At ZS, we are committed to protecting the personal data of our current, former, and prospective employees (also referred to as you, your, and ZSers). This privacy notice lays out ZS’s practices around protecting ZSers’ personal data before, during, and after your time with us.
This notice should be viewed as a global overview of our privacy practices in an employment context. Please note that the country in which you reside or are employed may have additional requirements regarding your personal data. In such cases, ZS complies with applicable local law. If you have any questions about this, please reach out to the Privacy Team within ZS Legal or your local Office Managing Principal (OMP).
Any personal data processed by ZS (also referred to as we, us, or our) in connection with this ZSer Privacy Notice is controlled by ZS Associates, Inc. or the ZS entity that is your prospective, current, or former employer, as applicable.
You may apply for our open positions online through our Web site or via LinkedIn, or you may be sought out by a recruiter who may find your information via LinkedIn using recruiting tools to which ZS subscribes. Once you begin to pursue a position at ZS, we collect your personal data, such as the information you include in your resume, CV, LinkedIn profile, or ZS application. We will process your application together with all other personal data you provide for recruiting purposes.
This information is stored and processed through our Human Resources Information System (HRIS). We may also evaluate the information you provide for positions other than the one you applied to. We may contact you about your qualification for such positions.
ZS does not collect sensitive personal data in the application process unless you voluntarily provide it to us. We use that information in compliance with labor and social security law to process your employment application and to conduct a background check, and any such processing of sensitive personal data will not conflict with your rights and freedoms under applicable data protection law. References to sensitive personal data include the various categories of personal data identified by applicable law as requiring special treatment.
ZS may require prospective and current ZSers to satisfactorily complete a background check. ZS will consider your job duties, among other factors, in determining what constitutes satisfactory completion of the background check. All information obtained as a result of a background check will be used solely for employment purposes. When a background check is required, you must complete an authorization form. Failure to timely complete an authorization may result in termination of ZS's consideration of your application or employment. Falsification or omission of information may result in denial of employment or discipline, up to and including termination. All background check information will be kept confidential. ZS complies with all applicable local laws regarding background checks.
If you are not offered a position, we may retain your application information for up to five years after you apply in order to consider you for other positions for which your experience and qualifications appear to match and/or to comply with our legal obligations. After five years, we retain a record that you applied, but your interview records are deleted from our systems.
You have the right to request to access, modify, correct, delete, or limit the use and disclosure of any information you provide to us for application purposes. You may do so at any time by logging into the account you create in our HRIS. If you would like to remove all of the information we have about you, you may delete your account by logging in and selecting the delete option. Once you do this, you will no longer be considered for any positions at ZS. You may also request that ZS delete this information on your behalf by contacting email@example.com or your local ZS recruiting contact.
Once you become part of ZS, you will need to provide us with additional information about you and your family. We will only ask you for the information we need for the provision of benefits, payroll, and other essential HR functions.
Some types of additional information ZS may receive, both directly and indirectly from you, include the following:
- Contact details, such as your home address, telephone numbers, personal e-mail address, etc., and contact details of others that you provide, such as who to contact in the event of an emergency, details of your dependents, life insurance beneficiaries, etc.
- Financial information relating to your compensation, benefits, and retirement account or pension, such as details of your salary and any deductions, bank account, tax codes, national insurance or social security number, travel expenses, etc.
- Employment administration information, such as career history, photograph, time entry records, performance information, training records, records of projects you have worked on, etc.
- Logs about your use of ZS’s assets such as laptops, which includes your IP address, and access to ZS facilities such as with keycards (where this is relevant and we are permitted under local law to collect this information).
- Information that may reveal race or ethnic origin, such as for immigration between ZS offices or to review diversity and inclusion within ZS. We may also have information about your religious or philosophical beliefs, or trade union membership, where it is necessary for compliance with labor or social security law, as well as your health information for the provision of healthcare benefits or medical leave.
- Other information that you voluntarily provide that it is necessary to use for ZS’s business purposes (e.g., where you register an interest in a particular social activity run by us for ZSers).
We use your personal data as described above for employment and business-related purposes. This includes administration (paying salaries, leave benefits, retirement account or pensions, among others). We also use your data to provide you with training, to staff you on projects via TeamZS, and to assess your performance and help you grow as a ZSer via PD coaching. We monitor compliance with laws, such as equal opportunity employment, and may collect information to better understand ZS’s diversity and inclusion performance. We will communicate with you as needed including via personal contact information, such as in an emergency. We will also use tools that monitor ZS e-mails and browsers for security, such as to prevent malware; that collect location data in order for ZS to satisfy various legal and tax obligations in connection with our role as an employer; and for corporate travel purposes so we are aware of where you are in the world when you’re traveling for business purposes, in order to assist ZSers.
We may display ZSers’ names or photos on our Web site, via social media, or in press releases for marketing and recruiting purposes in order to attract business or new talent to ZS.
Some amount of information about you will be available on the company’s intranet so that you and your global colleagues are able to learn more about each other. You are able to control portions of what appears on your intranet profile page. For assistance with making modifications to this space, please reach out to the ZSpace Community Organizer.
