Privacy Policy

Last Updated: June 01, 2022

 

English
Chinese (中国人)
Spanish (Español)

 

Introduction

We at Sutherland Global Services, Inc. and our Affiliated Companies worldwide ("Sutherland" or “Company”) are the controllers of personal information collected on this website and through offline or other means during business activities. We collect Personal Data from individuals with whom we interact for business purposes, including but not limited to contact individuals within business customer/prospect and vendor organizations, job candidates, and employees and their beneficiaries/plan participants. We are committed to respecting your privacy and recognize your need for appropriate protection and management of any personally identifiable data ("Personal Data") you share with us.

“Affiliated Companies” means with respect to any specified person or entity, any other person or entity Controlling, Controlled by or under common Control with such entity, where “Control” with regard to an entity, means the beneficial, equitable or legal ownership, either directly or indirectly, of more than fifty percent (50%) or more of the capital stock (or other ownership interest, if not a corporation) of such entity ordinarily having voting rights, or effective control of the activities of such entity regardless of the percentage of ownership.

Sutherland’s Privacy Policy outlines how Sutherland collects, uses, shares, and secures your Personal Data on a global basis where Sutherland is the controller of your Personal Data, as defined by applicable privacy laws. This policy also describes your choices and rights regarding your Personal Data.

Unless prohibited by local laws, non-English translations of this policy are provided for convenience only. To the extent a translated version of the Privacy Policy conflicts with the English version, the English version controls.

Definitions

Personal Data

Personal Data is any data relating to an identified or identifiable natural person. Your name, address, phone number and bank account number are examples of Personal Data.

What Personal Data We Collect and How We Use It

Sutherland processes your Personal Data to ensure the efficiency and effectivity of Sutherland business activities and relationships, conduct business and commercial transactions, maintain the recruitment/employment relationship, and plan and conduct marketing.

Below is a description of the Personal Data Sutherland may have collected and/or used over the last 12 months:

Category of Personal Data

Description

Purpose and Uses

Legal Basis

Identifiers

Name, contact information (postal address, email address, phone number), Internet Protocol address.

Sutherland may use Identifiers to fulfil a contract with the organization for which you work, or to conduct business activities such as marketing and business communications. Sutherland may also process Identifier information to fulfil legal requirements and protect Sutherland’s legal and business interests.

Sutherland conducts direct marketing with your consent. Otherwise, Sutherland processes Identifiers for Contract or Legal reasons.

Customer Records Information

Name, signature, employment information (title, role), contact information

If you currently work or previously have worked for a business customer or vendor organization, we may have collected information about you in our Customer Records in order to fulfil a contract with your organization, or to conduct business activities such as marketing and business communications.

Sutherland conducts direct marketing with your consent. Otherwise, Sutherland processes Customer Records Information for Contract or Legal reasons.

Commercial Information

Products or services purchased or other purchasing or consuming histories or tendencies

Sutherland may collect Commercial Information in order to customize and plan marketing activities, make business decisions, and make financial and resource forecasts.

Sutherland conducts these activities with Legitimate Business Interests, and in some cases to fulfil Contracts or for Legal reasons.

Internet or Other Electronic Network Activity

Browsing history, search history, information regarding interaction with our networks, websites and advertisements

To better manage and design our websites, customize and serve ads, perform website analytics, and manage marketing activities, Sutherland collects Internet or Other Electronic Network Activity information. As individuals access Sutherland online applications and networks, Sutherland tracks and manages access in order to maintain security.

Sutherland collects this network, online and online advertising information for its Legitimate Business Interests.

Geolocation Data

Non-Precise geolocation information at the country level, based on IP address.

Sutherland may recognize the country from which a web visitor comes to a Sutherland website through IP address in order to customize a web visitor’s experience, manage security and protect against fraud, and fulfil requests. Web visitors may also provide Sutherland country location in order to establish web experience preferences.

In some cases, Sutherland obtains Consent for country-level location data. In other cases, Sutherland uses this information for Legitimate Business Interests or to fulfil Contracts with web visitors.

Professional or Employment-Related Information

Name, contact information, job history, job title, performance information, education history, IP Address, CV or resumes, background check data (such as criminal and financial background checks), racial or ethnic origin, data related to compensation.

In order to find, communicate with (i.e. sending emails and/or SMS messages), evaluate and hire the right job candidates, Sutherland collects and uses Professional or Employment-Related Information.

Sutherland collects and uses this information to support Legal requirements and claims and operate business activities under its Legitimate Business Interests. Job candidates may provide Consent for some data processing activities.

Education Information

Title, certifications

In addition to education information provided in the recruiting contexts, Sutherland captures Education Information about business contexts during the normal course of communication; for example, where a contact individual provides title or certification information in the signature line of emails.

