Employment Privacy Notice
For a Word version, click here.
Last revised December 8, 2022
Overview of Privacy at Phrasee
At Phrasee (“Phrasee,” “Company,” “we,” “us,” or “our”), we believe everyone, whether they’re our customers, job applicants, employees or contractors, deserves a straightforward approach to their personal data. To that end, we have crafted this Employment Privacy Notice (“Notice”) to provide job applicants and members of our workforce with clear, detailed, and easy-to-read information about Phrasee and its group companies’ privacy practices and how we collect, use, process, and transfer personal data.
If you are looking for information about how Phrasee and its affiliates collect, use, maintain, protect and disclose personal data you provide to us or which we collect through your use of our websites, our platform and our services, please review the Phrasee Privacy Policy.
The defined terms we have used in this Notice have the following meanings:
- “Applicant” means an individual who has submitted information to Phrasee (such as a resume or job application) in order to apply to be a Team Member, or who has otherwise given consent to be considered as a candidate for a position.
- “computing resources” includes all electronic systems, networks, applications, equipment, devices, software, and means of communication operated and managed by Phrasee. As examples, these include but are not limited to, critical business systems, networks, personal computers, laptop computers, personal digital assistants, peripheral equipment such as disk drives, USB drives, printers, electronic mail, Instant Messaging, telephones, computer enabled ID cards and voicemail or other electronic communications or other information systems provided by or on behalf of Phrasee or operated on Phrasee computer or telecommunications hardware or use for conducting Phrasee business.
- “monitor” (and “monitoring”) includes, but is not limited to, intercepting, accessing, reviewing, collecting, recording, processing, organizing, storing, retrieving, transferring, tracking, dissemination, blocking, combining, aligning, modifying, deleting (e.g. wiping) and removing electronic data related to or contained on computing resources.
- “personal data” (and “data”) means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “processing” (and “process”) means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Team Member” means a full or part time Phrasee employee, director and Board member, as well as members of our extended workforce, including non-executive directors, independent contractors, contingent, or agency workers and interns.
- “Phrasee” means Phrasee Limited and its group companies.
What Is Different for Applicants?
The majority of this Notice applies equally to Applicants and Team Members. To the extent there are differences for Applicants, we highlight those throughout this Notice.
What Personal Data Do We Process and Why Do We Process it?
The personal data we process about you may vary according to whether you are an Applicant or Team Member, the type of processing we conduct, the jurisdiction you are located in, and local legal requirements. We have described the main types of personal data we process in the table below.
| Data categories | Examples of what this means |
| Identification data | Name, photograph, date of birth, government identifiers, and employee identification number, and access badges. |
| Contact data | Home address, telephone, email addresses, and emergency contact details. |
| Hiring data | Information related to applicant qualifications, past employment, interview notes, references, immigration status and documentation, residency permits and visas, national ID/passport, and other official documentation in support of authentication or eligibility for employment (e.g. Form I-9 in the US). |
|
Employment data
(cont.) |
Information related to your qualifications, your role at Phrasee such as position information, role changes, resignation/termination, resume/CV, office location, employment contracts, performance and disciplinary records, academic/professional qualifications, criminal records data, immigration status and documentation, residency permits and visas, national ID/passport, occupational health assessments and work-related accidents, training and employee resource group participation. |
| Benefits data | Information related to employment benefits we provide to you such as spouse and dependent information, health information (including vaccination status), vacation, leaves of absence, and accommodations information. |
| Performance and management data | Information related to performance evaluations or reviews, disciplinary actions and grievances, and training and development plans. |
| Financial data | Banking details, tax information, payroll information, withholdings, salary, expenses, company allowances, and commission and stock and equity grants. |
| Systems and asset use data | Information required to provide access to Phrasee’s computing resources such as IP addresses, log files, login information, software/hardware inventories, internal communications and video and audio recordings, and information collected by internal Phrasee applications provided to employees such as employee communications tools and platforms. This also includes asset allocation data and data used for security and business continuity purposes and information required to use Phrasee sites including from CCTV, access, and security controls. |
| Demographic data | Date of birth, gender, race/ethnicity, veteran status, disability, sexual orientation and gender expression, as well as information relating to other demographic categories. Team Members can view their demographic data in HiBob. |
| Other information you share with us | Information you choose to provide including hobbies, social preferences, answers to feedback surveys, and participation in optional Phrasee programs. |
We only process your personal data where we have a legitimate business reason or legal requirement to do so. The table below outlines the main reasons for processing and the types of data involved.
