NOTICE TO APPLICANTS AND EMPLOYEES

Optimal (“we”, “us”, or “our”) and our subsidiary companies are committed to respecting your privacy rights. Please take notice that Optimal (the “Company”) collects certain information about you from your application and/or employment. This is Optimal’s Notice at Collection describing how your personal information is collected, used, processed, and transferred. This policy applies to any natural person who has applied to or is currently employed at the Company.

 

Unless we so indicate or the context clearly suggests otherwise, for purposes of this policy all references to “we”, “us”, or “our” are to us and our subsidiaries collectively including UNTU, LLC, a Delaware limited liability company (“UNTU”); DSPolitical, LLC, a District of Columbia limited liability company (“DSPolitical”); Optimad Media, LLC, a Delaware limited liability company (“Optimad Media”); and Effective Spend Media, LLC, a Delaware limited liability company. This Privacy Policy applies to the Personal Information of individuals who are (a) employees, (b) independent contractors, interns, and other individuals who perform work for the Company and (c) applicants for any of the roles referred to in (a) and (b), or (d) any of the dependents, emergency contacts and beneficiaries of the individuals referred to in (a) and (b) (collectively for purposes of this policy, “employees”).

 

Various consumer privacy laws, including the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CPRA”), and including the consumer privacy laws of various other states that may be enacted from time to time (collectively, the “Applicable Laws”), provide applicants and employees with certain rights, in particular:

 

  • Knowledge of information collected;
  • Deletion of information collected;
  • Opt-out of information collected;
  • Opt-in of information collected;
  • Correction of information collected;
  • Going to court;
  • Limit use of information collected;
  • Not to be discriminated or retaliated against for exercising rights under Applicable Laws.

 

Information Sources: The Company collects information about you from the following sources:  (1) you; (2) your spouse or dependent; (3) prior employers, references, recruiters, job-related social media platforms; (4) third-party sources of demographic information; (5) third-party companies, such as background check companies and drug testing facilities; (6) vendors and service providers; (7) public sources; (8) automated technologies; (9) surveillance or recording technologies recorded by the Company; (10) government or administrative agencies; acquisition of another company; and (11) claim administrators and investigators. Depending on the Company’s interactions with you, we may or may not collect all of the information identified about you.

 

Personal Information and Sensitive Personal Information Covered: The Company may collect your Personal Information, which is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household (“Personal Information”).  The Company may also collect your Sensitive Personal Information, which is a subset of Personal Information that would be considered high risk or as otherwise defined by Applicable Laws (“Sensitive Personal Information”).

 

Personal Information includes information that can be reasonably used to identify you, directly or indirectly, such as:

 

  • Identifiers, such as your name, government-issued identifier (e.g., Social Security number), unique identifiers (e.g. employee ID), telephone number(s), postal address, e-mail address, and signature;
  • Characteristics of protected classifications under Applicable Law, such as your age, marital status, gender, sex, race, color, disability, citizenship, primary language, immigration status, military/veteran status, disability, request for leave and medical conditions;
  • Commercial information, such as transaction information (e.g., in connection with travel or other reimbursements);
  • Internet or network activity information, such as browsing history and interactions with our online systems and websites and any Personal Information that you provide while accessing the Company’s computer systems, such as personal credit card information and passwords;
  • Geolocation data, such as device location from usage of the Company’s devices;
  • Biometric information related to access to the Company’s secured access points;
  • Genetic data;
  • Audio, electronic, visual, and similar information;
  • Professional or employment-related information, such as work history and prior employer;
  • Non-public education information; and
  • Inferences drawn from any of the Personal Information and Sensitive Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.

 

Personal Information does not include the following:

 

  • De-identified or aggregated consumer information.
  • Publicly available information from federal, state or local government records.
  • Information excluded from the scope of the Applicable Laws, such as medical or health information covered by the Health Insurance and Portability and Accountability Act of 1966 or Personal Information covered by certain sector-specific privacy laws such as the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, or California Financial Information Privacy Act and the Driver’s Privacy Protection Act of 1994.

 

How Your Personal Information and Sensitive Personal Information May Be Used. The Company may use your Personal Information and Sensitive Personal Information:

 

  • To operate, manage, and maintain our business;
  • For hiring, retention, and employment purposes;
  • To otherwise accomplish our business purposes and objectives, including, for example:
    • Emergency services;
    • Conducting research, analytics, and data analysis;
    • Maintaining our facilities and infrastructure;
    • Quality and safety assurance measures;
    • Conducting risk and security controls and monitoring;
    • Protecting confidential and trade secret information;
    • Detecting and preventing fraud;
    • Performing identity verification;
    • Performing accounting, audit, and other internal functions, such as internal investigations;
  • Complying with laws, legal process and the Company’s internal policies;
    • Maintaining records;
    • Claims processing;
    • Responding to legal requests for information and subpoenas; and
    • Exercising and defending legal claims; and
  • Any other purposes authorized by the Applicable Laws.

