Last updated and effective as of: May 25, 2018
Welcome to Handshake, a career services platform that connects students and employers to democratize the job finding experience, in college and beyond. From the very beginning, our goal has been to design privacy into our platform in a way that respects the rights of students, the obligations of Universities, and the needs of employers. We understand that student data privacy is a hot topic these days so we want to make clear the very basic privacy principles that guide our policies and practices:
We are a career services platform that connects students, schools and employers to democratize the job finding experience in college and beyond.
We collect personal and non-personal data from you when you use our Services. Personal Data is data that includes a personal identifier like your name, email or address, phone number, or is data that could reasonably be linked back to you.
You need to have an account to use Handshake. You can create an account on Handshake as a student seeking a job or career advice or as an employer looking for exciting new talent. You may also create an account as a career center or school employee or as an invited mentor.
Student or Alumni Data: We receive personal data about you when you create a Student or Alumni Account, update your profile, respond to questions or surveys on our website or otherwise use our Site, from our Partner Universities, and from other third party data sources.
From University Partners: Our University Partners share information about their students with us so we can provide them with services that they use to manage their career centers. Each University Partner chooses what it shares, which may include your name, mailing and email address, major, or GPA. Where FERPA applies to data shared by University Partners, it is stored, used and shared in compliance with the statute.
From Employer Reviews: We receive any personal information you choose to include in submitted employer reviews. Handshake collects this information even if the review is not published or made public.
From Third Parties: We may receive additional information about you from other schools, alumni or career counseling organizations, or from other sources.
Usage and Log Data: When you visit the Site, we log and store your IP Address and technical information about your visit like your browser type and how you progressed through the Site, where you abandoned it, etc. (“Usage Data”). We can use your IP address to determine your general location.
Mobile Data: When you use the Handshake mobile app, we collect analytic information about your device, such as IP address, OS version, and clickstream.
Precise Location Data: For a limited set of features, we allow users to opt-in to our collection of precise location data (GPS data). We only use this information to enable these features, such as displaying your precise location on a map at a career fair. We do not share precise location data with third parties, and we do not combine precise location data with personal information for advertising purposes.
Employer Data: When Employers create a Handshake Employer Account, we request contact information, including email address and telephone number, to provide a point of contact for Universities and administrative staff and which is made available on your public profile. We will not use your phone number to send any commercial or marketing messages not related to your use of Handshake Services to you without your express consent.
We use, process and store your Personal Data to provide the Handshake Service and to maximize opportunities to connect you with potential employers. This includes:
We will only share your personal data with third parties under the following circumstances:
Non-personal data is data that itself cannot reasonably be linked back to you or data that is combined with other data in a way that cannot reasonably be linked back to you. We use and share your non-personal, de-identified or aggregated data in a variety of ways to help our Partners and the public understand trends in the job seeking market through analytics reports, statistics and other metrics and guides. For example, to understand:
As a Site visitor, we place a small piece of software referred to as a “session cookie” on your computer. If you use the Services and create an account, we also use this cookie to recognize you on return visits and expedite the login process. You can remove this and other cookies through your browser preferences menu, though the exact method varies depending on the type of browser you use – but note that you won’t be able to log into our service if your cookies are disabled. If you visit from a mobile device, we may reference your device identifier or other information about where your visit originated.
Our email communications contain web beacons or similar technology which track when the email has been opened or read. This functionality sends the resulting records back to our Service, which may be associated with other information you have provided us.
To stop receiving notifications or promotions, please click the unsubscribe link found at the bottom of each email or update your account preferences. For EEA users: We only send marketing communications to users located in the EEA with your prior consent. Please see the section “GDPR: Information For EEA Users” below.
We use industry standard technical, administrative and physical controls to protect your data including encrypting it at rest and as it is transferred from you to Handshake. While we take reasonable precautions against possible security breaches, no website or internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss or other breach will never occur. In the event of a breach, we will take reasonable steps to investigate the situation and, where appropriate, notify affected individuals in accordance with any applicable laws and reulations.
We are currently unable to respond to Do Not Track signals that may be sent by some browsers.
You can choose to deactivate your account so that you are no longer viewable on the Service or you can make your account private. You may also request Handshake delete information about you, however we may be obligated as a service provider to your college or university to retain certain data about you. This means that if they re-send us your data to process on their behalf, we will retain it unless they request we delete it. You can request deactivation or deletion by sending a message to firstname.lastname@example.org or by contacting your University to ask them to delete your information.
The Services may contain links to and from third party websites of our Employer and University Partners or other Handshake Partners. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. We also cannot be responsible for your personal data that you submit to employers using the Services. Please check their individual policies before you submit any information to those websites.
Minors under 16 are not permitted to use our Site without express parental consent to both use the Services and be bound by our Terms of Service and this Policy. We do not intentionally collect information from minors under 13. If you believe we have collected any personal information from a child younger than 13 years of age, please notify us immediately here and we will take reasonable measures to remove that information from our systems.
Handshake provides the ability for employers to pay schools for collateral expenses, such as hosting a booth at a career fair, through the use of a third party payment processor. Handshake does not collect or use any of that payment information. If an employer has any conflicts regarding the method of payment acceptance, they should contact the school. Handshake claims no responsibility or liability for payment transactions.
In compliance with the Privacy Shield Principles, Handshake commits to resolve complaints about your privacy and our collection or use of your personal information pursuant to the Privacy Shield. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Handshake at the contact address below:
Stryder Corp - Handshake
P.O. Box 40770
San Francisco, CA 94140
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through Handshake’s internal processes, Handshake has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here.
In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
The Federal Trade Commission has jurisdiction over Handshake’s compliance with the Privacy Shield.
The Privacy Shield Principles describe Handshake’s accountability for personal data that it subsequently transfers to a third-party agent. Under the Privacy Shield Principles, Handshake shall remain liable if third party agents process the personal information in a manner inconsistent with the Privacy Shield Principles, unless Handshake proves it is not responsible for the event giving rise to the damage.
Note that Handshake may be required to release the personal data of EU and Swiss individuals whose data is pursuant to the Privacy Shield in response to legal requests from public authorities, including to meet national security and law enforcement requirements.
Individuals located in the European Economic Area (EEA) have certain rights in respect of your personal information and Handshake will provide these capabilities to all our worldwide users, including:
As described in this Policy, when Handshake processes your data at the direction of a University Partner, we act as their Processor and comply with requests they send us under GDPR. As a Handshake user:
In some cases, Handshake may process personal information pursuant to a legal obligation or to protect your vital interests or those of another person.
Handshake account holders may exercise their rights regarding their personal information as follows:
Users located within the EEA may contact us at email@example.com with questions or requests regarding their personal information. Please note that Handshake may request additional information from you to verify your identity before we disclose any personal or account information.
VeraSafe has been appointed as Handshakes's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are unable to reach Handshake at firstname.lastname@example.org, VeraSafe can be contacted on matters related to the processing of personal data under GDPR. To make such an inquiry, please contact VeraSafe using this contact form.
Alternatively, VeraSafe can be contacted at:
VeraSafe Czech Republic s.r.o
Prague 1, 11002
VeraSafe Ireland Ltd
Unit 3D North Point House
North Point Business Park
New Mallow Road
If you have any questions about our privacy practices, or if you wish to remove any of your personal information from our records please contact us at either:
Stryder Corp - Handshake
P.O. Box 40770
San Francisco, CA 94140