Pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the “CCPA”), this California Privacy Policy and Notice (the “CA Privacy Notice”) supplements the Everest Group Global Privacy Notice for Applicants, Candidates, Employees and Contractors (“Global Privacy Notice”), which describe[s] the personal data that we collect, the sources from which we collect it, how long we retain it, the purposes for which we use it, the limited circumstances under which we disclose personal information, and to whom we disclose it. This CA Privacy Notice explains our online and offline practices regarding the collection, use, and disclosure of “personal information” of all job applicants, candidates, employees and contractors of Everest Group and its affiliated companies who reside in California. Please read this Notice carefully so you understand our practices regarding your information.
For more information about the types of information we collect and use in connection with your general access and use of our website, please review our general Privacy Notice here.
This CA Privacy Notice covers all job applicants, candidates, employees and individual contractors (including current and former), contingent workers, interns, agency workers, consultants, and directors, and the individual employees or personnel of contractors or service providers of Everest Group and its affiliated companies, who reside in California. We also may process the personal data of other individuals whose data is provided to us in connection with these relationships (e.g., next-of-kin, emergency contact information and/or dependents).
As defined by the CCPA, “personal information” includes any information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include deidentified or aggregated consumer information, certain regulated information, or information made available to the general public.
The personal information that Everest Group collects, or has collected from job applicants, candidates in the 12 months prior to the effective date of this CA Privacy Notice falls into the following categories established by the California Consumer Privacy Act:
Categories of PI Collected | Examples | Categories of Third Parties to Whom Disclosed |
Identifiers |
Real name, alias, postal or mailing address, telephone number, nationality, unique personal identifier, i.e., cookies, online identifier, IP address, email address, social security number, driver’s license number, state identification number, immigration data (including passport details and place of birth) or similar identifiers, eligibility to work data | IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services Professional advisors (accountants, lawyers, and auditors) Former employers and references of our job applicants |
Personal information types listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) |
A name, signature, Social Security Number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, education, or employment information
Some personal information included in this category may overlap with other categories |
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services Professional advisors (accountants, lawyers, and auditors) Former employers and references of other job applicants |
Internet or other similar network activity
|
IP addresses, access logs, browsing history, search history, and usage history with respect to job applicant portals or systems | IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
|
Sensory data
|
Audio recordings, voicemail, or similar electronic information (e.g. Photograph)
|
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
|
Legally protected classification characteristics
|
Race, ethnicity, national origin, sex, gender, sexual orientation, gender identity, age, disability, military status
|
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services Professional advisors (accountants, lawyers, and auditors) |
Professional or employment-related information
|
Information regarding prior job experience, positions held, names of prior supervisors
|
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services |
Pre-Hire Information
|
Job application, resume, background check results, job interview notes, and candidate evaluation records
|
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services |
Consumer-Provided Education Information
|
Information from resumes regarding educational history; transcripts or records of degrees and vocational certifications obtained, grades or class results, disciplinary records, or other education records or information
|
IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants
Vendors that perform background checks and other Human Resources services |
NOTES: The detailed description of PI categories being collected by Everest Group for Employees and Contractors (current and former) are provided under the Section: WHAT PERSONAL DATA DO WE PROCESS? of the Everest Group Global Privacy Notice for Applicants, Candidates, Employees and Contractors |
Everest Group collects the above-identified categories of personal information from the following sources:
Everest Group may collect and use your personal information for the following business or commercial purposes, consistent with and only as permitted by applicable law:
If you are a California resident, you may have certain rights under the California Privacy Rights Act, (CPRA), including to request information about the collection of your personal information by Everest Group, to access your personal information in a portable format, and to correct or delete your personal information. If you, or an authorized agent under the California Privacy Rights Act, wish to do any of these things, please contact [email protected].
You can get more information and opt out of the use of cookies on our sites for interest-based advertising purposes by clicking the Do not sell my personal information link https://www.everestgrp.com/privacy-policy/ccpa-data-rights/ in the webpage footer and setting your cookies preferences. You will need to set your preferences for each device and each web browser from which you wish to opt-out. This feature uses a cookie to remember your preference, so if you clear all cookies from your browser, you will need to reset your settings.
To exercise the rights described above, you—or someone authorized to act on your behalf—must submit a verifiable consumer request to us by sending an e-mail to [email protected] with the subject line: “CCPA Request”, and send to the following address:
Data Protection Officer, General Counsel’s Office |
Postal Address: Everest Group, 700 Central Expy S, Suite 400, Allen, TX 75013
You may also exercise your data rights by clicking the Do not sell my personal information link https://www.everestgrp.com/privacy-policy/ccpa-data-rights/. We may provide additional ways for you to exercise your rights from time to time.
Your request must include your name, e-mail address, mailing address, phone number, and the specific requests you are making. If you are an agent submitting a request on behalf of a consumer, we may request that you submit a signed permission from the consumer authorizing you to make the request. In order to protect the privacy and data security of consumers, the verifiable consumer request must:
As indicated above, please be aware that the CCPA provides certain limitations and exceptions to the foregoing rights, which may result in us denying or limiting our response to your request.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We may also request that you provide additional information if needed to verify your identity or authority to make the request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you or the consumer on whose behalf you are making the request.
We will acknowledge receipt of your request within ten (10) business days, and provide a substantive response within 45 business days, or inform you of the reason and extension period (up to 90 days) in writing.
Under the CPRA, only you or an authorized agent may make a request related to your personal data. Note that to respond to your requests to access or delete personal data under the CPRA, we must verify your identity. We may do so by requiring you to log into your Everest Group account (if applicable), provide information relating to your account (which will be compared to information we have, such as profile information), give a declaration as to your identity under penalty of perjury, and/or provide additional information. You may designate an authorized agent to submit your verified consumer request by providing written permission and verifying your identity, or through proof of power of attorney.
California Privacy Rights Act Sensitive Personal Information Statement. The categories of data that Everest Group collects and discloses for business purposes include “sensitive personal information” as defined under the California Privacy Rights Act. Everest Group does not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.
California Privacy Rights Act Non-Discrimination Statement. Everest Group will not discriminate against you and/or charge you for exercising any of these rights, which is further in line with your rights under the CPRA. Everest Group is not obliged to respond to more than two requests within a 12-month period.
For each category of personal information identified above, Everest Group will only retain such information for as long as necessary to fulfill your requests or the purposes for which it was obtained, as set forth in this CA Privacy Notice. The criteria used to determine our retention periods include (i) for as long as we have an ongoing relationship with you, (ii) as required by a legal obligation to which we are subject, and (iii) as necessary to resolve any disputes or enforce our legal agreements with you.
We reserve the right to amend this CA Privacy Notice at our discretion and at any time. If there are changes to this CA Privacy Notice, we will post them here and update the “Last Updated” date at the top of this document. Continued use of this website after any changes is deemed to be acceptance of those changes. Please check this page periodically for updates.