 

The Company may or may not use Personal Information and Sensitive Personal Information about you for each of the above purposes.

 

Sharing of Personal Information. The Company may share your Personal Information with the following third-parties: While the Company generally maintains applicant and employee Personal Information as confidential, from time to time, the Company may disclose applicant and/or employee information for legitimate business purposes, as described in the above section entitled “How this Personal and Sensitive Personal Information is Used”. In the event applicant and/or employee information is disclosed for one of these reasons, the Company will disclose Personal Information and/or Sensitive Personal Information only to the minimum extent necessary to achieve the purpose of the disclosure and the Company will only disclose if the disclosure is permitted under the Applicable Laws. Recipients of your Personal Information and/or Sensitive Personal Information may include without being limited to: Service providers and contractors; affiliated companies; clients and customers; business partners; government or administrative agencies; the public; entities the Company is required disclose to by law or in the course of a legal proceeding; and entities as required to comply with law or to protect the rights, property or safety of the Company and any individuals.

 

Selling of Personal Information. The Company does not sell your Personal Information nor disclose your Personal Information for cross-context behavioral advertising.

 

Data Retention. The Company retains your Personal Information no longer than necessary for the purposes described in this Notice above and in accordance with our record retention schedule. We will store your Personal Information, in a form that permits us to identify you, for no longer than is necessary for the purpose for which the Personal Information is processed. We store your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your Personal Information within a reasonable timeframe upon request. The Company will destroy or erase your stored Personal Information after this time.

 

Exercising Rights Granted Under Applicable Laws. You have the right to make choices about your Personal Information.  Where applicable and in certain circumstances, these legal rights include:

 

  • The right to update your Personal Information if it is out of date, incomplete, or inaccurate;
  • The right to request confirmation that we are processing your Personal Information and be provided with access to the Personal Information we process about you;
  • The right to have your Personal Information deleted;
  • The right to restrict the processing of your Personal Information;
  • The right to transmit your Personal Information to another organization;
  • The right to object to the processing of your Personal Information;
  • The right to withdraw consent for Personal Information you’ve provided to us on a consensual basis; and
  • The right to obtain information about the third parties with which we have shared your Personal Information.

 

To exercise these rights and any other rights under Applicable Laws:

 

 

The Company will respond to requests to know, delete, and correct Personal Information in accordance with Applicable Laws, including verification of the identity of the requester. The Company’s identity verification process will follow Applicable Laws and depend on the nature of your request as described below:

 

  • Requests to know Specific Pieces of Personal Information: The Company may match at least three (3) data points that you provide with your request, or in response to our request for verification information, against information that we already have about you in our records and that we have determined to be reliable for purposes of verifying your identity. Additionally, we may require you to sign a declaration under penalty of perjury that you are the individual whose Personal Information is subject to the request.
  • Requests to Correct or Delete Personal Information: Our process for verifying your identity will depend on the sensitivity (as determined by the reasonable judgement of the Company) of the Personal Information you ask us to correct or delete. For less sensitive Personal Information, we may require a match of two (2) data points as described in the above paragraph. For more sensitive Personal Information, we may require a match of three (3) data points and a signed declaration under penalty of perjury as described in the above paragraph.

 

If the Company is unable to verify your identity based on the processes described above, the Company may ask you for additional verification information. If the Company does so, the Company will only use that information for verification purposes. If the Company is unable to verify your identity to a sufficient level of certainty to respond to your request, the Company will promptly inform you and provide you with an explanation as to why your identity was unable to be verified.

 

The Company will make all reasonable efforts to acknowledge receipt of your requests to know, delete, and correct information within ten (10) days of receiving your request. The Company will make all reasonable efforts to respond to your request within forty-five (45) days of receiving your request unless we notify you that additional time is needed, in which case the Company will have an additional forty-five (45) days to respond.

 

If an authorized agent submits a request on your behalf to know, correct, or delete your Personal Information, the authorized agent must submit with the request either (a) a legally valid power of attorney, signed by you; or (b) another document signed by you that authorizes the authorized agent to submit the request on your behalf. Additionally, the Company may ask you or your authorized agent to verify your identity under the above listed applicable steps. The Company will provide you with an “Authorized Agent Designation” form if you request one at privacy@winwithoptimal.com.

 

Company’s Non-Discrimination and Non-Retaliation Policy. The Company will not unlawfully discriminate or retaliate against you for exercising your rights under the Applicable Laws.

Loading...