Privacy Policy – Zencruits

Zencruits Inc., inclusive of all subsidiaries and affiliates (“we,” “us,” “our” or “Zencruits”), is a multinational corporation supporting businesses in several highly regulated business verticals including financial services, telecommunications, and healthcare. We are committed to respecting the privacy rights of all individuals we encounter, such as our clients, our clients’ customers, and our employees, and are committed to handling Personal Information responsibility, with integrity, and in accordance with all applicable laws.

The purpose of this Privacy Notice is to explain to you the Personal Information we may collect about you and how we may process that Information. We will also explain who you can contact about concerns you have regarding your Personal Information. And through this Policy, we announce our commitment to the protection of your Personal Information and to ensure the appropriate technical and organizational measures to protect such information against unauthorized or unlawful processing and against accidental loss, alteration, disclosure, or access, and accidental or unlawful destruction or damage thereto, and to abide by all applicable laws, including:

The General Data Protection Regulation Act (“GDPR”),
Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”),
Columbia’s Statutory Law 1266 of 2008,
China’s Personal Information Protection Law,
Dominican Republic’s Law No. 172-13 on the Protection of Personal Information,
Egypt’s Data Protection Law,
Honduras’ Law for Transparency and for Access to Public Information,
India’s Personal Information Protection Law,
Jamaica’s Data Protection Act,
Japan’s Act on the Protection of Personal Information,
Mexico’s Federal Law on the Protection of Personal Information held by Private Parties,
Panama’s Law No. 81 on Personal Information Protection of 2019,
Philippines Data Privacy act, South Africa’s Protection of Personal Information Act,
United Kingdom’s GDPR,
Uruguay’s Law on the Protection of Personal Information and Habeas Data action,
California’s Consumer Privacy Act (“CCPA”),
Colorado’s Privacy Act,
Utah’s Consumer Privacy Act,
Virginia’s Consumer Data Protection act,
the Fair credit Reporting Act (“FCRA”),
the Graham Leach Bliley Act (“GLBA”),
the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and
all other commensurate laws which apply.

For more information about additional rights and responsibilities specific jurisdictions regulate, please see the jurisdiction-specific notice information on this website.

Just visiting the Website?

Our website allows you to learn about the services Zencruits offers and identifies potential job openings for prospective employees. In general, you can visit our website without revealing any information about yourself.

This website may also offer you the opportunity to sample some of the tools Zencruits offers to enhance the Services it provides. By sampling these tools, you acknowledge that certain personal information about you – including your voice and contact information – may be processed by Zencruits and third-parties in order to facilitate the demonstration of the tool.

Additionally, by visiting this website, Zencruits may share and log IP addresses. We may link IP addresses to personally identifiable information for authorized uses, such as marketing. In addition, cookies may be created and shared as part of the browsing process. Please see our Cookie Notice for further details.

Should you provide any information in the forms provided – either as a prospective client or as a prospective employee, or for any other reason – we will use that information provided for those purposes only, as is more fully described below.

Please note that your use of our website (“Site”) signifies your agreement to be bound by the most recent version of this Privacy Notice. Accordingly, when you use our website, you should check the date of this Privacy Notice at the top and review any changes we have made from the previous version.

Links to non-Zencruits websites

Our website may contain links to other third-party websites, including social media sites like Facebook, X (formerly known as Twitter), YouTube, Instagram, and LinkedIn, and other Sites from trade organizations or other companies. We are not responsible for the privacy practices or the content of those other websites when you access them from our website. As such, we encourage you to read the privacy policies of any third-party website you may access from our Site.

Personal Information We Process

What is Personal Information?

Personal Information is any information that identifies you. Examples of Personal Information Zencruits might possess are more fully outlined below, but may include your name, pronoun, email address, phone numbers, physical address, date of birth, age, and so forth. This may include data that you provide to us, that we collect about you from third parties including our clients, or that we assign to you.

What is Sensitive Personal Information?

Zencruits may collect and process certain special categories of Personal Information (“Sensitive Personal Information”) about you where required by applicable law, where necessary for the establishment, exercise, or defense of legal claims, or, where necessary, you have provided explicit (and, where applicable, written, or separate) consent.

