Stevenson obtains personal data from data subject as well as other sources and from publicly accessible sources.
This refers to information Candidates provide to us: This may include personal information (e.g., a resume emailed to our team, interview by Stevenson search consultant, or communications with us in any way in connection with the executive search, pipelining or mapping business).
The information we may collect for all Candidates typically includes:
- Contact details: such as your name, e-mail address, postal address, and telephone number
- Résumé information: such as your contact details, employment history, educational history, professional qualifications, as well as languages and other skills and activities
- Financial information: to reimburse expenses incurred in connection with the Services or to comply with US Sunshine Act
- Compensation and benefit details (where permitted), immigration status, certifications and degrees any other relevant information you may choose to share with us
- Organizational and Career Data taken from publicly available data such as LinkedIn
- Client and Candidate referrals
In the course of consulting with clients, individual information may be shared such as name, bio, organization structure, etc. We generally are provided contact details or the details of individual contact(s) at Client organizations (such as name, telephone number, email address, and job title) to ensure that our relationship runs and projects are collaborative with high degree of transparency and ongoing project communication.
During the course of our search process, we may process your contact details (such as name, email address, and telephone number). We may also process certain professional details (such as your job title, occupation, academic and professional qualifications, and employment history) and your connection to the Candidate (such as your relationships to, experience with, and opinions about the relevant Candidate). We generally ask the Candidates to provide us with much of this information but we may supplement it with information we collect about you from publicly available sources (such as LinkedIn) or by asking you directly.
- To carry out our client obligations arising from any executive search, pipelining or mapping contracts.
- During the course of our search process, we have a legitimate interest to use personal information to provide executive search services to both clients and candidates.
- We leverage personal information shared by you to contact you from time to time should we see opportunities that might be of interest to contacts for future career or to ask for referrals or references.
- From an operations perspective, we may use personal information to analyze performance, report aggregate data, benchmarking norms, trends, etc.
- We collect personal information from you where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (for example, in connection with the Services, we typically rely on our legitimate interests to process personal information for our Executive Search and Organization Consulting or Pipelining and Mapping needs).
- Where required by law, we will collect personal information only where we have your consent to do so (for example, if we need to collect and process any sensitive personal information about you related to client search or consulting activity).
- We will rely on consent for particular uses of your data and you will be asked for your express consent, if legally required.
- Examples of when consent may be the lawful basis for processing include permission to introduce you to a client (if you are a candidate).
- You have the right to withdraw your consent to this particular processing at any time via email to email@example.com.
- If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us.
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organization.
In the event that you wish to make a complaint about how your personal data is being processed by Stevenson or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Stevenson’s data protection representatives. The details for each of these contacts are:
Our Data Protection Officer (DPO) Adam Bloom, President / GDPR Owner, Kristine Steen, COO, and data protection representatives can be contacted directly here:
firstname.lastname@example.org | 201-302-0866
email@example.com | 267-535-9082
Why does Stevenson need to collect and store personal data?
In order for us to provide you with Retained Executive Search Search services we need to collect personal data to provide candidates with career opportunities and provide clients access to attract, retain and develop top talent to their organizations. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
Will Stevenson share my personal data with anyone else?
We may pass your personal data on to third-party service providers contracted to Stevenson in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfill services (e.g. background checks). When they no longer need your data to fulfill this service, they will dispose of the details in line with Stevenson’s procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
how will Stevenson use the personal data it collects about me?
Stevenson will process (collect, store, and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary. Stevenson is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
Under what circumstances will Stevenson contact me?
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure.
Can I find out the personal data that the organization holds about me?
Stevenson, at your request, can confirm what information we hold about you and how it is processed. If Stevenson does hold personal data about you, you can request the following information:
- Identity and the contact details of the person or organization that has determined how and why to process your data. In some cases, this will be a representative in the EU.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Stevenson or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third country or international organization, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
Can I find out the personal data that the organization holds about me?
Stevenson accepts the following forms of ID when information on your personal data is requested: Passport, driving license, birth certificate, etc.
Contact details of the Data Protection Officer (DPO):
2200 Fletcher Ave. Ste 508
Fort Lee, NJ 07024
Document owner and approval
The Data Protection Officer (DPO) is the owner of this document and is responsible for ensuring that this record is reviewed in line with the review requirements of the GDPR.
A current version of this document is available to all members of staff on the Corporate Intranet and is published effective March 25, 2018