Employee and User Privacy Policy

BES, Inc

Effective Date: August 27, 2020

Your privacy is important to us, and we’re committed to the protection of your privacy. This Privacy Policy describes what Personal Data (as we describe further below) our company (as listed above) as well as any of our subsidiaries, affiliates, and related entities (together, the “Company”) collects about you.  This policy applies to BES clients, providers, partners, business associates, advisors, prospects and their respective employees, representatives and agents, from applicants for employment and from members of the general public.

This Privacy Policy covers what Personal Data we collect about you, how the Personal Data will be used and shared (if at all), how the Personal Data will be stored, and your rights in relation to the collection of your Personal Data during, before, or after your employment with the Company. It also describes how you can access, modify, and if needed, request deletion of your Personal Data. This Privacy Policy also covers how your Personal Data is handled by our third-party data processors.


Article 1 – DEFINITIONS:

APPLICABLE COMPANY: This Privacy Policy is applicable to the Company listed above.

COMPANY: For the purposes of this Privacy Policy, we will refer to the Company as BES, we, our, or us.

EMPLOYEE: This Privacy Policy applies to the Personal Data of all individuals who seek to be, are, or were employed by the Company. These individuals shall be referred to as Employee or Employees. When we refer directly to you, as the Employee, we’ll refer to you as you, as well as through second-person pronouns such as your and yours.

PERSONAL DATA: “Personal Data” means information that we obtain from you in connection with your potential, current, or past employment with us that can identify you. For the purposes of this Privacy Policy, Personal Data is any information about an identifiable Employee that seeks to be, is, or was employed by the Company. Personal Data does not mean any data that is anonymized or identify that cannot identify you in any way.


Article 2 – CONTACT INFORMATION:

The best way to contact us is through the following individual, who is our data protection officer: Nicole Shaffer-Thomas

Contact details are as follows: nshafferthomas@bes.org | 440.773.7804

You may contact us for any questions you have about the handling and processing of your Personal Data. You may also contact us to have access to your Personal Data or any other request. If you are unsatisfied with the handling of your Personal Data, you may make a complaint with the relevant data protection authority.


Article 3 – COLLECTION OF PERSONAL DATA:

We collect different types of Personal Data in different ways. Some of the Personal Data gathered is automatic (through technologies which give us information about you), and some of the information is given by you directly to us.

In order to ensure that we are meeting our responsibilities and duties as your employer, we collect, process, and maintain different types of Personal Data in regard to those individuals who seek to be, are, or were employed by us, including, but not limited to:

  • Gender
  • Marital status, for the purpose of ascertaining and distributing benefits such as health insurance
  • Dependent status, for the purpose of ascertaining and distributing benefits such as health insurance
  • Date of birth
  • General contact information, such as address, telephone number, and email
  • Resumes that you provide and/or application(s) that you fill out and provide to us
  • Your start date
  • Your job title
  • The location where you are working
  • Any training or education programs you undertake through us
  • Professional or personal references
  • Company policies and employment forms signed by you
  • Payroll Information: This includes, but is not limited to, tax forms such as a W9, state tax forms, 1099’s, your social security number, bank account information, additional direct deposit Information, and your photo ID. If, at any point, your payroll information changes, you will be required to fill out updated payroll forms. These forms will be kept in your file along with any previous payroll forms that you have given the Company.
  • Forms that contain any information relating to your personal employee benefits, health care plans, insurance policies and the like.
  • Beneficiary information
  • The contact information of the individual that you list to be first notified in the event of an emergency. This includes phone numbers, addresses, and any other personally identifying information for that individual.
  • Assessments, evaluations, performance reviews, training completion rates, and training scores.
  • Any monetary raises, bonuses, stock information, 401k information, commissions, overtime rate, salaried rate and/or regular hourly rate.
  • Any requested time off, accrued paid time off, tardiness, or requests to leave before the scheduled end of your workday.
  • Grievances, including complaints made by fellow employees or clients or customers, corrective action plans for inappropriate behavior and write-ups.
  • Accolades, including recommendations, awards, or other instances of recognition for quality work.
  • Letter of resignation, if received by the Company
  • Letter of termination, if given
  • Other personal details you voluntarily provide to us

Article 4 – USE OF PERSONAL DATA:

We use the information that we collect about you to effectively run our organization and to help us provide a pleasant, safe, and productive work environment for you.

We also use Personal Data to:

  • Accurately process payroll
  • Enroll insurance policies
  • Manage and plan our business
  • Send out business mailings
  • Conduct employee reviews
  • Handle internal disputes or grievances
  • Analyze your qualifications
  • Manage employee stocks
  • Process any claims you bring
  • For internal accounting
  • Oversee your work
  • Provide you education or training
  • Generally, comply with applicable laws

We only process your Personal Data where we are permitted by law or required to do so, including where we must process Personal Data for your employment with us, where we have a legal obligation to do so as your employer, for legitimate business purposes, to protect your vital interests, or if we have your consent to do so. We may, though, have to process your Personal Data without your consent or knowledge, but only when required to do so by law. We also process your Personal Data to prevent fraud and ensure the security of all aspects of our business.


