, demonstrations, or events (together, “Services”). For purposes of this Privacy Statement, “Website” collectively refers to payscale.com and other websites or applications that we operate or that link to this Privacy Statement.
Information We Collect
Our main purpose for collecting Personal Data is to provide and improve our Services. We collect Personal Data from you when you use our Services, and from third parties, such as your employer, when they use or support a Service. When we use the term “Personal Data,” it is meant broadly to include any information that identifies or relates to an individual (and, under certain data protection laws, a household). For purposes of clarity, data that has been stripped of identifying information and aggregated does not constitute Personal Data.
We collect Personal Data directly from you when you:
- Sign up for a Payscale account: If you sign up for a Payscale account, we will ask for information relevant to setting up an account, such as your email address and a password. After you create a Payscale account and log into our Services, you are no longer anonymous to us.
- Complete a salary survey: If you complete a salary survey, we will ask for detailed professional and employment-related information, like your education and employment history. We will ask for the schools you’ve attended, skills you’ve obtained, job titles, job locations, and compensation information to provide you with a customized salary report and any other Services you request. Data from your salary survey will be included in our anonymous salary database called Crowdsourced Data.
- Purchase our Services or register to attend our events: If you choose to purchase any of our paid Services or register to attend any of our webinars or events (such as our “Compference”), we will collect personal and commercial information from you necessary to process the purchase or registration, such as your financial information (like your credit card number and billing address), and we will retain a history of your purchases in our records for as long as required to fulfill our legal obligations.
- Request a Demo: If you request a demo from us, you will be asked to provide us your contact information and other relevant information about you and your business, so we can contact you for scheduling and show you the appropriate Service based on your business structure and needs. That information is stored in our internal marketing and customer systems to allow us to manage our relationship with you and market our Services or other third party services.
- Access our Site or Services: We receive and record information about your interactions with our Services, such as your computer information, your IP address, cookie data, the pages you visited, when you last logged in, the pages you viewed, links you clicked, and other actions taken when accessing our Services.
We collect Personal Data about you from third parties when:
- Businesses buy our Services: We may receive information about you from your employer, such as your name, job title, salary history, and other compensation-related information, if your employer has purchased our Services for its business. If your employer is a Payscale customer, you can learn directly from your employer about what information it shares with us, which will vary based on the particular Service used. When you use Payscale Services provided by your employer, Payscale’s processing of your Personal Data in connection with the Services is governed by a contract between Payscale and your employer. Any questions about the processing of your Personal Data – including any attempts to exercise your rights under applicable data protection laws – should be directed to your employer. For more information, please see “What if I purchased a product for my business from Payscale?” under the “Other Important Information” section below.
- You connect third party services or provide information to a third party partner: When you choose to connect third party services or accounts with your Payscale account or our other Services, we may receive information about you from that third party provider. For example, if you choose to connect your LinkedIn, Twitter, or Facebook account to our Services, we will receive your profile information from such account. We may also get your information from other businesses or partners who think you would receive value from our Services. Where you agree to provide your information to a third party displaying content on Payscale’s behalf – for instance, by entering your information into a form – Payscale will also receive your information.
- You are referred a job posting: Payscale has job postings for its company and we have an option that allows your friend or other visitors of our Website to forward you our job posting if they think you might be interested in it. In such instance, we ask for your first and last name and email address to deliver this job referral to you.
How We Use Information
Payscale uses your Personal Data to provide, support, and develop our Services, which includes the following purposes:
- Provide you with Services you requested: We will use the Personal Data you’ve provided to give you access to the Website and Services you or your employer (if they bought a Service from us) have requested, which may include providing aggregate data and average compensation information to generate personalized compensation reports for our users and an anonymous crowdsourced salary database.
- Send you Service communications: Service-related announcements will be sent to you when necessary. For instance, we might send you an email to reset your password or if a Service is temporarily suspended for maintenance.
