Privacy Policy (EU)

Ubiquity Privacy Policy

This Ubiquity Privacy Policy (“Privacy Policy”) describes how Ubiquity collects, uses, and shares personal data of employees, prospective employees, prospective clients, and clients of customers of Ubiquity and Ubiquity’s subsidiaries and affiliates in the EU. “Personal Data” is information that allows someone to identify or contact an individual or that relates to an identifiable natural person. This Privacy Policy does not apply to data concerning employees or individuals outside of the jurisdiction of the EU, such as employees or individuals in the United States or other non-EU jurisdictions.

Employees


Types of Employee Data We Collect

The types of Personal Data that Ubiquity collects includes the following:
Personal information, including name, address, telephone number, email address, date of birth, gender, national identification number, social insurance number or other tax identification number, and bank account information.
Employment related information, including job title, office location, work contact information, email address, department, supervisor, job responsibilities, accounting information, compensation information (including, but not necessarily limited to, base salary information, commissions, bonuses and severance, if or as may be applicable), pension information, benefit eligibility and elections, employment history, job application, interview evaluation, key dates (hire, rehire, service, termination, next review, incentive data (ratings and payment amounts), and performance information. Ubiquity also may receive Personal Data regarding an employee’s spouse, family members, or other dependents for emergency contact purposes. In addition, Ubiquity may receive Personal Data that is “sensitive” in a few instances. In particular, where permitted by applicable law, Ubiquity may receive information regarding criminal records and health or medical data for purposes of insurance claims resolution, payment of claims and for insurance underwriting purposes.

Use and Processing of Employee Personal Data
In addition to the other specific uses discussed in this Privacy Policy Ubiquity will use and otherwise process employee Personal Data for the following purposes:
* Annual compensation risk assessment;
* Maintenance of employee directory and global email system;
* Performance management;
* Coordination of annual succession planning and talent management review;
* Internal Audits;
* Record-keeping and internal reporting;
* Maintenance of corporate insurance programs;
* Compensation, including administration and analysis;
* Payroll processing;
* Pension plan administration;
* Succession planning;
* Benefits and personnel administration; and
* Monitoring and enforcing compliance with company policies and procedures.

Sharing of Employee Personal Data
In addition to the specific situations discussed elsewhere in this Privacy Policy, Ubiquity may disclose employee Personal Data in the following situations:

  1. Affiliates and Acquisitions. Ubiquity may share your Personal Data with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires Ubiquity, or its assets, Ubiquity will also share your Personal Data with that company.
  2. Other Disclosures with Your Consent. Ubiquity may ask if you would like us to share your Personal Data with other unaffiliated third parties who are not described elsewhere in this Privacy Policy.
  3. Other Disclosures without Your Consent. Ubiquity may disclose employee personal data in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. Ubiquity may also share employee Personal Data in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
  4. Service Providers. Ubiquity may share employee personal data with service providers. Among other things service providers may help us to administer payroll, perform human relations functions, and provide technical support or infrastructure.

Prospective Employees

Ubiquity will maintain the information you share with us for a period of time (maximum 1 year), not to exceed local data privacy requirements.

Non-Employee Individuals

Types of Non-Employee Individual Data We Collect

The types of EU non-employee individual Personal Data that Ubiquity collects includes the following:
Personal information, including name, address, telephone number, email address, date of birth, gender, national identification number, and social insurance number or other tax identification number.

Use and Processing of Non-Employee Individual Data
Ubiquity will use and otherwise process EU non-employee individual Personal Data for the following purposes:
* Providing call center and other outsourced services to its customers;
* Backing up data;
* Internal audits;
* Record-keeping and internal reporting;
* Employment application processing;
* Identification of website visitors;
* Conducting analytics;
* Monitoring and enforcing compliance with company policies and procedures;
* To provide information concerning products or services that may be of interest to our business client or prospective business clients.

