Privacy & Information Security Policy
Effective Date: April 01, 2014¹
Who We Are and What this Policy Is
Welcome to http://www.egonzehnder.com, the global website of Egon Zehnder International Inc. (“Egon Zehnder,” “we,” “us” and “our” etc.). We are a leading executive search firm and trusted advisor to many of the world’s most respected organizations. We provide a variety of services to these clients and other parties, including, but not limited to: (i) executive search (e.g., helping clients recruit executives for their organizations); (ii) board consulting (e.g., searching for directors, conducting board effectiveness reviews and appraisals of directors, and assisting in board successions; (iii) leadership strategies; (iv) executive integration; (v) family business advisory services; (vi) diversity and inclusion services; and (vii) CEO successions (collectively, and among others, our “Services”). Our consultants provide these Services globally from offices in 41 countries.
This Privacy & Information Security Policy (“Policy”) explains our practices regarding the use and Disclosure of the Personal Information that we may collect from or about individual professionals seeking employment or another relationship with one of our clients and/or users of this Site (“You”), regardless of whether that Personal Information is collected on or through the Site or by other means. Please note, however, that additional or different terms may apply in connection with a particular Service or with respect to other services or relationships. We will inform you of any such additional or different terms either: (i) before we collect Personal Information that will be subject to those terms; or (ii) before we use or Disclose previously collected Personal Information in accordance with those terms. We also separately may solicit your consent to particular uses and/or Disclosures of your Personal Information. To the extent that there is any conflict between this Policy and any such separate consent or such other terms, your consent and/or the other terms (as applicable) will apply.
We may collect more or different Personal Information about you in connection with some Services than others. We also may provide your Personal Information to our clients in order to provide the Services, to carry out the purposes for which you provide your Personal Information to us, or otherwise in accordance with this Policy and/or your express consent. Please note that our clients may have their own privacy policies or practices, which we do not control and for which we ordinarily are not responsible, although our understanding is that our clients tend to treat Personal Information that we provide to them as confidential, and we typically request that they do so.
Please note that absent unusual circumstances (e.g., to protect against fraud, claims or other liability), we will not communicate Personal Information to your current employer without your express permission. If there are other persons that you do not wish us to contact in connection with an executive search, please inform your executive search consultant.
Egon Zehnder International, Inc., Toblerstrasse 80, Zurich, 8044, Switzerland, is the responsible body for the purposes of data protection legislation.
By providing us with your Personal Information (including by providing any consent for us to obtain your Personal Information from a third party) and/or by using this Site or our Services, you agree that we may use and disclose your Personal Information in accordance with this Policy. If you do not consent to these terms, you should not use this Site or our Services or otherwise provide us with any Personal Information.
In addition to the other terms that are defined in this Policy, the following terms have these meanings:
“Disclosing” (and variations such as “Disclosure” or “Disclose”) means any and all of the following: collecting, receiving, accessing (or barring access), verifying or investigating, storing, processing, combining, fulfilling, revealing, displaying, sharing, making available, transferring, destroying, enforcing, selling or leasing or licensing, and otherwise voluntarily or involuntarily using or dealing with Personal Information.
“Personal Information” means information that we are required by law to protect and that: (a) personally identifies you; or (b) may not personally identify you, but reasonably might be used to identify you or your computing device (provided that applicable law requires us to consider such information to be personally identifiable). Personal Information does not include information that does not identify you and cannot reasonably be used to identify you or your computing device on an individual basis, such as “de-identified,” anonymized, or aggregated data.
“Sensitive Personal Information” means Personal Information that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, health, sex life, or trade-union memberships.
Personal Information We May Collect
Below are examples of the types of Personal Information that we may collect or receive from you or others in order to provide our Services or otherwise in connection with your use of our Site. We make commercially reasonable efforts only to collect such Personal Information as is relevant to its intended purpose(s). Please refrain from providing us with more or different Personal Information than we request (for example, do not include Sensitive Personal Information or other private information like a government identification number in a resume – wait until we ask for such information).
