SCOPE AND OVERVIEW
JANUS GLOBAL OPERATIONS LLC is committed to protecting the privacy and security of personal data as required by law. This Privacy Notice describes how Janus Global and its subsidiaries, affiliates, subcontractors, consultants, suppliers and related entities (collectively, “Janus Global,” “we,” or “us”) collect and process personal data, to include data regulated by U.S. law and the European Union’s General Data Protection Regulation (GDPR.)
This Privacy Notice describes the categories of personal data that we collect, how we use personal data, how we secure personal data, when we may disclose personal data to third parties, and when we may transfer personal data outside of a designated jurisdiction. This Privacy Notice also describes individual rights regarding the personal data that we hold about a person including how it can be accessed, corrected, or request to erase personal data.
We will only process personal data in accordance with this Privacy Notice unless otherwise required by applicable law. We take steps to ensure that the personal data that we collect about a person is adequate, relevant, not excessive, and processed for limited purposes.
WHO THIS STATEMENT APPLIES TO
In some cases, the category may not be all encompassing for an individual, or more than one category may apply.
Employees of Janus, including employees under contract with Janus, those applying for employment with Janus and temporary and part time workers.
Sub-contractors who do business with Janus, including suppliers, sales staff and vendors.
Clients of Janus, including those who are under contract with Janus for specific purposes.
COLLECTION OF PERSONAL DATA
For purposes of this Privacy Notice, personal data means any information about an identifiable individual. Personal data excludes anonymous or de-identified data that is not associated with an individual.
To carry out our activities and obligations, we may collect, store, and process the following categories of personal data:
· Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
· Date of birth
· Government identification numbers such as social insurance or other national insurance number, driver’s license number, or other identification card number
· Certain medical information in case of emergency
· Wage and benefit information
· Compensation history
· Education and training
· Employment application records (including professional memberships, references, work history, and proof of work eligibility)
· Other personal details included in a resume or cover letter or that a person otherwise voluntarily provided to us
· Business contact information
· Certain billing information
· Background checks, including credit checks, criminal history and driving record
· Trade union affiliation
· Sexual preference if stated
· Marital status
· Financial account information
· Proof of life forms based on contract requirements
· Information provided in resume’s
HOW WE COLLECT DATA
Janus collects information in many ways and for a variety of reasons to fulfill its goals, objectives and obligations.
Employees and applicants can apply for positions through electronic means or by sending information in hard copy to Janus. During the application process, Janus may conduct background checks on an individual using a third-party service. Janus requires its vendors, contractors etc. to follow the guidelines in this notice.
Customers may supply information through electronic means or may send hard copies to Janus. Only essential information is collected from customers.
Vendors and sub-contractors may submit information through electronic means or by sending hard copies to Janus.
Janus processes personal information under applicable laws and regulations to carry out its obligations. Where applicable, Janus obtains consent for the use of personal information.
We will only process personal data for the purposes we collected it for or for compatible purposes. If we need to process personal data for an incompatible purpose, we will provide notice to and, if required by law, seek consent. We may process personal data without knowledge or consent where required by applicable law or regulation.
We may also process personal data for our own legitimate interests, including for the following purposes:
· To prevent fraud
· To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution
· To support internal administration with our affiliated entities. A person will not be subject to decisions based on automated data processing without prior consent.
We will only disclose personal data to third parties where required by law or to our employees, contractors, designated agents, or third-party service providers who require such information to assist us with administering contract requirements, employment application processes, including third-party service providers who provide services to us or on our behalf, or other business needs.
We require all our third-party service providers, by written contract, to implement appropriate security measures to protect personal data consistent with our policies and any data security obligations applicable to us. We do not permit our third-party service providers to use personal data for their own purposes. We only permit them to process personal data for specified purposes in accordance with our instructions.
We may also disclose personal data for the following additional purposes where permitted or required by applicable law:
· To other members of our group of companies (including outside of the home jurisdiction) for the purposes set out in this Privacy Notice and as necessary to perform a contract.
· As part of our regular reporting activities to other members of our group of companies
· To comply with legal obligations or valid legal processes such as search warrants, subpoenas, or court orders. When we disclose personal data to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum personal data necessary for the specific purpose and circumstances.
· To protect the rights and property of Janus Global Operations.