Sharing of Non-Employee Individual Data
In addition to the specific situations discussed elsewhere in this Privacy Policy, Ubiquity may disclose non-employee individual Personal Data in the following situations:

  1. Affiliates and Acquisitions. Ubiquity may share your Personal Data with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires Ubiquity, or its assets, Ubiquity will also share your Personal Data with that company.
  2. Other Disclosures with Your Consent. Ubiquity may ask if you would like us to share your Personal Data with other unaffiliated third parties who are not described elsewhere in this Privacy Policy.
  3. Other Disclosures without Your Consent. Ubiquity may disclose Personal Data in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. Ubiquity may also share Personal Data in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
  4. Service Providers. Ubiquity may share Personal Data with service providers. Among other things service providers may help us to administer our services, conduct analytics, and aid customer request fulfillment.

General Terms

Data Security and Integrity

Ubiquity maintains reasonable security measures to safeguard Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Ubiquity also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete, and current.

Cross Border Data Transfers

Personal Data may be processed in the United States, Philippines, or El Salvador, where privacy laws may be less stringent than the laws in your country. By submitting your Personal Data to Ubiquity you agree to the transfer, storage, and processing of your Personal Data in those countries. Ubiquity adheres to the US/EU Privacy Shield Privacy Principles published by the US Department of Commerce (“Privacy Shield”) with respect to Protected EU Data that it receives in the United States from the EU. For more information about the Privacy Shield, please refer to the Privacy Shield website at https://www.privacyshield.gov/.  For EU data transmitted to the Philippines or El Salvador, we rely on Standard Contractual Clauses.

Your Data Rights

Individuals may have the ability to access, review and update their own Personal Data in accordance with applicable law.

Making a Request. Employees should transmit requests for access to their own Employee Personal Data, in writing (an email message using a work email address is acceptable), to the human resources department and/or to the Ubiquity Privacy Contact identified below. All other individuals should transmit requests for access to their own EU Individual Data to the Ubiquity Privacy Contact identified below.

Corrections and Modifications. If an individual is aware of changes or inaccuracies in his or her Personal Data, that individual is responsible for informing the Ubiquity Privacy Contact (or, in the case of Ubiquity employees, the local human resources department) of such changes so that the Personal Data may be updated or corrected.

Retention and Deletion. Typically, Ubiquity retains Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. You may, however, request that we delete your Personal Data.  All requests must be directed to the “Ubiquity Privacy Contact” below.  Ubiquity may also decide to delete your data if it believes that the data is incomplete, inaccurate, or that our continued use and storage are contrary to our obligations to other individuals or third parties.  When we delete Personal Data it will be removed from our active database, but it may remain in archives where it is not practical or possible to delete it. In addition, we may keep your Personal Data as needed to comply with our legal obligations, resolve disputes, and/or enforce any of our agreements.

Objection. Ubiquity relies on the processing of Personal Data that you have provided. If you revoke your consent for the processing of Personal Data then we may no longer be able to provide you services. In some cases, Ubiquity may limit or deny your request to revoke consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity.

Complaints. You may have the right to complain to a regulatory agency or supervisory authority about Ubiquity’s privacy and security practices. Information regarding local contact information for local data protection authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. An individual may also be able to invoke binding arbitration as set forth in Annex I of the Privacy Shield, provided that such individual has invoked binding arbitration by delivering notice to the Ubiquity Privacy Contact in accordance with the procedures and subject to the limitations set forth in Annex I of the Privacy Shield. In particular, an individual who decides to invoke this arbitration option must first: 1) raise the claimed violation directly with Ubiquity and afford the Ubiquity an opportunity to resolve the issue within the timeframe set forth in Section III.11(d)(i) of the Privacy Shield; 2) make use of the independent recourse mechanism under the Privacy Shield; and 3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce.

Ubiquity Privacy Contact:
Amy M. Pugh
VP, Legal
Ubiquity Global Services
90 Park Avenue, 17th Floor
New York, NY 10016
646 257 2806
amy.pugh@ubiquitygs.com

Effective as of May 22nd, 2018.