Lightspeed Systems Applicant and Employee Privacy Policy

This Applicant and Employee Privacy Policy (“Policy”) describes how Lightspeed Systems (“Lightspeed,” “Company,” “we,” “us,” “our”) collects, uses, and discloses personal information as defined under applicable law from and about (1) job applicants and (2) our employees and contractors (and their beneficiaries and emergency contacts) in the context of our recruiting and working relationship with the relevant individuals. We may update this Policy at any time. We may also provide you additional privacy notices regarding our collection, use, or disclosure of information. If you are a resident of the United Kingdom or European Economic Area, please also refer to the additional notice at the bottom of this Policy (the “EU/UK Notice”).

This Policy does not form part of any employment contract or contract to provide services. If you provide services to us through or in connection with another company, we are not responsible for that company’s privacy practices.

This Policy does not apply to our handling of data gathered about you in your role as a user of our consumer-facing services. When you interact with us as in that role, the Lightspeed Privacy Policy applies.

1. Types of Personal Information We Handle and How We Use This Information

We collect, store, and use various types of personal information through the application and recruitment process or during the relevant engagement or employment with us. We collect such information either directly from you or (where applicable) from another person or entity, such as an employment agency or consultancy, background check provider, or other referral sources.

A. Applicants

Information we collect. The type of information we collect about you may include:

  • Identification and contact information such as full name, physical address, telephone number, and email address.
  • Professional or employment-related information, including:
    • Recruitment, employment, or engagement information such as application forms and information included in a resume, cover letter, or otherwise provided through any application or engagement process.
    • Career information such as job titles; work history; work dates and work locations; information about skills, qualifications, experience, publications, speaking engagements, and preferences; and professional memberships.
  • Education information such as institutions attended, degrees, certifications, training courses, publications, and transcript information.
  • Assessment information such as performance on applicant personality and cognitive assessments.
  • Audio or visual information such as CCTV footage as well as other information relating to the security of our premises; and photographs submitted.
  • Other information that you voluntarily choose to share with us in connection with your application.

How we use this personal information. We collect, use, share, and store personal information from job applicants for our and our service providers’ business and operational purposes in our recruitment and hiring process such as:  processing your application; assessing your skills, qualifications, and interests; tracking your application through the recruitment process; contacting references; conducting background checks you authorize; evaluating you for current and future job opportunities, including matching your skills and interest to applicable job requirements; communicating with you throughout the hiring process; making hiring decisions; and fulfilling your requests.  We will also use job applicant information for internal analysis purposes to understand the applicants who apply and to improve our recruitment process, including improving our diversity and inclusion efforts.  We may sometimes need to use applicant information for legal purposes, such as in connection with any challenges made to our hiring decisions.

B. Employees and Contractors

Information we collect. The type of information we have about you (and potentially your beneficiaries and emergency contacts) depends on your role with us and may include, where applicable:

  • Identification and contact information and related identifiers such as full name, date and place of birth, citizenship and permanent residence, home and business addresses, telephone numbers, email addresses, and such information about your beneficiaries or emergency contacts.
  • Professional or employment-related information, including:
    • Recruitment, employment, or engagement information such as application forms and information included in a resume, cover letter, references, or otherwise provided through any application or engagement process; and copies of identification documents, such as driver’s licenses, passports, visas, and other government-issued documents; and background screening results and references.
    • Career information such as job titles; work history; work dates and work locations; employment, service or engagement agreements; appraisal and performance information; information about skills, qualifications, experience, speaking engagements, and preferences (e.g., mobility); absence and leave records; professional memberships; disciplinary and grievance information; and termination information.
    • Financial information such as salary, payroll, pension or retirement contribution information; and bank account and tax information.
    • Business travel and expense information such as travel itinerary information, corporate expenses and Company credit card usage.
  • Education information such as institutions attended, degrees, certifications, training courses, publications, and transcript information.
  • Internet, electronic network, and device activity and device information and related identifiers such as information about your use of the Company network, information, and communication systems, including user IDs, passwords, IP addresses, device IDs, web logs, and audit trails of system access.
  • Geolocation information for device recovery if you use a Company-issued device and when you handle Company property.
  • Audio or visual information such as CCTV footage, as well as other information relating to the security of our premises; recorded meetings or presentations in which you participate; call recordings from Company system; photographs submitted from and photographs taken at Company functions.
  • Potentially protected classification information such as race, sex/gender, gender identity/expression, sexual orientation, marital status, military service, nationality, ethnicity, request for family care leave, political opinions, criminal history, and other information to help us monitor compliance with equal opportunity legislation.
  • Health information about you, and, if applicable, your beneficiaries, such as medical conditions and other information provided in statement of health forms, disability status, health and safety incidents or accidents, sickness records, and health issues requiring adaptations to your working environment or working practices.

How we use this personal information. We collect, use, share, and store personal information for the Company’s and our service providers’ business purposes, which include, where applicable:

  • HR management and administration including training, compensation and benefits, invoices, leave, scheduling, career development, performance appraisals and recognition, investigating and resolving inquiries and complaints, providing references, succession planning, organizational changes, fraud prevention and investigation, preparing analyses and reports, and communicating with our workforce about updates or relevant information about perks, benefits and discounts, and changes to Company products and services.
  • Performance of business operations, including providing and monitoring IT systems for any lawful purpose, maintaining accounts and internal directories, crisis management, protecting occupational health and safety, participating in due diligence activities related to the business, business succession planning, and conducting internal analyses and audits.
  • Recruitment, including interviewing, selecting and hiring new staff.
  • Security operations, including detecting security incidents, debugging and repairing errors, preventing unauthorized access to our computer and electronic communications systems and vehicles and preventing malicious software distribution, and monitoring and controlling access to company premises and locations (including through use of CCTV).
  • Safeguarding Lightspeed and the service, including the protection of the Company, our workforce, users, partners, and others.
  • Legal compliance, such as complying with anti-bribery, tax, social security, and immigration obligations, and responding to and cooperating with legal or regulatory requests and investigations.
  • At your request, in order to fulfil your requests.

2. With Whom We Share Personal Information

We will disclose job applicant, employee, and contractor personal information to the following types of entities or in the following circumstances (where applicable):

  • Internally: to people within the Company and its affiliates to carry out the purposes described in this Policy, including to human resources and personnel involved in the recruiting and hiring process, and (if you are hired) your manager, as well as personnel within the Company, such as payroll, IT, legal and finance.
  • Service Providers: technology service providers, travel management providers, human resource suppliers, group benefit plan carriers, background check companies, and employment agencies or recruiters, where applicable as well as service providers such as compensation and benefits providers, tax and other professional advisors, technology service providers, corporate card issuers, travel management providers, travel providers, human resources suppliers, group benefit plan carriers, background check companies, and employment businesses (in relation to contractors or agency workers).
  • For business operations: to provide another entity (such as a potential or existing business counterparty or customer) with a means of contacting you in the normal course of business, for example, by providing your contact details, such as your phone number and email address.
  • Legal advice and compliance: to seek legal advice from our external lawyers, or when required to do so by law, regulation, or court order or in response to a request for assistance by the police or other law enforcement agency.
  • Business transaction purposes: in connection with the sale, purchase, or merger of a business.
  • At your request: in order to fulfil your requests.

3. How to Contact Us About This Policy

If you have questions about this Policy, please email Privacy Department at privacy@lightspeedsystems.com

4. Additional Notice for Residents of the UK and European Economic Area

This EU/UK Notice for residents of the UK and European Economic Area is provided in order to satisfy certain obligations that Lightspeed has under the EU General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”) and UK Data Protection Act 2018 (as amended from time to time) and any relevant transposition of, or successor or replacement to, that regulation (together, the “Data Protection Legislation”).

Under applicable law, Lightspeed is considered the “data controller” of the personal information we handle under this Policy. In other words, we are responsible for deciding how to collect, use and disclose this information, subject to applicable law. Our contact information appears in this Policy.