Sutherland collects and uses this information to fulfill Contracts with vendor and business customer organizations; and in the recruiting context with Consent or for its Legitimate Business Interests.

Sutherland does not as a practice collect Personal Data revealing political opinions, religious or philosophical beliefs, trade-union membership, genetic information, or sex life/sexual orientation.

If Sutherland intends to use or transfer Personal Data for purposes beyond those for which it was originally collected or subsequently authorized by you, or for purposes incompatible for those uses, Sutherland will offer you the opportunity to affirmatively opt in.

In addition to the above, Sutherland is the controller of Personal Data for employees, contractors and other Sutherland workers. Sutherland uses this Personal Data, which can include sensitive personal information, to maintain the employee/worker Contract and for its Legitimate Interests.

Sources of Personal Data

We have collected the above categories and types of personal data directly from individuals through our website and through social media sites such as LinkedIn, and through business interaction and documents such as our contracts and other shared documents. In a few limited cases, Sutherland may have received Personal Data with data subject consent from a third party, such as a third-party recruiter or job site who has permission to pass on job candidate details to Sutherland.

How We Share Personal Data

We may share your Personal Data with third-party service providers under contract to us to assist in our business activities, which may include but are not limited to marketing, advertising our product/service offerings, recruiting, and maintaining and improving our service offerings. These service providers are authorized to use your Personal Data only as necessary to provide these services to us. Sutherland does not sell Personal Data or provide Personal Data to third parties for their own uses.

That said, some third-party advertising or analytics cookies can be considered a “sale” under some definitions, and you can opt out of this sharing through our cookie consent banner that may appear in a ribbon on our website pages, or by following instructions provided in our full Cookies Policy. In addition, though Sutherland does not otherwise sell Personal Data, you can opt out of any future sharing by emailing this request to privacy@sutherlandglobal.com.

Sutherland may also disclose your Personal Data as required by law, such as to comply with a subpoena or other legal process, when Sutherland believes in good faith that disclosure is necessary to protect Sutherland’s rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. We may also share as a part of merger or acquisition activity.

Choice

You may have a choice to receive some types of communications from Sutherland. For example, you may sign-up and consent to receive email, SMS messages or newsletter communications from Sutherland. If you would like to discontinue receiving these communications, you may update your preferences by using the “Unsubscribe” link found in emails or by contacting Sutherland using the information in the “Contact Data” section of this Policy. You may also have an opportunity to choose whether some cookies are set on your device. See our full Cookies Policy for more information.

More About our Website

Cookies and Other Tracking Technologies

This site uses cookies to store information on your computer. Some are essential to make Sutherland site work; others help Sutherland improve the user experience. A "cookie" is a small text file that may be used, for example, to collect data about website activity. Some cookies and other technologies may serve to recall Personal Data previously indicated by a web user. For greater details, please refer to the Sutherland Cookie Policy to learn more.

If you wish to opt out of interest-based advertising, click here or if located in the European Union, click here. Please note you will continue to receive generic ads.

Log Files

Log files may record data such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; internet service provider, clickstream patterns; the files viewed on Sutherland website (e.g., HTML pages, graphics, etc.), referring and exit pages and dates and times that Sutherland site is accessed to analyze trends in the aggregate and administer the site.

Security

Wherever your Personal Data may be held within Sutherland or on its behalf, Sutherland takes commercially reasonable and appropriate steps to protect the Personal Data that you share with Sutherland from unauthorized access or disclosure.

If you have any questions about the security of your Personal Data, you can contact Sutherland at privacy@sutherlandglobal.com.

Data Hosting and Retention

Sutherland is a global company and may store your Personal Data in data centers around the world. Regardless of location, Sutherland protects your data with similar controls and safeguards. For example, If Sutherland transfers data from the European Union or from other countries requiring additional measures to allow the data transfer, Sutherland uses Standard Contractual Clauses among other measures to provide adequacy. Sutherland will not store your data longer than necessary for the purpose for which we have processed your data. How long we retain your data depends on the type of data and the purpose for which we process your data. Contact us at privacy@sutherlandglobal.com for more information about data retention.

Children's Privacy

Sutherland’s website is a general audience website. Accordingly, Sutherland does not intend to collect Personal Data from anyone Sutherland knows to be under 16 years of age.  

If we learn that we have collected personally identifiable information from an individual under 16 years of age, we will take reasonable steps to delete such information from our files as soon as is practicable. Please contact us via the TrustArc link below if you believe we have any information from or about an individual under the age of 16.

Data Subject Rights

Depending on where you live, you may have certain rights regarding your Personal Data. To exercise any of the following rights, please contact us at privacy@sutherlandglobal.com, complete an individual rights request using this Individual Rights Form, or if you are a California resident and calling from the US you can call us toll free at 1-866-I-OPT-OUT (1-866-467-8688) and enter Service Code 843.