You also have access to the HRIS system so that you can view, update, and maintain the information we have about you. This may include your name, home address, professional history, position within ZS, emergency contact information, etc. Your local HR lead can assist you with any questions about the HRIS.
ZS will keep the information we collect about current ZSers for as long as the employment relationship lasts and for a period of time thereafter, depending on the type of information and as required by applicable local law.
Within ZS’s HRIS, we will keep your data file for an appropriate amount of time after you leave, as required by applicable local law.
Should you need to access, update, delete, or limit the use and disclosure of any of your personal data after you leave ZS, please reach out to your local HR lead for further assistance. We will make any requested changes in a timely manner, unless prohibited by law. We will notify you of any changes or deletions that we are legally unable to make.
ZS will only process your personal data where we have a legal basis for doing so. In each case, the legal basis will be one or more of the following:
- To administer the employment relationship and perform the contract of employment that we may have with you (if applicable);
- To comply with ZS’s legal obligations as an employer;
- To fulfill our legitimate interests as an employer; or
- To process in conformance with your consent.
ZS works with a number of authorized service providers in the course of everyday business. In addition to our HRIS, we have service providers that assist us with ZSer travel, the processing and distribution of paychecks and other pay, the provision of benefits and other insurance services, as well as providers for the support of core business functions (e.g., software and server space), for example. Unless required or authorized by law, such as requests by government authorities, we never provide ZSers’ personal data to third parties that are not engaged in a service relationship with ZS. We may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Governmental and regulatory bodies must follow the applicable legal process to obtain valid and binding orders. All requests must be specific and are reviewed by the ZS Legal team to ensure that the requests are valid and so that ZS can object to overly broad or otherwise inappropriate requests. ZS does not provide any government with direct and unfettered access to your personal data, and we do not provide any government with our encryption keys.
We are a global company, and your data may be transferred throughout our offices worldwide. We are headquartered in the United States and subject to the jurisdiction of the Federal Trade Commission; your data will be stored and processed according to U.S. privacy standards. Data is transferred in accordance with the requirements of our intergroup data transfer agreement based on the Standard Contractual Clauses defined in Regulation (EU) 2016/679 and which also satisfies the requirements for cross-border data transfers from Japan under Act No. 57 of 2003, as amended. Although no longer a valid basis that ZS relies on for lawful data transfers in light of the judgment of the Court of Justice of the European Union in Case C-311/18, ZS Associates, Inc. and ZS Associates International, Inc. continue their commitment to adhere to the EU-U.S. and Swiss-U.S. Privacy Shield Principles with respect to personal data received from the EU, United Kingdom, and Switzerland. These Principles are:
- Accountability for onward transfer
- Data integrity and purpose limitation
- Recourse, enforcement, and liability
Further information about Privacy Shield as well as our certification can be found at www.privacyshield.gov/list.
In compliance with the Privacy Shield Principles, ZS commits to resolve complaints about our collection or use of your personal data. If you have any inquiries or complaints about how we handle your personal data, please contact us at: firstname.lastname@example.org
Current, former, and prospective ZSers in the European Union (EU), United Kingdom (UK), or Switzerland may work with their local EU Data Protection Authority (DPA), UK Information Commissioner’s Office (UK ICO), or Swiss Federal Data Protection and Information Commissioner in the event of any unresolved issues concerning their personal data. ZS commits to cooperating with the competent EU, UK, and Swiss authorities to resolve individual complaints. The services of EU DPAs, UK ICO, and Swiss Federal Data Protection and Information Commissioner are provided at no cost to you.
Please visit http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm for more information.
For ZSers located in Argentina, the National Agency on Public Information Access, in its capacity as the regulatory authority under Law No. 25,326, is the proper entity to receive complaints filed by individuals affected by any non-compliance with regulations on the protection of private information.
Individuals in the EU, UK, and Switzerland have the right to invoke binding arbitration if certain conditions are met. More information about when this is applicable is available at www.privacyshield.gov and from your local EU DPA, UK ICO, or Swiss Data Protection and Information Commissioner.
As mentioned above, we may disclose personal data to third-party service providers that we use to provide support functions. We remain responsible under the Privacy Shield Principles if these third parties process your personal data in a manner inconsistent with the Privacy Shield Principles (unless we are not responsible for the event giving rise to the damage).
We provide reasonable and appropriate physical, technical, and organizational safeguards intended to maintain the confidentiality, integrity, and availability of the personal data we collect. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
This Privacy Notice is governed by the laws of the State of Illinois.
Any updates to this Privacy Notice will be posted here. The date at the top indicates the date of the last update.
If you have any questions regarding this Privacy Notice or our privacy practices generally, please contact a member of the Privacy Team within ZS Legal or reach us via e-mail at email@example.com. You may also mail us at:
ZS Associates, Inc.
Attn. Data Protection Officer
One Rotary Center
1560 Sherman Ave. Ste. 800
Evanston, IL 60201
© 2021 ZS