Human Resources Privacy Notice

1. Introduction and Scope

VeraSafe, LLC, its Affiliates (as defined below), and its associated law firm VeraSafe Legal, LLP (collectively, “VeraSafe”, “we”, “us”, our”) take very seriously the protection of information commonly referred to as “Personal Data”, which means information that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular individual.

Please read this Privacy Notice (this “Notice”) to learn what Personal Data we collect about you concerning your working relationship with us, why and how we collect and use it, and with whom we might share it.

It is essential that you read and understand this Notice. If you have questions or do not fully understand it, please seek additional information from VeraSafe’s Internal Privacy Team, who can be contacted at [email protected].

2. What Is Covered by This Notice?

This Notice addresses individuals (“Data Subjects”) associated with VeraSafe by employment or interest, which includes current, potential, and previous recruitment candidates, employees, officers, staff members, contractors (including permanent, fixed-term, and temporary staff, any third-party representatives and contractors, volunteers, interns, and agents engaged with VeraSafe); any directors and members of VeraSafe; and the emergency contacts provided by the individuals described hereunder (collectively, “Team Members”).

This Notice is issued on behalf of VeraSafe, and when we mention “VeraSafe”, “we”, “us” or “our” in this Notice, we are referring to the relevant entity in the VeraSafe corporate group responsible for processing your specific Personal Data (typically, the entity with which you contracted or to which you submitted a job application). On the other hand, if we refer to a specific entity within VeraSafe, such as VeraSafe, LLC, we are referring to only that entity.

This Notice covers:

• our role with respect to your Personal Data; 
• what categories of Personal Data we collect about you; 
• how we obtain your Personal Data; 
• the purposes for which we use your Personal Data; 
• the parties with whom we share your Personal Data; 
• our retention of your Personal Data; 
• your rights with respect to the Personal Data we collect about you; 
• how we protect your Personal Data; and 
• how to contact us. 

3. What Is Not Covered by This Notice?

Information That Is Not Personal Data 

This Notice does not apply to information that is not Personal Data.

VeraSafe Professional Services Data

Personal Data we collect about Data Subjects in the provision of services to our clients, as described in our Services Privacy Notice, is not covered by this Notice.

Business Development Data

Personal Data we collect about visitors to our websites or in the context of our sales and marketing initiatives, as described in our Sales, Marketing, Outreach, and Website Privacy Notice, is not covered by this Notice.

4. Entities Covered by this Privacy Notice

This Privacy Notice covers VeraSafe, LLC and its affiliated entities, which include:

• VeraSafe Czech Republic s.r.o.; 
• VeraSafe Ireland Ltd.; 
• VeraSafe Legal, LLP; 
• VeraSafe Netherlands B.V.; 
• VeraSafe South Africa (Pty) Ltd.; and 
• VeraSafe United Kingdom Ltd. (the foregoing, the “Affiliates”). 

5. Our Role With Respect to Your Personal Data

Within the scope of this Notice, VeraSafe acts as a data controller in respect of the Personal Data that we collect or that others collect on our behalf. This means that we are responsible for determining the purposes and means of the processing of such Personal Data – in other words, how and why we collect, use, and share it.

6. Basis of Processing

We may process your Personal Data on the basis of: 

• the need to perform an employment contract with you or take steps at your request prior to entering into an employment contract with you; 
• our legitimate interests, such as our interests in making or negotiating a job offer and providing valuable employment benefits or on-the-job training to you; 
• the need to comply with applicable laws; or 
• any other ground, as required or permitted by law.

Where we receive your Personal Data as part of entering into or performing our obligations under an employment contract with you, we require such Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to meet our contractual obligations as your employer. 