· During emergency situations or where necessary to protect the safety of persons
· Where the personal data is publicly available
· If a business transfer or change in ownership occurs
· For additional purposes with consent where such consent is required by law
Where permitted by applicable law, we may transfer the personal data we collect to other jurisdictions for business purposes. For EU citizens or those located in an EU country, we have implemented adequate safeguards to secure the transfer of personal data to the United States and other jurisdictions. All data transfers are done out of necessity, for business purposes and are consistent with the measures outlined in this statement. Janus takes reasonable steps to ensure its employees, subcontractors and those it shares data with to follow applicable laws and privacy protection measures.
We have implemented appropriate physical, technical, and organizational security measures designed to secure personal data against accidental loss and unauthorized access, use, alteration, or disclosure. In addition, we limit access to personal data to those employees, agents, contractors, and other third parties that have a legitimate business need for such access.
Janus may collect personally identifying information about individuals from forms filled out its website.
In addition, when an entity queries Janus’ website, cookies may be placed in the browser files of a user’s computer. These cookies are optional and may be refused any time using your Web browser software; however, doing so will make some parts of the site inaccessible. Please feel free to contact us if you have questions about this policy.
We use customer data in providing a multitude of services to our clients.
The data is used to:
· Respond to your requests. If you contact our employees with a problem or question, we will use your information to respond.
· Sending emails and Janus messages.
Janus may collect information about users’ IP addresses, including users’ utilization of our various sites, to help us design better customer experiences. We use information about your IP address to help diagnose problems with our server, or to enhance our security and investigate an actual or potential security incident. Any use of your information is necessary for our legitimate interests in understanding how sites are being used by you, to improve your customer experience and to ensure network and information security.
Except as otherwise permitted or required by applicable law or regulation, we will only retain personal data for as long as necessary to fulfill the purposes we collected it for, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of personal data, the purposes we process personal data for and whether we can achieve those purposes through other means, and applicable legal requirements.
Under some circumstances we may anonymize personal data so that it can no longer be associated with a person. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to the individual without consent. Once an individual is no longer covered under a contractual agreement with Janus, we will retain or securely destroy personal data in accordance with our document retention policy and applicable laws and regulations.
RIGHTS OF ACCESS, CORRECTION, ERASURE, AND OBJECTION
It is important that the personal data we hold about an individual’s accurate and current. Janus must be informed if personal data changes. Under certain laws and regulations such as the GDPR, a person may have the right to request access to, correct, and erase the personal data that we hold about him/her, or object to the processing of personal data under certain circumstances. A covered individual may also have the right to request that we transfer personal data to another party. To review, verify, correct, or request erasure of personal data, object to the processing of personal data, or request that we transfer a copy of personal data to another party, please contact us at Privacyt@janusgo.com. Any such communication must be in writing.
We may request specific information from to help us confirm an identity and right to access, and to provide an individual with the personal data that we hold or to make requested changes. Applicable law may allow or require us to refuse to provide access to some or all the personal data that we hold about an individual, or we may have destroyed, erased, or made personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide access to personal data, we will inform the individual of the reasons why, subject to any legal or regulatory restrictions.
RIGHT TO WITHDRAW CONSENT
Under certain laws or regulations such as the GDPR, where an individual has provided consent to the collection, processing, and transfer of personal data, a person may have the legal right to withdraw consent under certain circumstances. To withdraw consent, if applicable, contact the Data Protection Officer (see below).
DATA PROTECTION OFFICER
We have appointed a Data Protection Officer to oversee compliance with this Privacy Notice. If there are any questions about this Privacy Notice or how we handle personal data, or would like to request access to personal data, please contact the Data Protection Officer at: firstname.lastname@example.org If you are unsatisfied with our response to any issues that you raise with the Data Protection Officer. A person may have the right to make a complaint with the data protection authority in the home jurisdiction.
CHANGES TO THIS PRIVACY NOTICE
We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any updates. If we would like to use previously collected personal data for different purposes than those we notified an individual about at the time of collection, we will provide notice and, where required by law, seek consent, before using personal data for a new or unrelated purpose. We may process personal data without a person’s knowledge or consent where required by applicable law or regulation.
If you have any questions about our processing of personal data or would like to make an access or other request, please contact us at email@example.com