Last updated and effective date: January 20, 2023
This CCPA Worker Privacy Notice (Notice) applies to Workers of the Automobile Club of Southern California and its affiliated clubs ("Club"). When "we," "us," or "our" is used, it shall refer to the Club and its respective affiliates.
In this Notice, we describe the categories of personal information collected and shared regarding Workers, the sources from which such information is collected and with which it is shared, and the purposes for which this information is used. Note: a separate CCPA privacy notice applies to information collected by the Club for non-Worker California residents.
This Notice applies to all Club employees, any prospective employee, temporary or casual worker, apprentice, retiree, consultant or contractor of the Club and any subsidiary, affiliate, joint venture, partnership or other corporate entities (collectively referred to as “Worker” or “Workers”).
When "you", "user", or "your" is used, it shall refer to you the Worker or user of this policy.
1. Categories of Personal Information
2. Information Practices
3. How We Protect Your Personal Information
4. Contacting Us
5. Changes to This Notice
6. Your Privacy Rights
1. Categories of Personal Information
Personal Information refers to information that identifies, relates to, describes, or can be associated with you. For purposes of this Notice, there are 12 categories (A-L) of personal information listed below.
Category A. Identifiers
Identifiers such as real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, SSN, driver’s license number, passport number or other similar identifiers.
Category B. Statutory Information
Information set forth in California Civil Code 1798.80 that identifies, relates to, describes, or is capable of being associated with, an individual or household, including:
• name
• signature
• social security number
• physical characteristics or description
• address
• telephone number
• passport number
• driver's license or state identification card number
• insurance policy number
• education, employment, employment history
• bank account number
• credit card number, debit card number, or any other financial information
• medical information, or health insurance information
• “Personal information” does NOT include publicly available information that is lawfully made available to the public from federal, state, or local government records.
Category C. Characteristics
Characteristics of protected classifications under California or federal law such as race, color, sex, age, national origin, disability, citizenship status, genetic information, ancestry, sexual orientation, gender identity or expression, religion, medical conditions, AIDS/HIV, marital status, military/vet status, political affiliations or activities, victims of domestic abuse and/or assault/stalking.
Category D. Commercial Information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Category E. Biometric
Records used to uniquely identify a person including fingerprints, retinal scans, facial scans, signatures, handwriting analysis and voice pattern recognition.
Category F. Internet Activity
Internet or other electronic network activity information, including but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
Category G. Geolocation
Used to identify an electronic device’s physical location, such as GPS coordinates.
Category H. Sensory
Audio, electronic, visual, thermal, olfactory, or similar information.
Category I. Employment Related
Professional or employment-related information such as job application, salary, and job performance information.
Category J. Education
Non-publicly available information that pertains to school, grades or years attended.
Category K. Inferences
Inferences drawn from any of the above identified information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Category L. Sensitive Personal Information
Non-publicly available personal information that reveals:
• A consumer’s social security, driver’s license, state identification card or passport number.
• A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
• A consumer’s precise geolocation.
• A consumer’s racial or ethnic origin, religious or philosophical beliefs or union membership.
• The contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication.
• A consumer’s genetic data.
Sensitive Personal Information also includes:
• The processing of biometric information to uniquely identify a consumer.
• Personal information collected and analyzed regarding a consumer’s health or sex life or orientation.
2. Information Practices
We collect personal information from and about Workers through many mediums (e.g., audio, video, electronic, internet, paper, social media, etc.). This includes information that you provide directly, information that we collect indirectly and information we procure from third parties and other sources about you. During the prior 12 months, we would have collected and shared personal information for each of these categories (A-L). However, the fact that we collected or shared information for a category does not mean that we collected or shared all the information in the category. For example, category A (identifiers) includes name, address, driver’s license, social security number, passport, etc. If we state that we collect this category of information, it does not mean that we collected every one of these identifiers.
Below, we further describe the specific pieces of personal information collected and shared, the reasons we do so, and the sources from which we collect such information as well as the sources with whom we share your personal information.
A. Employee Benefits
To support employee benefits administration and various medical and welfare benefit plans and services such as those for medical, dental, vision, life and disability, prescription, medical stop loss, supplemental insurance, surgery plus program, post-65 retiree health insurance plans and HRA accounts, workers compensation programs, direct billing for health and welfare premiums, HSA and FSA plans, consultants and brokers, we collect information (from you and service providers) such as your name, contact information (e.g., address, phone & email), SSN, marital status, gender, employment status, work & job information, health and benefit elections and information regarding dependents, too. We share this information with 3rd service providers and administrators for such programs who may share it with various healthcare service providers (e.g., Kaiser, Cigna, VSP, Aetna, CVS, Metlife, Wage Works, Alight, and WebTPA). (Categories A, B, C, D, I and L).
