Global Privacy Notice for Applicants, Employees and Contractors

Effective Date: January 1, 2024

Click here to download

As part of our commitment to protecting your personal data and processing it in a transparent manner, this privacy notice (“notice”) provides information on the personal data collected and processed by Everest Global, Inc. d/b/a Everest Group and its corporate affiliates (jointly, Everest Group) in connection with our relationship or potential relationship with you (“you” or “your”) as an applicant, candidate, employee, contractor or service provider.  This notice is provided by the Everest Group (“Everest Group”, “we”, “our” or “us”). If you are employed by Everest Group or retained by Everest Group as a contractor, this notice does not form part of your contract of employment or contractor engagement agreement.

This notice covers all job/employment applicants/candidates, employees and individual contractors (including current and former), contingent workers, interns, agency workers, consultants, and directors, and the individual employees or personnel of contractors or service providers of Everest Group and its affiliated companies.  We also may process the personal data of other individuals whose data is provided to us in connection with these relationships (e.g., next-of-kin, emergency contact information and/or dependents (including minor children)). Please check below webpages for a region- or country-specific notice that may provide additional information, including, for example:

This notice describes the personal data that may be collected from you and from others about you, the purposes for which that personal data is collected, stored and used, and our reason for doing so (also referred to as our “legal basis”).  In this notice, we also outline which internal Everest Group function may use your personal data and when it may be shared with other vendors and advisors, and we summarize your rights in relation to our processing of your personal data, and how you can exercise these rights.

Please take the time to read and understand this notice, which should be read in conjunction with our other corporate policies and procedures. When appropriate, we will provide a “just in time” notice to cover any additional processing activities not mentioned in this document.

Everest Group will be a data controller of your personal data.  Everest Group and its affiliates jointly control your personal data.

What is an Everest Group affiliate?  

In this notice, “Everest Group Affiliate” or “our affiliate” means any entity controlled, directly or indirectly by Everest Global, Inc. or any entity directly or indirectly under common control with Everest Global, Inc. A list of the Everest Group controllers likely to be relevant to you and, where applicable, their representatives are set out in Appendix 1.

This notice applies in conjunction with any other notices you receive from Everest Group Affiliates in connection with the processing of your personal data.

Everest Group is a “data controller”. This means we are required under data protection legislation to notify you of how we will collect, process and store your personal data during the application and recruitment process. We will also explain what rights you have in relation to how we process your personal data.

If you would like to contact us regarding the processing of your personal data, please contact Everest Group’s Data Protection Officer via regular mail at Data Protection Officer, Everest Group,  700 Central Expy S, Suite 400, Allen, TX 75013 or via email at [email protected].

Everest Group and our Affiliates will, depending on your role and the terms of your relationship or potential relationship with us, process certain personal data relating to you and people connected to you.  The EU/UK and California residents shall refer to the specific country notice’s link provided Section 2 of this notice.

Broad list of data types that we process during the application and recruitment process shall include:

  1. Personal details.
    1. Identification data – such as your full name, salutation, gender, nationality, photograph, date of birth, employee IDs.
    2. Contact details – such as permanent and temporary home address, business address, personal mobile number/telephone/email addresses, emergency contact details,
    3. Immigration data – including passport number, passport issuing country, passport validity date, and place of birth, other required eligibility to work data, photograph, your salutation/title, forename, middle name(s) and surname, birth name, preferred name, any additional names, country of residence and of tax residence, second nationality, civil/marital status, age, national ID number, hobbies, languages spoken, mother’s maiden name, name of spouse, and next-of-kin and dependent contact information.
  2. Information relating to your role or potential role with us.
    1. Employment details – such as job title/position, office location, employment contract, performance and disciplinary records, grievance procedures, sickness/time-off records, default hours, time zone and currency for location, various system access IDs, your employee/contingent worker type, your hire/contract begin and end dates, whether you are full or part time, the date of expiry or termination of your employment or engagement, the reason for termination, your last day of work, exit interview feedback, references, status (active/inactive/terminated), the reason for any change in role and the date of change and your benefit coverage start date, expected salary and bonus.
    2. Work experience – skill sets, notice period, employment status, your work biography and qualifications, your reporting line, your job title and job description and your working hours and patterns.
  3. Information relating to recruitment and selection.
    1. Background information – such as CV/résumé, academic/professional qualifications (including previous role information), education proofs. Where permitted by law and applicable we may collect the results of credit and criminal background checks, screening, health certifications, driving license number, vehicle registration, and driving history.
    2. Verification information – references, information compiled in undertaking a background check, which may include criminal record data, financial stability checks and reviews of professional and social media, past employment records (including salary slips, employment agreement, relieving letter, experience letter, resignation letter, educational qualification proofs (copy of graduation degree.
    3. Assessment information – interview and other assessment data, recruiters’ remarks,
  4. Government identifiers and Regulatory information.
    1. Government identifiers – such as government issued ID/passport, immigration/visa status, social security or national insurance numbers, employee provident fund and pension fund UAN number, Aadhaar number.
    2. Regulated status and any regulatory references – includes data such as records of your registration with any applicable regulatory authority, any relevant certificates, information regarding any issues that may affect professional propriety, compliance approval status, and any conflict-of-interest disclosure.
  5. Details of your remuneration and benefits entitlements.
    1. Remuneration information – includes salary/hourly plan/contract pay information as applicable, allowance, bonus, and merit plans and stock and equity grants, expected salary,
    2. Financial information – includes bank account details, social security number, unique account number for provident fund and pension account created under mandatory labour law compliance requirements, tax information, benefit plans, investment proofs,
    3. Dependants and beneficiary information – third-party such as your spouse/partner or other dependants’ (including your minor children) information, such as your marital status, identification and contact data about them and information relevant to any Everest Group benefits extended to such people.
  6. Information regarding holidays and leave.
    1. It includes data such as your absence records. This category includes data such as dates and categories of leave/time-off, holiday dates, and information related to family leave.
  7. Information regarding human resources (“HR”) processes.
    1. It includes such as performance reviews and performance management, disciplinary or grievance processes, flexible working arrangements, restructuring, and redundancy plans.
    2. This category includes data such as allegations, investigations and proceeding records and outcomes, colleague and manager feedback, talent programs, consultation records, selection and redeployment data, health and safety audits, risk assessments, data and security incident reports, data relating to training and development needs or training received, as well as background information and context to the applicable HR processes.
    3. Forms and information relating to the application for, or in respect of changes to, employee health and welfare benefits; including, short and long-term disability, medical and dental care, etc. Physical limitations and special needs in order to provide reasonable accommodations.
  8. Monitoring data
    1. IT information – information required to provide access to company IT systems and networks (and information collected by / through those systems) such as IP addresses, log files and login information, internet and system usage records, keystroke, download and print records, email and IM communications, and external searches of public sources, if and to the extent permitted by applicable laws. Acknowledgements regarding our policies, including employee handbooks, ethics and/or conflicts of interest policies, and computer and other corporate resource usage policies.
    2. Surveillance data – It includes to the extent permitted by applicable laws, closed circuit television footage, facial recognition system for access control at office. This category includes data such as system and building login and access records.
    3. This activity also includes reviews of training metrics, monitoring external personal investments and compliance with policy, and management of conflicts with Everest Group roles.
  9. Information relating to legal claims, complaints, and disclosures.
    1. It includes such as information relating to involvement in claims and legal proceedings or dispute resolution, and employee involvement in incident reporting and disclosures. This category includes data such as settlement arrangements and payments, the subject matter of litigation, and complaints.
  10. Your sensitive/special category personal data.
    1. What is your sensitive/special category personal data? – Sensitive/special category Personal Data includes any information that reveals your racial or ethnic origin, religious, political or philosophical beliefs, sexual orientation, trade union membership, criminal convictions, genetic data, biometric data for the purposes of unique identification, information about your health (“Sensitive/special category Personal Data”).
    2. Do we process your sensitive/special category personal data? – Yes, we may also process sensitive/special category Personal Data relating to you and your spouse/partner and/or dependents. This category of data includes, diversity status, biometrics (limited to facial recognition image if you are authorised to access our office premises in India), religion, health and medical information, trade union membership, data related to criminal convictions and offences, etc. As a general rule, we try not to collect or process any Sensitive/special category Personal Data about you and any individual related to you, unless authorized by law or where necessary to comply with applicable laws or to provide benefits.
    3. What data relating to criminal convictions and offences are processed? – We process criminal convictions and offences data in the context of background checks and regulatory registrations, as set out in this notice.
  11. Data of individuals related to you.