Subject to applicable law, Zencruits may process information about:

physical and/or mental health for the purposes of addressing potential workplace health, safety and accommodation issues and assessing absence data during the recruitment process,
criminal charges/convictions or unlawful behavior for recruitment and pre-employment screening purposes and for the assessment of registration and licensing requirements,
data related to sexual orientation, race and/or ethnic origin, gender, gender identity and gender expression, physical and/or mental health for purposes of reporting on diversity and inclusion statistics, complying with government reporting requirements, and/or other legal obligations,
biometric data, such as fingerprints and iris scans, for the purposes of electronic identification, authentication, and corporate security, at secured Zencruits premises.

We process Sensitive Personal Information in your jurisdiction if and to the extent permitted or required by applicable law. We will also seek to protect such information using similar strict security measures as further described below for Personal Information.

Who is covered by this Policy?

This Policy applies to the handling of Personal Information of anyone we process Personal Information from, including prospective employees, current employees, former employees, prospective clients, current clients, former clients, employees of such clients, clients’ customers, our customers, guests, or external staff (“you,” “your”).

What Personal Information do We process?

We access, collect, use, and store (collectively “process”) different types of Personal Information about you as necessary in the ordinary operation of our business. The Personal Information we may process includes:

Name and contact information. Your first and last name, employee identification number/ social security number, email address, date of birth, mailing address, phone number, photo, beneficiary and emergency contact details, and other similar contact information.

Demographic information. Your date of birth and gender as well as more Sensitive Personal Information including information relating to racial and ethnic origin, religious, political, or philosophical beliefs, information about your health, disabilities, sexual orientation, gender identity, and transgender status. We may also ask about your parental status and military status.

National identifiers. Your national ID/passport, citizenship status, residency and work permit status, social security number, or other taxpayer/government identification number.

Employment details. Your job title/position, office location, employment contract, offer letter, hire date, termination date, performance history and disciplinary records, training records, leave of absence, sick time, FMLA requests, and vacation/holiday records.

Spouse’s/partner’s and dependents’ information. Your spouse and dependents’ first and last names, dates of birth, and contact details, and any other information necessary for the purposes collected.

Background information. Your academic and professional qualifications, education, CV/Resume, credit history and criminal records data (utilized for background screening and vetting purposes where permissible and in accordance with applicable law and consultation requirements).

Video, voice, and image. Video, voice, and image data gathered in the court of Zencruits providing services, and gathered while processing your voice to provide a demonstration of certain tools offered as part of the services it provides.

Financial information. Your bank account details, tax information, salary, retirement account information, company allowances and other information necessary to administer payroll, taxes, and benefits.

Feedback and sentiment information. Your responses to employee surveys and feedback collected about managers and co-workers.

Workplace, device, usage, and content data. Application data (such as data from Office 365, Teams, Outlook, or internal business processes) including emails sent and received, calendar entries, to-do items, instant messages, building and information system access, system, and application usage (including telemetry) when accessing and using Zencruits corporate buildings and assets as well as client system data.

Credit card/ payment vehicle information. Information about financial products such as credit cards, or other payment vehicles, including account numbers, security validation numbers, and other information necessary to process payments.

Information from your own device. Personal Information from your own device if you are performing work related functions on that device – i.e., “Bring Your Own Device” (BYOD).

Internet Protocol address (IP Address). Numerical labels assigned to your devices when you visit our website.

Information from third parties. Personal Information about you from third parties or public sources as needed to support the employment relationship or to engage with you concerning job opportunities at Zencruits. For example, before and during your employment or assignment with Zencruits, we may collect information from public professional networking sources, such as your LinkedIn profile, for recruitment purposes.

We also may conduct lawful background screenings, to the extent permitted by law, through a third-party vendor for information about your past education, employment, credit and/or criminal history. In the event of a natural disaster or other life/safety emergency, we may rely on public social media posts or other public sources to account for employees if otherwise unable to contact them.

Additionally, if there is an investigation of an incident involving employees, we may obtain information relevant to the incident from external sources including private parties, law enforcement, or news sources and public social media posts.

How do we collect your Personal Information?

We may collect Personal Information from the following sources:

From publicly available sources. We may collect Personal Information about you from publicly available sources such as social media (e.g., LinkedIn, Facebook, etc.), company websites, or government-run websites.