- Inform you about new Services. We want you to know about new Services, offers, or events that we think you may value. You may receive marketing communications from us about our Services, practical guidance about salaries and careers, or our events. If you sign up for a Payscale account but do not wish to receive any marketing emails from us, you can subscribe or unsubscribe from receiving certain types of emails through the email settings of your Payscale account. You may also opt-out of receiving marketing communications by clicking the unsubscribe link provided in each communication and following the instructions provided.
- Develop Crowdsourced Data: If you choose to complete a salary profile through our Website, the data you input will be used to develop an anonymous and aggregated salary database we call Crowdsourced Data.
- Personalize the content and experience on our Websites and Services: Our Services allow you to stay informed about career advice, jobs, events, courses, and ideas regarding compensation, talent attraction and retention, and other related professional topics. We use the data we have about you (e.g., data we collect from your most recently viewed salary report in your Payscale account), to personalize our Services for you, such as by recommending to you relevant advice and career content, jobs (including, job listings based on job title and location), and courses.
- Comments to posts: If you post a comment, any information submitted may be removed by us at our discretion, but we do not guarantee that any information you choose to post will be removed (visitor comments are not actively monitored). Information you post may be viewed, collected, or used by Payscale (for example, to improve our Services) or other visitors, and could be used to send you unsolicited messages. We are not responsible for the information you or other visitors choose to post on a Website or Service.
- Customer Support: If you send us a request for assistance regarding any Service issues (e.g., bugs), we use your data such as your contact information and the contents of your communications with us to respond, investigate, and resolve the Service issues and improve our Services to prevent the reoccurrence of such issue.
- Non-Identifiable Insights: We use data to generate insights about our Services that do not identify you. For example, we may use your data to generate statistics about how many visitors visited our Website, created salary profiles during a given month, or share a breakdown of the number of salary profiles we possess by location, profession, or industry.
- Other Business Purposes: We may use your Personal Data to operate our Websites and Services (e.g. process payment) or undertake tasks for legitimate business purposes. We will disclose the purpose of our use at the time of data collection.
How We Share Information
We occasionally share Personal Data collected from individuals or their employers with third parties for various business and commercial purposes, such as the following:
- Service providers: We use third party providers, products and services to run our business and to provide you with the Websites and Services. Third parties which process Personal Data (“Sub-processors”) provide us services such as data storage, data analytics, marketing, accounting, and legal services. In the interest of transparency and compliance with applicable data protection laws, Payscale maintains a list of Sub-processors here. If we share information with a service provider, the information shared is limited to what’s relevant to such provider’s service, and such provider’s use of the information must follow our obligations under this Privacy Statement or our agreement with you (if they receive information about you). Additionally, such provider must agree to appropriate confidentiality and data privacy and security obligations in our contracts with them, and we are responsible for such provider’s failure to do so unless we can prove otherwise.
- Partners and joint service offerings. We may share relevant information with our partners (such as sponsors or co-organizers of our events or our referral and resale partners) or other third parties with whom we jointly offer related services, or have integrated their respective services with our Websites and Services (such as our partnership with global consulting firm Mercer).
- Sale of our business: If we sell our assets to or merge with another company or file for bankruptcy, information we receive from you from our Website and Services is a Payscale asset and may be shared and transferred accordingly. If another company buys us or a part of our business, we will have the right to continue to use your data and information in the manner set out in this Privacy Statement unless you agree otherwise.
- Legal disclosures: We reserve the right to disclose your Personal Data and other information solely to the extent required by applicable laws and when we believe disclosure is necessary to protect our rights (including, but not limited to, intellectual property rights) or to comply with our legal obligations, a judicial proceeding, court order, or other legal process.
- Other Payscale users: We share only de-identified information with other Payscale users and our customers. For example, you may see an anonymous profile that includes the job title, years of experience, and salary information of another Payscale user with a similar profile as you.
Your Rights and Obligations
What rights do I have over my account Information and preferences?
By providing us your Personal Data through your use of a Website or certain Services, you consent to:
- use of your Personal Data as described in this Privacy Statement;
- your Personal Data being transferred to the locations listed below and as a part of our Sub-processor list
- the access, use, storage, and other processing of your Personal Data in the locations listed below and in our Sub-processor list; and
- jurisdiction for any data issues shall be settled in the courts located in King County, in the State of Washington, United States of America.