We may need to process data of individuals related to you (referred to as ‘third parti(es)’), such as your spouse/partner, dependants, next to kin, emergency contacts, beneficiaries, and family members. This category includes data such as the third party’s name, date of birth, age, contact details and any additional information which we process in connection with our regulatory obligations.

  1. We mainly collect your personal data or sensitive/special category personal data directly from you.
    1. You will usually provide this information directly to us, or enter it into our systems (for example, through your self-service access to our HR systems, your participation in HR processes, messages you send or receive that are recorded on our systems, or through verbal information which may be recorded, in each case if and to the extent permitted by applicable laws).  In addition, further information about you will come from your colleagues (for example, your managers or HR).
  2. In some cases, we may obtain your personal data or sensitive/special category personal data from Everest Group Affiliates or from third parties.

 The situations where we collect your personal data or sensitive/special category personal data from other sources shall include:

  1. Certain background and other information from recruitment agencies, academic institutions, referees, background checking agencies and other third parties during your recruitment.
  2. Certain information on your performance, conduct or other information relevant to formal internal procedures (e.g. disciplinary or whistleblowing procedures), from customers or other organizations you routinely work with.
  3. Information on your training and development from external training partners and information about your experience and impressions of Everest Group through external survey providers.
  4. Information about your health, including your fitness to carry out work and/or any accommodations or adjustments to be considered from your doctor, other specialist medical adviser or Everest Group’ appointed medical expert.
  5. Information on accidents or incidents from Everest Group’ insurance brokers, insurers and their appointed agents, where they are involved.
  6. Information on tax payable from local tax authorities and Everest Group’ appointed payroll agents and tax/financial advisers.
  7. Information collected through Everest Group’ IT systems and other devices as set out above in Section 6.
  8. Information about your entitlement to participate in, or receive payments or benefits under, any insurance or pension scheme provided by Everest Group, from the relevant benefit provider or its appointed agent.
  9. Information from publicly available sources (e.g. news sources and/or from social media platforms) in connection with any investigation or formal procedure concerning the same (for instance, for the investigation of an allegation that a staff member has breached our rules on social media use or conduct generally).
  10. In some circumstances, data may be collected indirectly from monitoring devices or by other means (for example, building and location access control and monitoring systems, closed circuit television, telephone logs and recordings, and email and Internet access logs), if and to the extent permitted by applicable laws.
  11. Only in cases of accessing to Everest Group offices located in India, your facial data shall be collected on a facial recognition tool, however, this biometric data will be collected directly from the actual scanning of authorised individual’s faces. Facial data can include images or biometric data points extracted from employees’ facial features to the extent permitted by applicable laws.

In certain circumstances, we may process the personal data of other persons related to you, such as your spouse/partner, emergency contacts, dependents and family members.  The personal data regarding third parties that you provide to us will be processed for the purposes of HR administration and management, including the administration of benefits and to contact your next-of-kin in an emergency, and by compliance to establish and meet regulatory requirements and identify any conflicts of interest.

Before you provide data relating to third parties to us, you should ensure you are permitted to do so and make them aware of the information contained in this notice. You must ensure and secure evidence that these related parties, or their legal representatives if they are minors, have given their free and express consent that their personal data may be processed by Everest Group and/or Everest Group Affiliates and subcontractors for the purposes described in this privacy notice.

i. Processing purposes
Your personal data are collected and processed for various business purposes, in accordance with applicable laws and any applicable collective bargaining agreements. Data may occasionally be used for purposes not anticipated by you where the circumstances warrant such use (e.g., in investigations or disciplinary proceedings).