Note that there may be exceptions and limited applicability to some individual data rights, and Sutherland may not be required or able to fulfill your request. In most cases, we will respond to your request within 30 days unless legal requirements dictate otherwise. Below is a summary of individual data rights you may have, depending on local requirements:

Right to Know and Right to Request Information

You may have the right to request that we disclose what personal information we collect, use, disclose or sell.  You have the right to request information about the personal information we’ve collected about you within the last twelve months, and you may have the right to receive a machine-readable copy of your Personal Data and/or have us provide your Personal Data to a third party.  You may request to know if we have collected, sold or shared with third parties, including the following information:

  • The categories of personal information we have collected about you
  • The categories of sources of personal information we collected about you
  • Our business or commercial purpose for collecting or selling personal information about you
  • The categories of third parties with whom we share personal information
  • The specific pieces of personal information we have collected about you
  • Whether we have sold your personal information and if so the categories of personal information that each category of recipient purchased; and
  • Whether we have disclosed your personal information for a business purpose and if so, the categories of personal information that each category of recipient received.

Right to Request Correction or Deletion 

  • If you believe that we have some Personal Data about you that is incorrect, you can request that we update or correct that information.
  • You have the right to request that we delete your personal information. Under certain circumstances we may be unable to delete your personal information, for example, to comply with legal obligations, or to complete a business transaction that you have requested. 

Right to Object, Withdraw Consent, and Data Portability

  • You may have the right restrict (stop any active) processing of your personal data.
  • In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.

Right to Non-Discrimination

  • You have a right not to receive discriminatory treatment for exercising your privacy rights.

Right to Complain to a Regulator

  • If you have unresolved concerns, you may have the right to complain to the data protection authority where you live, work or where you believe a breach may have occurred.
  • In Canada, you may contact the Office of the Privacy Commissioner of Canada (OPC) to help resolve a privacy concern you have at https://www.priv.gc.ca.
  • In the European Union, find your Data Protection Authority’s contact information at https://edpb.europa.eu/about-edpb/board/members_en.
  • In the United Kingdom, you can make a complaint about us to the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.
  • In the Philippines, you can contact the National Privacy Commission at complaints@privacy.gov.ph.
  • You may also contact the privacy regulator in your country, state, or province. Most privacy regulators can be contacted online using the resources provided at https://icdppc.org/participation-in-the-conference/members-online/.

Commitment

Sutherland is committed to privacy. Protecting your privacy online is an evolving area, and this website is constantly evolving to meet these demands.

If you have any comments or questions regarding Sutherland’s Privacy Policy, please contact Sutherland at privacy@sutherlandglobal.com. While Sutherland cannot guarantee privacy perfection, Sutherland will address any issue to the best of our abilities as soon as possible.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

EU-U.S. Privacy Shield

Sutherland and the following subsidiaries, Sutherland Healthcare Solutions Inc., Sutherland Government Solutions Inc., Nuevora Inc., Sutherland Global Services New York Inc., SGS USA Inc., Adventity Inc., Sutherland Global Collection Services LLC, Sutherland Mortgage Services Inc., Sutherland Global Services SPV Inc. and Sutherland Global Holdings Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sutherland has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Sutherland is responsible for the processing of Personal Data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, including the onward transfer liability provisions.

With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, Sutherland is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (FTC). Anent the discussion under the Legal heading above, in certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website, https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Update: On July 16, 2020, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield framework. In light of this judgment, Sutherland is using the Standard Contractual Clauses issued by the European Commission under decision 2010/87/EU ("SCC") as its lawful data transfer mechanism for transfers of Customer data containing EU Personal Data, to United States of America.

International Personal Data Transfers Outside the EEA

Sutherland may, subject to applicable law, transfer your information outside the country where you are located and to where information protection standards may differ (e.g., your information may be stored on servers located in other jurisdictions). We will utilize appropriate safeguards governing the transfer and usage of your personal information such as Standard Contractual Clauses pursuant to Article 46 of the GDPR. If you would like further detail on the safeguards we have in place you can contact us directly as described in this Privacy Notice.

Contact Data

You can contact our Global Chief Data Protection Officer, Canadian Privacy Officer, EU Data Protection Officer, and the global privacy team generally at: Sutherland Data Privacy Office
Attention. Chief Data Privacy Officer
Sutherland Global Services Inc.,
1160 Pittsford Victor Road
Pittsford, NY 14534
privacy@sutherlandglobal.com

Changes to This Privacy Policy

You should review this Privacy Policy on a routine basis as Sutherland reserves the right change this Privacy Policy, or any portion thereof, an updated version of our Privacy Policy will be posted to our website.

TrustArc
TRUSTe