| Why we process your personal data | Data categories we process |
| Hiring. During the hiring process, we process Applicant personal data to determine suitability and eligibility for a role. This includes verifying qualifications. It may also include administering background checks and establishing your right to work in a specific jurisdiction. | Identification data, Contact data, Hiring data |
| Compensation and Benefits. We use this information to manage payroll, taxes, and benefits as well as to process work-related claims (e.g., worker compensation, insurance claims, expense and travel management) and leaves of absence. | Identification data, Contact data, Employment data, Benefits data, Financial data |
| Training. We use this information to help us with creating and updating Team Member training and other development opportunities and enforcing mandatory training completions. | Employment data |
| Performance reviews. We use this information to review how you are performing at work and to help determine your work performance requirements and career development needs. | Identification data, Contact data, Employment data, Performance and management data, Financial data |
| Legal requirements. We use this information to comply with laws and regulations (e.g. labor and employment laws, health and safety, tax, anti-discrimination laws) or to exercise or defend our legal rights. | Identification data, Contact data, Employment data, Hiring data, Benefits data, Performance and management data, Financial data, Systems and asset use data, Demographic data |
| Contacts. We use this information internally to compile employee directories or send documents or items to home addresses. | Identification data, Contact data, Employment data |
| Security & IT. We use this information to maintain the security of Phrasee’s computing resources, assets and premises and, provide you with access to them, to manage our general operations and assets, to provide services to you as necessary for your role, and to protect your personal safety. | Identification data, Contact data, Employment data, Hiring data, Systems and asset data |
| Emergencies. We use this information to help us establish emergency contacts for you and respond to and manage emergencies, crises, and business continuity. | Identification data, Contact data, Benefits data |
| Investigations and Disciplinary actions. We use this information when necessary to investigate and support decisions on disciplinary actions or terminations, conduct grievance management, or when necessary to detect fraud or other types of wrongdoing. | Identification data, Contact data, Employment data, Benefits data, Financial data, Systems and asset data |
| DEI goals. We use this information as necessary to help us understand the diversity of our workforce and to support core business diversity, equity, and inclusion initiatives. | Demographic data |
| Day-to-day business operations. We may use this information for other legitimate purposes that are reasonably required for day-to-day operations at Phrasee, such as managing our relationship with our employees, accounting, financial reporting, business analytics, employee surveys, operational and strategic business planning, mergers and acquisitions, real estate management, business travel, and expense management. | Identification data, Contact data, Employment data, Hiring data, Benefits data, Financial data, Systems and asset data, Other information you share with us |
When we collect your personal data, we generally do so directly from you or from a third party when you have given us permission. We will only use this data for the reasons we originally collected it and if we need to use the data for another legitimate business reason, we will notify you directly and get your permission where required. If we ask you to provide personal data not described above, the reason for doing so will be made clear to you at the point we collect it.
Jurisdictions With Special Requirements
Legal Basis to Process — If you are from a jurisdiction that requires a legal basis for processing personal data (such as the EEA, UK, or Brazil), Phrasee’s legal basis will depend on the personal data concerned and the context in which we collect it. We will normally collect personal data from you only where we need the data to carry out our employment contract with you, to comply with our legal obligations or exercise rights in the field of employment, or where the processing is in our legitimate interests, provided this is not overridden by your data protection interests or fundamental rights and freedoms. You can see examples of the data we use for our legitimate interests in carrying out our day-to-day business operations in the table above. We also rely on your consent in certain situations — for example, processing sensitive personal data related to your current health status or to provide access to optional social activities.
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and let you know whether providing your personal data is mandatory or not, as well as the possible consequences if you do not provide it.
Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of a third party) that are not listed in the table above, we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided in the Questions? section below.
Data Controllers — The data controller of your personal data will be the corporate entity that manages the hiring process or employs you (e.g. Phrasee Limited for employees based in the EEA or United Kingdom, and Phrasee USA Inc. for employees based in the United States).
What is Our Commitment to Processing Demographic Data?
Global workforce diversity, equity, and inclusion is a priority for us. We collect certain demographic data such as race, ethnicity, sexual orientation, disability, and military status to help us understand the diversity of our workforce and to support core business diversity, equity, and inclusion initiatives. In some circumstances, we may also need to use this data to comply with local laws. We generally collect this information on a voluntary consensual basis, and you are not required to provide it unless it is necessary for us to comply with a legal obligation. We will not share your data without your permission unless we are legally required to do so.