- Contact information for you (e.g., from referral sources or clients; from you or your CV, resume, business cards and communications to us; or from forms you complete such as to obtain a newsletter or to be included in our database). Typical examples include name, title, postal and email address, telephone, mobile phone and fax numbers. Some parts of our Site may allow you to send an item to a friend or other person (such as an article in which they might be interested). In that event, you will need to supply your email address and the recipient’s email address; we do not retain these addresses or use them for any other purposes.
- Professional information: this may include information about your employment, compensation, work history, education, preferences, CV, languages, skills and so on. To see an example of the Personal Information that we collect from executive search candidates, please visit http://www.egonzehnder.com/your-career.htm and select a country to see a list of requested Personal Information. We only use this information in connection with the executive search services that we perform for our clients and do not sell or rent your information to any third parties.
- Background checks, verification, applications, references and interview information etc: if you are providing information to us in connection with a search for a job or another position, we and/or our client may obtain Personal Information about you from third parties, such as background checks and verifications of your references, work history, and other professional information. To the extent that we are required to do so, we may ask you to separately consent to such communications (e.g., by providing us with your written authorization to obtain a credit report or background check from a consumer reporting agency).
- Sensitive Personal Information: depending upon the Service, and subject to applicable law, we may ask you to provide us with Sensitive Personal Information. We only will use and Disclose such Sensitive Personal Information for the purpose(s) for which you provided it to us or for such purposes as you subsequently may affirmatively authorize.
- Publicly Available Personal Information: We might obtain Personal Information about you from public records and/or other publicly available sources, such as newspapers, press releases, industry or trade organization directories, the Internet, lawfully accessible social media, and so on.
- Joinder or sign-up information: through the Site, you may be able to join clubs or sign up for news, alerts and other information. We may request additional Personal Information from you in order to provide you with these Services. You also may be able to create a profile for us or others to see, which may include Personal Information like contact information, industry and interest information, and education and work history. You may need to create a user ID and password in order to use or obtain these Services.
- Security Data: We might also collect or receive Personal Information about you for security purposes to the extent that you interact with us physically. For example, if you go to one of our offices for an in-person interview, your image might be captured on a security camera or we might ask you to provide Personal Information in order to verify your identity and/or to provide you with an access badge or identification card.
- Site Usage Data: As discussed in more detail below under “Cookies and Other Technologies” we may obtain Personal Information about you in connection with your use of our Site by using cookies and other tracking technologies.
Cookies and Other Technologies
If you use the Site, it may collect certain Personal Information about you and/or your computer or other access device through the use of “cookies” and other tracking software or tracking mechanisms (collectively, “Technologies”). In general, a cookie is a small text file that is saved to the hard drive of your access device (such as a computer, phone, tablet etc.) in order for us and/or our service providers or business partners to collect data about your use of the Site and/or other webpages that you have visited. To the extent required by law, we may separately solicit your affirmative consent to the placement of cookies or other Technologies on your computer or other access device and/or for the collection of Personal Information through such Technologies.
This section describes the Technologies that we use on the Site. For information about cookies and other Technologies that may be used by third parties, see “Third Party Services” below.
The Technologies that we may use include:
- Session Cookies: These are cookies that allow our Site to collect information about what you do during a browsing session each time you visit the Site. When connecting to our server, your device will be allocated a session ID, which enables our server to identify your device during the session and facilitates Site usability. These cookies are temporary and are set to be deleted when you leave the Site.
- Persistent Cookies: These are cookies that are stored by your browser for more than a session and are set to expire in a set number of days. Persistent cookies enable us to remember your settings and information, so you do not have to keep re-entering them whenever you visit our Site. They also measure how you use and interact with the Site and enable us to personalize the Site. For example, they may allow us to alter the rotation of images on the Site so that different images will be displayed on your next visit. For those purposes, we may collect your IP address, information about your browser, including whether you are accessing the Site through a mobile device, and other usage information. We generally use session cookies instead of persistent cookies, but third parties also might use some persistent cookies, as discussed in more detail below under “Third Party Services.”
The Technologies that we may use may differ depending upon the device that you use to access the Site and may change as Technologies and access channels develop or change.
