Definitions and interpretation
- Data: Collectively all information that you submit to Athena via the Website. This definition incorporates, where applicable, the definitions provided in the European Union’s 2018 General Data Protection Regulation (GDPR);
- Credit & Debit Card Data: We do not store credit card details on this site nor do we share customer details relating to financial data with any 3rd parties;
- Cookies: A small text file may be placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies);
- Athena Labs LLC., we or us: Athena, owned fully by Athena Labs LLC., 220 Ave Domenech PMB 2000, San Juan, Puerto Rico 00918;
- UK and EU Cookie Law: the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 and the European Union’s 2018 General Data Protection Regulation;
- User or you: any third party that accesses the Website and is not either (i) employed by Athena Labs LLC. and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Athena Labs LLC. and accessing the Website in connection with the provision of such services; and
- Website: the website that you are currently using, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
- the singular includes the plural and vice versa;
- a reference to a person includes firms, companies, government entities, trusts and partnerships;
- “including” is understood to mean “including without limitation”;
- reference to any statutory provision includes any modification or amendment of it;
- When you initially contact us, we may collect information that will be relevant to assessing suitability for our services, including :
- Your contact information;
- Job title and company;
- Nature of the services we can assist you with.
Our use of Data
- For purposes of GDPR, Athena acts as a “data controller”.
- We will retain any Data you submit for as long as Athena deems it necessary to provide adequate service to the User, unless explicitly asked by a User for their Data to be deleted.
- All personal Data is stored securely in accordance with the principles of the European Union’s General Data Protection Regulation.
- Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons:
- internal record keeping;
- improvement of our products / services;
- Offering and providing services to you;
Third party websites and services
- Athena may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. The providers of such services have access to certain personal Data provided by Users of this Website and may be located in various locations throughout the world.
- Additionally, Data can be transmitted to third parties for relevant marketing purposes at the sole discretion of Athena Labs LLC. and only in accordance with the GDPR. All opt-outs will be honored.
Links to other websites
Changes of business ownership and control
- We may also disclose Data to a prospective purchaser of our business or any part of it under strict confidentiality and in compliance with the GDPR.
- In the above instances, we will take steps with the aim of ensuring your privacy is protected and that the GDPR is complied with.
Controlling use of your Data
- Wherever you are required to submit Data, you will be given options to restrict our use of that Data. This may include the following:
- You have the right to ask for a copy of any of your data held by Athena
- You have the right to withdraw consent to process your data necessary to use the services provided by Athena at any time. This, however, does not apply to instances where Athena rely on grounds provided by law, other than consent. Nevertheless, you always have the right to object.
- You have the right for your data to be deleted from the servers and databases of Athena in accordance with the GDPR.
Please note, however, we may be compelled to terminate your Athena product or service where such information is necessary for its delivery. This includes updates on our latest offerings as well as participation in our events, promotions, or other activities.
Functionality of the Website
- To use all features and functions available on the Website, you may be required to submit certain Data.
- A User may revoke consent at any time.
- Data security is of great importance to Athena Labs LLC. and to protect your Data we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure Data collected via this Website.
- If password access is required for certain parts of the Website, you are responsible for keeping this password and/or any of your access credentials confidential.
- We endeavor to do our best to protect your personal Data. However, transmission of information over the internet is not always perfectly secure and is done at your own risk. We cannot ensure the security of your Data transmitted to the Website.
- All Cookies used by this Website are used in accordance with current EU Cookie Law.
- When possible, before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling Athena Labs LLC. to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
- This Website may place the following Cookies:
- Type of Cookie: Strictly necessary cookies
- Purpose: These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
- You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
- It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
- Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
- For any questions or concerns relating to the use of your User Data while using Athena, you are welcome to contact the Athena Labs LLC.’s chosen Data Protection Officer who can be reached by sending an email to firstname.lastname@example.org.
- Every user of Athena has a variety of rights relating to the use of their data while using Athena, including the right to lodge a complaint with a supervisory authority.
ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA (EEA) UNDER GDPR
Athena would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Athena for copies of your personal data. We may charge you a small fee for this service to cover the costs of retrieval.
