EU Team Member Privacy Notice
Last updated 27 April 2021
European Team Member Privacy Notice
This Team Member Privacy Notice is intended to explain Dun & Bradstreet's (D&B’s) employee and contractor personal data collection and management practices and it applies to Dun & Bradstreet Team Members employed by a company within D&B Europe, the European Economic Area, Switzerland, the United Kingdom and Ireland (together “Europe”)..
We are committed to protecting the privacy and integrity of personal data that is disclosed to us by Team Members and received by us from other sources at any time before, during and after employment at Dun & Bradstreet. As part of this commitment, we will seek to comply in all material respects with (where applicable):
- The General Data Protection Regulation 2016/679 and any other implementing legislation enacted by the EU member states with respect to Dun & Bradstreet operations in those countries; and
- All other applicable local, state, federal and international Privacy and Data Protection laws, rules, regulations and ordinances.
The data controller of your personal data is the company named in your employment contract. Your data may also be processed by any other company within the Dun & Bradstreet Group as a controller and this privacy notice will fulfil all applicable information obligations. The Data Protection Office for all D&B companies throughout Europe can be contacted on EUDPO@dnb.com.
Grounds of Processing
Generally, we process Team Member personal data as it is necessary to fulfil an employment contract (e.g. knowing who you are, how to contact you and where to process remuneration).
Certain personal data is required to fulfil legal obligations we are subject to, for example checking your right to work in your local market or criminal checks required under our regulatory permissions or for our regulated customers.
Other information may be processed as part of our legitimate interest as your employer, for instance collecting your dietary preference for social functions or being aware of your next of kin.
Information needed to fulfil your employment contract or legal obligations we are subject to is often so critical to Team Member continued employment that the failure to provide it may result in Team Members not remaining in employment, or having their contract terminated.
Team Member Data Collection
Team Member data collected by us includes, but may not be limited to, the following (subject to local legislation):
- Contact information, such as your name, physical address, telephone numbers, and email addresses. We use this information to communicate and send documentation to you.
- Identification information, such as your date of birth, country of birth or the country where you are a registered national or citizen, nationality/visa status, passport number, social security number, driver’s license number and signature. We need this to confirm who you are.
- Emergency contact information, so we know who to contact in the event of an emergency.
- Sensitive data such as your disability, gender, race, military status and sexual orientation (to the extent such information is collected or provided, for example, through voluntary self-identification). We use this information (at the time and manner and to the extent permitted or required by law) to address our legal obligations to you, to make any adjustments required to assist you, to conduct meaningful equal opportunity and diversity monitoring and analyses, where permitted or required by law. Unless required by law, you are not obliged to provide this information.
- Job qualifications and related information, such as the position applied for, previous job roles, descriptions of your skills and experience, education, awards, qualifications, certificates, licenses, and any other information you choose to provide in your resumes and/or applications. We retain this information from the selection process for our records and identify potential conflicts of interest.
- Professional or other membership information, such as your membership in professional bodies and trade groups.
- Travel related information, such as frequent flyer numbers, TSA known traveler numbers, itineraries, flight, train, rental car, car service, hotel or other similar information. We use this information to facilitate your business travel, including to arrange or reimburse travel, to contact you during travel, as necessary with travel service providers, or in an emergency situation.
- Financial information, such as your bank account details. We use financial information to compensate you, process any expense claims and to comply with legal obligations.
- Results of background checks, screening and references, such as education verification, criminal records, driver license checks and opinions and comments of any previous employers. We use this information to fulfill our obligations to regulators (including demonstrating the suitability of employees for their role to regulators and professional bodies).
- Salary and compensation information, including commissions, bonuses, equity, stock option awards and exercise information, employee stock purchase plan information and pension information. We use salary and compensation information to ensure you are compensated in line with your contract of employment and to benchmark our practices.
- Performance and Development information such as objectives and appraisals. We use this information to ensure we are meeting company objectives.
- Attendance and reasons for absence which is used for holiday planning and ensuring employment contracts are fulfilled.
- Training Records so we can show we are meeting our legal, contractual and company requirements to maintain team members knowledge.