From you. When you seek or use our services, express interest in or apply for an employment opportunity, work for us, visit our offices, visit our Site, or seek to do business with us, or while sampling a demonstration of tools we provide, you may provide us with Personal Information.

From our clients. Our clients will provide us with your Personal Information while providing services to them.

What about the quality of Personal Information?

The Personal Information we obtain and process shall be adequate, relevant, and not excessive in relation to the purposes for which the Personal Information is processed. When we store your Personal Information, we will take reasonable steps necessary to ensure that such information is not alterable, except by those authorized to do so, for necessary reasons only, and for reasons authorized by applicable law.

Why do We process Personal Information?

We collect your Personal Information for the following reasons:

In the ordinary course of business. You may provide us with your Personal Information, including name, social security number, address, date of birth, and contract information, in order that we, through our own company or one of our subsidiaries – e.g., Systems & Services Technologies, Inc. – may service a product you have obtained with one of our clients.

The processing of such information is necessary to comply with applicable laws or to properly service your product.

For a potential employment opportunity. You may provide us with your Personal Information, such as a resume, curriculum vitae, and social security number, or other identifying information in connection with a potential employment opportunity at Zencruits, whether advertised on the Zencruits website or otherwise.

We may use this information throughout Zencruits for the purpose of your employment consideration. We also may share and use the information on your job application with third parties/suppliers, such as background services and our affiliates, to evaluate and analyze your potential employment.

In addition, if Personal Information is provided as part of an employment opportunity covered under an applicable law, the specific Zencruits recruiting process for that opportunity may provide additional disclosures at the time of obtaining that Personal Information.

For our current employment relationship. We will process your Personal Information to manage our employment relationship with you, and to fulfill our obligations to you as your employer, including on-boarding, processing payroll, administering benefits, administering retirement, managing personal time off/ personal leave/ FMLA/ vacation/ etc., tax reporting, and so forth.

For former employment relationships. We will keep your Personal Information as long as necessary, but no longer than reasonably necessary to comply with all applicable employment-related laws and other legal concerns.

For marketing purposes. We will utilize your Personal Information to market our services to you or the company you work for, after we have determined that You work for a company that could potentially benefit from our services, and that you are a person able to discuss Zencruits’s services for your company.

For other legally required purposes. We may process your Personal Information when necessary to comply with laws and regulations – e.g., minimum wage laws, labor laws, tax laws, health and safety, anti-discrimination laws, migration, and data subject rights.

For other legally permitted purposes. We may process your Personal Information to measure and improve upon internal processes and policies, by using work data to conduct research into efficiencies, human resources, training development, and product development. Where possible, we will anonymize your Personal Information, and where required by law, will eliminate all personal identifiers.

For more information about our services. You may provide us with Personal Information while seeking information about Zencruits’s services, including your name, your organization, and your location.

Do We sell Personal Information?

We do not sell Personal Information. However, our clients are not bound by this Privacy Notice and therefore may sell Personal Information we process on their behalf.

Please review their Privacy Policies for further information concerning how they may use your Personal Information.

How We share your Personal Information with third parties?

We may share your information with third parties, including the following:

Our clients. We may share your Personal Information with our clients as reasonably necessary to provide the services we are providing them.

Our vendors. We may share your Personal Information with our vendors for the purpose of providing us or our clients with services. Examples include payroll administrators, benefits administrators, and entities conducting background checks on you. Additionally, we may share your Personal Information with vendors Zencruits uses to provide Artificial Intelligence solutions so that they may enhance such tools.

Assignees. Our clients may assign your account to a third party. Upon our client’s direction, we will share your Personal Information with this third-party assignee.

Credit reporting agencies. If servicing your account, we may share account information with credit reporting agencies in accordance with applicable law.

Government agencies. Where required, we will share your Personal Information with government agencies.

We will only disclose your Personal Information to the relevant parties to the extent necessary. Where possible, we will enter into strict confidentiality agreements and data processing agreements with such third parties and require them to process Personal Information in accordance with our requirements, this Privacy Notice, and the confidentiality and security measures required by applicable laws and regulations.

How do We protect your Personal Information?

We protect your Personal Information utilizing a comprehensive Data Security infrastructure, including:

Data security. We maintain organizational, physical, and technical security arrangements for all the Personal Information we hold. We have a security program focused on governance, continual assurance and risk assessments with specific InfoSec policies, standards, procedures, processes, guardrails, and protocols to maintain and enforce Zencruits Information Security controls.

