Effective Date: August 27, 2020
Article 1 – DEFINITIONS:
Article 2 – CONTACT INFORMATION:
The best way to contact us is through the following individual, who is our data protection officer: Nicole Shaffer-Thomas
Contact details are as follows: firstname.lastname@example.org | 440.773.7804
You may contact us for any questions you have about the handling and processing of your Personal Data. You may also contact us to have access to your Personal Data or any other request. If you are unsatisfied with the handling of your Personal Data, you may make a complaint with the relevant data protection authority.
Article 3 – COLLECTION OF PERSONAL DATA:
We collect different types of Personal Data in different ways. Some of the Personal Data gathered is automatic (through technologies which give us information about you), and some of the information is given by you directly to us.
In order to ensure that we are meeting our responsibilities and duties as your employer, we collect, process, and maintain different types of Personal Data in regard to those individuals who seek to be, are, or were employed by us, including, but not limited to:
- Marital status, for the purpose of ascertaining and distributing benefits such as health insurance
- Dependent status, for the purpose of ascertaining and distributing benefits such as health insurance
- Date of birth
- General contact information, such as address, telephone number, and email
- Resumes that you provide and/or application(s) that you fill out and provide to us
- Your start date
- Your job title
- The location where you are working
- Any training or education programs you undertake through us
- Professional or personal references
- Company policies and employment forms signed by you
- Payroll Information: This includes, but is not limited to, tax forms such as a W9, state tax forms, 1099’s, your social security number, bank account information, additional direct deposit Information, and your photo ID. If, at any point, your payroll information changes, you will be required to fill out updated payroll forms. These forms will be kept in your file along with any previous payroll forms that you have given the Company.
- Forms that contain any information relating to your personal employee benefits, health care plans, insurance policies and the like.
- Beneficiary information
- The contact information of the individual that you list to be first notified in the event of an emergency. This includes phone numbers, addresses, and any other personally identifying information for that individual.
- Assessments, evaluations, performance reviews, training completion rates, and training scores.
- Any monetary raises, bonuses, stock information, 401k information, commissions, overtime rate, salaried rate and/or regular hourly rate.
- Any requested time off, accrued paid time off, tardiness, or requests to leave before the scheduled end of your workday.
- Grievances, including complaints made by fellow employees or clients or customers, corrective action plans for inappropriate behavior and write-ups.
- Accolades, including recommendations, awards, or other instances of recognition for quality work.
- Letter of resignation, if received by the Company
- Letter of termination, if given
- Other personal details you voluntarily provide to us
Article 4 – USE OF PERSONAL DATA:
We use the information that we collect about you to effectively run our organization and to help us provide a pleasant, safe, and productive work environment for you.
We also use Personal Data to:
- Accurately process payroll
- Enroll insurance policies
- Manage and plan our business
- Send out business mailings
- Conduct employee reviews
- Handle internal disputes or grievances
- Analyze your qualifications
- Manage employee stocks
- Process any claims you bring
- For internal accounting
- Oversee your work
- Provide you education or training
- Generally, comply with applicable laws
We only process your Personal Data where we are permitted by law or required to do so, including where we must process Personal Data for your employment with us, where we have a legal obligation to do so as your employer, for legitimate business purposes, to protect your vital interests, or if we have your consent to do so. We may, though, have to process your Personal Data without your consent or knowledge, but only when required to do so by law. We also process your Personal Data to prevent fraud and ensure the security of all aspects of our business.
Article 5 – SPECIAL CATEGORIES OF PERSONAL DATA:
We may collect certain categories sensitive data, as defined under relevant applicable law. If you are asked for any of these categories of data, you may request the purpose for which the data is required and refuse to provide it, if desired. We collect and process the following sensitive Personal Data only through voluntary disclosure for our legitimate organizational purposes, including to carry out any legal obligations and responsibilities as needed and required:
- Racial origin
- Ethnic origin
- Religious or spiritual beliefs
- Political opinions
- Criminal background
- Sexual orientation
- Health data
- Biometric data
- Genetic data
- Trade union membership
If we collect other categories of sensitive Personal Data not described here, we will seek your prior express consent.
Article 6 – DATA SHARING:
We only share your Personal Data when to those individuals and entities who assist in fulfilling our responsibilities within the employment relationship with you or when required to do so by applicable law (collectively, “Third-Party Service Providers”). These Third-Party Service Providers include, but are not limited to, the website in which you submitted your employment application, background check companies, security personnel companies, payroll information and pay stub viewing applications and companies, scheduling programs, I9 processing systems, company insurance providers and others similarly situated to assist in the employment relationship.
In certain cases, we may have to disclose your Personal Data to third parties without your consent or prior knowledge. We limit that disclosure to the following circumstances:
- To protect our legal rights
- To satisfy any local, state, or Federal laws or regulations
- To respond to requests, such as discovery, criminal, civil, or administrative process, subpoenas, court orders, or writs from law enforcement or other governmental or legal bodies
- To bring legal action against an Employee who has violated the law
- To generally cooperate with any lawful investigation about our past, present, or potential employees
- If we suspect any fraudulent activity within or in relation to the Company, or if we have noticed any activity which may violate our ethics, guidelines, or other applicable rules
Article 7 – DATA TRANSFER:
We are based in the United States, specifically in Boston, Massachusetts. In other words, your Personal Data may be transferred from the location in which you reside to our physical location in the United States. It may also be transferred to third parties, as described above, located in the United States and wherever third parties maintain data transfer, collection, and storage centers. The risks of transferring data outside of your jurisdiction to the United States includes the possibility of data breaches and loss.
Article 8 – DATA STORAGE AND SECURITY:
We only store your Personal Data as long as it is necessary for providing you with the benefits and protections that employment with us entails or until you cease your employment with us and request deletion of your data. We may also store your Personal Data for any applicable legal record-keeping, including after the termination of your employment or for additional organizational purposes (e.g., maintaining our accountancy records or otherwise maintaining the safety and security of our Company, for a time period permitted by applicable law).
We employ organizational and technical security measures to protect your Personal Data, such as limiting access to your Personal Data, secured networks, and encryption. We ensure that your Personal Data is protected against unauthorized access, disclosure, or destruction by utilizing practices that are consistent with standards in the industry to protect your privacy.
Please note, however, that no system involving the transmission of information via the Internet or the electronic storage of data is completely secure, no matter what reasonable security measures are taken. Although we take the protection and storage of your Personal Data very seriously, and we take all reasonable steps to protect your Personal Data, we cannot be responsible for data breaches that occur outside of our reasonable control. We will, however, follow all applicable laws in the event a data breach occurs, including taking reasonable measures to mitigate any harm as well as notifying you of such breaches as soon as possible.
Article 9 – YOUR RIGHTS:
You may also contact us to restrict the sharing of your personal with third-parties, in compliance with the California Consumer Protection Act.
Article 10 – DATA PROTECTION OFFICER:
Article 11 – MODIFICATIONS AND REVISIONS: