DigiCert, Inc., registered at 2801 N Thanksgiving Way, Lehi, UT 84043-5296, United States, and its direct and indirect subsidiaries (“DigiCert Group”, “DigiCert”,“we”, “us” or “our”) are the data controller, as defined under relevant data privacy law, including the General Data Protection Regulation (“GDPR”) in the EU and other relevant local legislation (“Data Privacy Laws”). We are committed to protecting and respecting your privacy. This policy sets out the basis on which we will process any personal data that you provide to us through our career portal (the “DigiCert Portal”). The types of data we receive and how we use it
We will share your information with members of the DigiCert Group for the purpose of processing your application and, if you are successful, creating an employment record. We will also use third parties to assist us in managing the DigiCert Portal, identifying you and evaluating your application. We will therefore share your information with, for example, background check providers and referees from your previous jobs. A full list of the categories of third parties who may have access to your information is provided here.
Unless you are located in the United States, the information that we collect will be transferred to and stored in locations outside of your country and outside of the European Economic Area (“EEA”). We take appropriate steps to ensure an adequate level of protection for any of your data that is transferred to another country. Data Retention We will retain your information while we are processing your job application and, thereafter, in accordance with our Public Privacy Notice. If you are successful in your application, your data will be retained in accordance with policies applicable to our employees. Your Rights You have certain rights in relation to the personal data we hold about you. Some will apply only in certain circumstances. Broadly speaking, these rights pertain to a right of access, portability, correction, erasure, restriction of processing, objection and a right to complain to the relevant regulatory or supervisory authority. Contact We will post any future changes to this policy on this page. Please check back frequently to see any updates or changes to this policy. Questions, comments and requests regarding this policy are welcomed and should be addressed to DigiCert’s People Data Privacy Champion at firstname.lastname@example.org. General questions regarding DigiCert's privacy policies can also be directed to DigiCert's Data Privacy Officer at email@example.com.
Data Controllers DigiCert Parent, Inc., registered at 2801 N Thanksgiving Way, Lehi, UT 84043-5296, United States, and its direct and indirect subsidiaries (including the subsidiaries noted below) (“DigiCert Group”, “DigiCert”, “we”, “us” or “our”) are the data controller, as defined under relevant data privacy law, including the General Data Protection Regulation (“GDPR”) in the EU and other relevant local legislation (“Data Privacy Laws”). We are committed to protecting and respecting your privacy. This policy sets out the basis on which we process any personal data that you provide to us through our careers portal (the “DigiCert Portal”) and other data we receive from you or third parties (such as referees) in connection with your job application. Please read the following carefully to understand our views and practices regarding your data and how we will handle it. By using the DigiCert Portals, you acknowledge and agree to the practices described in this policy. For all data privacy inquiries and any questions or concerns you have about this policy, please contact our People Data Privacy Champion (“Data Privacy Contact”) at: E-mail: firstname.lastname@example.org Phone: (801) 896-7973 Post: DigiCert, Inc. Attention People Data Privacy Champion, 2801 N Thanksgiving Way, Lehi, UT 84043-5296, USA. The types of data we receive and how we use it We will receive, collect and use information about you when you use the DigiCert Portal, submit a job application to us and, if you are successful, become one of our employees. Information we collect about your usage of the portal. We automatically collect certain data from you when you use the DigiCert Portal, including IP address or other unique device identifiers, information collected by on your usage of the DigiCert Portal, mobile carrier (if applicable), time zone setting, operating system and platform and information regarding your use of the DigiCert Portal (“Usage Information”). As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organization, we will use your information to:
Information you may choose to provide for equal opportunities monitoring. Where permitted by local law, you have the option of providing us with certain sensitive personal data, such as, race or ethnic origin, or whether you have a disability. If you provide us with this data, you consent to us using this data for the purposes of equal opportunities monitoring. You can withdraw your consent at any time by contacting us at email@example.com. Such information is not used by or available to those who evaluate your application but is used solely for equal opportunities monitoring. If you decide not to provide this data, your application will not be prejudiced. Information you provide, and information we collect, to keep you informed. As it is in our legitimate interests to communicate with candidates in relation to employment positions applied for and, where applicable, notify applicants of other positions which we think may be of interest to them, we will process your Identity Information to keep you informed in relation to your application and send you notifications of new positions what we think may interest you.
We use third parties to help us run the DigiCert Portal and help us manage the job applications we receive. We share your information with selected recipients as necessary for them to provide us with their services. We have contracts in place with these third parties and they cannot do anything with your personal data unless we have instructed them to do so. These categories of recipients include:
We will carry out reference checks by contacting your referees. We will, for the purpose of obtaining an employment reference and verifying information that you have provided to us in your application, contact your named referee and share your name, the position you have applied for and the Work Information you have provided to us. We will share your information if we are required to do so for legal reasons. We will share your information with law enforcement agencies, public authorities or other organizations if such disclosure is reasonably necessary to:
We will share your information with a third party involved in any merger, acquisition or asset sale with DigiCert. In the case of a sale, merger of change of control of DigiCert, or in preparation of any of these events, we will share your information with the relevant third party under appropriate obligations of confidentiality.
The information that we collect from you may be transferred to, and stored in, locations outside of your country and outside of the European Economic Area (“EEA”) as described below. Transfers within the DigiCert Group We (your employer) are part of the DigiCert group of companies with our parent company based in the United States, with hub offices in South Africa, Ireland, Japan, India and Australia. As well as in your home country (or within the EEA, if you work within the EEA), your Personal Data will be accessible from and will be transferred to the United States, South Africa, Ireland, Japan, India and Australia, where the DigiCert Group centralizes its data processing and human resources administration. The DigiCert Group takes all necessary security and legal precautions to ensure the safety and integrity of Personal Data that is transferred within the DigiCert Group. With respect to EU data protection law, DigiCert has executed intra-group agreements between DigiCert entities embodying and incorporating the Standard Contractual Clauses adopted pursuant to European Commission Decisions 2004/915/EC and 2010/87/EU for the lawful transfer of Personal Data under GDPR. Where you have a dispute or complaint regarding DigiCert's collection, storage, or use of your personal information, you may make a complaint to DigiCert by sending it to firstname.lastname@example.org or email@example.com. Where the dispute or complaint is not satisfactorily resolved or you don't receive a timely response, if you are an EU resident or where provided by privacy law in your jurisdiction, you may escalate the matter to your European data protection authority or other applicable regulatory authority free of charge, and DigiCert commits to cooperate with the relevant European data protection authority or other applicable regulatory authority and will comply with the advice given by this authority with regard to your information which was transferred from the European Union or your home country in the context of our employment relationship. Transfers to third service providers Your personal data is also processed by third service providers operating outside the EEA in the United States, who work for us or for one of our suppliers. The personal data is transferred to staff in this country in compliance with the EU-U.S.and Swiss-U.S. Privacy Shield framework, where the third service provider is Privacy Shield certified, or by way of the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decisions 2004/915/EC and 2010/87/EU. Such staff are engaged in, among other things, the processing of your application. You may request to obtain information about the safeguards that have been put in place by contacting DigiCert’s HR Data Privacy Champion by email at firstname.lastname@example.org, or DigiCert’s Data Privacy Officer at email@example.com. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the DigiCert Portal; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorized use, access or modification.
Information we collect about your usage of the portal. See the DigiCert Public Privacy Notice for information about retention of data collected through your use of our website. Information you provide, and information we collect from third parties, as part of your job application. We retain your information for so long as we are evaluating your job application. Thereafter, we retain your information as follows:
Information you may choose to provide for equal opportunities monitoring. We retain this information for so long as we are evaluating your job application. Thereafter, we retain your information in an aggregated and anonymized format. Information you provide, and information we collect, to keep you informed. We retain this data for 12 months. Your information will be retained for longer if required by law or a court order and/or as needed to defend or pursue legal claims.
You have certain rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances as set out in more detail below or in certain jurisdictions as required by applicable Data Privacy Laws. We also set out how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights. We must respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances). To exercise any of your rights, please contact DigiCert’s People Data Protection Champion at firstname.lastname@example.org.
Also note that you may exercise your right to restrict our processing of your personal data whilst we consider your request as described below. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. We will retain the personal data if there are valid grounds under law for us to do so (e.g., for the defense of legal claims or freedom of expression) but we will let you know if that is the case.
You can withdraw your consent at any time by contacting email@example.com or the People Data Protection Champion at firstname.lastname@example.org. In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com (or you can contact our Data Privacy Officer at firstname.lastname@example.org) and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim under applicable Data Privacy Laws to the appropriate regulatory authority in the country in which you live or work where you think we have infringed applicable Data Privacy Laws. Changes We will post any future changes to this policy on this page. Please check back frequently to see any updates or changes to this policy. Contact Questions, comments and requests regarding this policy are welcomed and should be addressed to DigiCert’s People Data Protection Champion at email@example.com.