Article 5 – SPECIAL CATEGORIES OF PERSONAL DATA:

We may collect certain categories sensitive data, as defined under relevant applicable law. If you are asked for any of these categories of data, you may request the purpose for which the data is required and refuse to provide it, if desired. We collect and process the following sensitive Personal Data only through voluntary disclosure for our legitimate organizational purposes, including to carry out any legal obligations and responsibilities as needed and required:

  • Racial origin
  • Ethnic origin
  • Religious or spiritual beliefs
  • Political opinions
  • Criminal background
  • Sexual orientation
  • Health data
  • Biometric data
  • Genetic data
  • Trade union membership

If we collect other categories of sensitive Personal Data not described here, we will seek your prior express consent.


Article 6 – DATA SHARING:

We only share your Personal Data when to those individuals and entities who assist in fulfilling our responsibilities within the employment relationship with you or when required to do so by applicable law (collectively, “Third-Party Service Providers”). These Third-Party Service Providers include, but are not limited to, the website in which you submitted your employment application, background check companies, security personnel companies, payroll information and pay stub viewing applications and companies, scheduling programs, I9 processing systems, company insurance providers and others similarly situated to assist in the employment relationship.

We use these Third-Party Service Providers to help us operate the Company, but we’ll never share your Personal Data other than as described here without your explicit consent. Personal Data will only be disclosed if such Third-Party Service Providers agree to ensure an adequate level of protection of your Personal Data that is consistent with this Privacy Policy. Please note that the Third-Party Service Providers that we utilize will access your Personal Data only on an “if needed” basis as a part of their partnerships with us. If you have any questions as to how these Third-Party Service Providers handle your Personal Data, you may contact them or us.

In certain cases, we may have to disclose your Personal Data to third parties without your consent or prior knowledge. We limit that disclosure to the following circumstances:

  • To protect our legal rights
  • To satisfy any local, state, or Federal laws or regulations
  • To respond to requests, such as discovery, criminal, civil, or administrative process, subpoenas, court orders, or writs from law enforcement or other governmental or legal bodies
  • To bring legal action against an Employee who has violated the law
  • To generally cooperate with any lawful investigation about our past, present, or potential employees
  • If we suspect any fraudulent activity within or in relation to the Company, or if we have noticed any activity which may violate our ethics, guidelines, or other applicable rules


Article 7 – DATA TRANSFER:

We are based in the United States, specifically in Boston, Massachusetts. In other words, your Personal Data may be transferred from the location in which you reside to our physical location in the United States. It may also be transferred to third parties, as described above, located in the United States and wherever third parties maintain data transfer, collection, and storage centers. The risks of transferring data outside of your jurisdiction to the United States includes the possibility of data breaches and loss.


Article 8 – DATA STORAGE AND SECURITY:

We only store your Personal Data as long as it is necessary for providing you with the benefits and protections that employment with us entails or until you cease your employment with us and request deletion of your data. We may also store your Personal Data for any applicable legal record-keeping, including after the termination of your employment or for additional organizational purposes (e.g., maintaining our accountancy records or otherwise maintaining the safety and security of our Company, for a time period permitted by applicable law).

We employ organizational and technical security measures to protect your Personal Data, such as limiting access to your Personal Data, secured networks, and encryption. We ensure that your Personal Data is protected against unauthorized access, disclosure, or destruction by utilizing practices that are consistent with standards in the industry to protect your privacy.

Please note, however, that no system involving the transmission of information via the Internet or the electronic storage of data is completely secure, no matter what reasonable security measures are taken. Although we take the protection and storage of your Personal Data very seriously, and we take all reasonable steps to protect your Personal Data, we cannot be responsible for data breaches that occur outside of our reasonable control. We will, however, follow all applicable laws in the event a data breach occurs, including taking reasonable measures to mitigate any harm as well as notifying you of such breaches as soon as possible.

Article 9 – YOUR RIGHTS:

You have the right to access your Personal Data and to correct, amend, or delete it if it is inaccurate or has been processed in violation of this Privacy Policy, except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to your privacy, or where the rights of other people would be violated. To exercise any of these rights, you can contact us.

You may also contact us to restrict the sharing of your personal with third-parties, in compliance with the California Consumer Protection Act.

If the Personal Data we collect, covered by this Privacy Policy, is to be used for any purpose materially different from the purpose described here or disclosed to a third party not acting as our agent, in a manner other than as disclosed here, we’ll always give you an opportunity to opt-out of this materially different use or disclosure.

Article 10 – DATA PROTECTION OFFICER:

The Data Protection Officer we have appointed for you to contact in the event of questions or complaints regarding this Privacy Policy is as follows: Nicole Shaffer-Thomas. The contact information for our Data Protection Officer may be found above.


Article 11 – MODIFICATIONS AND REVISIONS:

We reserve the right to modify, revise, or otherwise amend this Privacy Policy at any time and in any manner. If we do so, however, we will notify you and obtain your consent to the change in processing. Unless we specifically obtain your consent, any changes to the Privacy Policy will only impact the information collected on or after the date of the change.