Data Privacy Statement (North America)

GLOBAL PRIVACY NOTICE

Company: clickworker.com, Inc.
Effective Date:12th March, 2026
Last Updated:12th March, 2026

1. Introduction

This Privacy Notice explains how clickworker.com, Inc. (“clickworker,” “we,” “us,” or “our”) collects, uses, stores, transfers, and protects personal data relating to individuals who access our platforms. This includes contributors (“clickworkers”), clients, applicants, and website visitors.

We take privacy and data protection seriously. The purpose of this Notice is to ensure transparency regarding our processing practices and to comply with applicable data protection laws across North America (USA, Canada, Mexico) and globally.

2. Corporate Structure, Hosting, and Roles

Clickworker.com, Inc. and clickworker Germany GmbH are subsidiaries of LXT AI, Inc. registered at 4312 Village Centre Court, Mississauga ON L4Z 1S2, Canada.

To provide our services securely and efficiently, clickworker operates through an international corporate structure consisting primarily of clickworker.com, Inc. (United States) and clickworker GmbH (Germany).

Joint Data Controllers

clickworker.com, Inc.
2 Park Avenue, 20th Floor
New York, NY 10016 USA

clickworker Germany GmbH
Theodor-Althoff-Straße 41
45133 Essen, Germany

Both entities jointly determine the purposes and means of processing personal data in connection with the operation of the platform and therefore act as joint controllers where applicable under relevant data protection laws, including Article 26 GDPR.

The clickworker platform is technically hosted, maintained, and supported by clickworker Germany GmbH in Germany on behalf of the joint controller arrangement. Internal agreements govern the allocation of responsibilities for compliance obligations and data subject rights handling.

Hosting Location: Your data will be stored and processed on our servers located at OVH in France, as well as on Amazon AWS servers and storage located in Germany and Ireland.

What this means for you:
As we operate globally, personal data collected from users in the United States, Canada, and Mexico is securely transferred to and stored on servers located in the European Union. Such transfers are performed in accordance with applicable legal safeguards, including approved contractual mechanisms and appropriate technical and organizational protections.

3. Scope of This Notice

This Privacy Notice applies whenever we collect and process personal data relating to:

  • Platform Users and Independent Contractors (clickworkers)
  • Clients and Vendors
  • Job Applicants
  • Website Visitors

It covers interactions with our websites, mobile applications, communications, surveys, and support channels.

4. Categories of Personal Data We Collect

We collect personal data directly from you, automatically through your device or upon usage of our services, and, where legally permitted, from third-party sources.

Personal data collected and processed may include:

  • Identifiers such as name, postal address, email address, IP address, account name, Social Security number, tax identification number, or comparable identifiers required for payment or regulatory compliance.
  • Demographic Information such as age, gender, nationality, and primary language, where voluntarily provided or where strictly required for participation in a specific task.
  • Professional or Employment Data including resumes, work history, qualifications, and certifications.
  • Financial Information such as payment account details, transaction identifiers, and payment processor information necessary to process compensation or payments.
  • Work Product Data consisting of materials submitted during task completion, including text, images, audio recordings, or video recordings.
  • Technical Data such as browser type, device type, operating system, interaction logs, authentication records, timestamps, and access logs.
  • Sensitive Personal Data may be processed where required for specific tasks. Such data may include biometric identifiers (for example facial geometry or voice characteristics), precise geolocation, or government identifiers. Where required by applicable law, such processing occurs only after explicit consent has been obtained and appropriate safeguards have been implemented.

5. Purposes of Processing

We process personal data only where permitted by law and where a valid legal basis applies. Depending on the context, processing may be based on contractual necessity, legitimate interests, legal obligations, and consent.

We process personal data for purposes including:

  • Performance of Contract: To provide platform access, match you with projects, process payments, and manage your account.
  • Legitimate Interests: To prevent fraud, ensure platform security, verify identity, and improve our AI models (including fraud detection).
  • Provided Project specific Consent: For project specific tasks involving sensitive data (e.g., facial or voice recordings) or optional marketing communications.
  • Legal Obligations: To comply with tax reporting, anti-money laundering (AML) laws, data privacy regulations, and to defend legal claims.

Where processing is based on legitimate interests, we assess such interests against individuals’ rights and freedoms and implement safeguards designed to ensure fairness and proportionality.

6. Automated Processing and Profiling

We use automated tools to analyze activity patterns in order to detect fraud, maintain platform security, verify account integrity, and match users with appropriate projects. These systems evaluate indicators such as usage behavior, device consistency, login patterns, and historical task performance.