Everest Group and Everest Group Affiliates process your personal data for a specific purpose and process only the personal data relevant for achieving that purpose. In particular, we process your personal data for the following purposes and for compatible purposes:

a. Applicant/candidate attraction, assessment, and selection: It includes all activities in connection with recruitment (including vetting and background checks). If and to the extent permitted by applicable laws, this includes recruitment and appropriate vetting for recruitment including, where relevant and appropriate, credit checks, right to work verification, identity fraud checks, criminal record checks, relevant employment history, relevant regulatory status and professional qualifications.

b. Workforce management and development: It includes all activities undertaken in managing and administering the relationship between Everest Group and its employees and workers. This includes talent management, assessment, and development, employee relations, benefits including administrative support, and location-based processing, including:

• training, development, promotion, career and succession planning

• allocating and managing duties and responsibilities and the business activities to which they relate, including business travel and tax matters

• identifying and communicating effectively with staff

• managing conduct and performance processes, handling complaints and investigations and operating other informal and formal HR processes and making related management decisions

• processing information about absence or medical information regarding physical or mental health or condition in order to administer related benefits, determine fitness for work, facilitate a return to work, or to make adjustments to your role or the workplace

• making management decisions regarding employment or engagement or continued employment or engagement or redeployment and related processes

• complying with applicable laws and regulations (for example employment, working time, health and safety, and tax laws and regulations to which we are subject in the conduct of our business)

• complying with reference requests where Everest Group is asked or required to act as a referee

• where relevant, publishing appropriate internal or external communications or publicity material including via social media in appropriate circumstances

c. Managing compensation and administering benefits: including staff compensation and management of benefits and retirement entitlements.

This category includes providing and administering remuneration, and benefits and reimbursement of business costs and expenses, and making appropriate tax and social security deductions and contributions.

d. Promoting diversity and preventing discrimination: It includes those activities that we undertake as an Equal Opportunities employer.

This category includes managing monitoring programs to ensure equality of opportunity and diversity with regard to personal characteristics protected under applicable anti-discrimination laws and to monitor the effectiveness of those programs.

e. Management and improvement of Everest Group systems and operations: It includes improvements to HR systems, management of technology systems and processes and business transformation and changes to Everest Group’s structure and operations. This category includes:

• business contingency planning

• engagement with employees (and/or employee representatives) for planning, managing, and carrying out restructuring or redundancies or other change programs (including consultation, selection, alternative employment searches, and related management decisions)

• conducting surveys for benchmarking and identifying improved ways of working, employee relations and engagement at work (these will often be anonymous but may include profiling data such as age to support analysis of results)

• planning, due diligence, and implementation in relation to a commercial transaction or service transfer involving Everest Group that impacts on your relationship with Everest Group (for example a transfer of your employment under applicable automatic transfer laws)

• implementing email, technology, internet, social media, HR-related and other company policies and procedures

• providing technical support and maintenance for HR information systems and to change access permissions

f. Prudent business management and protecting and enforcing Everest Group rights: It includes vendor management, management and strategy, and management reporting activities. This category includes:

• business operational and reporting documentation such as the preparation of annual reports or tenders for work or client team records including the use of photographic images

• supporting HR administration and management and maintaining and processing general records necessary to manage the employment, worker or other relationship and operate the contract of employment or engagement

• operating the relationships with third-party customers and suppliers including the disclosure of relevant background checking information in line with the appropriate requirements of regulated customers to those customers, contact or professional CV details or photographic images for identification to clients or disclosure of information to data processors for the provision of services to Everest Group

g. Protection of business, clients, staff, and systems: This includes protecting the private, confidential, and proprietary information of Everest Group, Everest Group Affiliates, and our employees, clients, and third parties.

This includes, to the extent permitted by applicable law, carrying out monitoring of our technology systems to protect and maintain the integrity of such systems and infrastructure and to ensure compliance with relevant technology policies. We also locate information through searches where needed for a legitimate business purpose.

h. Meeting our regulatory and compliance obligations and preventing crime: This includes carrying out regulatory compliance checks, making disclosures to, and complying with requests from public authorities, regulators (whether inside or outside of the country where you reside or the European Economic Area) or governmental bodies across our global group, and investigating conduct and preventing fraud and other crime. This includes:

• activities to enforce our legal rights and meet our obligations, and for any purposes in connection with any legal claims made by, against, or otherwise involving you.

