At ZS, we are committed to protecting the personal data of our current, former, and prospective employees (also referred to as you, your, and ZSers). This privacy notice lays out ZS’s practices around protecting ZSers’ personal data before, during, and after your time with us.
This notice should be viewed as a global overview of our privacy practices in an employment context. Please note that the country in which you reside or are employed may have additional requirements regarding your personal data. In such cases, ZS complies with applicable local law. If you are a resident of California, please also review our California Privacy Notice. 如果您是中国居民，请点击这里. If you have any questions about this, please reach out to ZS's Data Protection Team or your local Office Managing Principal (OMP).
Any personal data processed by ZS (also referred to as we, us, or our) in connection with this ZSer Privacy Notice is controlled by ZS Associates, Inc. or the ZS entity that is your prospective, current, or former employer, as applicable.
You may apply for our open positions online through our Web site or via LinkedIn, or you may be sought out by a ZS recruiter who may find your information via LinkedIn using recruiting tools to which ZS subscribes. Once you begin to pursue a position at ZS, we collect your personal data, such as the information you include in your resume, CV, LinkedIn profile, or ZS application. If you are selected for an interview, with your consent, an AI assesment may be included. We will process your application together with all other personal data you provide for recruiting purposes.
This information is stored and processed through our Applicant Tracking System (ATS) and Human Resources Information System (HRIS). We may also evaluate the information you provide for positions other than the one you applied to. We may contact you about your qualification for such positions.
ZS does not collect sensitive personal data in the application process unless you voluntarily provide it to us. We use that information in compliance with labor and social security law to process your employment application, to understand the diversity of our applicant pool, and to conduct a background check, and any such processing of sensitive personal data will not conflict with your rights and freedoms under applicable data protection law. References to sensitive personal data include the various categories of personal data identified by applicable law as requiring special treatment.
ZS may require prospective and current ZSers to satisfactorily complete a background check. ZS will consider your job duties, among other factors, in determining what constitutes satisfactory completion of the background check. All information obtained as a result of a background check will be used solely for employment purposes. When a background check is required, you must complete an authorization form. Failure to timely complete an authorization may result in termination of ZS's consideration of your application or employment. Falsification or omission of information may result in denial of employment or discipline, up to and including termination. All background check information will be kept confidential. ZS complies with all applicable local laws regarding background checks.
ZS may also request proof of vaccination against COVID-19 prior to your employment with ZS where permitted by law. This information is maintained in the HRIS on a restricted access basis.
If you are not offered a position, we may retain your application information for up to five years after you apply in order to consider you for other positions for which your experience and qualifications appear to match and/or to comply with our legal obligations. After five years, we retain a record that you applied, but your interview records are deleted from our systems.
You have the right to request to access, modify, correct, delete, or limit the use and disclosure of any information you provide to us for application purposes. You may do so at any time by logging into the account you create in our ATS. You may request that ZS delete this information on your behalf at any time by contacting firstname.lastname@example.org or your local ZS recruiting contact or by submitting a request through ZS's Privacy Request Tool. Once you do this, you will no longer be considered for any positions at ZS.
Once you join ZS, you will need to provide us with additional information about you and your family. We will only ask you for the information we need to administer benefits, payroll, and other essential HR functions.
Some types of additional information ZS may receive, both directly and indirectly from you, include the following:
- Contact details, such as your home address, telephone numbers, personal e-mail address, etc., and contact details of others that you provide, such as who to contact in the event of an emergency, details of your dependents, life insurance beneficiaries, etc.
- Financial information relating to your compensation, benefits, and retirement account or pension, such as details of your salary and any deductions, bank account, tax codes, national insurance or social security number, travel expenses, etc.
- Employment administration information, such as career history, photograph, time entry records, performance information, training records, records of projects you have worked on, etc.
- Logs about your presence on ZS office premises and use of ZS’s assets such as laptops, which includes your IP address, access to ZS facilities such as with keycards, use of applications related to office presence (all in accordance with local law).
- Information that may reveal race or ethnic origin, such as for immigration between ZS offices or to review diversity and inclusion within ZS. We may also have information about your religious or philosophical beliefs, or trade union membership, where it is necessary for compliance with labor or social security law, as well as your health information for the provision of healthcare benefits or medical leave.
- Other information that you voluntarily provide that it is necessary to use for ZS’s business purposes (e.g., where you register an interest in a particular social activity run by us for ZSers).