For the pricing of workers compensation insurance policy, we would collect name, and job and work information (from you and a service provider) and share this with a service provider. (Categories A, B and I).
For the administration of leave of absence programs and employee assistance programs, we would collect name, contact information, job and employment information (from you and service providers) and share this with a service provider. (Categories A, B, C and I).
B. Employee Relations and Training
For employee relations investigations, and other employee relations, we collect information (from you and/or service providers) such as name, email address, notes, performance issues, contents of communications such as email, employee and work information (yours and others), issue of concern and resolution and may share this with a consultant service provider and for legal purposes (Categories A, B, C, F, I & L).
For employee performance and training purposes, we collect information (from you and/or service providers) such as name, work email, employee and work information (e.g., title & supervisor), training details, employee number, performance details, productivity details, and instructor details. We may share this information with you and with third party service providers (e.g., a trainer/instructor). (Categories A, B and I).
For other employee training such a license for sales employees, we collect information (from you) such as name, age SSN, contact information (e.g., phone and email), employee and work information (e.g., employee ID, license number, and job title). We don’t share this externally with a third party. (Categories A, B, C, I and L).
C. Retirement and Compensation Planning
For annual market pricing we may share your information such as name, pay, job title, and job code with a third-party service provider that assists with this function. (Categories A, B and I).
For various service award programs (e.g., Live Legendary, Milestone Club Anniversary) we may share your information such as name, contact information (e.g., address, email and phone), service date, employee number and manager with a third-party service provider that assists with these programs. (Categories A, B and I).
To administer the Club Pension Plan, we may share your information such as name, SSN, date of birth, employment and work information, contact information, financial account information, date of birth, marital status and tax information with third party service providers (e.g., Mercer and JP Morgan). (Categories A, B, C, I and L).
To administer our 401(k), we may share your information such as name, contact information, SSN, date of birth, beneficiary information and employment and work information with a third-party provider (e.g., T. Rowe Price). (Categories A, B, C, I, and L).
D. Talent Acquisition
To administer background checks and drug tests for sensitive positions, fleet drivers, and for applicants and in post-employment circumstances, we use a third-party service provider to collect your personal information from service providers and from government and legal sources. This information can include your name, contact information, signature, date of birth, and SSN. We may share the results with you. (Categories A, B, C, E, I, and L).
For employment consideration including a candidate interview, we may collect name, contact information, employment, and education history from you. This information is not shared with a third-party. (Categories A, B, C, I, and J).
For talent marketing, we use a third-party service provider, to collect your information including your name, contact information, candidate profiles from social media platforms (e.g., LinkedIn) that would include employment and education information, application information including name, contact information and social media information. Aside from the third-party service provider collecting this information about you on our behalf, we don’t share this information with third parties. (Categories A, B, C, F, I, and J).
For employment consideration, we also use a third-party service provider applicant tracking system that collects applicant information from you including name, contact information, resume and employment information, background information, and driver’s license. This information may be shared with third party service providers. (Categories A, B, C, E, F, I, J and L).
We also use cookies, tags (also referred to as pixel tags, 1x1s, or transparent GIFs), and other technologies to manage our email programs. These tags gather information to analyze the performance of our email marketing and help us understand how consumers respond to our messages. (Category A, B, and F).
E. Payroll Purposes
For employment tax reporting purposes, we collect from and share with a service provider (ADP) your personal information including name, address, salary, and masked SSN. (Categories A, B, I and L).
For employee pay slip purposes, we collect personal information from you and our benefit administrator service provider such as your name, address, pay, deductions, last 4 digits of your financial account and may share it with an HR service provider. (Categories A and B).
For garnishment purposes in which moneys are deducted from an employee’s salary pursuant to a court order, we collect from government/legal sources your personal information such as name and SSN and share it with a 3rd party service provider (ADP) that assists with payroll. (Categories A, B and L).
For employee life cycle purposes (hire, current and post-termination) we collect personal information from you, government/legal sources and service providers, such as name, driver’s license, SSN, work visa (if applicable), signature and background information and share it with a 3rd party service provider (Sterling). (Categories A, B, C, E, I, J, and L)
F. Security Purposes
Our efforts to safeguard personal and company information, facilities, and people require that we monitor and collect information by different means and from many environments. This could include through video surveillance, manual sign in, a badge scanner, license plate reader technology, vehicle dash cams, monitoring your workstation or device, or internet/online activity for cyber security purposes. Sources may include from the consumer, third party security providers and/or government entities including law enforcement. (Categories A, B, E, F, H, I and L). This information could be shared with law enforcement and service providers such as 3rd party security.