We comply with all applicable data protection laws, and secure numerous market leading security measures to protect Personal Information, including several well-known market certifications like SOC 1, PCI-DSS, HIPPA, and HITRUST.

We have regular penetration testing performed by a third-party provider to identify and remediate discovered vulnerabilities. Zencruits also conducts automated vulnerability scans every four hours on endpoints using Qualys security modules.

Zencruits also has a mature 24/7 SOC function with the appropriate level of monitoring of all Zencruits assets for any external and internal attempts to gain unauthorized access or conduct unauthorized data exfiltration.

We work to protect the security of your Personal Information at rest and during transmission by using encryption protocols and software, information and cybersecurity monitoring, 24/7 detection and response service, and robust security controls including DLP and RBAC.

Using information security and quality technology. We implement commercially standard measures and processes, such as using encryption when transmitting sensitive information, with the goal of maintaining and securing the privacy of your Personal Information.

Workplace security and monitoring. Zencruits monitors its network infrastructure through automated tools such as network authentication, anti-malware software, data-loss protection tools, website filtering and spam filtering software, and access and transaction logging. The purpose of this monitoring is to protect Zencruits, its employees, its clients, and its customers from harm.

We may also use vendors to ensure the security of Personal Information as described above.

We also monitor our offices through video monitoring – e.g., closed-circuit television, badge scans, and biometric data for health and safety screening. CCTV is primarily used in public areas for security reasons only – CCTV is not used in private spaces such as restrooms or locker rooms.

Security education. We provide all Zencruits employees with training and education on their security obligations to protect the confidentiality, integrity, and availability of Personal Information and on how to report potential security incidents. We provide phishing and spamming alerts when such threats are identified, or where we receive notice of such threats from third parties.

Human resources. Zencruits employees sign confidentiality agreements and acknowledge security and privacy policies. All Zencruits employees should understand that any message, files, data, document, or other such electronic communication transmitted on premises, or through Zencruits IT communications systems and assets are presumed to be business-related and therefore the property of Zencruits and may be monitored or accessed by us in accordance with applicable law.

In addition, Zencruits employees should also be aware that each call they participate in may be recorded, and that such recording may be shared with third parties for auditing/ quality control purposes, or any other purpose permitted by applicable law.

Incident management. Zencruits has designed incident processes and procedures to detect and respond to incidents that may affect the confidentiality, integrity, and availability of Personal Information. These processes are designed to identify a potential breach, secure operations, and isolate the breach and remediate potential impact, analyze, and fix any identified vulnerabilities, identify affected individuals, and notify them as warranted, and to assess the incident to determine what proactive steps must be implemented to prevent the incident from occurring again.

Continuous improvement. Zencruits’s security posture is based on a continuous improvement process that includes periodic review of security controls effectiveness and, where issues are identified, implementing a plan to remediate any identified vulnerabilities.

Vendor/ subcontractor management. In some cases, in the ordinary course of business, we may use suppliers to collect, use, analyze and otherwise process information on our behalf.

Some such instances include:

To carry out the purposes of this Notice;
To enable third parties to provide services for Zencruits, including financial investment service providers, insurance providers, benefits providers, payroll support services, taxes, facility management, and legal service providers;
To comply with legal obligations, or to respond to a government inquiry;
To seek legal advice from counsel, and as necessary to establishing a defense against potential, threatened, or actual litigation;
To third-party vendors conducting or supporting a necessary part of Zencruits’s business operations.

It is our policy and practice to require such suppliers to handle information in a manner consistent with our security measures and processes.

Although we have taken reasonable and effective measures as described above and comply with the standards required by the applicable laws and regulations, we still cannot guarantee the security of your Personal Information when you are communicating through insecure means. Therefore, You should take active measures to ensure the security of Your Personal Information, such as regularly changing your email account password and not disclosing your account password and other Personal Information to others.

We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulatory authority of a breach where we are legally required to do so.

You understand that the Personal Information protection measures we take only apply to the Personal Information in our possession. Once you use other websites, services, and access other content resources, we have no ability or obligation to protect any Personal Information you submit on other websites, regardless of whether your access to or browsing of the above websites is based on a link or guide in our website.