With Whom Do We Share Your Personal Data, and Why?
We do not sell your personal data or share your personal data for the purpose of behavioural advertising and we do not allow any personal data to be used by third parties for their own marketing purposes. You can see the type of third parties we might need to share your personal data with, and our reasons for doing so, in the table below. We will obtain your consent to any disclosure of your personal data where required by law.
| Recipients | Why We Share It |
| Team Members, Contractors, and Phrasee Group Companies | To establish, manage, or terminate your employment with Phrasee. |
| Consultants and Advisors | To seek legal advice from external lawyers and advice from other professionals such as accountants, management consultants. |
| Service Providers | To enable third parties to provide services to you on behalf of Phrasee such as recruitment providers, financial investment service providers, insurance providers, healthcare providers and other benefits providers, payroll support services. |
| Partners in Corporate Transactions and their professional advisors | In connection with the sale, assignment or other transfer of all or part of our business. |
| Government Authorities or Law Enforcement |
|
| Other Third Parties |
|
All vendors we engage to process your personal data on our behalf go through a robust privacy and security vetting process and are required to contract with us on terms that ensure the appropriate use and protection of your personal data.
How Do We Handle International Transfers of Personal Data?
As a global organization, we may need to transfer your personal data outside your home jurisdiction to Phrasee group companies, including our UK headquarters, and other countries. These countries may have data protection laws that are different from the laws of your region. We will only transfer personal data to another country in accordance with applicable data protection laws, and provided there is adequate protection in place for the data.
External Transfers — If we need to transfer your personal data outside Phrasee to a third party who handles that data on our behalf (e.g. payroll providers) we rely on other agreements, such as Standard Contractual Clauses or the latest international agreements for such data transfers.
What is Phrasee’s Policy on Monitoring?
We respect your expectation of privacy and only monitor your individual activity if we have a reasonable, proportionate, and legal reason for doing so. Our normal monitoring use cases are outlined in the table below:
| Type of Monitoring | Our reasons for monitoring your activity |
| We monitor the physical activity and presence in our offices of Applicants and Team Members with Desana bookings and sign-in sheets. The data we capture may include Identification data, Employment data, and Systems and asset use data. | To prevent unauthorized access to our offices and to protect Team Members, authorized visitors, and our property. |
| We may monitor the electronic activity of Team Members on our IT and communications systems and network. This electronic activity includes log files and content sent over our network and specifically may include Systems and asset use data, no matter where generated. |
|
| We may conduct individual level monitoring of Team Members’ use of physical or IT assets. | To investigate breaches of Phrasee policies and procedures, or other unlawful or improper acts. |
In situations where individual monitoring is justified and lawful, we will conduct our monitoring in a way that is proportionate, as minimally invasive as possible, and with all necessary internal approvals.
How Long Do We Retain Your Personal Data?
Team members — We will keep your data for as long as we need it to carry out the purposes we’ve described above, or as otherwise required by applicable law. Generally, this means we will keep your data until the end of your employment or contract with us, plus the period of time required by the law of the country you are employed in or a reasonable period of time to respond to any inquiries, deal with legal, tax, accounting, or administrative matters, or to provide you with ongoing pensions or other benefits. We seek to minimize our retention of data wherever possible.
Where we have no continuing legitimate business need or legal requirement to process your data, we will either delete or anonymize it or, if this is not possible (for example, because your data has been stored in backup archives), then we will securely store your data and isolate it from any further processing until deletion is possible. If you have a specific question about how long we store your data, please reach out to us using the contact details provided in the Questions? section below.
Applicants — If you apply for a job with us, we retain your data to determine your eligibility for a current or future role with us. The retention periods vary depending on your location and local legal requirements. For example, in the U.S. we retain Applicant data for three years and in the UK for one year. If you have specific questions about how long we retain your data for other jurisdictions please contact us using the contact information provided in the Questions? section below.
How Can You Exercise Your Rights in Relation to Your Personal Data?
Regardless of whether you are an Applicant or Team Member you have the right to make choices about your personal data. Where applicable and in certain circumstances, these legal rights include:
- The right to update your data if it’s out of date, incomplete, or inaccurate;
- The right to request confirmation that we are processing your data and be provided with access to the data we process about you;
- The right to have your data deleted;
- The right to restrict the processing of your data;
- The right to transmit your data to another organization;
- The right to object to the processing of your personal data;
- The right to withdraw consent for data you’ve provided to us on a consensual basis; or
- The right to obtain information about the entities Phrasee has shared your data with.