G. Legal, Regulatory & Compliance Purposes
We may collect personal information for legal, regulatory and compliance purposes. For example, to assist in processing a VISA work permit, we may collect or have a 3rd party service provider/law firm, collect information such as name, passport, birth certificate, work permit numbers, driver’s license from you to process your application. This could be shared with you, service providers, and legal and government sources. (Categories A, B, C, E, I, J and L). To respond to a complaint from the California Department of Fair Employment and Housing (DFEH), we would collect information about you and may share it with the DFEH (or other regulatory agency) in our response. (Categories A, B, C, E, I, J and L). In the event of litigation, we could collect or have a third-party law firm collect information from you (via discovery) or from data vendors, government/legal sources, and service providers. (Categories A, B, C, D, E, F, H, I, J and L).
H. Using Our Career Site
Our online career site is administered by a third-party service provider. We and our third-party service providers (such as analytics providers) use cookies, web beacons, clear GIF, pixels, internet tags, and other similar tracking technologies (collectively, “tracking technologies”) to gather information when you interact with our career site, and email communications. These tracking technologies help us optimize our career site, maintain the security of our website and your account, prevent crashes, fix bugs, note your preferences, and assist with the career site’s operations. (Category A, B, F and G).
When you submit your application for employment and use our career site, we collect personal information about you. This information includes, but is not limited to, your name; address; email address; password that you set; telephone number; information about your education and occupation background; skills and experience; awards; memberships and affiliations; activities and interests; information imported by you and/or connections from third party sites; information about third parties, such as references or contacts, which you provide to us with the third parties’ express written consent to do so; your resume, cover letters, work examples, and other documents; your preferences; your age, gender, race or ethnicity, if permitted by federal, state or local law and you choose to provide it. We may use the information we collect about you in a variety of ways, including processing your application for employment and communicating job opportunities to you, performing background checks, operating and improving our sites, responding to you, and preventing security breaches. (Categories A, B, C, D, F, I and J).
We may share your information when we work with service providers (including the service party that administers the career site) that provide us support services such as applicant management, and background (and when permitted by law, credit checks), and skills analysis.
We may also disclose your information if we believe that the disclosure is required by law. We collect information about you by way of a variety of technologies including cookies, which contain information that can later be read by a web server. We mainly use cookies to allow you to access and use our career site, to help us analyze and estimate traffic on our career site, and to remember information for you to save you the trouble of re-entering information.
You may elect to receive information about our careers when you sign up for our Talent Community. The information you receive will be based on the information you provide in your Talent Community profile. If you opt out of receiving Talent Community communications from us, you may still receive emails about the status of your application.
We do not intend for our career site or online services to be used by anyone under the age of 18. If you are a parent or guardian and believe we may have collected information about a child, please contact us as described in our FAQ section of our career site.
3. How We Protect Your Personal Information
Protecting your information is important to us. We maintain physical, electronic, and procedural safeguards to protect your personal information. For example, we limit access to this information to authorized employees and contractors who need to know. We review the information security practices of vendors with whom we share personal information. Please be aware that although we make every effort to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
4. Contacting Us
If you have questions regarding this Notice and/or our information practices, please contact us at:
Automobile Club of Southern California
Attention: Privacy & Data Security Counsel
Office of General Counsel, A451
3333 Fairview Road, Costa Mesa, CA 92626
By email. aaa-privacy@aaa-calif.com
5. Changes to This Notice
We may amend this Privacy Notice at any time. Please review it periodically. Any changes are effective upon the date at the top of this Notice and upon our posting of the revised Notice. Your use of our website following any such change constitutes acceptance.
6. Your Privacy Rights
California Consumer Privacy Act
California adopted privacy legislation, the California Consumer Privacy Act (CCPA), that provided new privacy rights to California residents, and which was amended through the California Privacy Rights Act (CPRA) that provides additional privacy rights in employment circumstances effective January 1, 2023. (Throughout this Notice, CCPA and CPRA will be referenced collectively as “CCPA.”) You have privacy rights to your personal information including the right to not be discriminated against or retaliated against for exercising any of these CCPA rights. You have a right to:
- a copy of your personal information (subject to statutory exceptions) that we collected since January 1, 2022, including a disclosure of the categories of personal information collected, sold and shared for a business purpose.
- delete personal information we collected from you unless we need to keep it as permitted by the CCPA. For example, we need your personal information to provide employee benefits and to administer the Club Pension Plan. We can also keep your personal information when we generally use it internally; and
- correct your personal information.
