CLIF California Personnel Privacy Notice


Last updated: August 27, 2020

This Clif Bar & Company California Personnel Privacy Notice (“Notice”) explains our collection, use, and sharing of Personal Information (defined below) of our employees and contractors, including workers from temporary services agencies performing work for CLIF, residing in California (“Worker(s))”). This Notice applies to Clif Bar & Company (“CLIF”). CLIF may disclose your Personal Information to CLIF-controlled subsidiaries or affiliates (each, a “CLIF Entity”) for the purposes described in this Notice. Any Personal Information previously collected under a California Personnel Candidate Privacy Notice will be subject to this Notice.

This Notice is designed to comply with the California Consumer Privacy Act (“CCPA”). This Notice is not intended to create any rights beyond those that exist by virtue of applicable California privacy and data protection law.

Personal Information We Collect

  • contact information and identifiers, such as first and last name, online identifiers, account and user names, aliases, employee/staff ID, IP address, email addresses, home and postal addresses, telephone numbers, emergency contacts, signatures and other identifiers described in the sensitive information category below;
  • facial images and audio information, such as photos, videos, and voice recordings;
  • demographic data, such as age including date of birth, gender, marital status, spouse and dependents, and certain sensitive data categories, described below;
  • professional and background information, such as resumes/CVs, references, recommendations, academic and education background and qualifications, work skills and experience, professional certifications and registrations, language capabilities, training courses attended, work and salary history, results of credit history and criminal background checks, results of drug and alcohol testing, health screenings or certifications, and driving and vehicle licensing and history;
  • personal vehicle information, such as license plate, color, year, make, and model;
  • work permit status, such as immigration, residency, and related information;
  • payroll and tax information, such as amounts paid, payrates, bonuses paid, banking and other financial institution details, insurance and benefits payments, and reimbursement of business expenses (such as travel);
  • employment/assignment and performance information, such as date of hire/assignment, title, transfers and promotions, salary and rewards, training, performance appraisals/assessments, absences and reasons for absences, letters of appreciation and commendation, grievances or disciplinary matters, and resignation or termination of employment/assignment;
  • benefits administration information, such as types of benefits used, time off requests (e.g., sick and personal leave, vacation requests) and reasons, retirement account information, and insurance;
  • travel information, such as loyalty programs numbers; dates and length of travel; hotel names and locations; travel routes and departures, stops, and destination points;
  • analytics or monitoring data, collected in accordance with CLIF’s Electronic Information and Communication Systems Policy, including as related to Worker communications and use of CLIF devices, systems, wifi, internet service, internal and external websites, equipment, applications, databases, network resources, and infrastructure, (“CLIF Systems”) and personal devices used to connect to CLIF systems, including usernames; passwords; system log data such as IP address, browser type and language, device information, access times, and referring website addresses; information collected through web beacons, like cookie IDs and mobile device IDs; usage data, such as time spent on CLIF Systems, features used and actions taken in CLIF Systems, including page views, links clicked, and documents downloaded; contents, header, metadata, delivery and access information for voice calls, voicemail, emails, chats, messaging, documents, and other data and files stored or transmitted through CLIF Systems;
  • location data, such as office location, conference room booking locations, travel location information described above, company vehicle movements, movement within a CLIF-managed property to enable real-time directions and information related to CLIF and authorized third party services (e.g., building maps, tech support location, nearby restaurants or services);
  • social media data, such as public profiles, posts, likes, and replies;
  • sensitive data, such as
    • government-issued identifiers including, social security, taxpayer identification, driver’s license, and national/ID passport numbers;
    • criminal offenses;
    • health information voluntarily disclosed to CLIF’s Wellness Staff;
    • information about California and federal protected classes such as race/ethnic and national origin; religious creed; physical, medical, or mental health or condition and related accommodations; marital status; gender; age; andsexual orientation where permitted by law and on the basis of voluntary and consensual disclosure; and

• other information necessary for a legitimate human resources, business, security, travel, or safety-related purpose.

Third Party Sources of Information

CLIF collects Worker Personal Information from a variety of third-party sources, including (as applicable) as follows:

  • Service Providers (e.g., time entry, payroll, and expense reimbursement services)
  • Travel Partners (e.g., travel agents and portals, car service, and ride share companies)
  • Background Check Services
  • Online Sources
  • Open Government Databases
  • Insurance and Benefits Providers
  • Contractors who provide you services at CLIF wellness facilities

Purposes of Use

CLIF collects, uses, retains, and discloses Personal Information as appropriate to administer and carry out the employment/assignment relationship, including for human resources purposes, and for operational and business, safety, and security purposes and as described in this Notice and below.