• actions we take to comply with lawful requests by public authorities (including without limitation to meet national security or law enforcement requirements), disclosure requests, or where otherwise required or permitted by applicable laws, court orders, government regulations, or regulatory authorities (including without limitation data protection, tax and employment), in all cases whether within or outside your country of residence.

• processing activities to satisfy our regulatory obligations to supervise the persons employed or appointed by us to conduct business on our behalf, including preventing, detecting and investigating a wide range of activities and behaviours, whether relating to specific business dealings or to the workplace generally and liaising with regulatory authorities.

We may also process data for other purposes that we shall notify to you from time to time.

Additional information regarding specific processing of personal data and sensitive/special category personal data may be notified to you locally or as set out in applicable policies.

For our employees and contractors reference additional details of technology monitoring and management of confidential information are set out in Everest Group’s Global Privacy and Confidentiality Policy and other policies referenced therein.

ii. Change in processing purpose

We will solely utilize your personal information for the original reasons it was collected unless there’s a valid legal basis and a reasonable need to use it for another compatible purpose. For instance, if you’ve submitted personal data while exploring job opportunities at Everest Group, we may process it based on our legitimate interest in recruiting candidates. However, if you apply for a position and are hired, we will process your personal information for the purpose of establishing an employment relationship with you.

iii. Our legal basis for processing your data

The personal data processing described in this notice may be:

a. necessary in order to enter into contracts with you relating to your employment or engagement with us and meet our obligations under such contracts. This applies to paragraphs a, b, c, and f of Clause 9i. above of this notice.

b. necessary in order to comply with our legal obligations under applicable data protection laws, including the laws of the EU and its Member States, and the laws of California. This applies to paragraphs b, d, e, and h of Clause 9i. above of this notice.

c. necessary for the legitimate interests of Everest Group or others (as described below), where these are not overridden by your interests or fundamental rights and freedoms. This applies to paragraphs a to h of Clause 91. above of this notice.

d. based on your explicit consent.

e. in limited circumstances and to the extent the legal bases for processing set out above do not apply, processed with your consent (which we obtain from you from time to time).

The ‘legitimate interests’ referred to in sub-clause c of Clause 9(iii) above of this notice are:

• the processing purposes described in sub-clause a to h of Clause 9i. above of this notice to the extent the processing is not necessary in order to: (i) enter into contracts with you and meet our obligations under such contracts, or (ii) comply with our legal obligations under the laws of the EU and its Member States

• working with the firm’s regulators to meet their requirements, and complying with our regulatory obligations globally

• exercising our fundamental rights and freedoms, including our freedom to conduct a business and right to property

Sensitive/special category personal data is processed for one or more of the following reasons:

i. the processing is necessary for the purposes of carrying out the obligations and exercising specific rights in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject.

This applies to certain processing activities described under sub-clause b and d of Clause 9i. mentioned above.

This may include the following, although this is not an exhaustive list:

a. health and medical information may be used to comply with, and exercise our rights under, employment, health and safety, or social security laws, for example to provide statutory incapacity or parental benefits, avoid breaching legal duties to you, to ensure fair and lawful management of your employment, avoid unlawful termination of your employment, to monitor absence and to administer Everest Group’s private medical and long term disability schemes, to make reasonable accommodations or adjustments and avoid unlawful discrimination or dealing with complaints arising in this regard.
b. trade union membership may be recorded to ensure that we may comply with any relevant rights that you may have in connection with any trade union membership, as required to enable us to meet our obligations under employment law.
c. biometrics data may be collected only on our facial recognition access system deployed in our offices located in India for the three specific purposes (i) access and authentication, (ii) smart attendance system, (iii) safety and security of workspace and company property.
d. information regarding your racial or ethnic origin, religion, philosophical or political belief, sexual life and sexual orientation may be used in the event of a complaint under Everest Group’s grievance, whistleblowing, anti-bullying, and harassment or similar policies where such characteristics or information are relevant to the particular complaint, in order to comply with employment law obligations.

ii. the processing is necessary for the establishment, exercise or defence of legal rights and claims.

