Stanley Steemer International, INC.
Applicant/Employee Privacy Notice

ISSUED DECEMBER 2022

Scope and Overview

Stanley Steemer International, Inc. (“SSI”, “we”, “our” or “us”) is committed to protecting the privacy and security of your personal information. This Applicant/Employee Privacy Notice (the “Privacy Notice”) describes how we collect, use, maintain, secure, and disclose (collectively, “process”) personal information about you before, during, and after your working relationship with us, in accordance with applicable data protection and privacy law. This Privacy Notice also describes certain rights you may have regarding the personal information that we hold about you.

Please read this Privacy Notice carefully. If you have any questions or need to access this Privacy Notice in an alternative format due to having a disability, please contact HRSupport@steemer.com or call the Human Resources Employee Support Line (877-667-2448).

Contents

This Privacy Notice covers:

 

 

Personal Information We Collect About You

To carry out our activities and obligations as an employer, we collect, store, and process different types of personal information, some of which we require to administer the employment or other working relationship with you. The following table provides examples of the categories of personal information we may collect and how we process such information:

Context of Collection & Examples of Categories of Information: Identification Information - Name, date of birth, employee identification number, government-issued identification number (e.g., driver’s license number, state identification card, passport, national identification number, Native American tribal document, birth certificate, social security number, etc.), residency and work permit status, and other similar documents used to verify work eligibility.

Primary Purpose for Processing Information: We process this type of information for our business purposes, including general human resources administration and to comply with legal obligations, such as employment eligibility verification laws.


Context of Collection & Examples of Categories of Information: Contact Information - Home address, telephone number(s), e-mail address(es), beneficiary and emergency contact details, and other similar contact information.

Primary Purpose for Processing Information: We process this type of information to satisfy our obligations to you (e.g., communicating with you) as your employer, such as to assist you in the case of an emergency, including maintenance of contact details for you, and your dependents or emergency contacts in the case of a personal or business emergency.


Context of Collection & Examples of Categories of Information: Payroll and Taxes - Rate of pay, salary, bonus, bank account details, tax status and withholding information (i.e., marital status, dependents, etc.), social security number or other taxpayer/government identification number, and other information necessary to administer payroll and taxes.

Primary Purpose for Processing Information: We process this type of information to satisfy our obligations to you as your employer, including administering payroll and benefits, making expense reimbursements and other compensation-related payments, and tax reporting.


Context of Collection & Examples of Categories of Information: Benefits - Spouse, beneficiary, and dependents information, retirement account information, paid and unpaid leaves of absence, and other information necessary to administer benefits provided to employees by SSI.

Primary Purpose for Processing Information: We process this type of information to satisfy our obligations to you as your employer, including administering and maintaining benefits, such as medical dental, optical, additional wellness programs, 401(k) and/or retirement plans and additional fringe benefit programs, including recording and processing eligibility of dependents, absence and leave monitoring, and insurance.


Context of Collection & Examples of Categories of Information: Health Related - Information about job-related medical conditions that impact your ability to perform your job with or without a reasonable accommodation, and health and sickness related information related to reasons for time away from work.

Primary Purpose for Processing Information: We process this type of information for certain business purposes (where permissible and in accordance with applicable law), including ascertaining your fitness to perform your essential job duties with or without a reasonable accommodation, managing absences from work, and complying with legal obligations related to health and safety.


Context of Collection & Examples of Categories of Information: Demographic Data - Please note, under federal and some local laws, we are required to collect and report certain demographic workforce data to federal, state, and or local government agencies for civil rights enforcement purposes. This includes date of birth and gender as well as more sensitive personal information (also known as special category data) including information relating to racial and ethnic origin, religious, political, or philosophical beliefs, and trade union membership. We may also ask you to voluntarily self-identify whether you belong to additional protected classes (disability status, sexual orientation, veteran status, etc.), to promote diversity, equity, and inclusion within SSI. Your submission of this information is voluntary.

