Job Applicant Privacy Notice
Effective Date: January 1, 2020
iCIMS, Inc. and its subsidiaries (“iCIMS,” “us”, or “we”) value your trust and are committed to the responsible management, use, and protection of your personal information. This Job Applicant Privacy Notice (“Notice”) describes our practices in connection with the personal information that iCIMS collects from you in connection with your job application to and recruitment with iCIMS.
Driven by a passion to help companies win their war for talent, iCIMS is proud to offer leading software solutions and tools that unify all aspects of talent acquisition. With iCIMS, companies can manage their entire talent acquisition lifecycle within a single software-as-a-service application. Our focus on user-friendly technology and an exceptional customer experience has made us the largest provider in the industry. iCIMS offers the only true enterprise end-to-end talent acquisition platform.
For more information about iCIMS, please see the About Us section of our Website.
How We Obtain Your Information
As further described below, we collect personal information from you in connection with your job application with iCIMS, which includes the following:
- Name, address, telephone number, e-mail address, and other contact information;
- Username and password;
- Work authorization status;
- CV, résumé, cover letter, previous work experience, and education information;
- Knowledge, skills, and abilities;
- Professional and other work-related licenses, permits, and certifications held;
- Referral names and contact information for referrals;
- Information relating to character and employment references; and
- Any other information you elect to provide to us (e.g., employment preferences, willingness to relocate, current salary, desired salary, awards or professional memberships).
How We Use Your Information
iCIMS uses your personal information for the purposes of carrying out its job application and recruitment process which includes:
- Assessing your skills, qualifications, and interests against our career opportunities;
- Verifying your information and carrying out reference checks and/or conducting background checks (where applicable) if you are offered a job;
- Communications with you about the recruitment process and/or your job application(s), including, in appropriate cases, informing you of other potential career opportunities at iCIMS;
- Creating and/or submitting reports as required under any applicable laws or regulations;
- Where requested by you, assisting you with obtaining an immigration visa or work permit where required;
- Making improvements to iCIMS’ job application and/or recruitment process, including improving diversity in our recruitment practices;
- Complying with applicable laws, regulations, legal processes, or enforceable governmental requests; and/or
- Proactively conducting research about your educational and professional background and skills and contacting you if we think you would be suitable for a role with iCIMS.
If you are offered and accept employment with iCIMS, the personal information collected during the job application and recruitment process may become part of your employment record.
How We Share Your Information
We may share your personal information that you provide to us as described in this Notice to the following categories of recipients:
- To our subsidiaries, affiliates, or their or our successors or assigns.
- To our private equity investor, Vista Equity Partners, and its affiliates, contractors, service providers, and other third parties, including Vista Consulting Group, which will process the personal information on the basis of its legitimate interests in overseeing the administration, research, and business operations of the iCIMS’ recruitment process.
- Upon request, to an iCIMS employee who referred you to inform them about the limited, general status of the referral.
- To our contractors, consultants, service providers, and other third parties who need access to such information to carry out work relating to the job applicant and/or recruitment process on our behalf.
- To a potential buyer (and its agents and advisors) in connection with any proposed merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case, personal information held by us about you will be among the assets transferred to the buyer or acquirer.
- To any competent law enforcement body, regulatory, government agency, court or other third party if: (i) we believe it is required to comply with any court order, a request from any competent law enforcement agency, or any other legal obligation, (ii) we believe your actions are inconsistent with our policies, or (iii) we believe such sharing is necessary to protect the rights, property, or safety of iCIMS or others.
Legal Basis for Processing
If you are a resident of the European Economic Area (“EEA”) , the United Kingdom (“UK”), or Switzerland, iCIMS processes your personal information pursuant to one or more of the following legal bases:
- The processing is necessary in connection with our legitimate interests in recruitment and hiring candidates.
- The processing is necessary to take steps, at your request, relating to potentially entering into an employment contract with you.
- The processing is necessary to comply with our legal obligations, such as retaining records relating to the recruitment process for periods required under applicable laws or regulations.
- We may also seek your consent to process or retain your personal information in certain, limited circumstances that we clearly identify to you.
iCIMS may store and process any information collected in connection with your job application in: (i) any country where we have facilities, (ii) any country in which we engage service providers; or (iii) any country where job fairs are held. A list of iCIMS’ global offices is available here.
If you are a visitor from the EEA, the UK, or Switzerland, we will protect your personal data (as defined in the European Union’s (“EU”) General Data Protection Regulation (“GDPR”)) when it is transferred outside of the EEA, UK, or Switzerland by:
- Processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data; or
- Otherwise implementing appropriate safeguards to protect your personal information, including through the use of Standard Contractual Clauses or another lawful transfer mechanism approved by the European Commission, such as the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
If you require further information about our international transfers of personal data, please contact us by visiting this link or by using the contact details under the “Contact Us” heading below.
