Effective November 11, 2021Download
Table of Contents
Last Updated November 10, 2021
Pantheon is the data controller or “business”, as defined under the EU General Data Protection Regulation (EU) 2016/679 (“GDPR”) and California Consumer Privacy Act of 2018 (“CCPA”), respectively, dictating the processing of your personal data/person information by various service providers, such as service providers who provide benefits to you if you are an employee.
We collect the following information from an applicant for a job at Pantheon (“applicant”) and for employees:
- Communications: We collect, store, and process information that you provide to us when you communicate with us.
- Applicant/Employeer: We collect, store, and process information that you provide to us when you apply for a job with Pantheon. Such information may include name, address, email address, telephone number and other contact information, resume or CV, cover letter, previous and/or relevant work experience or other experiences, education, transcript, or other information that the job applicant may provide to us in support of an application and/or recruitment process. We may also obtain information from interviews and phone-screening. We may also collect details about the type of employment the applicant may be looking for, current and/or desired salary and other terms related to compensation and benefits packages, willingness to relocate, or other job preferences; details of how the applicant heard about the job opening; any sensitive and/or demographic information obtained during the application or recruitment process such as gender, age, information about citizenship and/or nationality, medical or health information and/or your racial or ethnic origin; reference information and/or information received from background checks, where applicable, including information provided by third-parties; and information related to any assessment you may take as part of the interview screening process. This information is retained while you are an employee of Pantheon and are deleted subject to Data Privacy guidelines.
- Employee: We collect, store and process information necessary to enable us to provide your compensation or pay an invoice, including your name, address, government identification number, salary information, and bank account details. If you are an employee, we also collect, store and process information regarding your tax and 401(k) plan elections.
- Employee: We collect, store and process information necessary for us to provide you with offered benefits, including various insurance programs and other benefits, and may also collect store, and process the following information for any family member or beneficiary listed on your benefits, including benefit selections, medical information, marital status (and, incidentally, sexual orientation), beneficiaries, other covered parties and their age, gender and relationship to you. We also collect, store and process information concerning your job performance and reviews, compensation history within Pantheon, job titles and promotions, dates of employment, training records, leave entitlements, disability-related accommodation requests, updated contact information, use of Pantheon IT systems, employee identification number, photographs, signatures, video images.
Recruitment. Pantheon stores and processes information provided by job applicants for the purposes of carrying out application and recruitment processes. Pantheon uses applicant information to assess skills and qualifications against the applicable job opportunity; verify information and conduct reference checks; and comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
Employment: Pantheon stores and processes information provided by an employee for purposes of carrying out the employment relationship, including the provision of benefits and compensation, onboarding, workflow management, talent management and succession planning, monitoring and enforcing compliance with Pantheon policies and procedures, safety and security monitoring, performing internal or external audits, investigating and enforcing disciplinary measures, and addressing legal disputes. We may also ask for consent for special conditions pertaining to Work from Home or other Remote Work arrangements.
Sharing of Information
- Service providers: From time to time, we may disclose your personal information to organizations that perform services for Pantheon, such as processing job applications, conducting background checks, providing benefits, enabling payment and/or reimbursement, providing consulting services regarding business operations, conducting investigative or providing legal services, and similar services. We will share with these companies only the personal information they need to provide the services. These service providers will be required to agree to use the personal information of applicants and employees solely for the purpose of providing the services, under Pantheon’s instructions, to keep that information secure, and otherwise comply with all applicable data privacy laws and regulations.
- Law enforcement: We may be required in certain circumstances to disclose personal information in response to a lawful request by public authorities, the courts, law enforcement, or to comply with national security requirements. To the extent allowed by law, we will notify you before or in conjunction with a required disclosure.
Pantheon uses appropriate administrative, technical, organizational, and physical security measures to protect applicants’ and employees’ personal information against accidental or unlawful destruction, loss, and alteration, and against unauthorized disclosure and access. We use standard industry practices to protect personal information, including firewalls, SSL encryption, system redundancies, and co-location at a 24/7 secured, controlled environment.
Accessing and Updating Contact Information
We encourage our applicants and employees to access, update and edit their contact information to keep the information current. Employees can access, correct or update their contact information by communicating with the People Team or using self-serve mechanisms within the tools supplied to employees.
Your Data Protection Rights
You can exercise any one of the following data protection rights as may be available to you under applicable law by contacting us at email@example.com. We will acknowledge and respond to your data protection rights requests promptly and in all cases no later than within 30 days unless required sooner under applicable law. You have the following data protection rights:
- You have the right to access, correct, update or request deletion of the personal information we collect about you. Please note that Pantheon may have a legal right or other obligation to maintain certain information about you, irrespective of your request for deletion.
- Please refer to Data Privacy Regulations in your particular geographic location for specific rights that may be provided in addition to the general description above.
Receive Notice of Changes
We retain personal information we collect from you where we have an ongoing legitimate business need to do so as part of your application, employment or engagement with us and to comply with applicable legal, tax and accounting requirements.