The right to rectification – You have the right to request that Athena correct any information you believe is inaccurate. You also have the right to request Athena to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Athena erase your personal data, under certain conditions. You may also contact the relevant Shopify store directly to erase your data.
The right to restrict processing – You have the right to request that Athena restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Athena’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Athena transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: email@example.com with the subject line of “GDPR Request”. Emails with any other subject line cannot be guaranteed to be responded to within the same timeframe.
If you are an individual in the EU, you can also contact Jack Baylor, who is based in the Republic of Ireland and has been appointed as Athena’s representative in the EU pursuant to Article 27 of the GDPR on matters related to the processing of personal data activities that take place in the EU. To make such an inquiry, please write to Jack Baylor at 2 Ashton Place, Gardiner’s Hill, Cork, Ireland.
ADDITIONAL INFORMATION FOR RESIDENTS OF CALIFORNIA, VIRGINIA, COLORADO, CONNECTICUT, AND UTAH
California law requires us to provide California residents with certain specific information regarding how we collect, use, and share “personal information” as such term is defined in the California Privacy Rights Act and its implementing regulations (“CPRA”, which amended the California Consumer Privacy Act (known as the “CCPA”)). Following California’s passage of the CCPA, other states have passed similar data privacy laws, including the Virginia Consumer Data Protection Act (“VCDPA”), effective January 1, 2023; the Colorado Privacy Act (“CPA”), effective July 1,2023; the Connecticut Data Privacy Act (“CDPA”), effective July 1, 2023; and the Utah Consumer Privacy Act (“UCPA”), effective December 31, 2023.
For clarity and ease of reference, we may refer to CPRA, VCDPA, CPA, CDPA, and UCPA collectively as “State Data Privacy Laws”. In the event that one or more State Data Privacy Laws offers more or enhanced rights, privacy, or protections than the State Data Privacy Law applicable to you, we will endeavor to provide you with those additional and/or enhanced rights, privacy, or protection, though we may not be legally obligated to do so.
Sale of Information
California “Shine the Light” Disclosure
The California “Shine the Light” law (Cal. Civ. Code §1798.83) gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the “Shine the Light” law) with third parties for their direct marketing purposes. Athena does not share your personal information (as defined in the “Shine the Light” law) with third parties for their own direct marketing purposes.
“Sensitive” Personal Information
Athena may collect, on its own account and/or on behalf of Customers, Personal Information that may be classified as “sensitive” under certain State Data Privacy laws and other privacy laws. Personal Information that is classified as “sensitive” may be supplied as part of a job application or to facilitate consented to background checks, credential verification and/or other reporting, provided by a third-party to supplement information provided by you, or provided by various service providers, such as benefits providers or insurers and may include one or more of your:
· social security, driver’s license, state identification card, or passport number.
· account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
· precise geolocation.
· racial or ethnic origin, religious or philosophical beliefs, or union membership.
· contents of mail, email, and text messages (sent through our Platform between you and the business with whom you are applying, for example).
· Information concerning health, sexual orientation, or sex life (in connection with applying for and receiving health, fertility or other benefits available from an employer, for example).
How We Source, Use, Disclose and Retain Personal Information for Business Purposes
The chart below details the categories of Personal Information we collect from potential customers using the website, the sources of such Personal Information, and how we use, share and retain such information for Athena’s business purposes.
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA's scope, such as:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from our clients or their agents. For example, from your signing up on our website or our client's website
- Indirectly from our clients or their agents. For example, through information we collect from our clients in the course of providing services to them.
- Directly and indirectly from activity on our website or those of our clients. For example, from entries through our website portal or website usage details collected automatically.
- From third-parties that interact with us in connection with the services we perform.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason for which the information is provided.
- To provide you with information, products or services that you request from us.
- To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
- To improve our website and present its contents to you.
- For testing, research, analysis and product development.
- As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CPRA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
We disclose your personal information for a business purpose to the following categories of third parties:
- Our affiliates.
- Service providers.
- Third parties to whom you or your agents authorize us to disclose your personal information in connection with the products or services we provide to you.
In the preceding twelve (12) months, we have not sold any personal information.