Primary Purpose for Processing Information: We process this type of information for a variety of reasons, and this will vary in the different jurisdictions in which we operate. In some jurisdictions, we are required to collect and report certain demographic workforce data to federal, state and or local government agencies.

We also process this type of information for certain business purposes (where permissible and in accordance with applicable law), including promoting diversity, equity, and inclusion within the company.


Context of Collection & Examples of Categories of Information: Recruitment - Educational and professional background information, such as academic and professional qualifications, education, CV/Resume, reference letters, interview notes, credit history and criminal records data (utilized for background check and vetting purposes where permissible and in accordance with applicable law).

Primary Purpose for Processing Information: We process this type of information for the purpose of determining eligibility for hiring, verifying references and qualifications, and making business decisions about your recruitment or employment.

We also process this type of information for general human resources administration and business management.


Context of Collection & Examples of Categories of Information: Terms of Employment - Employment details, such as your job titles/position, office location, letters of offer and acceptance of employment, and/or employment agreements or other working arrangements, hire/re-hire date, termination date, performance history, disciplinary information, professional memberships, and business travel arrangements, leave of absence, sick time, and vacation/holiday records.

Primary Purpose for Processing Information: We process this type of information to satisfy our obligations to you as your employer, including managing our employment or working relationship with you, conducting performance reviews, managing and determining performance requirements, making decisions about salary reviews and compensation, assessing qualifications for a particular job or task, including decisions about promotions, making decisions about your continued employment or engagement.

We also process this type of information for purposes of general business management and operations, accounting and auditing.


Context of Collection & Examples of Categories of Information: Qualifications and Training - We collect information from individuals concerning the training that they receive from us, or from third parties. Where applicable, we also collect information related to licensing and certifications.

Primary Purpose for Processing Information: We process this type of information for the purpose of establishing training and/or development requirements, understanding and recording qualifications of the individuals that work with us, and in some cases complying with any legal obligation regarding the training or qualification of certain staff.


Context of Collection & Examples of Categories of Information: Investigations - Details of any workplace investigations.

Primary Purpose for Processing Information: We process this type of information for the purpose of ensuring a safe working environment, investigating all information related to potential violations of workplace policies, procedures, protocols, concerns, and/or complaints.


Context of Collection & Examples of Categories of Information: IT and Communications Information - Information about your use of SS Technology Systems. For more information about what SSI monitors and why, please refer to the Technology Systems terms in Section Two of the Employee Handbook.

Primary Purpose for Processing Information: We process this type of information for our business purposes (where permissible and in accordance with applicable law), including managing network and IT systems security, monitoring the use of our IT and communication systems, ensuring compliance with our internal policies and procedures, protecting confidential information, intellectual property, and other business interests, and investigating unlawful or improper acts.


Context of Collection & Examples of Categories of Information: Video, Voice and Images - Audio visual information, such as photographs, video images like closed-circuit television (“CCTV”), call monitoring records, and voicemails.

Primary Purpose for Processing Information: We process this type of information for our legitimate business purposes (where permissible and in accordance with applicable law), including compiling and maintaining internal directories (such as directories of employees and staff), securing our facilities and equipment, and protecting our property.


 

 

How We Collect Your Personal Information

Most often, we collect personal information from you directly, including through the application and recruitment process as well as in the course of your employment or working relationship with us.

In some cases, we also collect personal information about you from third parties, such as employment agencies, former employers, and personal and professional references, or public sources. For example, before and during the course of your employment or working relationship with us, we may collect information from public social media sources, such as your LinkedIn profile, for recruitment purposes. We may also conduct lawful background screenings, to the extent permitted by law, through a third-party vendor for information about your past education, employment, credit and/or criminal history. Before we conduct a background check, we will provide you with acknowledgement and authorization forms. Additionally, if there is an investigation of an employee matter, we may obtain information relevant to the incident from external sources including private parties and/or law enforcement. For more information regarding background checks, please refer to the Background Checks terms in Section Two of the Employee Handbook.