The types of Personal Information that we and/or third parties may automatically collect through cookies or other Technologies may include, but are not limited to, your IP address and information about your browser, including whether you are accessing the site through a mobile device. We generally may use or otherwise Disclose this information in order to enable Third Party Services, to provide Services to you or to our clients, and for purposes of Site functionality (e.g. to remember your login information), but we generally reserve the right to use and Disclose Personal Information obtained through Technologies for any lawful purpose.
California Disclosure. CA Bus. & Prof. Code § 22575 requires us to disclose our how Site responds to Web browser “do not track” signals and/or other mechanisms that seek to provide consumers with the ability to control the collection of their Personal Information through online tracking Technologies for certain purposes, such as targeted or behavioral advertising.
Uses and Disclosures of Personal Information
We may use and Disclose Personal Information to provide Services to you and/or to our clients, to administer the Site, and otherwise to perform obligations, exercise rights, and further the activities for which the Personal Information was provide to us. For example, we may provide Personal Information that you have provided to us in connection with an executive search Service (e.g., information about your professional experience and goals) to our employer clients to help them to decide whether you would be a good fit for an open position.
Subject to applicable law, other reasons that we may use or Disclose your Personal Information include, but are not limited to:
- to fulfill your requests, such as to include your resume in our database(s) or to register you as a newsletter subscriber or club participant, etc.;
- to provide Services to our clients, which may ask us to provide them with Personal Information that you have provided to us or that we otherwise have lawfully obtained;
- to enable potential employers to evaluate your candidacy.
- to create de-identified, anonymized, aggregated or similar non-personally identifiable data, which we may use for any lawful business purpose (e.g., we may use aggregate compensation information based from similarly situated job applicants to help clients set salaries);
- to engage in routine business uses and Disclosures that an ordinary and reasonable person should expect in the context of the Services that we provide, the reasons for which we collect Personal Information, and/or the ways that similar businesses ordinarily operate, including, for example, uses and Disclosures:
- to meet our obligations and enforce our rights, to make Disclosures to third parties who help us (e.g., service providers, information technology providers, mailing and other business process providers, outsourcing providers and so on) and to operate and improve our business;
- for security, anti-fraud, authentication and verification purposes
- to respond to questions or requests or to contact you for lawful purposes, including for surveys;
- to vendors and their service providers who reasonably need the Personal Information to do their jobs;
- to verify your identity, authority, professional history, or other information;
- to respond to or participate in commercial disputes (e.g., lawsuits or investigations);
- to persons appearing to have a lawful interest in the Personal Information (e.g., to an insurance company processing an insurance claim involving you); or
- to comply with applicable law;
- in connection with a merger or other business combination or separation (including, but not limited to, a voluntary or involuntary change in our business or structure, reorganization, sale of all or part of our stock or asset, spinoff, bankruptcy, or dissolution).
- to respond to legal process or regulatory authorities (such as subpoenas; warrants; investigative demands from law enforcement, regulators or others; national or international security letters or demands; etc.)
- to protect against fraud, claims, or other liability or harm to you, us, or others;
- to exercise or perform a legal, ethical, contractual or other right or obligation, including enforcing an agreement you or a client made.
- to Third Party Services, including (without limitation) analytic data service providers (see “Third Party Services” below); and
- for such lawful purposes as may be disclosed or evident at the time that you provide Personal Information to us (e.g., when you provide Personal Information in response to a survey, to sign up for an event, or to register for a newsletter).
It is not possible for us to list every lawful use that we might make of Personal Information, so the Disclosures described above are general, non-exclusive, illustrations. We reserve the right to engage in any lawful use or Disclosure of Personal Information that is consistent with this Policy. Note, however, that we will not engage in any of the uses described above to the extent that they are prohibited by applicable law.
We may obtain separate consents from you (or disclosures to you) regarding particular uses or Disclosures of Personal Information, to the extent that we are required to do so.
Third Party Services
Please note that the Third Party Services that we may use may change from time to time and we may update this Policy to provide additional or updated information accordingly.