Privacy Rights for Residents of California, Virginia, Connecticut, Colorado, Utah, and Residents subject to other State Data Privacy Laws.
If you are a resident of California, Virginia, Connecticut, Colorado, or Utah, applicable State Data Privacy Laws require us to provide you with some additional information about your rights with respect to your “personal information” (as defined in CPRA and similar State Data Privacy Laws). Specifically, CPRA, provides you with the right to:
o know what personal information we collected about you during certain periods, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we collected about you;
o delete personal information that we collected from you, subject to certain exceptions;
o correct inaccurate personal information that we maintain about you;
o opt-out of the sale or sharing of your personal information, to the extent we sell or share your personal information;
o limit the use or disclosure of sensitive personal information, to the extent we use such personal information beyond certain express uses, such as in furtherance of providing you our Platform and Services and ensuring their security and integrity;
o receive non-discriminatory treatment for the exercise of privacy rights conferred by CPRA, including an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their rights described above or otherwise provided in CPRA.
One or more of the above rights may be available, in the same or substantially the same form, under one or more of the other State Data Privacy Laws in effect from time to time. Athena respects the privacy of its candidates, its current and former employees, its Customers and their Applicants, and other users of the Platform and Services and will endeavor to honor the above requests regardless of state of residency.
If you would like further information regarding your legal rights under CPRA or any other State Data Privacy Law or would like to exercise any of the rights available under such laws, please contact us at firstname.lastname@example.org.
We will honor the requests described above and otherwise available to you under applicable Data Privacy Laws, but these rights do not always apply, and exemptions exist that may be relied upon in denying or only partially fulfilling your request. We will usually, in response to a request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we do not comply with your request, we will explain why. With regard to Customer Records, Applicants should direct requests to exercise applicable rights to the Customer on whose behalf we handle the subject Personal Information. If we receive a request from an Applicant directly in relation to Customer Records, we may refer that request to the appropriate Customer(s) and await each such entity’s instructions on how to process the request.
Requests Submitted by Authorized Representatives.
You may submit a request through someone holding a valid Power of Attorney or an authorized agent acting on your behalf. Authorized agents must have, and provide us with, written permission to make a request on your behalf and must provide necessary information to verify your own identity directly with us. We will require any purported authorized agent to submit proof of authorization to make requests on your behalf.
2. ADDITIONAL INFORMATION FOR NEVADA RESIDENTS
Under Nevada law, certain Nevada residents may opt out of the “sale” of “covered information” (as such term is defined under Nevada law) for monetary consideration to a person for that person to license or sell such information to additional persons. “Covered information” includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online.
We do not engage in such activity; however, if you are a Nevada resident who has purchased or leased goods or services from us, you may submit a request to opt out of the sale of your covered information under Nevada law by emailing us at email@example.com. Please note we will take reasonable steps to verify your identity and the authenticity of the request.
3. ADDITIONAL INFORMATION FOR NON-U.S. RESIDENTS
Athena only collects, processes, stores, and retains as much Personal Information as needed for the specific, identified purposes described in this Policy and/or our respective Customer’s privacy policies that may be applicable to your use of our Services. Athena will not use your Personal Information in any way that is incompatible with the specific, identified purposes described in this Policy.
Personal Data Transfers Outside of the EEA, the UK, Philippines and Singapore
Athena operates globally and, to facilitate our global operations, we may transfer your Personal Information to, and store, process, and/or access your personal information in accordance with applicable law from, the various global locations in which Athena and/or its personnel operate. This includes the United States. Non-EEA countries may not offer the same level of personal data protection as EEA countries.
If you are located in the EEA, UK, Singapore or other regions with Data Privacy Laws governing data collection and use that may differ from United States Data Privacy Law, please note that we will transfer information, including Personal Information, to a country and jurisdiction that does not have the same Data Privacy Laws and related rights and protections as your jurisdiction, and you consent to the transfer of information to the United States or any other country in which Athena, its subprocessors and/or other service providers maintain facilities and the use and disclosure of information about you as described in this Policy. Please refer to our Subprocessor disclosure for more information.