We will also collect additional personal information during job-related activities. This may include monitoring communications and use of SSI’s Technology Systems, or from other employees or managers. For more information about what SSI monitors and why, please refer please refer to the Technology Systems terms in Section Two of the Employee Handbook.

If you fail to provide certain personal information when requested, we may not be able to perform our duties to you (such as paying you or providing a benefit) or we may be prevented from complying with our obligations to you (such as to ensure the health and safety of our employees).

 

 

How We Process Your Personal Information

In addition to the purposes and uses described elsewhere in this Privacy Notice, we may process your personal information for the following purposes:

  • To manage your employment or other working relationship with us, including payroll and benefits administration, business management and planning, processing employee work-related claims (for example, insurance and worker's compensation claims); accounting and auditing, conducting performance reviews and determining performance requirements, and assessing qualifications for a particular job or task.
  • To comply with applicable legal and regulatory obligations, including those related to labor and employment, health and safety, and tax.
  • To ensure a safe working environment, including investigating potential misconduct.
  • To protect health and safety in the workplace.
  • To detect and protect against malicious, deceptive, fraudulent, or illegal activity, violations of our policies, or other types of wrongdoing.
  • To enforce, exercise, or defend legal claims, and enforce disciplinary actions or termination.
  • To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution. This may include monitoring communications and use SSI Technology Systems (where permitted by, and in accordance with, applicable law). For more information about what SSI monitors and why, please refer to the Technology Systems terms in Section Two of the Employee Handbook.
  • To conduct data analytics analyses to review and better understand employee retention and attrition rates.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
  • For other lawful purposes which may be reasonably necessary to plan, organize, and carry out administrative tasks required for day-to-day business operations.

 

 

How We Share Your Personal Information

In addition to the specific situations discussed elsewhere in this Privacy Notice, we share your personal information in the following situations, where permitted or required by applicable law:

  • Affiliates. We share your information with our subsidiaries and affiliates in the course of our normal business operations.
  • Franchisees. From time to time, we may share your information with our independently owned and operated franchisees.
  • Business Transactions. We may share your information with a potential buyer (and its agents and advisors) in connection with any proposed merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution, or liquidation), in which case, personal information held by us about you will be among the assets transferred to the buyer or acquirer.
  • SSI Employees. Other individuals within SSI may have access to your information. For instance, employees may have access to phone and electronic directories. Depending upon the type of processing and its purposes, your personal information may be shared based on a business need within the Human Resources, Accounting, Risk Management or IT Department, or employees in charge of the security of SSI facilities, your manager, and your manager’s manager.
  • Service Providers. We share your information with our contractors, vendors, and Service Providers that assist us with administering the employment or working relationship with you and/or provide services to us or on our behalf. For example, Service Providers may include, but are not limited to, payroll processors, benefits administration providers, data storage or hosting providers, and recruitment agencies.
  • Other Third Parties. We may share certain information with third parties who provide professional services (such as attorneys, auditors, accountants, and management consultants), professional bodies, and regulatory authorities in the normal course of business.
  • Legal or Regulatory Requests and Investigations. We may disclose your information to third parties under the following circumstances (i) to comply with relevant laws or regulations, to respond to a court order, administrative or judicial process, such as a subpoena, warrant, court order, or government audit; (ii) in response to lawful requests by public authorities (such as national security or law enforcement); and (iii) as necessary to establish, exercise or defend against potential, threatened or actual litigation (such as adverse parties in litigation). We may also need to share your information with tax authorities, courts, regulators, the police, and other governmental authorities where we are required or permitted to do so by law.
  • Protection of the Company or Others. We may share your information where necessary to protect SSI, including to investigate, prevent, or respond to possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
  • Disclosures with Your Consent. We may ask to share your information with other unaffiliated third parties who are not described elsewhere in this Privacy Notice. For example, we may share your information with third parties to whom you or your representatives authorize us to disclose personal information in connection with products or services we or they provide to you.

 

 

How Long We Retain Your Personal Information

Except as otherwise permitted or required by applicable law or regulation, we endeavour to retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal information, we consider applicable legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, and the purposes for which we process your personal information.

Generally, this means we will keep your personal information until the end of your employment or other working relationship with us, plus a reasonable period of time thereafter (typically a maximum of 7 years) where necessary to respond to any employment inquiries; to any legal, tax, accounting or administrative matters; or to provide you with ongoing benefits. We may retain your personal information for longer than 7 years (i) if law authorizes, expressly or explicitly, a longer period or prescribes a shorter period; and (ii) if at the end of such 7-year period, the processing of the personal information would still be required for the purpose of legal proceedings or would still be required by applicable law.

 

 

How We Protect Your Personal Information

We maintain reasonable physical, technical, and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to help protect your personal information against loss, unauthorized access or disclosure, modification, or destruction. While we use reasonable efforts to protect your personal information, we cannot guarantee the security of your personal information. If we are required by law to inform you of any privacy or security event relating to your personal information, we may notify you electronically, in writing, or by telephone, if permitted to do so by law.

 

 

Your Rights in Relation to Your Personal Information

Under applicable data protection laws, you may have certain rights with respect to your personal information, including the right to:

  • Request access to and obtain a copy of the personal information we have about you in accordance with the Personnel Information Policy within Section Two of the Employee Handbook);
  • Request correction of any inaccurate or incomplete personal information we have about you;
  • Request deletion of your personal information, subject to certain limitations and exceptions; and
  • Restrict or object to the processing of your personal information under certain circumstances.

Please note, not all these rights are absolute, and they do not apply in all circumstances. In some cases, we may limit or deny your requests to access, modify, or delete your information, or to object to processing. This may occur because the law permits or requires us to do so.

If you want to exercise any of the above rights, please contact HRSupport@steemer.com or call the Human Resources Employee Support Line (877-667-2448). Please note that in order to fulfil your request, we may need you to provide certain personal information to verify your identity. We may verify your identity in person, by phone call, or via email. Depending on your request, we will ask for information such as your name, your employee ID, or the name of your direct manager. We may also ask you to provide a signed and declaration confirming your identity.

If you are a California resident, you may designate an authorized agent to submit a request on your behalf to access, correct, or delete your personal information. To do so, you must (1) provide that authorized agent written, signed, and notarized permission to submit such request, and (2) verify your own identity directly with us.

If you are submitting a request on behalf of another person, please email HRSupport@steemer.com. You must provide written and notarized proof that you have been authorized by the individual to act on his or her behalf. Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized to submit such request.

 

 

Changes to This Privacy Notice

We may update or change this Privacy Notice from time to time. To the extent we make material changes, the Privacy Notice that was in place at the time you submitted personal information to us will generally govern that information.

 

 

Contact Information

If you have any questions about this Privacy Notice, would like additional information, or make a request to exercise any of your rights, please contact us at:

Phone: (877) 667-2448

Emal: HRPrivacy@steemer.com

Postal Address:

Stanley Steemer International, Inc.
5800 Innovation Drive
Dublin, OH 43016

 

 

Additional Information for California Residents

California law requires organizations to disclose whether certain categories of personal information are collected, “sold,” or disclosed for an organization’s “business purpose” (as those terms are defined under California law). The following describes the categories of personal information we collect and to whom we disclose such information for business purposes. We do not “sell” personal information (as such term is defined under California law).