You can edit your Payscale account information and preferences at any time. If your information changes, you may delete, correct, or update it by making the change in your Payscale account settings on your own. We retain the Personal Data you provide while your Payscale account is in existence or as required to provide, operate, and maintain the Website and Services. If you wish to exercise any of your rights under applicable data protection laws you may do so by contacting us at firstname.lastname@example.org.
Please note that if your access to Payscale Services is through your employer, then the processing of your Personal Data in connection with those Services will be governed by a contract between Payscale and your employer, and any corrections or changes will need to go through them. As a result, all inquiries regarding your Personal Data should be directed at your employer. For more information, please see “What if I purchased a product for my business from Payscale?” under the “Other Important Information” section below.
Are you located outside of the United States?
Payscale is located and headquartered in the United States (U.S.), with affiliates located in the UK and Canada and select customer service operations in the Philippines. Our Website is hosted on servers in the U.S. If you are visiting or providing information from a country outside of the U.S. with laws governing data protection, collection, or use that may differ from U.S. laws, note that you are transferring your data to the U.S., which may have different data protection laws.
Are you a California resident?
How do I deactivate my Payscale account?
If you wish to deactivate your Payscale account, you may do so at any time by changing your settings in the My Account page when you’re logged in to your Payscale account. After your Payscale account has been deactivated, you will no longer be able to access your Payscale account, but we will continue to retain certain portions of your data even after you have closed your Payscale account: (a) if reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, or enforce our agreement with you; and (b) to fulfill and maintain your request to “unsubscribe” from further messages from us. After your Payscale account is closed, we may retain de-identified information you have provided such as the information included in our de-identified and aggregated salary database.
Other Important Information
Yes, we do. Cookies and similar technologies help us deliver our Website and Services so that they work correctly and are delivered in a way that is valuable to our visitors and users. Cookies are small text files that are automatically placed on your computer or mobile device when you visit a web site. They are stored by your Internet browser. Cookies contain basic information about your Internet use. Your browser sends these cookies back to a web site every time you revisit it, so it can recognize your computer or mobile device and personalize your experience. To learn about the types of cookies we use and why we use them, go here. If you want to learn more about cookies, or how to control, disable, or delete them, check out www.aboutcookies.org. For Google Analytics Advertising Features, you can opt-out through Google Ads Settings. In addition, there are various popular products that provide privacy plugins such as Ghostery and AdBlock Plus. Note that if you choose to delete or disable any cookies, our Website or Services may not function properly and your access to some parts of our Website or Services may be degraded or restricted.
Does Payscale sell my Personal Data?
Payscale uses, retains, and discloses your Personal Data only as necessary to provide the relevant services or where you have otherwise provided consent for a specific use.
Payscale reserves the right to sell information it collects from individuals or households solely in de-identified and aggregated form. Payscale will never attempt to re-identify any individual or household unless for the very limited purpose of verifying the sufficiency of our de-identification procedures.
Why do I see a message that says, “Data withheld for Privacy”?
When you view a salary report, you may see a message that says, “Data withheld for privacy” (or something like it). This message is not removed until the data in our system meets applicable legal guidelines (such as the Antitrust Safety Zone established by the U.S. Department of Justice and Federal Trade Commission you can learn about here). In order to safeguard the privacy of individuals and corporate customers, data is de-identified and aggregated so as to reduce the risk of reidentification using a number of different methods. These methods include: removal of various combinations of information, presenting an average or aggregate or multiple data points, limiting the base number of employers in any analysis to five or more, and pulling back from a local search to a broader geographic area.
How is my information protected?
We implement and maintain administrative, technical, and physical safeguards to ensure that your data is kept secure and confidential. These safeguards include in part:
- Secure Facilities– The facilities that store your data include multiple layers of physical security, such as 24-hour physical security, identification systems, and CCTV surveillance. All relevant hosting providers have their physical security audited and attested to within their SOC reports, which are reviewed by Payscale on a regular basis.
