For purposes of this Policy, the following definitions shall apply:
"Agent" means any third party that uses Personal Data provided by Sterling Talent Solutions to perform tasks on behalf of or at the instruction of Sterling Talent Solutions.
"Client-employee" means a person who applied for employment at a potential employer and/or a person working for an employer which employer requested Sterling Talent Solutions' Consumer Services regarding such a person.
"Client-employee Personal Data" means Personal Data of a Client-employee that Sterling Talent Solutions collected and processed as part of its Client Services.
"Client-Services" means employment screening services, which include back ground checks involving criminal records searches, credit checks, vehicle motor which search, social security trace reports, personal identification, number trace reports, employment verifications, education record verifications and/or drug testing, where such background checks are permissible by law, which services Sterling Talent Solutions render at the request of a Client of the Company.
"Personal Data" means any information or set of information that identifies or could be used by or on behalf of Sterling Talent Solutions to identify an individual subject to the EU Data Privacy Directive 95/46/EC, as modified, supplemented and/or replaced. Personal Data does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal Data.
"Sensitive Personal Data" means Personal Data that reveals race, ethnic origin, trade union membership, or that concerns health. In addition, Sterling Talent Solutions will treat as sensitive Personal Data any information received from a third party where that third party treats and identifies the information as sensitive.
"Sterling Talent Solutions" means Sterling Talent Solutions, its predecessors, affiliates, successors, subsidiaries, divisions and groups.
II. SAFE HARBOR
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles ("Safe Harbor Principles") and frequently asked questions (the "U.S.-EU Safe Harbor Framework") to enables U.S. companies to satisfy the requirement under European Union law that an adequate level of protection is given to Personal Data transferred from the EU to the United States. The EEA also has recognized the U.S. Safe Harbor as providing an adequate level of data protection (OJL 45, 15.2.2001, p.47). The United States Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland have agreed on a similar set of data protection principles and frequently asked questions (the "U.S.-Swiss Safe Harbor Framework") to enable U.S. companies to satisfy the requirement under Swiss law that an adequate level of data protection is given to Personal Data transferred from Switzerland to the United States. Consistent with its commitment to protect Personal Data privacy, Sterling Talent Solutions adheres to the U.S.-EU and U.S.-Swiss Safe Harbor Frameworks. Sterling Talent Solutions has a Vice President of Compliance who assists in ensuring compliance with this Policy and data security issues. Sterling Talent Solutions educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. Sterling Talent Solutions' Vice President of Compliance and Sterling Talent Solutions' external legal advisors are available to any of its valued employees, Clients, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.
On a global basis, Sterling Talent Solutions will, and will cause its affiliates to, establish and maintain business procedures that are consistent with this Policy. Sterling Talent Solutions collects Personal Data of its employees and/or job applicants for, among other things, legitimate human resource business reasons such as payroll administration; filling employment positions; administration and operations of its benefit programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; and authentication. Sterling Talent Solutions does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent Sterling Talent Solutions maintains information on an individual's medical health or ethnicity (as legally required), Sterling Talent Solutions will protect, secure and use that information in a manner consistent with this Policy and applicable law. Through its service to Company Clients to conduct background and criminal record checks, drug testing, and employment verification, Sterling Talent Solutions also collects and processes Personal Data of individuals who apply for employment at Sterling Talent Solutions' Clients ("Client-employees" and "Client-employee Personal Data").
Sterling Talent Solutions will conduct Client-services in accordance with the notice given to and/or the consent obtained from Client-employees. Sterling Talent Solutions will not sell or share Client-employee Personal Data to third parties other than the Client on whose behalf the Personal Data was collected. Personal Data collected by Sterling Talent Solutions from prospective Clients, consumers, vendors, business partners and others. Sterling Talent Solutions collects Personal Data for, among other things, legitimate business reasons such as Client service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal Data collected by Sterling Talent Solutions will be used for legitimate business purposes consistent with this Policy.
IV. PRIVACY PRINCIPLES
The privacy principles in this Policy are based on the seven Safe Harbor Principles.
- NOTICE: Where Sterling Talent Solutions collects Personal Data directly from individuals applying for employment at Sterling Talent Solutions, it will inform them about the purposes for which it collects and uses Personal Data about them, the types of non-agent third parties to which Sterling Talent Solutions discloses that information, if any, and the choices and means, if any, Sterling Talent Solutions offers individuals for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to Sterling Talent Solutions, or as soon as practicable thereafter, and in any event before Sterling Talent Solutions uses the information for a purpose other than that for which it was originally collected. Sterling Talent Solutions may disclose Personal Data if required to do so by law or to protect and defend the rights or property of Sterling Talent Solutions. Sterling Talent Solutions will collect Client-employee Personal Data only in accordance with the notice to and consent given by the Client-employee. Should you have any complaints or inquiries regarding this Policy or the provisions contained herein, please contact Sterling Talent Solutions' Vice-President of Compliance.
- CHOICE: Sterling Talent Solutions will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Data, Sterling Talent Solutions will give individuals who apply for employment at Sterling Talent Solutions the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Sterling Talent Solutions collects sensitive Personal Data on Client-employees only pursuant the person's express consent. Sterling Talent Solutions will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
- DATA INTEGRITY: Sterling Talent Solutions will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Sterling Talent Solutions will take reasonable steps to make sure that Personal Data is relevant to its intended use, accurate, complete and current.
- TRANSFERS TO AGENTS: Sterling Talent Solutions will obtain assurances from its Agents that they will safeguard Personal Data consistently with this Policy. Examples of appropriate assurances that may be provided by Agents include: a contract obligating the Agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the Agent, or being subject to another European Commission adequacy finding (e.g., companies located in Switzerland). Where Sterling Talent Solutions has knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this Policy, Sterling Talent Solutions will take reasonable steps to prevent or stop the use or disclosure. Sterling Talent Solutions holds it Agents accountable for maintaining the trust our employees and Clients place in the company.
- ACCESS AND CORRECTION: Upon request, Sterling Talent Solutions will grant individuals reasonable access to Personal Data that it holds about them. In addition, Sterling Talent Solutions will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees of Sterling Talent Solutions who desire to review or update their Personal Data can do so by contacting their local Human Resources Representative. Client-employees must contact their employer and/or the company to whom they gave consent to conduct the Client Services.
- SECURITY: Sterling Talent Solutions will take reasonable precautions to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Sterling Talent Solutions protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal Data. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. Sterling Talent Solutions limits access to Personal Data and data to those persons in Sterling Talent Solutions' organization, or as agents of Sterling Talent Solutions, that have a specific business purpose for maintaining and processing such Personal Data. Individuals who have been granted access to Personal Data are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so. Sterling Talent Solutions will disclose Client employee Personal Data only to the Client who requested the Client Services and in accordance with the Notice provided by the Client to the Client employee and/or the consent given by the Client-employee. Of course, no set of safeguards is 100% secure. This means that, for example, despite our best efforts, an unauthorized access or acquisition of your information could occur. In that case, we will do our best to mitigate harm to you and, where appropriate notify you of the incident.
- ENFORCEMENT: Sterling Talent Solutions will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy and the U.S. Department of Commerce Safe Harbor Principles. Any employee that Sterling Talent Solutions determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.
V. DISPUTE RESOLUTION
Any questions or concerns regarding the use or disclosure of Personal Data should be directed to the Sterling Talent Solutions Privacy Office at the address given below. Sterling Talent Solutions will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Sterling Talent Solutions and the complainant, Sterling Talent Solutions has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles, and to cooperate and comply with the Federal Data Protection and Information Commissioner of Switzerland.
VI. INTERNET PRIVACY
The practices described in this Policy are current Personal Data protection policies as of March 12, 2012. Sterling Talent Solutions reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments.
If you have questions about our privacy and security policy, contact us at:
Sterling Talent Solutions
1 State Street Plaza, 24TH Floor
New York, NY 10004
Tel: +1 (212) 736-5100
Attention: Vice President of Compliance