LAST UPDATED: 12.22.2022
CALIFORNIA PRIVACY NOTICE
Deutsch Inc. and its affiliates (“AGENCY,” “we,” “us,” or “our”) provide this Privacy Notice, which applies to California resident employees, employee applicants, owners, directors, officers, and contractors of AGENCY, as well as, as applicable, those individuals’ emergency contacts and beneficiaries who are California residents. This Privacy Notice sets forth our practices with respect to information that can reasonably be linked with an individual (“Personal Information”), as required by the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), collectively herein referred to as the “CA Privacy Law”.
Please note, there may be additional or different privacy notices or disclosures that govern our use of your Personal Information beyond the CA Privacy Law. Where collection, use, and disclosure of Personal Information is subject to the CA Privacy Law, this Privacy Notice shall prevail. For collection, use, and disclosure of Personal Information beyond the CA Privacy Law, those separate and relevant privacy notices and disclosures shall prevail.
Collection and Disclosure of Personal Information
The following chart details which categories of Personal Information we collect and process, as well as which categories of Personal Information we disclose to third parties for our operational business and employment purposes, including within the 12 months preceding the date this Privacy Notice was last updated.
|Categories of Personal Information||Disclosed to Which Categories of Third Parties for Operational Business Purposes|
|Identifiers, such as name and government-issued identifier (e.g., Social Security number)||Our affiliates; service providers providing services such as payroll, benefits, consulting, training, expense management, medical benefits, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners, such as entities that help us to provide services to you (e.g., a corporate credit card).|
|Personal information, as defined in the California safeguards law, including without limitation, name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information||Our affiliates; service providers providing services such as payroll, benefits, consulting, training, expense management, medical benefits, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners, such as entities that help us to provide services to you (e.g., a corporate credit card).|
|Protected Class Information, such as characteristics of protected classifications under California or federal law, including without limitation, age, gender, medical conditions, marital status, sex (including pregnancy, childbirth, breastfeeding, and related medical conditions), race, color, religion or creed, ancestry, national origin, disability, genetic information, sexual orientation, gender identity and expression, citizenship, primary language, immigration status, military/veteran status, political affiliation/activities, domestic violence victim status, and requests for leave||Our affiliates; service providers providing services such as payroll, benefits, consulting, training, expense management, medical benefits, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners, such as entities that help us to provide services to you (e.g., a corporate credit card).|
|Commercial Information, such as transaction information and purchase history, travel expenses, including information about corporate credit card purchases, frequent flyer rewards, and other travel-related programs and expenses|
|Biometric Information, such as face scans, fingerprints, and voiceprints Note: biometric information is sensitive personal information also referenced below|
|Internet or Network Activity Information, such as browsing history and interactions with our websites and applications, access and usage information regarding websites, applications, and systems, information about online communications, including browsing and search history, timestamp information, IP address, and access and activity logs|
|Geolocation Data, such as latitude/longitude, precise location information, device location, approximate location derived from IP address, and GPS, WiFi, or Bluetooth Low Energy tracking|
|Audio, electronic, visual and similar information, such as photographs, images, call and video recordings, including voicemail and security camera footage, information about the use of electronic devices and systems, key card usage, photos on websites or in employee directories|
|Education Information subject to the federal Family Educational Rights and Privacy Act, such as student records and directory information|
|Professional or Employment Information, such as work history, prior employer, information from reference checks, background screening information, employment application, membership in professional organizations, personnel files, personal qualifications and training, eligibility for promotions and other career-related information, work preferences, business expenses, wage and payroll information, benefit information, information on leaves of absence or PTO, performance reviews, information on internal investigations or disciplinary actions|
|Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences, characteristics, predispositions and abilities|
|Sensitive Personal Information: • Personal Information that reveals an individual’s Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Company is the intended recipient of the communication; genetic data; • The processing of biometric information for the purpose of uniquely identifying an individual; • Personal Information collected and analyzed concerning an individual’s health; and • Personal Information collected and analyzed concerning an individual’s sex life or sexual orientation.|
We may also disclose the above categories of Personal Information to a third party in the context of any reorganization, financing transaction, merger, sale, joint venture, partnership, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
We do not sell Personal Information of covered individuals, and we do not share or otherwise process Personal Information of covered individuals for purposes of cross-context behavioral advertising, as defined under the CA Privacy Law. We have not engaged in such activities in the 12 months preceding the date this Privacy Notice was last updated.
