ParallelStaff Privacy Policy

Last update: 05/23/2024

1. Who we are

Parallel Plus, Inc. DBA ParallelStaff (“ParallelStaff”, “we”, “us”) provides software development and technology staffing services. This Privacy Policy explains how we collect, use, share, retain, and protect personal data when:
  • you visit or interact with parallelstaff.com or related pages that link to this Policy (the “Site”);
  • you contact us, download content, or subscribe to our communications;
  • you are a prospective or existing customer, vendor, or business partner;
  • you are a candidate applying for roles with us or through us.
Where we act on behalf of a customer (for example, by accessing systems they control), we process personal data in line with our contract with that customer. In those cases, the customer’s privacy notice will apply and this Policy is secondary.

2. Contact details

If you have questions about this Policy or our handling of personal data, you can contact us at:
  • Email: support@parallelstaff.com
  • Postal address: ParallelStaff 17304 Preston Rd, Suite 800 Dallas, TX 75252 USA
If required by law in your jurisdiction, you may also have the right to lodge a complaint with your local data protection authority.

3. Personal data we collect

We may collect the following categories of personal data, depending on how you interact with us:
  1. Contact & business details
    • Name, job title, company, business email, phone number, country, and similar identifiers.
  2. Account and communications data
    • Messages you send via forms, email, chat, or phone; support requests; notes about meetings or calls; newsletter subscriptions; marketing preferences.
  3. Candidate data
    • CV/résumé, employment history, skills and qualifications, references, salary expectations, work eligibility, interview notes, and assessment results.
  4. Commercial & contractual data
    • Contract documents, order and billing information, payment details processed via our payment providers, and records of services delivered.
  5. Usage and technical data
    • IP address, device and browser type, operating system, pages viewed, time and date of visits, referring URLs, and similar analytics data collected via cookies and similar technologies.
  6. Content you provide
    • If our Site allows comments or uploads, any information or media you choose to submit (for example, text, images, or attachments).
We may combine personal data collected from you with information we receive from public sources, social media, or business partners (for example, where a partner introduces you to us).

4. How we use personal data

We use personal data for the following purposes:
  1. Providing and improving our services
    • Responding to enquiries, setting up and managing customer accounts, delivering projects, providing customer support, managing contracts and payments.
  2. Recruitment and staffing
    • Reviewing applications, evaluating candidates, arranging interviews, presenting candidate profiles to customers (with appropriate consent), and onboarding and managing assignments.
  3. Operating and securing our Site
    • Running and improving the Site; measuring engagement; detecting and preventing fraud, abuse, or security incidents.
  4. Marketing and relationship management
    • Sending relevant communications about our services, events, reports, and case studies; personalizing content; managing opt‑in/opt‑out preferences.
  5. Legal, compliance, and risk management
    • Complying with legal obligations; responding to lawful requests from authorities; enforcing contracts; protecting our rights, users, customers, and staff.
Where required by law (for example, in the EEA/UK), we rely on lawful bases such as performance of a contract, legitimate interests, consent (for specific marketing or cookies), or compliance with legal obligations.

5. Cookies and similar technologies

We use cookies and similar technologies to:
  • make the Site work (e.g., session management, security);
  • remember your preferences;
  • understand how visitors use our Site (analytics);
  • support our marketing efforts.
You can manage your cookie preferences through your browser settings and, where available, our on‑site Cookie Settings tool. If you block certain cookies, parts of the Site may not function properly.

6. How we share personal data

We do not sell personal data in the sense of “selling” under applicable privacy laws such as the CCPA. We may share personal data with:
  1. Service providers
    • Hosting, cloud infrastructure, CRM, applicant tracking, communications, analytics, payment, and security providers who process data on our behalf under contractual confidentiality and security obligations.
  2. Customers and candidates
    • If you are a candidate, we may share your profile with prospective or existing customers for relevant roles, with your knowledge and in line with local law.
  3. Professional advisers
    • Lawyers, accountants, auditors, and similar professionals are under confidentiality obligations.
  4. Corporate transactions
    • In connection with a merger, acquisition, financing, or sale of all or part of our business, subject to appropriate safeguards.
  5. Legal and safety requirements
    • Where we are required to do so by law or reasonably believe it is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

7. International data transfers

We are headquartered in the United States and work with talent and customers in multiple countries. This means your personal data may be processed in countries with data protection laws that differ from those in your country of residence. Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses approved by the European Commission or other mechanisms recognized by applicable law.

8. How we protect personal data (including access control)

We use a combination of technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:
  • secure infrastructure and encryption in transit and at rest where appropriate;
  • secure development and change management practices;
  • role‑based access controls and the principle of least privilege;
  • employee confidentiality obligations and regular security and privacy training.
Access to systems containing customer or candidate personal data is strictly limited to authorized personnel and is granted only where needed for their job duties.
  • New access is requested through our internal access request process, requires manager approval, and is recorded in our ticketing/identity management system.
  • Access is reviewed periodically and revoked when no longer required (for example, when a role changes or an engagement ends).
These commitments support internal controls for customer account access requests and access approvals.

9. Data retention and automatic deletion

We keep personal data only for as long as necessary for the purposes described in this Policy, plus any additional period required or permitted by law (for example, for tax, accounting, or legal defense). Where technically feasible, we configure our core systems (such as CRM, applicant tracking, logging, and file storage) to automatically delete, archive, or anonymize personal data once the applicable retention period expires. Backups are retained for limited periods and securely overwritten or destroyed in accordance with our backup and disaster‑recovery procedures. You may also request deletion of your personal data at any time; see Section 11. These statements are important for demonstrating that data is auto‑deleted when the retention period expires.

10. Your privacy rights

Depending on your location and applicable law, you may have some or all of the following rights:
  • Access: to know whether we process your personal data and to receive a copy.
  • Rectification: to request correction of inaccurate or incomplete data.
  • Erasure (“right to be forgotten” / deletion): to request deletion of your personal data in certain circumstances, for example, where it is no longer necessary for the purposes for which it was collected.
  • Restriction: to ask us to limit processing in certain situations.
  • Objection: to object to certain processing (for example, direct marketing).
  • Portability: to receive personal data you provided in a structured, commonly used format and to request that we transmit it to another controller where technically feasible.
  • Withdraw consent: where processing is based on consent, to withdraw that consent at any time (without affecting prior processing).
Additional rights for certain jurisdictions
  • EEA/UK individuals have specific rights under the GDPR, including the rights listed above and the right to lodge a complaint with a supervisory authority.
  • California residents have additional rights under the California Consumer Privacy Act (CCPA/CPRA), including the right to know, delete, correct, and opt out of certain processing, as well as the right not to be discriminated against for exercising these rights.
We will not discriminate against you for exercising your privacy rights.

11. How to exercise your rights (access & deletion requests)

You can submit a privacy request (including a request for access, export, or deletion of your personal data) by:
  • Emailing support@parallelstaff.com; or
  • Write to us at the postal address in Section 2.
To help us respond efficiently, please:
  1. State that your request is a “Privacy Request” and indicate which right(s) you wish to exercise (e.g., access, deletion, correction).
  2. Provide enough information for us to verify your identity and, where relevant, to identify the records concerned (e.g., email address you used with us, role as a candidate/customer/vendor).
  3. If you are acting on behalf of someone else, provide proof of your authority to do so where required by law.
How we handle requests
  • We log all privacy requests in our internal tracking system, including the date, requester, request type (access/deletion/etc), systems impacted, and resolution.
  • We verify your identity to protect your data.
  • We respond within the time period required by applicable law (for example, one month under GDPR and 45 days under the CCPA, with the possibility of extension where permitted).
  • When we approve a deletion request, we delete or irreversibly anonymize personal data we control and instruct our service providers to do the same, subject to any legal retention obligations.

12. Children’s privacy

Our services and Site are intended for business users and are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us, and we will take appropriate steps to delete it.

13. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date at the top. If changes are material, we may provide additional notice (for example, by email or a banner on the Site).