Effective Date: October 30, 2023
Last Reviewed: December 19, 2024
This Job Applicant Privacy Policy and Notice at Collection (“Policy”) describes how OwnCompany Inc. (“Company”, “we”, “us” and “our”) collects, uses, and discloses information about individuals who apply for open positions at our Company (“Job Applicants”).
This Policy does not apply to our handling of data gathered about you in your role as a user of our services. If you interact with us as in that role, the Own Privacy Notice applies.
Please read this Policy and any other privacy notices carefully. Please note that this Policy does not form part of any employment contract or contract to provide services.
We collect, store, and use various types of information that identifies, relates to, or could reasonably be linked to you (“personal information”) in connection with your application for employment with us. We collect such information either directly from you or (where applicable) from another person or entity, such as professional networking websites, job posting websites, employment agencies, recruitment companies, or your professional references. We may collect additional personal information throughout the course of your application process.
The information we collect from and about Job Applicants includes, where applicable:
We may collect, use, disclose, and store personal information for our business purposes, which include, where applicable:
We may also use personal information for any other legally permitted purpose (subject to your consent, where legally required).
Some personal information we collect in the recruitment process, such as ethnicity and veteran status, may be considered “sensitive” under applicable law. We use such information only for the following purposes: government reporting purposes, such as to help us monitor compliance with equal opportunity legislation; designing, implementing, and promoting our diversity and inclusion programs; analyzing and understanding our workforce; conducting internal audits; investigating grievances and suspected violations of Company policy; and exercising or defending the legal rights of Company or our employees. Some “sensitive” information may be required for certain job applications
In countries where we are required to state the “legal basis” on which we process personal information, we process Job Applicants’ personal information where:
We may disclose certain personal information to the following types of entities or in the following circumstances (where applicable):
The personal information we collect from Job Applicants will be retained until we determine it is no longer necessary to satisfy the purposes for which it was collected and our legal obligations. As described above, these purposes include our business operations and complying with reporting, legal and accounting obligations. In determining how long to retain information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the personal information, the purposes for which we process the personal information and whether we can achieve those purposes in other ways, the applicable legal requirements, and our legitimate interests.
Residents of California, the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland have certain rights regarding their personal information. This section is solely applicable to such residents to the extent that such rights apply.
California: Subject to certain exceptions, if you are a California resident, you may request:
You also have the right not to be discriminated against (as provided for in California law) for exercising your rights.
EEA, UK, and Switzerland: Subject to certain exceptions, if you are in the EEA, UK, or Switzerland, you may request:
You also have the right to lodge a complaint with the Supervisory Authority in your jurisdiction regarding our processing of your personal information, but we encourage you to contact us first so we can do our best to resolve any complaints.
Exceptions to Your Rights: There are certain exceptions to these above rights. For instance, we may retain your personal information if it is reasonably necessary for us or our service providers to provide a service that you have requested or to comply with law or to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity or prosecute those responsible for that activity.
Exercising Your Rights: To exercise one of the rights above, you may contact us as provided below. We will take reasonable steps to verify your identity before responding to a request. In doing so, we may ask you for verification information so that we can match at least two verification points with information we maintain in our files about you. If we are unable to verify you through this method, we shall have the right, but not the obligation, to request additional information from you.
Other Information for California Residents: California law places certain obligations on businesses that “sell” personal information to third parties or “share” personal information with third parties for “cross-context behavioral advertising” as those terms are defined under the California Consumer Privacy Act (“CCPA”). We do not “sell” or “share” the personal information covered by this Policy and have not done so in the twelve months prior to the effective date of this Policy.
California law also requires that we provide you with the “categories” of personal information we collect and the categories of entities to which we disclose such personal information. In the 12 months leading up to the effective date of this Policy, we have disclosed the categories of personal information described in Section 1 of this Policy to the categories of entities described in Section 3 of this Policy, as follows:
Under California law, we collect the following “sensitive personal information”: race and ethnicity. We disclose this information to the following categories of entities as necessary for equal opportunity and diversity and inclusion purposes and for compliance with applicable law (including immigration and employment law) or to exercise rights thereunder: internally and to vendors, for purposes of legal compliance and exercising legal rights, and with your consent.
The Company complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. The Company has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the DPF Principles, we commit to:
a) resolve questions or complaints about our collection or use of your personal information under the Data Privacy Frameworks by following the Dispute Resolution process set out here;
b) cooperate with the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved DPF complaints concerning data transferred from the EU, the UK and Switzerland;
c) submit to binding arbitration before the EU-U.S. DPF, UK-U.S. DPF or Swiss-U.S. DPF Panel (as applicable) if this option has been invoked by you, as is your right under certain circumstances;
d) cooperate with the DPAs, the ICO and FDPIC and comply with the advice given by such authorities with regard to human resources data transferred from the EU, the UK and Switzerland in the context of any applicable employment relationship; and
e) accept responsibility (including any potential liability) for onward transfers of personal data to third parties.
In addition, it is important for you to be aware that, with respect to personal data received or transferred pursuant to the Data Privacy Frameworks, the Company is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
For the sake of clarity, the U.S. entity of Own adhering to the DPF Principles is the entity identified in the “How to Contact Us About This Policy” section below.
If you have questions about our collection, use, or disclosure of personal information, please contact us by email at privacy@owndata.com or in writing at:
OwnCompany Inc.
Attention: Privacy
940 Sylvan Ave
Englewood Cliffs, NJ 07632
You can also contact us from the United States on this toll-free number: (888) 299-2910