When your Personal Information is transferred outside the EEA, we will put in place adequate safeguards to ensure that such transfer is carried out in compliance with applicable data protection rules. An adequate level of protection for your Personal Information and other data may be accomplished using various means, including, where appropriate:
o notwithstanding the decision of the Court of Justice of the European Union in Case C-311/18, adhering to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce;
o relying on a formal decision by the European Commission that a certain country ensures an adequate level of protection for personal data (a full list of such decisions may be accessed online here:
o entering into appropriate data transfer agreements based on language approved by the European Commission, such as the Standard Contractual Clauses (2021/915/EU, 2010/87/EC and/or 2004/915/EC), or the ICO and UK Parliament, such as the international data transfer agreement (IDTA) and the international data transfer addendum to the European Commission’s standard contractual clauses for international data transfers (Addendum), which are each available upon request at firstname.lastname@example.org;
o implementing appropriate physical, technical and organizational security measures to protect personal information against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing;
o taking other measures to provide an adequate level of data protection in accordance with applicable law.
BY CHOOSING TO USE THE PLATFORM OR ANY OF OUR SERVICES, YOU EXPRESSLY AGREE THAT ANY DISPUTE OVER PRIVACY OR THE TERMS CONTAINED IN THIS POLICY WILL BE GOVERNED BY THE LAWS OF THE STATE OF CALIFORNIA WITHOUT REGARDS TO ITS CONFLICT OF LAWS PRINCIPLES, AND THE ADJUDICATION OF ANY DISPUTES ARISING IN CONNECTION WITH ATHENA OR ITS SERVICES WILL BE IN ACCORDANCE WITH THIS POLICY AND ATHENA’S TERMS OF SERVICE .
Rights of Access, Portability, Rectification, Erasure, Withdrawal, and Restriction/Limitation.
You may have the right to inquire as to whether Athena is processing Personal Information about you, request access to that Personal Information, request your information in a portable format, restrict or limit certain processing, and ask that we correct, amend, or delete your Personal Information where it is inaccurate. You may also have the right to withdraw your consent where we previously obtained your consent for certain processing/uses without this withdrawal affecting the lawfulness of any processing that took place prior to the effectiveness of your withdrawal.
You can exercise such rights by accessing, removing, supplementing, and/or correcting the relevant information in your account, submitting a request by emailing email@example.com. Note that in some cases we may not be able to erase your Personal Information, in which case we will let you know if we are unable to do so and why.
Accessing and Modifying Your Personal Information.
If at any time you believe that an item of Personal Information about you is inaccurate and it cannot be updated through account settings, please contact us as described above as soon as possible with a description of the inaccuracy and the desired correction. We are committed to helping to maintain the accuracy and integrity of Personal Information we hold about you and endeavor to respond to rectification requests in a reasonable timeframe. Note that we may not be able to modify your information in all circumstances. For example, information we collect in the course of providing the Services is shared with a Customer and we do not control that information once it has been shared with the Customer.
Exercise of Rights Generally.
We will honor the requests described above and otherwise available to you under applicable Data Privacy Laws, but these rights do not always apply, and exemptions exist that may be relied upon in denying or only partially fulfilling your request. We will usually, in response to a request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we do not comply with your request, we will explain why.
If you are not satisfied with our response to any of your requests, you have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen. The contact details of each Data Protection Authority can be found at the following website:
Athena does not knowingly collect, process, maintain or solicit any data, Personal Information, or other information from anyone under the age of 16 or knowingly direct the Services to such persons or otherwise knowingly allow such persons to use the Services. Any individuals under the age of 18 must have consent from their parent or legal guardian to provide Personal Information to Athena or otherwise use the Services from their parent or guardian. If we learn that we have collected Personal Information or other data from a child under age 16, we will delete all such information promptly upon becoming aware of the same. If you believe that we might have any information from a child, please contact us as described below .
CHANGES TO THIS POLICY
This Policy was last updated Feb 14th 2023
If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Email: firstname.lastname@example.org with the subject line of “PRIVACY Request”
- Data Protection Officer,
- Athena Labs LLC,
- 220 Ave Domenech PMB 2000,
- San Juan, Puerto Rico 00918