We use what we believe to be commercially reasonable measures to protect your Personal Information from loss, misuse, or unauthorized access, disclosure, alteration or destruction. Nevertheless, please be advised that no security measure, system, or control is infallible. WE ACCORDINGLY DO NOT GUARANTEE THE SECURITY OR CONFIDENTIALITY OF PERSONAL INFORMATION AND DISCLAIM ANY EXPRESS OR IMPLIED WARRANTIES, DUTIES OR CONDITIONS IN THAT REGARD. If any applicable law imposes on us a duty with respect to these matters that cannot be disclaimed, you acknowledge and agree that our commercially reasonable precautions shall be considered to be satisfy that duty unless (and only unless) we have engaged in willful misconduct.
Please also note the following:
- When Personal Information is provided to us in the expectation that we will provide it to one or more of our clients (e.g., in connection with an executive search), we do not control, and assume no responsibility for, that Personal Information once it is in the client’s hands. While we typically ask our clients to keep such Personal Information confidential, we cannot guarantee that they will do so.
- You also have a role in the security of your Personal Information. For example, you should not provide us with Personal Information that we do not request, you are responsible for controlling access to any personal computing device through which your Personal Information may be stored or accessed, and you are responsible for safeguarding any passwords or other log-in credentials to may be used to access to your Personal Information.
Data Integrity, Access and Our Address for Legal Notices
If you want to access, change, or delete Personal Information that we may maintain about you, you may submit a request to us through our Site, to a consultant with whom you have worked, or by writing to us at Egon Zehnder International, Inc., Toblerstrasse 80, Zurich, 8044, Switzerland (our “Legal Notices” address). We will honor requests submitted through other means if required by law or if we determine in our sole discretion to do so.
We reserve the right to deny your request, subject to applicable law. For example, we may deny a request to access Personal Information where the burden or expense of providing access would be disproportionate to the risks to your privacy, or where such access would compromise the rights of other persons.
We may respond to a request to access Personal Information by supplying a copy of or access to the relevant Personal Information within a reasonable time. As a general matter, this means that we will respond in no less time than is needed by us or our service providers to retrieve that information from our systems or records in the ordinary course of business.
We also may keep a record of changes or deletions and use or Disclose that record for lawful purposes. If you ask us to delete Personal Information, the information may be immediately deleted. However, if technical constraints prevent us from easily doing so, we instead may take reasonable measures to prevent internal or external access to such information until it is deleted from our systems or records (such as by being overwritten).
Subject to any legal right that you may have to require us to delete your Personal Information (e.g., if you terminate your account), we may keep Personal Information for as long as necessary for our business and legal needs and we reserve the right to retain it to the fullest extent required or permitted by law. Note, however, that you should retain your own record, because we also may delete Personal Information in our discretion at any time, unless the deletion would be detrimental to your legitimate interests or it would violate retention periods set by law, statute or contract.
We do not charge for responding to requests to access, change, or delete Personal Information. If we have a duty to require third parties to delete or cease using Personal Information, we may satisfy that duty by sending them notice to do so without further action on our part (except as expressly required by law).
Other Privacy Policies
The Site might link to or have functionalities that lead to other sites or services maintained by third parties. If you access such third-party sites or services, any information that you provide to such parties will be subject to their privacy policies and procedures and not to this Policy. You agree, however, that if such third parties provide your Personal Information to us, this Policy will apply to what we receive.
By providing us with your Personal Information and/or by using this Site or our Services, you also consent to the following:
- Processing and Disclosing of Personal Information: This Policy explains that we, clients and Third Party Services may use and Disclose Personal Information as described in this Policy. You expressly consent to that.
- Data Transfers: We, our clients and/or Third Party Service providers may transfer Personal Information to and from the United States and any other country, including countries outside of the European Union. You expressly consent to such transfers. You also acknowledge and agree that countries outside of the European Union may not have data privacy laws that provide as much protection as E.U. law.
- Consent to Disclose Sensitive Personal Information. If you provide Sensitive Personal Information to us, you agree that we may Disclose it to: (a) clients who might potentially employ you or who express an interest in seeing Personal Information about you; and (b) our (or a client’s) employees, service providers, agents, and others who have a reason to access it in connection with our Services.