    Purposes of Use

    Categories of Personal Information

    Human Resources Uses

    RecruitmentSee California Personnel Candidate Privacy Notice
    Payroll and compensationContact information and identifiers; professional and background information; payroll and tax information; employment/assignment and performance information; benefits information; analytics or monitoring data, sensitive data
    Career planning and developmentContact information and identifiers; professional and background information; payroll and tax information; employment/assignment and performance information; benefits information; analytics or monitoring data, sensitive data
    Training and coachingContact information and identifiers, facial images, and audio information; demographic data; professional and background information; employment/assignment and performance information; analytics or monitoring data, sensitive data
    Performance management and reviewContact information and identifiers, facial images, and audio information; professional and background information; payroll and tax information; employment/assignment and performance information; analytics or monitoring
    data,
    Benefits administrationContact information and identifiers; demographic data; professional and background information; payroll and tax information; employment/assignment and performance information; benefits information; analytics or monitoring data, sensitive data
    Equal employment opportunity, diversity, inclusion and accessibility
    programs
    Contact information and identifiers; sensitive data
    Legal and policy compliance administration and enforcement, including for the purpose of anti- discrimination laws and government reporting obligationsContact information and identifiers; facial images, and audio information; demographic data; professional and background information; personal vehicle information; work permit status; payroll and tax information; employment/assignment and performance information; analytics or monitoring data, sensitive data
    Disciplinary matters and investigationsContact information and identifiers; facial images, and audio information; demographic data; professional and background information; personal vehicle information; payroll and tax information; employment/assignment and performance information; analytics or monitoring data; sensitive data
    Business Uses
    Managing, monitoring, protecting, and improving, CLIF Systems, assets and resources, including managing and protecting unauthorized access and use of company, employee/staff and customer data, devices,systems, and infrastructure; and protecting CLIF networks from intrusions.Contact information and identifiers; facial images, and audio information; demographic data; professional and background information; employment/assignment and performance information; travel information; analytics or monitoring data; sensitive data
    Managing, monitoring, protecting, and improving campus, parking, buildings, office space, conference rooms, facilities, catering and café services, including monitoring and administering building occupancy and campus parking and transportation; operating and monitoring physical security systems, such as CCTV, key card entry systems, and guest logs; registering personal vehicles and logging exit and entry times; and emergency notification
    services.
    Contact information and identifiers; facial images, and audio information; demographic data; professional and background information; personal vehicle information; employment/assignment and performance information; travel information; analytics or monitoring data; sensitive data
    Managing and improving employee/staff and workplace efficiency and effectiveness.Contact information and identifiers; facial images, and audio information; demographic data; employment/assignment and performance information; travel information; analytics or
    monitoring data; sensitive data
    Communications and collaboration.Contact information and identifiers; facial images, and audio information; demographic data; employment/assignment and performance information; travel information; analytics or monitoring data; sensitive data
    Delivery of information, goods and services.Contact information and identifiers; sensitive data
    Legal and policy compliance administration and enforcement, including monitoring access and use of CLIF Systems.Contact information and identifiers; facial images, and audio information; demographic data; professional and background information; employment/assignment and performance information; travel information; analytics or monitoring data; sensitive data
    Research and improvement of CLIF Systems, processes, products, services and technology.Contact information and identifiers; facial images, and audio information; demographic data; professional and background information; travel information; analytics or monitoring data; sensitive
    data

    Sharing of Personal Information

    We share Personal Information with your consent or for purposes described in this Notice. For example, we share Personal Information with:

    • CLIF Entities. For example, CLIF Entities may share business processes and common data systems.
    • Vendors or agents working on our behalf. For example, companies we've hired to provide recruiting, staffing, payroll, benefits, and administrative services; or protect and secure our systems and services.
    • Independent third parties. For example, benefits partners to facilitate benefits administration, (e.g., health, wellness, and insurance providers) and with third-party product or service providers. To the extent that you provide, or consent to our providing, Personal Information to third parties, that Personal Information is governed by their privacy statements.

      We may also disclose Personal Information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or at transfer, divestiture, or sale of all or a portion of our business or assets.

      We will also access, transfer, disclose, and preserve Personal Information when we believe that doing so is necessary to:

      • comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
      • operate and maintain the security of CLIF Systems, including to prevent or stop an attack on our computer systems or networks;
      • protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies; or
      • act in urgent circumstances such as protecting the health or personal safety of an employee or worker, agent, customer, user of CLIF products or services, or member of the public.

      Finally, we may share de-identified information in accordance with applicable law.

      Changes to this Notice

      CLIF may occasionally update this Notice to reflect changes as required by law or by CLIF practices or procedures. If we make material changes to this Notice, or in how we use Worker’s Personal Information, we will provide notice or obtain consent regarding such changes as may be required by law.

      Contact Information & Privacy Statement

      Employees and contractors may contact the CLIF Privacy Officer via email at privacy@clifbar.com with any questions or complaints regarding CLIF’s compliance with this notice.

      Please see www.clifbar.com/privacy for CLIF’s Privacy Statement.