- Surveys, such as feedback and opinions as part of voluntary surveys. We use such information to understand what Dun & Bradstreet is doing well and what it can improve upon within the working environment. Your response to these surveys is optional.
- Photos that you provide to us or we arrange to have taken of you. These are used for security purposes, team building and external corporate promotional documentation.
- Inferences and Analytical Reports such as team building or developmental personality analysis, surveys or application processes.
Additional Uses of Team Member Information
In addition to the uses set forth above, we may use and share the categories of Team Member data:
- For consideration of suitability with other positions available within the Dun & Bradstreet Group.
- To comply with applicable legal and regulatory requests and obligations (including investigations).
- To establish or defend legal claims and allegations.
- For security or the prevention, detection, or investigation of fraud, suspected or actual illegal activity, violations of company policy or rules, or other misconduct.
- To seek advice from lawyers, auditors and other professional advisers.
When and with whom we share information
We limit the information we share and disclose to others as described below:
The Dun & Bradstreet Group
We may share information about you with other Dun & Bradstreet companies.
In order to provide your employment and benefits, we may share your data with carefully selected third party companies as service providers that work on our behalf to transmit, collect, process, or store information for us. We require these service providers adopt suitable technical and organizational measures to safeguard our information and to treat the information we share with them as confidential and to use it only for the purpose of providing the services for which they have been engaged. The categories of Service Providers with whom we work include:
- Vendors that assist with employment screening, payroll, financial planning, benefits and benefits administration
- Auditing and accounting firms
- Professional services consultants, such as firms that perform analytics, assist with improving our programming, provide legal services, or supply project-based resources and assistance
- Security vendors, such as entities that assist with security incident verification and response, service notifications, and fraud prevention
We may share team member information with institutions where doing so would further an important research purpose. For example, some institutions are interested in exploring the relationship between certain academic degrees and backgrounds with the type of positions that team members at Dun & Bradstreet hold. When we share information with researchers, Dun & Bradstreet requires the researchers to agree to keep the personal information confidential. The researchers may publish papers or studies which include aggregated data about Dun & Bradstreet’s team members but may not publish any personal information that identifies a specific individual.
How We Protect Your Information
We have in place security measures to protect your data from loss, misuse and unauthorised access, disclosure, alteration and destruction. The security measures are implemented and maintained in accordance with legal, organisational and technological developments.
Access to Team Member data within the company is only shared on a strict need to know basis. For example, a Team Member's leaders generally need to know a Team Member’s personal, background, contact, compensation, work history, experience, and training and employee performance information in connection with the day-to-day management of the Team Member. Additionally, Team Members in the Finance, People, Compliance and Legal departments may need to receive personal information to prepare budgets, to administer Team Member benefits, to carry out workforce planning, to conduct investigations and to advise the Company on its legal obligations
Transfers to third countries
Team Member data will be transferred to, stored and processed in the United States or any other country in which we or our affiliates or subcontractors maintain facilities, as described above. Where applicable, data transfers out of Europe to a third country will be governed by adequacy decisions and Standard Contractual Clauses and in line with all other EU requirements. If you require further information on this, please get in touch with our EU Data Protection Office.
Data will be retained for as long as it is legally required by local employment and/or discrimination legislation in line with our local and global company procedures.
Automated decision-making, including profiling
Dun & Bradstreet may use automated processing of personal data to evaluate certain personal aspects (such as someone’s suitability for a role). Such profiling however will only be one element of a decision-making process and decisions will never be based solely on profiling results.
Data Subject Rights
Team Members retain control over most of their data through internal human resource information systems and are able to self-serve amending or deleting most data. For all other data, Team members are entitled to request access and object to processing as well as rectification, erasure and restriction of personal data and may be entitled to receive their data in a portable form. All requests should be sent in the first instance to local People teams or email@example.com..
Any complaints about the processing of your personal data should be directed to D&B’s EU Data Protection Officer on EUDPO@dnb.com. Team Members may also lodge a complaint with their supervisory authority if they wish details of which can be found here.