- Storage on Your Computer: This Policy explains that if you access our Site, we and/or other parties may store cookies and/or other Technologies on your computing device. You consent to that, and to access to those Technologies and the information associated with them by us and or such other parties.
- Advertisement: You agree that we may send you information about our Services, news, surveys and events by email and that we use and Disclose Personal Information for marketing purposes.
- Electronic Notice if There is a Security Breach: Subject to applicable law, if we, a client, or any of our service providers are required to provide you with notice of unauthorized use or Disclosure of your Personal Information, you agree that any of us may do so voluntarily or when required by posting notice on our Site or sending notice to any e-mail or other electronic contact method that we have on file for you (or that you have authorized us to use for other communications), in our sole good faith discretion.
- Consent to Recording. If you deal with us or a client or anyone who assists (us or a client) over the telephone or in a “live” meeting or the like that you access by computer, mobile phone or other access device, you agree that we may record the conversation and use and Disclose the recording in accordance with this Policy. You also agree that Personal Information referenced in one medium (e.g., in a telephone call) may be recorded or entered into another medium (e.g., a computer record).
To the extent required by applicable law, we also may separately solicit your consent to these and/or other matters.
You may withdraw or restrict any or all of the consents above by doing all of the following: (a) writing us at our “Legal Notices” address or sending us an email at firstname.lastname@example.org and telling us which consents you withdraw and the date you plan to do so; (b) deleting all Site or other Egon Zehnder accounts that you have created or use and that are relevant to the consent that will be withdrawn; and (c) ceasing all use of the Site or our Services which are so relevant. If you withdraw your consent(s) in this manner, we will use commercially reasonable efforts to cease further uses and Disclosures of Personal Information covered by the withdrawal, except to the extent that applicable law permits us to continue to use or Disclose your Personal Information in that manner without your consent. We will make those efforts within a time reasonably allowing us to process your request. We do not charge for responding to such requests.
Any such withdrawal will not apply to any use or Disclosure of Personal Information that may have occurred before the withdrawal or to uses or Disclosures with respect to which withdrawal is not allowed or permitted by applicable law, this Policy, or any other consent, contract, or agreement that we might have from or with you. If you withdraw and subsequently renew your consent (e.g., by again using the Site or submitting a new resume to us), we may rely on such renewed consent.
Our Site and Services are not intended to be used by children under the age of 13 (or minors generally) and we do not want to collect information from minors. If a child’s parent or a guardian believes their child may have provided Personal Information to us, write us at our “Legal Notices” address and we will use commercially reasonable efforts to delete that Personal Information, subject to applicable law and this Policy.
From time to time we may change our business activities and/or our policies and procedures with respect to the use and Disclosure of Personal Information. You agree that, subject to applicable law, we may revise, supplement, or replace this Policy from time to time. When the Policy changes, we will post the substitute version and change the effective date listed at the beginning of the Policy. To the extent not prohibited by law, any amendment or update to this Policy will apply to Personal information that we already have collected and to any Personal Information that we may subsequently obtain.
When required by applicable law, however, we may provide you with advance notice of any changes to this Policy and with an opportunity to object to such changes. If you exercise your right to object, the changes will not become effective with respect to your information, but your ability to use our Services may be terminated or impaired. We will explicitly notify you of the consequences of objection or non-objection to the extent and in the manner required by law.
At least once a year we will investigate our compliance with this Policy through a re-assessment. We have procedures for taking appropriate action against those who violate this Policy when they are required to follow it. For example, we might discipline an employee who willfully violates this Policy (subject to applicable law).
¹ If you’ve previously visited our Site, you may have seen a different document called “Code of Conduct on the Processing of Personal Data.” As of the Effective Date, this Policy supersedes and replaces that other document. If you do not want this Policy to apply to Personal Information that we previously may have collected about you, please write to us at our “Legal Notices” address and we will make commercially reasonable efforts to delete or otherwise remove your Personal Information from our system(s). In your letter, please provide us with your name and other identifying information and the type(s) of Personal Information that you would like us to remove.