Legal Bases

Data Protection Legislation may require us to explain to you the legal bases for our collection, processing, and use of your personal information. Our legal bases include:

  • to take steps at your request prior to entering into a contract of employment or other contract with you or performing a contract of employment (e.g., to administer payroll and benefits);
  • our legitimate interests (e.g., human resources management; in managing our business operations and information technology resources, such as managing internal directories and improving cybersecurity; in protecting Lightspeed, its employees, customers, and others; dispute resolution; physical security, IT, and network security; workplace safety; and in managing the employment relationship with you, such as performance reviews, training and promotions; internal investigations);
  • addressing and complying with legal requirements and obligations (in particular in the area of labor and employment law, social security and social protection law, data protection law, tax law, and corporate compliance laws);
  • the protection of vital interest of you or of another individual (e.g., in an emergency medical situation);
  • your consent (explicit consent where required), in accordance with local data protection law.

Where the collection of personal information is required to comply with legal or contractual obligations, or to manage the employment relationship, the provision of personal information generally is mandatory.  In all other cases, provision of requested personal information is optional; however, failure to provide the information may result in your inability to fully participate in the activity or benefit for which the personal information is requested, such as an optional benefit program. If you have any questions regarding whether provision of personal information is mandatory and the consequences for withholding such data, please contact us using the contact information in this Policy.

The personal information that we collect and process may also contain sensitive data relating to your race or ethnic origin, physical or mental health or condition, trade union membership, commission or alleged commission of criminal offences and any related legal actions.  For example, Lightspeed may process health information in accordance with applicable laws, such as information on disabilities for purposes of accommodations in the workplace and for the purpose of arranging employee medical benefits.  We only collect and process sensitive data where and to the extent permitted in accordance with applicable data protection laws.

Transfer of Personal Information

Your personal information may be transferred to countries which may not have the same or equivalent data protection laws as the European Union. Where required, we make such transfers in compliance with Data Protection Legislation, such as through the use of model contractual clauses (as published by the European Commission).

Retention of Personal Information

We may retain personal information for so long as necessary for the purposes described above, unless a longer retention period is required or permitted by applicable law.  To provide security and business continuity for the activities described in this notice, we may make backups of certain data, which we may retain for longer than the original data.

Security of Personal Information

We take technical, administrative, physical, and procedural security measures to reduce the risk that personal information in our possession and control will undergo accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access. Please visit our Security & Compliance page for more detailed information of our data privacy and security practices.

Rights and Choices

Where the Data Protection Legislation applies, you have certain legal rights to request access to, and rectification or erasure of, personal information that we hold about you.

In some cases, you are entitled to receive, in portable form, a copy of the personal information you have provided to us or to request that we transmit it to a third party.  You may also object to our processing of your personal information or request certain restrictions on the processing.  You may withdraw any consent you have provided for the processing of personal information (which will not affect the legality of any processing that happened before the request takes effect).  All such rights may be exercised by contacting the applicable entity listed below or by contacting Lightspeed as described above, who will handle or route the request as appropriate.  These rights are subject to legal exceptions and limitations, which we must consider when addressing the request.

If you have any questions, concerns or complaints relating to our handling of personal information, please contact us as described in this Policy.  You may also contact the relevant governmental authority (e.g., the UK Information Commissioner’s Office for UK individuals) with a complaint related to our handling of your personal information.  However, we invite you to give us a chance to resolve the situation directly.  Your privacy is important to us, and we will do our very best to address your concerns.

Contacting Lightspeed

To exercise your rights in this EU/UK Notice or under the Data Protection Legislation (including to request further information on the mechanisms we have put in place in relation to personal information transfers outside the EU), to notify us of your preferences, or to provide us with complaints, concerns or questions, please contact us as follows:

Data Protection Officer: John Genter
Lightspeed Systems Privacy Department
2500 Bee Cave Road, Suite 350
Austin, TX 78746

Email: privacy@lightspeedsystems.com

General Data Protection Regulation (GDPR) – European Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Lightspeed Systems has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

UK General Data Protection Regulation (GDPR) – UK Representative

Pursuant to Article 27 of the UK GDPR, Lightspeed Systems has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

 

This policy was last updated 06/02/2021 . Effective Date: 06/02/2021

man sitting at desk on laptop looking at Lightspeed Filter dashboard

View Our Pricing

Looking for pricing information for our solutions? Let us know about your district’s requirements and we’ll be happy to build a quote based on your unique situation.

Before you go...

Help us serve you better.