We do not knowingly sell or share the Personal Information of minors under 16 years of age.
Sources of Personal Information
We collect Personal Information from you and from our affiliates, your colleagues and managers, references you provide, prior employers or schools, clients, background check providers, providers of employee benefits, social networks, publicly available databases, and cooperative databases. We collect Personal Information about our employees’ and other individuals’ emergency contacts and beneficiaries from such employees or other individuals.
Purposes for the Collection, Use and Disclosure of Personal Information
We may collect or use Personal Information for the purposes of operating, managing, and maintaining our business, managing our workforce and other employment purposes, and accomplishing our business purposes and objectives, including, for example, using Personal Information to:
- Plan and manage workforce activities and personnel generally, including for recruitment, employee onboarding, appropriate staffing, performance management, training and career development, payments and benefit administration, employee training, leaves and promotions;
- Conduct workforce assessments, including determining physical or mental fitness for work and evaluating work performance;
- Process payroll, manage wages and other awards such as stock options, stock grants and bonuses, reimburse expenses, and provide healthcare, pensions, savings plans and other benefits;
- Operate, maintain, monitor, and secure our facilities, equipment, systems, networks, applications, and infrastructure;
- Manage attendance, time keeping, leaves of absence, and vacation;
- Facilitate employee communication and workforce travel;
- Undertake quality and safety assurance measures, protect the health and safety of our workforce and others, and conduct risk and security control and monitoring;
- Conduct research, analytics, and data analysis, such as to assist in succession planning and to ensure business continuity, as well as to design and implement employee retention programs, diversity, equity, and inclusion initiatives, and environmental, social, and governance (“ESG”) initiatives;
- Perform identity verification, accounting, budgeting, audit, and other internal functions, such as internal investigations, disciplinary matters, and handling grievances and terminations;
- Operate and manage IT and communications systems and facilities, allocate Company assets and human resources, and undertake strategic planning and project management; and
- Comply with law, legal process, requests from governmental or regulatory authorities, internal policies, and other requirements, such as income tax deductions, recordkeeping, work permit and immigration regulations and reporting obligations, and the exercise or defense of legal claims.
Use and Disclosure of Sensitive Personal Information
We may use Sensitive Personal Information for purposes of performing services for our business, providing services as requested by you, and ensuring the safety, security and integrity of our business, infrastructure, and the individuals with whom we interact. This includes, without limitation, establishing and maintaining your employment relationship with us, ensuring the safety and diversity of our workforce, designing and implementing ESG initiatives, complying with legal obligations, defending or asserting legal claims, managing payroll and corporate credit card use, administering and providing benefits, and securing the access to, and use of, our facilities, equipment, systems, networks, applications, and infrastructure.
We retain Personal Information including, without limitation, Sensitive Personal Information, for as long as needed or permitted in light of the purpose(s) for which it was collected. The criteria used to determine our retention periods include:
- The duration of your employment;
- The length of time we have an ongoing relationship with you or your dependents/beneficiaries and the length of time thereafter during which we may have a legitimate need to reference your Personal Information, such as to address issues that may arise;
- Whether there is a legal obligation to which we are subject (for example, certain laws may require us to keep your employment records for a certain period of time); and
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
You may, subject to applicable law, make the following requests:
- You may request we disclose to you the following information covering the 12 months preceding your request:
- The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
- The business or commercial purpose for collecting Personal Information about you; and
- The categories of Personal Information about you we otherwise disclosed and the categories of third parties to whom we disclosed such Personal Information.
- You may request to correct inaccuracies in your Personal Information.
- You may request to have certain Personal Information you provided to us deleted.
- You may request to receive a copy of your Personal Information, including a copy of the Personal Information you provided to us in a portable format.
We will not unlawfully discriminate against you for exercising a right conferred by the CA Privacy Law. Without limitation, we will not retaliate against you for exercising such a right. To make a request, please contact us at https://ncv.microsoft.com/khZ8jEBrCI or 1-888-474-8778. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate before disclosing or deleting your Personal Information. If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information.
We will verify and respond to your request consistent with applicable law.
If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted above. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described above or confirm that you provided the agent permission to submit the request.
Changes to this Privacy Notice
We may change or update this notice from time to time. When we do, we will post the updated notice on this page with a new “Last Updated” date.
If you have questions regarding this Privacy Notice, please contact your local Human Resources department, HR Privacy Champion, or email us at CAPrivacy@DeutschInc.com.