- Perimeter Security– Our perimeter network infrastructure is protected by multiple levels of security. We use network segmentation, as well as Security Groups, Network Authentication, and Firewalls to restrict and protect our infrastructure.
- Limited Access to Customer Data– Only trained and authorized employees have access to any customer data loaded into our systems. Also, our corporate networks are restricted from accessing sensitive data. We use modern SSL and HTTPS encryption to protect customer data and communications between our customers and our products.
- Prevention of Unauthorized Access – Customers can only access Payscale products by providing an authenticated username and password combination. Only requests coming from an authenticated user on an HTTPS encrypted connection are allowed access to our servers.
Are you SOC certified?
System and Organization Controls (SOC) Reports are independent third-party examination reports that detail the operating effectiveness of internal security controls used to safeguard customer data. These reports help you and your auditors understand the controls we’ve put in place to support operations and compliance.
The Payscale Services MarketPay, Payfactors, Compensation Management, Pay Equity, and Insight Lab have SOC 2 Type II reports. Our SOC 2 reports are confidential and are only shared under a non-disclosure agreement or shared with our existing customers who are subject to confidentiality terms. If you are a Payscale customer and would like to review one of our SOC 2 reports, please contact our customer support team.
What if I purchased a product for my business from Payscale?
We offer various Services for use by businesses to help them manage the compensation of their employees and attract and retain talent. You can learn more about our products for businesses here. If you have purchased a Payscale product and desire additional information about the IT controls or other security measures we have in place, please contact customer support or email email@example.com and include in your message the name of the organization you are contacting us on behalf of and the Payscale product used by such organization so we can provide you the appropriate information.
Our Services for businesses are generally governed by a separate agreement. If there’s a conflict between this Privacy Statement and the terms of that agreement regarding the Service for businesses, the terms of that agreement will control and supersede this Privacy Statement. In general, when a business evaluates, purchases, or subscribes to our Services for businesses, or obtains support for such Services, we collect data and information required to provide and improve the Service, create improved user experiences, and operate our business.
For our customers that use Payscale products or Services involving the processing of Personal Data, we have developed a Data Processing Addendum (“DPA”) that is tailored to our products and includes contractual commitments regarding our compliance with applicable data protection laws, including the GDPR. You can view a copy of our DPA at https://www.payscale.com/content/legal/dpa.pdf.
If you are an existing Payscale customer that does not have our DPA incorporated into your service agreement with us, please email firstname.lastname@example.org to receive a copy of our DPA and include in the message the name of the organization you are contacting us on behalf of and the Payscale product used by such organization.
Do you comply with Privacy Shield?
The U.S. Department of Commerce, with the European Commission and the Swiss government, created the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to provide companies with a mechanism to transfer Personal Data from the EU to the United States in a manner that provides an adequate level of protection under EU data protection laws, however, Payscale does not presently rely on Privacy Shield for compliant transfers of Personal Data outside of the European Economic Area (“EEA”). Payscale continues to retain its commitment to the Privacy Shield Principles and has certified its compliance status with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks to the U.S. Department of Commerce. To learn about our commitment to the Privacy Shield principles, go to www.payscale.com/content/legal/privacyshield.pdf. You can learn more about the Privacy Shield and view our certification here.
Can Payscale make changes to this Privacy Statement?
Yes. Our intent is to continually evaluate and improve this Privacy Statement to ensure it’s easy to understand, aligns with our practices and operations, and complies with applicable laws and regulations that are continually evolving. We reserve the right to modify this Privacy Statement at any time, so please review it regularly. Your continued use of our Website and Services constitutes your agreement to this Privacy Statement and any updates to this Privacy Statement.
Have additional privacy questions?
If you have a privacy question or concern, you can contact us at:
113 Cherry Street, Suite 96140
Seattle, Washington 98104
Attention: Legal Department – Privacy Statement
Thank you for reading our Privacy Statement.