California Privacy Notice (EAB Employees and Job Applicants)

1. Applicability

This Privacy Notice for California Residents supplements the information contained in EAB’s Privacy Policy and applies solely to employees, job applicants and contractors who reside in the State of California (“you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (the “CCPA”) and any terms defined in the CCPA have the same meaning when used in this Notice.

2. How We Use the Personal Information

EAB may use the personal information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to apply to one of our institutional clients, we will use your personal information to process the submission of your application.
  • To provide, support, personalize, and develop our website, products, and services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services.
  • To create, maintain, customize, and secure your account with us.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your website experience, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our website, products, and services.
  • For end users of institutions that use our products, we use your information on behalf of and under the instruction of your institution. We share the information that we collect in accordance with our agreement with your institution. Your institution determines how your information is used.
  • To manage the client relationship, including for invoicing, notification of product updates and maintenance, and similar purposes.
  • To promote EAB’s products and services.
  • To share with EAB’s subsidiaries or affiliates. For example, information from a participant in a research webinar may be shared with our advancement affiliate to send services and other promotional communications to you.
  • To conduct audits related to a current interaction with you and concurrent transactions, including, but not limited to, auditing compliance.
  • To facilitate short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
  • To detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • To conduct debugging to identify and repair errors that impair existing intended functionality.
  • To conduct internal research for technological development and demonstration.
  • To undertake activities to verify or maintain the quality of a service that is owned, or controlled by us, and to improve, upgrade, or enhance such service.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To comply with legal or regulatory requirements and to respond to lawful requests, court orders, and legal processes.
  • To protect and defend the rights, property, or safety of us, our clients, or third parties, including enforcing contracts or policies or in connection with investigating and preventing fraud.
  • To process your requests and to process transactions when you use our services to make a deposit to one of our clients, we will share your payment and transaction data with third party payment processors.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website users is among the assets transferred.

In particular, we have collected the following categories of personal information from employees, job applicants and contractors of EAB within the last twelve (12) months:

CategoryData CollectedHow Collected Data is Used
IdentifiersA real name, postal address, unique personal identifier, email address, Social Security number, driver’s license number, passport number.Payroll, Taxes, Benefits Support
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))A name, signature, Social Security number, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, or health insurance information.Payroll, Taxes, Benefits Support, Compliance Reporting
Protected classification characteristics under California or federal lawAge, race, national origin, citizenship, marital status, physical or mental disability, sex, veteran or military status.Payroll, Taxes, Benefits Support, Compliance Reporting, D&I Analysis/Pay Equity
Internet or other similar network activityDNS logs.Compliance with Information Security Policies
Professional or employment-related informationCurrent or past job history or performance evaluations.Business Support
Inferences drawn from other personal informationProfile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.Employment Eligibility

3. Sources of Personal Information

We may have obtained personal information about you from various sources, as described below.

CategorySources
IdentifiersDirectly from you
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))Directly from you
Protected classification characteristics under California or federal lawDirectly from you
Internet or other similar network activityFrom your devices
Professional or employment-related informationDirectly from you
Inferences drawn from other personal informationDirectly from you

4. Sharing Personal Information

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

  • Identifiers.
  • California Customer Records personal information categories.
  • Protected classification characteristics under California or federal law.
  • Professional or employment-related information.
  • Non-public education information.
  • Inferences drawn from other personal information.

We disclose your personal information with certain categories of third parties, as described below:

CategoryThird Parties
IdentifiersFederal government agencies (to the extent required by law);
Professional service providers; and
Vendors who provides services on our behalf
Protected classification characteristics under California or federal lawFederal government agencies (to the extent required by law);
Professional service providers; and
Vendors who provides services on our behalf
Federal government agencies (to the extent required by law);
Professional service providers; and
Vendors who provides services on our behalf
Internet or other similar network activityVendors who provides services on our behalf
Professional or employment-related informationFederal government agencies (to the extent required by law);
Professional service providers; and
Vendors who provides services on our behalf
Inferences drawn from other personal informationVendors who provides services on our behalf

Sales of Personal Information

In the preceding twelve (12) months, we have not sold personal information.

5. Your Rights and Choices

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we disclosed your personal information for a business purpose, a list identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Exercising Access, Data Portability Rights and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable request to us by either:

Toll-Free Phone Number: (877) 613-6393           

Email: privacy@eab.com

Postal Address:

EAB Global, Inc.
Attn: General Counsel
2445 M Street, NW
Washington, DC 20037

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a twelve (12)-month period. The verifiable request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include providing a government-issued ID for sensitive personal information.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us; however, we do consider requests made through your password-protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

6. Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you services.
  • Charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of services.
  • Suggest that you may receive a different price or rate for services or a different level or quality of services.

7. Other California Privacy Rights

California Civil Code Section 1798.83 allows you to request information on how we disclose personal information to third parties for their direct marketing purposes during the immediately preceding calendar year. You may make one request each year by emailing us at privacy@eab.com or writing to us at the postal address detailed in Section 9 below.

8. Changes to Our Privacy Notice

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on Privacy Policy and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

9. Contact Us

If you have any questions or comments about this notice, the ways in which we collect and use your personal information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, you may contact us at:

Toll-Free Phone Number: (877) 613-6393           

Email: privacy@eab.com

Postal Address:

EAB Global, Inc.
Attn: General Counsel
2445 M Street, NW
Washington, DC 20037

Last updated on January 29, 2020