We use your personal data as described above for employment and business-related purposes. This includes administration (e.g., paying salaries, leave benefits, retirement account or pensions, among others) as well as sharing information about you with clients whose projects you're staffed on. We also use your data to provide you with training, staff you on projects and assess your performance and help you grow as a ZSer via PD coaching. We monitor compliance with laws, such as equal opportunity employment, and may collect information to better understand ZS’s diversity, equity, and inclusion performance. We will communicate with you as needed including via personal contact information, such as in an emergency. We will also use tools that monitor ZS e-mails and browsers for security, such as to prevent malware; that collect location data in order for ZS to satisfy various legal and tax obligations in connection with our role as an employer; and for corporate travel purposes so we are aware of where you are in the world when you’re traveling for business purposes, in order to assist ZSers. Additionally, you may be required to use an ID badge to access the office that you’re assigned to as well as use software to reserve desk space in any ZS office. We may monitor these for attendance calculation and space utilization purposes where permitted by law.
With regard to the COVID-19 pandemic, ZS may collect your vaccination status where permitted by law. Additionally, we will request that you self-report to your local HR Generalist or via the HRIS portal if you have tested positive for COVID-19 after you were working in a ZS office or were at a ZS event. We use this information to conduct contact tracing activities to ensure the safety of your colleagues as well as others in the building or event location and to comply with workplace safety requirements. Vaccination and testing information is maintained in the HRIS on a restricted access basis. More information is available on ZS’s COVID-19 page on MyZS.
We may display ZSers’ names or photos on our Web site, via social media, or in press releases for marketing and recruiting purposes in order to attract business or new talent to ZS.
Some amount of information about you will be available on the company’s intranet so that you and your global colleagues are able to learn more about each other. You are able to control portions of what appears on your intranet profile page. For assistance with making modifications to this space, please reach out to the MyZS Team.
You also have access to the HRIS system so that you can view, update, and maintain the information we have about you. This may include your name, home address, professional history, position within ZS, emergency contact information, etc. Your local HR lead can assist you with any questions about the HRIS.
ZS will keep the information we collect about current ZSers for as long as the employment relationship lasts and for a period of time thereafter, depending on the type of information and as required by applicable local law.
Within ZS’s HRIS, we will keep your data file for an appropriate amount of time after you leave, as required by applicable local law.
Should you need to access, update, delete, or limit the use and disclosure of any of your personal data after you leave ZS, please reach out to your local HR lead for further assistance or submit a request via ZS's Privacy Request Tool. We will make any requested changes in a timely manner, unless prohibited by law. We will notify you of any changes or deletions that we are legally unable to make.
As a requirement of ZS’s provision of health insurance in the US, our administrator UMR creates and publishes machine-readable files on behalf of ZS. To link to the Machine-Readable Files, please click on the following URL: transparency-in-coverage.uhc.com.
ZS will only process your personal data where we have a legal basis for doing so. In each case, the legal basis will be one or more of the following:
- To administer the employment relationship and perform the contract of employment that we may have with you (if applicable);
- To comply with ZS’s legal obligations as an employer;
- To fulfill our legitimate interests as an employer; or
- To process in conformance with your consent.
ZS works with a number of authorized service providers in the course of everyday business. In addition to our HRIS, we have service providers that assist us with ZSer travel, the processing and distribution of paychecks and other pay, the provision of benefits and other insurance services, as well as providers for the support of core business functions (e.g., software and server space), for example. Unless required or authorized by law, such as requests by government authorities, we never provide ZSers’ personal data to third parties that are not engaged in a service relationship with ZS. We may be required to disclose your personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Governmental and regulatory bodies must follow the applicable legal process to obtain valid and binding orders. All requests must be specific and are reviewed by the ZS Legal team to ensure that the transfer will comply with applicable formalities and that the requests are valid and so that ZS can object to overly broad or otherwise inappropriate requests. ZS does not provide any government with direct and unfettered access to your personal data, and we do not provide any government with our encryption keys.
We are a global company, and your data may be transferred throughout our offices worldwide. We are headquartered in the United States, and your data will be stored and processed according to U.S. privacy standards in alignment with the OECD Privacy Guidelines and the data protection laws and regulations applicable in your workplace. Data is transferred in accordance with the requirements of our intergroup data transfer agreement based on the Standard Contractual Clauses defined in Regulation (EU) 2016/679 and which also satisfies the requirements for cross-border data transfers from Japan under Act No. 57 of 2003 and from the People’s Republic of China under Personal Information Protection Law, as amended. ZS adheres to the essential data protection principles of lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; and accountability.
We provide reasonable and appropriate physical, technical, and organizational safeguards intended to maintain the confidentiality, integrity, and availability of the personal data we collect. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
This Privacy Notice is governed by the laws of the State of Illinois.
Any updates to this Privacy Notice will be posted here. The date at the top indicates the date of the last update.
If you have any questions regarding this Privacy Notice or our privacy practices generally, please contact a member of the Privacy Team within ZS Legal or reach us via e-mail at email@example.com. You may also mail us at:
ZS Associates, Inc.
Attn. Data Protection Officer
One Rotary Center
1560 Sherman Ave. Ste. 800
Evanston, IL 60201
© 2023 ZS