EU-U.S. and Swiss-U.S. Privacy Shield Framework
iCIMS, Inc. and its subsidiaries participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. iCIMS is committed to subjecting all personal data received from the EEA, the UK, and Switzerland in reliance on each Privacy Shield Framework to the Privacy Shield Principles. To learn more about the Privacy Shield Frameworks and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield list
iCIMS is responsible for the processing of personal data it receives, under GDPR and each Privacy Shield Framework, and subsequent transfers to a third party acting as an agent on its behalf. iCIMS complies with GDPR and the Privacy Shield Principles for all onward transfers of personal data from the EEA, the UK, and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to GDPR, iCIMS is subject to the regulatory enforcement powers of the EU in conjunction with the U.S. Federal Trade Commission. For each Privacy Shield Framework, iCIMS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain circumstances, iCIMS may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with GDPR and the Privacy Shield Principles, iCIMS commits to resolve complaints about our collection and use of your personal information. EEA, UK, and Swiss individuals with inquiries or complaints regarding our privacy practices should first contact iCIMS as provided in the “Contact Information” section below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. You also have the right to file a complaint with a competent data protection authority, if you are a resident of an EEA member state. As such, iCIMS commits to cooperate with the panel established by the EU Data Protection authorities (“DPAs”) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and comply with the advice given by the panel and/or Commissioner, as applicable with regard to human resources data transferred from the EU, the UK, and/or Switzerland, as applicable in the context of the employment relationship.
iCIMS maintains appropriate technical and organizational measures, including, but not limited to, reasonably designed administrative, physical, and technical safeguards, designed to protect the personal information obtained as discussed in this Notice from accidental or unlawful destruction, loss, alteration, unauthorized disclosure and access. iCIMS personnel and service providers with access to personal information collected as discussed in this Notice are required to keep such information confidential and secure.
We will retain your personal information if we have a business need to do so or for as long as is needed to fulfill the purposes outlined in this Notice, unless a longer retention period is required by law. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (e.g., because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your Privacy Rights
Certain jurisdictions may provide you with privacy rights under applicable data protection or privacy law regarding the information you provide to us. In particular:
- If you are a resident of the EEA, UK, or Switzerland whose personal data is respectively subject to EU data protection law, you have certain privacy rights which include: the right to be informed, to access your information, to correct any information that is inaccurate, to have your information erased, to restrict or suppress your information, to obtain and reuse your personal data, to object to the processing of your personal information, and to object to how your data is used in automated decision making, if applicable. If you wish to enact your rights, please contact us by visiting this link or by using the contact details under the “Contact Us” heading below.
- If you are a resident of California whose personal information is subject to the California Consumer Privacy Act of 2018 (“CCPA”), you may review further details about the personal information we have collected about you over the last 12 months, including the categories of sources, by reading How We Obtain Your Information section above. We collect this information for the business and commercial purposes described in the How We Use Your Information section above. We share this information with the categories of third parties described in the How We Share Your Information section above. We do not sell (as defined in the CCPA) your personal information (and will not sell it without providing a right to opt out). Subject to certain limitations, the CCPA provides California residents the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights. California residents may make a request pursuant to their privacy rights under the CCPA by visiting this link or by using the contact details under the “Contact Us” heading below. Lastly, California law requires additional disclosures which may be found here in our Privacy Notice for California Residents.
- If you do not wish to receive our email marketing communication for promotional purposes, you may opt out by clicking on the “unsubscribe” or “opt out” link in the marketing e mails we send you.
- If we process your personal information in reliance upon your consent, you can contact us at any time to withdraw your consent.
We will respond to such requests in accordance with the requirements of applicable data protection laws. Please note that in order to fulfil your request, we may need you to provide certain information to verify your identity. Depending upon applicable data protection and privacy law, individuals may also designate an authorized agent to exercise these rights on their behalf.
We do not knowingly collect personal information from anyone under the age of 13. If you are under 13, please do not attempt to fill out our forms or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information promptly.
Changes to Our Notice
iCIMS reserves the right to update or change this Notice from time to time. If we make material changes to this Notice, we will post it to our websites prior to or at the time of the change becoming effective. We ask that you review the Notice periodically to stay informed about any updates or changes that we may have made.
You can see when this Notice was last updated by checking the “Effective Date” displayed at the top of this Notice.
To ask questions or comment about this Services Notice and our privacy practices or if you need to update, change, or remove your information or exercise any other rights,