7. What Categories of Personal Data Do We Collect?

As a VeraSafe Team Member or an applicant to a job posting listed by VeraSafe, we may process the following categories of Personal Data about you:

• Biographical and identification information, such as first name, last name, date of birth, marital status, national identification/social security number, and copies of ID cards, driver’s licenses, and passports; 
• Contact and location information, such as email address, phone number, postal address, IP address, and emergency contact information; 
• Professional and educational information, such as job title, position, resume, cv, employment history, certifications and degrees; 
• Health information, such as information related to providing sick leave and healthcare benefits to you (or covered family members), and other such information provided by you; 
• Financial information, such as wages, personal or business bank account information, and credit/debit card information; 
• Employment information, such as information about your daily and weekly schedule, preferred or available working hours, performance reviews, employment survey information, interview logs, and information collected by VeraSafe to analyze performance, such as activity logs, or by VeraSafe’s information systems; and 
• Other information, such as photographs, audio and video recordings, information from background checks (which may include criminal convictions and certification/license status), information related to your personal interests and hobbies, and any other Personal Data provided by you. 

8. Personal Data About Children Under the Age of 16

We do not knowingly collect Personal Data from children under 16 unless a child under 16 is the only emergency contact a Team Member can provide us with or is a necessary or chosen beneficiary listed by a Team Member. In the event that you do list a child under 16 as your emergency contact, we will need to obtain the informed consent of that child’s parent or legal guardian in order to process their Personal Data. 

If you believe we might have any information from or about a child under 16, please contact us. If we learn that we have collected or received Personal Data from a child under 16 without parental consent, we will delete that Personal Data. 

9. How Do We Obtain Your Personal Data?

We collect and process Personal Data relating to Team Members as part of our human resources processes. In particular, we may obtain your Personal Data when: 

• you submit it to us during the process of your job application, for example, when we collect Personal Data from application forms, CVs, resumes, or LinkedIn profiles, your passport or other identity documents, or through interviews or other forms of assessment, including online tests; 
• your recruitment agency submits it to us; 
• you provide it to us during your working relationship with us; 
• we collect it in the course of job-related activities during the period when you work for us; or 
• it is provided to us by other third parties, such as former employers, authorities, government entities, social networks, or other information providers.

Subject to applicable laws, your Personal Data may be obtained through background checks, security clearances, and other similar information sources as required by law or deemed necessary due to the nature and security requirements related to the position in question. 

10. How Do We Use Your Personal Data?

We may process your Personal Data for the purposes of: 

• professional recruiting and employment application review; 
• entering, performing, amending, managing, and terminating employment and service contracts, and determining the terms on which you work for VeraSafe; 
• onboarding you as a VeraSafe Team Member, such as creating an email account for you, providing access to various other information systems, and generally enabling teamwide communication within VeraSafe and with VeraSafe clients; 
• providing equipment to you in your capacity as a VeraSafe Team Member; 
• carrying out our contractual obligations with consumers, customers, and suppliers; 
• arranging trainings and professional development activities; 
• providing contractually agreed-upon compensation and benefits, including healthcare benefits for you and your covered family members; 
• managing the expenses of VeraSafe; 
• managing your health and safety in the workplace; 
• arranging work-related travel and accommodation; 
• arranging and implementing team-building activities and initiatives; 
• reviewing and approving expenses you submit for reimbursement; 
• reviewing and confirming the status of applicable professional licenses, certifications, and qualifications; 
• responding to your requests or questions; 
• preventing fraud or criminal activities; 
• conducting criminal background checks; 
• assuring network and information security, including access management to prevent unauthorized access to our systems; 
• monitoring your use of our information and communication systems and other assets to assure compliance with our policies and procedures; 
• determining performance requirements, setting individual targets, conducting regular performance reviews, and managing performance records in accordance with our policies and procedures; 
• dealing with legal disputes involving you, or other employees, workers, and contactors, including work related accidents; or 
• enforcing our legal rights and complying with laws and regulations applicable to VeraSafe. 

11. With Whom Do We Share Your Personal Data?

As an international organization, we may share your Personal Data with our Affiliates to operate our human resources systems, and also as part of our regular reporting activities on performance, in the context of a business reorganization or restructuring exercise, or for system maintenance support and hosting of data. 