Categories of Personal Information Collected: Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, email address, account name, or other similar identifiers.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Franchisees
  • Business Partners
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Internet service providers
  • Operating systems and platforms
  • Service Providers

Categories of Personal Information Collected: Other identifying information, such as physical characteristics or description, date of birth and signature.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Business Partners
  • Government entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Financial information, such as banking details, tax information, payroll information, and withholdings.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Health and safety information, such as health conditions (if relevant to your employment), job restrictions, workplace illness and injury information, and health insurance policy information.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Characteristics of protected classifications under California or federal law, such as age, race, color, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status to the extent disclosed by the employee.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Internet or other electronic network activity information, such as your search history, browsing history, login information, and IP addresses on SSI' information systems and networks.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Internet Service Providers
  • Operating Systems and Platforms
  • Service Providers

Categories of Personal Information Collected: Geolocation data, such as time and physical location related to use of an internet website, application, device, Company-owned vehicles/equipment or physical access to a SSI office location.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Franchisees
  • Internet Service Providers
  • Service Providers

Categories of Personal Information Collected: Sensory information, such as audio, electronic, visual, thermal, olfactory, or similar information. This may include call monitoring and video surveillance, and in some cases COVID-19 or other public health related temperature checks.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Franchisees
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Professional or employment-related information, such as work history, academic and professional qualifications, educational records, references, interview notes, job title, position, hire dates, compensation, performance and disciplinary records, and vacation and sick leave records.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Franchisees
  • Business Partners
  • Government Entities (as may be needed to comply with law or prevent illegal activity)
  • Service Providers

Categories of Personal Information Collected: Inferences drawn from any of the information listed above, such as profile or summary about an employee's preferences, characteristics, attitudes, intelligence, abilities, and aptitudes.

Categories of Recipients to Whom Information is Disclosed for our Business Purposes:

  • Affiliates or Subsidiaries
  • Business partners
  • Service Providers

Categories of Sensitive Personal Information Collected: We also collect a subset of personal information that is deemed “sensitive personal information” under California law. The following describes the categories of sensitive personal information we collect, our purposes for collecting it, and whether we sell or share that information for purposes of cross-context behavioral advertising.

Categories of Sensitive Personal Information Collected: Social security, driver’s license, state identification card, or passport number.

Purposes for which it is collected:

  • Comply with all applicable laws and regulations.
  • Conduct background checks (where permitted by applicable law)
  • Eligibility for employment
  • Business travel

Is information sold or shared for purpose of cross-context behavioral advertising? No


Categories of Sensitive Personal Information Collected: Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.

Purposes for which it is collected:

  • Creation, maintenance, and security of your online employee accounts.

Is information sold or shared for purpose of cross-context behavioral advertising? No


Categories of Sensitive Personal Information Collected: Precise Geolocation

Purposes for which it is collected:

  • Comply with all applicable laws and regulations.
  • Manage and monitor employee access to Company facilities, vehicles, equipment, and systems.
  • Investigate and enforce compliance with and potential breaches of Company policies and procedures.

Is information sold or shared for purpose of cross-context behavioral advertising? No


Categories of Sensitive Personal Information Collected: Racial or ethnic origin, religious or philosophical beliefs, or union membership.

Purposes for which it is collected:

  • Comply with all applicable laws and regulations.

Is information sold or shared for purpose of cross-context behavioral advertising? No


Categories of Sensitive Personal Information Collected: Contents of a mail, email, and text messages unless the business is the intended recipient of the communication.

Purposes for which it is collected:

  • Manage and monitor employee access to company facilities, equipment, and systems.
  • Investigate and enforce compliance with and potential breaches of Company policies and procedures.
  • Exercise or defend the legal rights of the Company and its employees and affiliates, customers, contractors, and agents.

Is information sold or shared for purpose of cross-context behavioral advertising? No


Categories of Sensitive Personal Information Collected: Information concerning health

Purposes for which it is collected:

  • Comply with all applicable laws and regulations.
  • Employee benefits administration
  • Workers’ compensation claims management

Is information sold or shared for purpose of cross-context behavioral advertising? No


Purposes for Which We Use Personal Information: We collect the categories of personal information listed above for human resources, employment, benefit administration, health and safety, and business-related purposes and to comply with applicable laws and regulations. For additional details about how we use and disclose personal information, please refer to the Section titled “How We Process Your Personal Information” and the Section titled “How We Share Your Personal Information” of this Privacy Notice.

Effective Date: December 29, 2022

Last Updated: December 29, 2022