This applies to processing for the purposes of establishing, exercising and defending legal rights and claims, as described in sub-clause h of Clause 9i. above of this notice, to the extent this involves processing any special categories of personal data.

iii. the processing is necessary for reasons of substantial public interest.

iv. the processing relates to personal data that you have made public.

v. solely to the extent that the processing is not otherwise justified under one of the above justifications, your explicit consent to the processing (which we obtain from you from time to time).

We do not sell your sensitive/ special category personal data collected under this notice.

We only process personal data relating to criminal convictions and offences as authorised by applicable law. For example, we process criminal record information as part of our pre-employment and periodic background check procedures (see sub-clause a of Section 9i. above), our annual certification process, in connection with correspondence received from, or reporting to, law enforcement agencies or in the course of the management of our relationship with you, in each case where required or authorised by applicable law.  For example, where we have a legal or regulatory requirement to report an offence or applicable laws authorize Everest Group to process information about the offence for the purpose of making decisions regarding your relationship with Everest Group.

Where we ask you to provide personal data to us on a mandatory basis, we will inform you of this at the time of collection. We will also inform you if information is required by the contract or statute.  Failure to provide any mandatory information will mean that we cannot carry out certain HR processes.  For example, if you do not provide us with your bank details, we will not be able to pay you. In some cases, it may mean that we are unable to continue with your employment or engagement as Everest Group will not have the personal data, we believe to be necessary for the effective and efficient administration and management of our relationship with you.

We may seek your consent to certain processing which is not otherwise justified on one of the bases set out in Section 9ii above of this notice.  If consent is required for the processing in question, it will be sought from you separately to ensure that it is freely given, informed and explicit.  Information regarding such processing will be provided to you at the time that consent is requested, along with the impact of not providing any such consent.  You should be aware that it is not a condition or requirement of your employment to agree to any request for consent from Everest Group.

To the extent Everest Group is relying on your consent to process your personal data, you have the right to withdraw your consent to such processing at any time. You can do this by contacting our data protection team at [email protected].

Please note that any processing of your personal data prior to your withdrawal of consent will remain unaffected by any such withdrawal.  Please note also that this notice does not apply to consents you provide for any other reason, such as in connection with access to medical reports or vetting procedures.

Within Everest Group, your personal data can be accessed by or may be disclosed internally on a need-to-know basis to:

i. local, regional and global HR, including managers and team members;

ii. local, regional and executive management responsible for managing or making decisions in connection with your relationship with Everest Group or when involved in an HR process concerning your relationship with Everest Group (including, without limitation, employees and workers from Compliance, Legal, Operations, the Office of Global Security and Information Security);

iii. local and regional support services (such as travel bookings and other support services) and personal assistants;

iv. system administrators; and

v. where necessary for the performance of specific tasks or system maintenance by employees and workers in Everest Group teams such as the Finance and IT Department and the Global HR information systems support team.

Certain basic personal data, such as your name, location, job title, contact information and any published skills and experience profile may also be accessible to other employees. The security measures in place within Everest Group to protect your data are set out in Section 15 below.

Your personal data may also be accessed by third parties with whom we work and who provide us with services, such as hosting, supporting and maintaining the framework of our HR information systems. This includes those vendors that we work with to provide health related services, such as Occupational Health and well-being services.

Personal data may also be shared with certain interconnecting systems such as talent management, performance review, and local payroll and benefits systems. Data contained in such systems may be accessible by providers of those systems, their affiliates, and sub-contractors.

Due to the size and complexity of Everest Group’s operations, it is not possible to name each of our data recipients in this notice. Examples of third parties with whom your data may be shared include Everest Group’s clients (and client staff, where appropriate), suppliers (and supplier staff), tax authorities, regulatory authorities, Everest Group’s insurers, bankers, IT administrators, lawyers, auditors, investors, consultants and other professional advisors, payroll providers, and administrators of Everest Group’s benefits programs. Everest Group requires such third parties to process any data disclosed to them in accordance with applicable law, including with respect to data confidentiality and security.