Such automated processing does not produce legal or similarly significant effects without meaningful human involvement. Individuals may request human review of automated decisions, obtain additional information about the logic involved, or contest outcomes by contacting us.

7. Disclosure of Personal Data

We do not sell personal data or user profiles to third parties. We disclose personal data only where necessary for legitimate business or legal purposes and only to recipients subject to confidentiality and data protection agreement.

Recipients may include:

  • Service providers and subprocessors supporting platform infrastructure, hosting, payments, identity verification, analytics, communications, or internal support functions
  • Clients who receive work product submitted as part of task performance together with related metadata required for service delivery
  • Legal or regulatory authorities where disclosure is required by applicable law or valid legal process
  • Professional advisors, auditors, or consultants subject to confidentiality obligations

8. Data Retention

We retain personal data only as long as necessary to fulfill contractual obligations, comply with legal requirements, resolve disputes, enforce agreements, and maintain platform integrity.

  • Account Data: Termination or permanent suspension of account + 40 days, except for data required to be retained longer as below.
  • Work Submissions & Ratings: Duration of customer contract or project completion + 3 years.
  • Payment & Tax Records: 7–10 years (as legally required).
  • System/Security Logs: 12–36 months.
  • Recruitment Data: 6 months unless hired.

After expiration, data is securely deleted, anonymized, or aggregated.

9. International Data Transfers

Due to our international operations, personal data is transferred to and processed in countries other than the country in which it was originally collected.

Where such transfers occur, we ensure appropriate safeguards are implemented, which may include approved Standard Contractual Clauses, transfer impact assessments, encryption measures, access restrictions, and other legally recognized safeguards designed to ensure an equivalent level of protection.

10. Data Security

We maintain administrative, technical, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These safeguards include encryption, access controls, monitoring, logging, network protections, employee confidentiality obligations, incident response procedures, and business continuity programs.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to ensure platform functionality, maintain security, analyze usage, and improve services. Where required by law, non-essential cookies are deployed only with user consent. Users may modify cookie preferences at any time through available settings.

12. Children’s Privacy

Our platform is intended for individuals aged eighteen or older. We do not knowingly collect or process personal data relating to minors. If we become aware that personal data of a minor has been processed inadvertently, we take appropriate action to delete such information promptly.

13. Your Privacy Rights

Depending on your jurisdiction, data subjects have rights relating to their personal data, including rights of access, correction, deletion, restriction, objection, portability, withdrawal of consent, and rights relating to automated decision-making.

Requests may be submitted to [email protected]. We may request verification of identity before responding to requests in order to protect personal data.

If you believe that the processing of your data violates data protection regulations, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

Appendix A – Jurisdiction-Specific Privacy Notices

1. United States Privacy Addendum (Federal & State Laws)

This section applies to residents of U.S. states that have enacted comprehensive data privacy laws, including but not limited to New York, California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and Montana.

A. Notice of Collection and Processing

We collect the categories of personal information listed in Section 4 for the business and commercial purposes described in Section 5.

B. Selling and Sharing of Personal Information

  • No Sale of Data: We do not sell your personal information for monetary compensation.
  • No Cross-Context Behavioral Advertising: We do not share personal data for cross-context behavioral advertising.

C. Sensitive Data and Biometrics

Certain tasks on the platform may require the collection of sensitive personal data such as biometric identifiers or precise geolocation. Where required by law we obtain explicit consent before processing such data.

D. Your State Privacy Rights

  • Right to Access / Know
  • Right to Correction
  • Right to Deletion
  • Right to Opt-Out of Profiling
  • Right to Non-Discrimination

2. Canada Privacy Addendum

For Canadian residents, data processing complies with PIPEDA and applicable provincial laws including Quebec’s Law 25.

  • Consent: By using our platform, you consent to cross-border transfer of data.
  • Your Rights: You may access your data, request corrections, and withdraw consent.
  • Privacy Officer: Inquiries may be directed to [email protected].

3. Mexico Privacy Addendum

For residents of Mexico, processing complies with the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP).

  • ARCO Rights: Access, Rectification, Cancellation, and Opposition.
  • Requests: Send requests to [email protected].

14. Changes to This Notice

We may update this Privacy Notice periodically to reflect changes in our practices or legal requirements. Material changes will be communicated via email or a notice on our platform.

15. Contact Us

Data Privacy Team
clickworker.com, Inc.
2 Park Avenue, 20th Floor
New York, NY 10016 USA
Email: [email protected]