APPVAULT, LLC

Privacy Policy

Effective Date: 2/27/2026                                              Last Updated: 2/27/2026

 

1. ABOUT US

This Privacy Policy applies to www.appvault.com owned and operated by AppVault, LLC (“AppVault,” “we,” “us,” or “our”).

This Privacy Policy describes how AppVault collects, receives, uses, stores, shares, transfers, retains, and processes personal information provided on our website and through our applicant management platform.

AppVault acts primarily as a Data Processor (under GDPR) and a Service Provider (under CCPA/CPRA) when processing information on behalf of its clients for employment decision-making purposes. The client company to which you apply is the Data Controller (GDPR) or Business (CCPA) responsible for determining how your information is used.

For questions about this Policy, you may contact:

AppVault, LLC
1 Ravinia Drive, Suite 1425
Atlanta, GA 30346
Email: [email protected]
Phone: 678-507-2820

 

2. INFORMATION COLLECTION AND USE

AppVault acts as an information collection and distribution system to allow our clients to make employment decisions.

Information is collected:

  • When you complete an employment application containing the “powered by AppVault” logo
  • When you email your resume to an AppVault domain
  • When you fax your resume to a number owned or controlled by AppVault

The primary purpose of collection is to support hiring decisions made by our clients.

AppVault does not use your personal information for purposes other than those described in this Policy, except as required by law.

 

3. CATEGORIES OF PERSONAL INFORMATION COLLECTED

We may collect and maintain:

Identifiers

  • First and last name
  • Physical contact information
  • Online contact information
  • IP address

Professional Information

  • Job title
  • Employer name
  • Resume content

Demographic Data

  • Demographic information voluntarily provided

Government-Issued Identifiers

  • Government-issued identifiers where required for hiring processes

Internet or Network Activity Information

  • Browser type
  • ISP
  • Referring/exit pages
  • Date/time stamp
  • Clickstream data

 

4. PURPOSES OF PROCESSING

Personal information is used for:

  • Hiring decisions
  • Communicating application status
  • Requesting additional hiring information
  • Background investigations (with opt-in consent)
  • Website administration
  • Research and development
  • System security

Under GDPR, lawful bases include performance of a contract, legitimate interests, legal obligations, and consent where applicable.

 

5. CALIFORNIA NOTICE AT COLLECTION

For California residents:

At or before the point of collection, we provide notice that:

  • We collect the categories of personal information described in Section 3 for the purposes described in Section 4.
  • We do not sell personal information.
  • We do not share personal information for cross-context behavioral advertising.
  • Sensitive personal information, if collected, is used only for permitted purposes under CPRA.
  • Retention periods are described in Section 10.
  • California residents may exercise rights described in Section 8.

 

6. SHARING AND DISCLOSURE

Personal information is accessible only to:

  • Authorized recruiters, managers, or administrators of the client
  • AppVault technical and support personnel
  • Service providers assisting AppVault (e.g., customer service providers)

Clients may export information from our system. Once exported, the client is responsible for safeguarding such data.

AppVault does not sell, rent, or trade personal information.

We may disclose personal information as required by law, court order, or legal process.

 

7. AGGREGATE INFORMATION

We may share aggregated, non-personally identifiable information including:

  • Number of applicants
  • Average application scores
  • Hiring status metrics
  • Recruiter performance metrics

Aggregate data does not identify individuals.

 

8. YOUR PRIVACY RIGHTS

Depending on jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent
  • Opt-out of marketing communications
  • Request data portability
  • Not be discriminated against for exercising rights

Requests may be submitted to [email protected] or via mail or phone listed above.

We respond within legally required timeframes:

  • 30 days (GDPR and Canada)
  • 45 days (CCPA, extendable where permitted)

Where AppVault acts as Processor, requests may be directed to the client (Data Controller/Business).

 

9. RETENTION

We retain personal information:

  • As long as your account is active
  • As needed to provide services
  • To comply with legal obligations
  • To resolve disputes
  • To enforce agreements

Retention periods may vary based on client contractual requirements and legal obligations.

 

10. INTERNATIONAL DATA TRANSFERS

Personal information may be processed in the United States.

Where data is transferred from the EU, UK, or Canada, appropriate safeguards are implemented in accordance with applicable law, including contractual safeguards where required.

 

11. TRACKING TECHNOLOGIES

We use cookies and similar technologies for:

  • Authentication
  • User preferences
  • Analytics
  • Advertising (Remarketing with Google Analytics and DoubleClick)

Users may:

  • Adjust browser settings
  • Opt out of remarketing via provided links
  • Exercise opt-out rights as required by law

Where required (e.g., EU), consent mechanisms apply.

 

12. SECURITY

We implement industry-standard safeguards including:

  • SSL/TLS encryption (Cloudflare certificates)
  • Secure transmission protocols
  • Access controls
  • Confidentiality obligations for personnel

No transmission method is 100% secure.

 

13. DATA BREACH

In the event of a data breach, AppVault will:

  • Notify affected clients
  • Comply with applicable breach notification laws
  • Cooperate with regulatory requirements

 

14. LINKS TO OTHER SITES

We are not responsible for privacy practices of third-party websites linked from our site.

 

15. SOCIAL MEDIA FEATURES

Social media widgets may collect IP address and usage data. Such features are governed by the privacy policies of the third-party providers.

 

16. BUSINESS TRANSITIONS

In the event of merger, acquisition, or asset sale, personal information may be transferred subject to applicable safeguards. Notice will be provided.

 

17. CHANGES TO THIS POLICY

Material changes will be posted on our website and, where required, communicated via email or prominent notice.

 

18. CONTACT INFORMATION

Casey Brown
Chief Technology & Privacy Officer
Phone: 678-507-2820
Fax: 678-507-2835
Email: [email protected]
Mail: 1 Ravinia Drive, Suite 1425, Atlanta, GA 30346

 

19. DATA PROTECTION OFFICER

Casey Brown
Chief Technology & Privacy Officer
Phone: 678-507-2820
Fax: 678-507-2835
Email: [email protected]
Mail: 1 Ravinia Drive, Suite 1425, Atlanta, GA 30346