Where these third parties act as a “data processor” (for example a payroll provider) they carry out their tasks on our behalf and upon our instructions for the above-mentioned purposes. In this case, your personal data will only be disclosed to these parties to the extent necessary to provide the required services.

In addition, we may share personal data with national authorities or regulators in order to comply with a legal obligation or regulatory requirement to which we are subject. We may also disclose or transfer your personal data in the event of a re-organization, merger, sale, joint venture, assignment, or other transfer or disposition of all or any portion of our business.

Everest Group is committed to protecting the security of the personal data you share with us. In support of this commitment, we use generally accepted standards of technical and operational security to secure your personal data. Only authorized personnel of Everest Group or Everest Group Affiliates and of our third-party service providers are permitted to access any personal data, and these employees and third-party service providers are required to treat this information as confidential. Despite these precautions, we cannot guarantee that unauthorized persons will not obtain access to your personal data.

We require our third-party service providers to keep the personal data that we provide to them secure, both in transit and once received by them.  This includes encryption, where appropriate.

As we operate at a global level, we may need to transfer personal data or sensitive/special category personal data to countries other than the ones in which the information was originally collected and in particular our recruitment and employee data is hosted in the United States. When we export your personal data or sensitive/special category personal data to a different country, we will take steps to ensure that such data exports comply with applicable laws. For example, if we transfer personal data or sensitive/special category personal data from Europe to a country outside it, such as the United States, we will implement an appropriate data export solution such as entering into standard contractual clauses with the data importer or taking other measures to provide an adequate level of data protection under European law. However, we have taken appropriate safeguards to require that your personal data or sensitive/special category personal data will remain protected in accordance with this notice. You can obtain a copy of any standard contractual clauses in place which relate to transfers of your personal data by contacting [email protected].

The data sharing listed in this notice may involve the transfer of personal data or sensitive/special category personal data to any country in which Everest Group or a Everest Group affiliate conducts business or has a service provider or to other countries for law enforcement purposes (including, without limitation, the United States of America and other countries whose data privacy laws are not as stringent as those in effect in the United Kingdom, Switzerland or the European Union).

  1. Data Subjects Rights. You may be entitled under the applicable data protection laws to the following rights in respect of your personal data:
    1. Information and access: You have the right to be provided with certain information about Everest Group’s processing of your personal data and access to that data (subject to exceptions).
    2. Rectification: If your personal data changes, we encourage you to inform us of the change. You have the right to require inaccurate or incomplete personal data to be updated or corrected.
    3. Erasure: You have the right to require that your data be erased in certain circumstances, including where it is no longer necessary for us to process this data in relation to the purposes for which we collected or processed the data, or if we processed this data on the basis of your consent and you have since withdrawn this consent.
    4. Data portability: Where we process your personal data on the basis of your consent, or where such processing is necessary for entering into or performing our obligations under a contract with you, you may have the right to have the data transferred to you or another controller in a structured, commonly used and machine-readable format, where this is technically feasible.
    5. Right to object to certain data processing: To the extent that Everest Group is relying upon the legal basis of legitimate interest to process your personal data, then you have the right to object to such processing, and Everest Group must stop such processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where Everest Group needs to process the data for the establishment, exercise or defence of legal rights and claims. Where Everest Group relies upon legitimate interest as a basis for processing, we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.
    6. Right to restriction of processing: You have the right to restrict Everest Group’s processing of your personal data while your request for data rectification or objection to personal data processing is being considered, if we no longer need to process your data but you need that data in connection with a legal claim, or if our processing is unlawful but you do not want us to erase the data.  If this right applies, we will continue to store your data but will only further process it with your consent, for the establishment and exercise of legal rights or defence of legal claims, to protect the rights of another person, or for reasons of important public interest.
    7. Right to withdraw consent: To the extent that Everest Group is relying upon your consent to process personal data, you have the right to withdraw such consent at any time.  Please see section 13 (‘Your consent’) of this notice.
    8. Complaint (only for EU/UK): You also have the right to lodge a complaint with a supervisory authority, in particular that in your Member State of residence, where applicable.