Team Members — We provide you with a number of tools to help you update, access, or delete some of your data, as detailed below. To exercise other rights, please contact the privacy team via our service portal.
Applicants — Please contact the recruiter you worked with or the privacy team via email at privacy@phrasee.co to exercise your rights.
| I would like to . . . | Tools |
| Update my data | HiBob and Email. If your personal data changes during the course of your time at Phrasee, please use the HiBob Guide: “How do I change details in my employee profile?” to update that data or contact the People Team (peopleteam@phrasee.co) to note those changes. |
| Access my data or receive a copy of my data | HiBob & Email. HiBob allows you to see the data that we hold about you and download a copy. If we have data that you cannot access via HiBob, then you may make a request by emailing the People Team (peopleteam@phrasee.co) or by using the contact details provided in the Questions? section below. |
| Delete my data or withdraw consent | HiBob & Email. You can ask that we delete personal data that you believe is inaccurate or no longer relevant by emailing the People Team (peopleteam@phrasee.co) or by using the contact details provided in the Questions? section below. In addition, you can go into HiBob and remove some of the data you’ve chosen to share with us, such as demographic data. We might need to refuse deletion of personal data in certain cases, such as when providing deletion might impact our legal obligations. |
How Do We Secure Your Personal Data?
We use appropriate technical and organizational security measures to protect the security of your personal data both online and offline including the implementation of access controls, firewalls, network intrusion detection, and use of anti-virus software. These measures vary based on the sensitivity of the personal data we collect, process, and store, and the current state of technology. We also take measures to ensure that third parties that process personal data on our behalf also have appropriate security controls in place.
In addition, in accordance with Phrasee’s Acceptable Use Policy, Code of Conduct and related information security training, each Team Member has a responsibility to protect data they have access to. Please also see the What Are Your Responsibilities section below for more information on our expectations of Team Members.
What Are Your Responsibilities?
Data Accuracy
We need your help to keep our records accurate and current. This means that we need you to be vigilant with keeping information like your address, phone number, and personal email up to date. In some cases, failing to provide us with accurate data will impact our ability to function as a business and to comply with legal obligations.
Data Stewardship
We rely on you to “Be an Owner.” Team Members with access to personal data must endeavor to make wise choices about how they use data. This means ensuring that you are thoroughly assessing (1) why you need the data, (2) whether that use fits the uses outlined above in What Personal Data Do We Process and Why Do We Process It?, and (3) whether there is another way to get to your goals without using personal data. After assessing, it’s equally important to ensure that you maintain good data security practices for the data in your possession, report data misuse, whether accidental or malicious, and keep up with required training.
Data Confidentiality
We rely on our Team Members to keep data confidential. You may use this data only as necessary for the performance of your role and must protect the confidentiality of personal data at all times.
How Does Phrasee Handle Disputes Relating to Personal Data?
If you have a dispute with us relating to our data protection practices, you can raise your concern or dispute by contacting our privacy team at privacy@phrasee.co or the People Team at peopleteam@phrasee.co.
Alternatively, you can contact us by mail at any of the following addresses:
| UK Headquarters | U.S. Headquarters |
| Phrasee Limited
82 St John Street London, United Kingdom, EC1M 4JN |
Phrasee USA Inc.
c/o The Corporation Trust Center 1209 Orange Street Wilmington, Delaware 19801 |
Right to Complain to a Supervisory Authority — While we hope we can resolve any dispute between us, you have the right to lodge a complaint with the supervisory authority in the country where you work or where you consider any data protection rules to have been breached.
Questions?
Team members — Please direct questions or inquiries about this Notice to the privacy team via email to privacy@phrasee.co. Alternatively, you may also raise any questions or concerns directly with your line manager or the VP, People.
Applicants — Please direct any questions or inquiries about this Notice to the recruiter you worked with or the privacy team via email to privacy@phrasee.co.
Changes to this Notice
You can see when this Notice was last updated by checking the “last revised” date displayed at the top. If we update this Notice in a way that impacts your rights, we will provide advance notice to you by sending an email via the address we have on file for you. We will comply with applicable law with respect to any changes we make to this Notice and seek your consent to any material changes if this is required by applicable law.