We may share your Personal Data with service providers that process Personal Data on our behalf for the purposes of providing services such as:

• professional employment organization (PEO) services, including payroll and benefits management services; 
• cloud-based communication software, such as email, VoIP, and teleconferencing software; 
• cloud-based project management software; 
• benefit management services; 
• performance management services; 
• applicant tracking system services; 
• human resource information system software and services; 
• social networking websites or platforms; 
• cloud-based productivity software and work collaboration tools; 
• cloud-based accounting software; and 
• learning management systems. 

Some of those service providers may be located outside of the European Economic Area (“EEA”), the United Kingdom (“UK”), or the Republic of South Africa, such as in the United States (“U.S.”). We remain liable for the protection of your Personal Data that we transfer or have transferred to third parties, except to the extent that we are not responsible for the event that leads to any unauthorized or improper processing of your Personal Data. Where your Personal Data is protected by the General Data Protection Regulation (the “GDPR”), before transferring your Personal Data to any of those third parties, we will either ask for your explicit consent or require the third party to maintain at least the same level of privacy and security in respect of your Personal Data as we do. We will only transfer your Personal Data to third parties in countries not recognized by the European Commission as providing an adequate level of protection (a list of countries with levels of protection recognized as adequate is available here) where there are appropriate safeguards in place. Such safeguards may include the Standard Contractual Clauses approved by the European Commission. 

12. Other Disclosures of Your Personal Data

We may disclose your Personal Data to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by government or law enforcement officials, or private parties). We may also disclose your Personal Data if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Data to our Affiliates, but only for business purposes, as described above.  

If we have to disclose your Personal Data to government or law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data. 

13. Data Retention

We will retain your Personal Data for as long as is necessary to fulfill the purpose for which it was collected, or any other permitted purpose, and to comply with our legal obligations. Such retention will continue for no longer than permitted by applicable law.

14. Your Privacy Rights: Access and Review

If we process your Personal Data, you may have the right to request access to (or the updating, correction, or deletion of) such Personal Data, to ask that we limit our processing of such Personal Data, to object to our processing of such Personal Data, or to data portability in respect of such Personal Data. 

You may also have the right to opt out of having your Personal Data shared with third parties, or to revoke your consent to our sharing your Personal Data with third parties. 

You may have the right to opt out if your Personal Data is used for any purpose that is materially different from the purposes for which it was originally collected or that you subsequently authorized. 

If, however, a request you make under one of these rights conflicts with VeraSafe’s legal rights or obligations, VeraSafe may not be able to fulfill that request. 

To exercise any such right or raise any questions related to your Personal Data, please contact us using the information in the “Contact Us” section below. To exercise your rights with respect to information processed by a third party, please refer to the privacy notice of that third party. 

15. How Do We Protect Your Personal Data?

We are strongly committed to keeping your Personal Data safe. We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect your Personal Data from unauthorized processing, including internal data security and data governance policies compliant with industry best practices and, where appropriate, encryption of data at rest and in transit. Unauthorized processing includes unauthorized access, exfiltration, theft, disclosure, alteration, or destruction.

16. U.S. Regulatory Oversight 

VeraSafe, LLC is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. 

17. EEA and UK Supervisory Authority Oversight 

If the GDPR applies to our processing of your Personal Data, you may have the right to lodge a complaint with a supervisory authority in the EEA or the UK if you are not satisfied with how we process your Personal Data. 

18. Data Protection Representatives 

EU – VeraSafe Czech Republic s.r.o.
Address: Rohanské nábřeží 678/23, Prague 8, 18600, Czech Republic  

UK – VeraSafe United Kingdom Ltd.
Address: 37 Albert Embankment, London, SE1 7TL, United Kingdom 

Phone: +420 228 881 031
Email: [email protected] 

19. Changes to This Notice 

If we make any material change to this Notice, we will post the revised Notice to this webpage. We will also update the effective date at the top of this Notice. 

20. Contact Us

If you have any questions about this Notice or our processing of your Personal Data, you can contact us at: 

We will respond to legitimate inquiries within 30 days of receipt.