If you are an EU/UK or US State of California resident, please check below webpages for a region- or country-specific notice that may provide additional information, including, for example:

If you would like to exercise your data protection rights regarding your personal data, you can do so by:

Everest Global Inc.

Legal Department (Atten Privacy)

700 Central Expy S, Suite 400

Allen, TX 75013


Upon receipt of your request to exercise your data protection rights, we may take reasonable steps to verify your identity before acting on certain data protection rights, in accordance with applicable law. If you are using an authorized agent to exercise your data protection rights and that agent does not provide a power of attorney with the initial request, we may request further evidence of the agent’s right to act on your behalf, including valid written authorization or contacting you to verify the request. If we believe exceptions apply, we will respond to your request to the extent we are able to do so, and we will provide an explanation of the basis for not complying wholly or partially with your request.

Please note that Everest Group does not discriminate against those who exercise their rights under applicable data protection laws.

Our application process allows you to provide us with relevant personal data from information you have on third-party websites (such as LinkedIn, Google Drive and Dropbox). If you choose to incorporate your personal data from third-party websites, it will be used in accordance with this notice.

Everest Group may use first- and third-party cookies and other tracking technologies, including web beacons, to manage our Sites and services, to identify you and your interests and remember your preferences, and to collect analytics about how you use our Sites and services. Everest Group may collect information about whether you open or click any links in the knowledge, research, or event communications that we send you. You have options regarding our use of cookies and other tracking technologies.

In addition, we use tools and applications that reduce security threats and reduce the risk of access by bots and automated devices, but we do not use those tools and applications for non-security purposes.

Some of our online recruiting activities are hosted by third parties. When you access sites operated by these third parties, they may to the extent permitted by applicable law, including your consent to the extent required, and consistent with this privacy notice, place their own cookies or other tracking technologies on your device.

Please refer to our Privacy Notice for more information

Everest Group and Everest Group Affiliates shall retain personal data for varying time periods in order to assist us in complying with legal and regulatory obligations, to enable compliance with any requests made by regulators or other relevant authorities and agencies, to enable us to establish, exercise and defend legal rights and claims, and for other legitimate business reasons.

Generally this means your information will be retained until the end or your employment, employment application, or work relationship with us plus a reasonable period of time thereafter to respond to employment or work-related inquiries, comply with regulatory obligations, or to deal with any legal matters (e.g. judicial or disciplinary actions), document the proper deductions during and on termination of your employment or work relationship (e.g. to tax authorities), or to provide you with ongoing pensions or other benefits.

If we do not employ you, and unless you object by following the process described in the Section “Your rights and how to exercise your rights” above, we may nevertheless continue to retain and use your personal data for a period of time (which may vary depending on the country) for system administration purposes, to consider you for potential future roles, and to perform research. Thereafter, we retain a minimal amount of your personal data to record your recruiting activity with us.

To the extent that we have collected personal data, including sensitive/special category personal data, for the specific purpose of fulfilling our legal obligations regarding public health or workplace safety, we will retain that data for the duration of those legal obligations. Thereafter, we retain a minimal amount of your personal data to establish our compliance with those obligations.

Furthermore, if you wish to be considered for future job opportunities that aligns with your interests and you provide us with your consent, we will also hold onto your personal data to contact you about such openings. You have the option to withdraw this consent at any time by reaching out to [email protected].

This privacy notice is currently available in only English languages. You can request for this privacy notice in any specific language as per requirement by writing to us at [email protected].

The information in this notice may change from time to time – for example, the categories of personal data that we collect, the purposes for which it is used and the ways in which it is shared may change. 

Everest Group reserves the right to modify this notice as required by changes to our business processes or applicable law. We will post any changes to our notice on this page. Please check this page regularly to keep up to date.

Everest Global, Inc.  (US)

Everest Group Consulting Limited (UK)

Everest Business Advisory India Private Limited (India)

Everest Outsourcing Canada Co. (Canada)

Everest Group Limited Czech Republic s.r.o. (Czech Republic).

* The local representative of Everest Group within the European Union is Everest Group Czech Republic

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.