Spencer Stuart is committed to protecting the privacy of your personal data. This statement summarizes our policy regarding the collection, use and transfer of your personal data, the security measures Spencer Stuart employs to protect such data and your rights in relation to it.
The Information We Collect
Spencer Stuart is a leadership advisory and executive search firm which collects, uses and stores a variety of personal data necessary to provide such services.
Executive Search Data
If you are a potential candidate for one of our executive search assignments, categories of personal data we collect may include the following identifiers: contact information (e-mail address, address, telephone number), career history, education history, social activities, compensation details (where permitted by applicable legislation), professional experience, information relating to references, languages, photographs, individual capabilities, qualifications, preferences, personality, character traits, professional style profile, executive competencies, interview notes as well as interview recordings and transcripts of such recordings (if applicable), offer letters, identification data (civil/marital status, gender, nationality), and contact history. This data may be obtained directly from you, through publicly available sources, your professional networking profile, news reports, and/or third parties such as our clients, sources/referees, and our authorized background check providers.
In order to align our search process with our commitment to ensuring equal opportunities, we may collect information about you (in appropriate circumstances and in accordance with applicable local law) which may be classified as diversity information, or protected legal characteristics under California or federal law (such as your racial or ethnic background, gender, disability, age, sexual orientation, religion or beliefs, and/or socioeconomic background). Additionally, as some of our clients may be subject to employment diversity requirements, Spencer Stuart may be required to share such information insofar as it pertains to the search you are a part of.
Leadership Advisory Data
If you participate in our Individual Style Profile, Executive Intelligence (ExI) evaluation, or are assessed as part of our services, we may collect information and identifiers such as your name and email address, cultural-style background, qualifications, work experience, details regarding your employment, responsibilities at work, your professional views and opinions, as well as any other information and responses you may provide to evaluative measures, surveys and interviews (including, where applicable, interview recordings and transcripts of such recordings). Providing additional personal data such as age, gender, and ethnicity is voluntary and will not affect the assessment results.
Referee or Source Data
If you are an individual who provides a personal reference or feedback for a candidate (depending on the circumstances we may classify you as a Referee or Source), we may collect and process your contact details, certain professional and employment details (such as title, occupation, qualifications and employment history) and your connection to the candidate. We may collect this information directly from you, the candidate, or from publicly available sources. We will use this information to gather information on the relevant potential candidate such as your connection to, experience with, and opinion about such potential candidates. Any reference or feedback you provide about a candidate would not be attributed to you if shared with third parties. We may also use your contact details to contact you in relation to any of our services that we believe may be of interest to you.
Client or Supplier Data
If you are a Spencer Stuart client or supplier, we will collect and use information about your company and individuals within your company for the purposes of fulfilling our obligations to you and furthering our business relationship. Data collected will typically comprise your contact details (such as name, telephone number, email address, job title, and business record related to our services).
Where the Personal Data is Held - Binding Corporate Rules
If you would like additional information regarding the Binding Corporate Rules, please e-mail Spencer Stuart at firstname.lastname@example.org.
Purpose for Collecting Personal Data and How We Use Personal Data
Candidate and Assessment Data
The data is used in the usual course of our business to provide our services to clients. This may include assessing your suitability for executive and non-executive roles, presenting you as a prospective candidate to potential employers (Spencer Stuart’s clients), contacting you for an assignment (executive search or assessment) or verifying the details of your profile.
Finally, your information may also be shared with any competent law enforcement, regulatory or governmental body, or a court of law if necessary to exercise our legal rights, protect your interests or as required by applicable law.
Referee or Source Data
We will use the collected data to obtain information regarding your experience with, and thoughts and opinions on, a particular or potential candidate. If a candidate provides us with your details as a Referee, we may share your contact information with our clients to allow them to evaluate a candidate for a specific position. Any reference, opinion or feedback you provide to Spencer Stuart as a Referee or Source shall in no case be attributed to you if shared with a client. We may also use your contact details to contact you in relation to any of our services that we believe may be of interest to you.
Client or Supplier Data
The data collected will be used in the context of the provision of our or your services. We may also use the data for other business purposes, including data analytics, benchmarking and statistic purposes. We may use the personal data collected to contact you in relation to any of our services that we believe may be of interest to you.
We may contact you from time to time to share intellectual capital and thought leadership that we have published which we believe could be of interest to you or relevant to your role at your organization. You may opt out of receiving these communications at any time.
From time to time we may contact you with an invitation to attend an industry- or role-specific event, such as a dinner or charity event. You may opt out of receiving these invitations at any time.
We may retain and use personal information for research, benchmarking, and market norms in order to provide and develop our services and intellectual capital and remain aligned with market standards. We may also share your data with vetted third-party vendors for analytics purposes in the context of improving our service offerings.
In addition to the above, in certain limited cases, we may disclose a minimum degree of personal information for internal business purposes. Such business purposes include, but are not limited to audit procedures, security processes, maintenance of our systems and infrastructure, internal research of our business and services, performance of our services, tests of our services, and other short-term uses.
Legal basis for processing your personal information
Spencer Stuart’s legal basis for collecting and using the personal information described in this policy will depend on the personal information and processing activity involved and the context in which it was obtained.
We will process basic personal information about you, such as your contact details (name, address, email, phone number) and information that would normally be included in a curriculum vitae (education history, employment history, professional experience, offer letters, compensation history where permitted by local law, etc.), and competencies, as well as any additional information that may assist us in presenting the best individuals for the most appropriate roles (such as professional or relocation interests) on the basis of legitimate interest, or other legal grounds (such as consent) where required by applicable local legislation, provided the processing of such information is not overridden by your own privacy interests or your rights and freedoms as provided by law.
Once we proceed to the later stages of the search process, we will ask you to sign a consent form allowing us to process (and share with our clients and background check providers if relevant and necessary to the search process) any information required for background checks and/or employment diversity requirements, including any potentially sensitive information that may come to light during interviews, as well as any insights that we may provide to our clients based on the foregoing.
If we are unable to obtain your consent at the relevant stage of the process, any information we process for employment diversity requirements shall be done on the basis of reasons of substantial public interest, or applicable laws and/or the requirements imposed by local authorities. However, we shall obtain your consent prior to sharing such information with our clients.
Leadership Advisory Services
We will process the information obtained using our proprietary assessment techniques and tools as well as your contact information and details about your employment and background (as detailed above) on the basis of legitimate interest, or other legal grounds (such as consent) where required by applicable local legislation, in order to provide our services to our clients.
In order to facilitate the interview processes for both our Executive Search and Leadership Advisory Services, we may request to record the interview session which will then be transcribed by a third party to ensure the information obtained is entirely accurate for our review. In the event of a planned recorded interview session, we will obtain your consent prior to recording.
If you require any further information concerning the legal basis on which we process your personal information, you may contact us at email@example.com.
Information Security and Integrity
To prevent unauthorized access, maintain accuracy of data and ensure the proper use of information, Spencer Stuart has implemented appropriate legal, physical, technical and security procedures to protect the confidentiality of and safeguard the personal information collected, and prevent against accidental loss, unauthorized access, or unlawful processing. These measures will be reviewed over time and updated to remain aligned with legal and technological developments.
Spencer Stuart will retain your personal data only for as long as the data is needed in connection with the purposes for which is it being collected and used. The following criteria will be used to guide us when retaining your information:
- We will retain personal data for as long as we maintain an active relationship with you;
Once our relationship with you has ended, your personal data may still be relevant for our current or future legitimate business purposes, for example we may be required to retain certain personal information for our business records if you have been placed into a role by us, or for us to be able to establish, exercise or defend our legal rights;
Certain data may be required to be stored in order to show we are compliant and have fulfilled our obligations towards our clients or to continue meeting any of our obligations once we have completed a client assignment in which you may have been involved.
You have the right to access, erase, correct, update or complete your personal data, or to request no further contact from Spencer Stuart. Additionally, you have the right to request the transfer of your personal data to a third party, to object to the processing of your personal information, to ask us to restrict our processing of your personal information, or to withdraw your consent at any time. If you wish to exercise any of these rights you may contact firstname.lastname@example.org.
If you are a California resident, you have certain rights under the California Consumer Privacy Act of 2018 (“CCPA”). Specifically, you may request the categories of personal data we have collected, the sources of such personal information, and the specific pieces of personal data we have collected about you. If applicable, you may also request the business or commercial purpose we have for collecting your personal data, the categories (outlined above) of your personal data we have shared or disclosed, and the categories of third parties to whom we have shared or disclosed such personal data. You also have the right to request the deletion of your personal data. To exercise any of your rights, you may contact the email address above (email@example.com), or you may you may call us at 1 (844) 390-CCPA (1-844-390-2272). We will not discriminate against you for exercising any of your rights pertaining to your personal data.
Should you request that we remove your personal information from our database, please note that we may retain a minimal amount of personal information about you in order to record your wish for your data to be removed, and to keep a record of the information disclosed to our clients. If deletion (or anonymization if applicable) of your personal data is not possible (for example, because your personal information has been stored in backup archives) then we will securely store your personal information and isolate it from any further processing until deletion is possible.
If we have collected and processed your personal information on the basis of your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect any processing performed prior to your withdrawal, nor will it affect processing on the basis of lawful processing grounds other than consent.
Finally, you have the right to bring a complaint to the relevant data protection authority in your jurisdiction about our collection and use of your personal information. For more information on how to lodge a complaint, please contact your local data protection authority.
If you have any questions about your personal information, please e-mail Spencer Stuart at firstname.lastname@example.org.