Frequency & Method of Request
You can request your information twice in a 12-month period. We must respond and provide your information within 45 days unless we inform you that we need more time in which event we will have 90 days to respond.
You can exercise your privacy rights and make a CCPA request by emailing the Club’s People Service Center at peopleservicecenter@aaa-calif.com or by calling 866-842-4222. We will first confirm that you are a Worker and authenticate your identity.
Designating an Agent on Your Behalf
You may designate an authorized agent to submit a request on your behalf to access, correct or delete your personal information by calling 866-842-4222. To do so, you must 1) provide that authorized agent written and signed permission to submit such a request, and 2) verify your own identity directly with us. Please note, we may deny a request from an authorized agent that does not submit proof.
Sensitive Personal Information Statement
The CCPA also provides a right to limit the use and disclosure of sensitive personal information unless we use such information within permitted purposes or don’t use it to infer characteristics about you. For example, we can use such information i) to perform the services or provide benefits requested by you; ii) to detect security incidents; iii) to perform employment 15 | P a g e services on behalf of us; and iv) to verify or maintain the quality of services we provide. Since we use sensitive personal information within permitted purposes, we are not required to offer you the option to limit or opt-out of the use of such information through a “Limit My Sensitive Personal Information” option. However, if our Sensitive Personal Information use practices change, we would offer such an option at that time.
CCPA Exempt Information
Please note that certain personal information is exempt from the CCPA. For example, protected health information pursuant to HIPPA and HITECH is excluded. As a result, this information would not be disclosed.
Sale and Sharing of Personal Information and the Right to Opt-Out
We do not sell, or share your personal information for cross context behavioral advertising under the CCPA. Consequently, you are not being provided a right to opt-out because we do not engage in this practice. However, if this practices changes, we would offer such an option at that time.
Selling or Sharing Personal Information of Those Under 16 years of Age
We do not sell personal information of consumers under 16 years of age nor do we have actual knowledge of sharing such information for cross context behavioral advertising purposes for those under 16 years of age. However, there are circumstances when we provide you a benefit involving those under 16 years of age (e.g., dependents) and in these events personal information could be shared with a third party. For example, if you select an employee benefit for your dependent such as health, vision or dental insurance, or designate someone under 16 as a beneficiary to your life insurance policy, then in those circumstances information about the child would be collected from you.
How Long Do We Retain Each Category of Personal Information?
We retain your personal information in line with our legal obligations, record retention policy, or as otherwise permitted by law. We will delete your personal information once the legal obligation expires or after the period of time specified in our record retention policy. The period of retention is subject to our review and alteration.
Workers Privacy Notice
Last updated and effective date: February 6, 2023
This CCPA Worker Privacy Notice (Notice) applies to Workers of Pleasant Holidays, LLC and Hawaii World, LLC (collectively “Pleasant”) . While Pleasant is an affiliate of the Automobile Club of Southern California (Auto Club) and utilizes some Auto Club Worker systems and shares some information practices, Pleasant and Auto Club are separate entities for purpose of the CCPA Worker Notice and the Auto Club issues its own CCPA Worker Privacy Notice. When "we," "us," or "our" is used in this Notice, it shall refer to the Pleasant.
In this Notice, we describe the categories of personal information collected and shared regarding Pleasant Workers. The sources from which such information is collected and with which it is shared, and the purposes for which this information is used. Note: a separate CCPA privacy notice applies to information collected by Pleasant for non-Worker California residents.
This Notice applies to all employees, any prospective employee, temporary or casual worker, apprentice, retiree, consultant or contractor of the Pleasant and any subsidiary, affiliate, joint venture, partnership or other corporate entities (collectively referred to as “Worker” or “Workers”).
When "you", "user", or "your" is used, it shall refer to you the Worker or user of this policy.
1. Categories of Personal Information
2. Information Practices
3. How We Protect Your Personal Information
4. Contacting Us
5. Changes to This Notice
6. Your Privacy Rights
1. Categories of Personal Information
Category A. Identifiers
Identifiers such as real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, SSN, driver’s license number, passport number or other similar identifiers.
Category B. Statutory Information
Information set forth in California Civil Code 1798.80 that identifies, relates to, describes, or is capable of being associated with, an individual or household, including:
· name
· signature
· social security number
· physical characteristics or description
· address
· telephone number
· passport number
· driver's license or state identification card number
· insurance policy number
· education, employment, employment history
· bank account number
· credit card number, debit card number, or any other financial information
· medical information, or health insurance information
· “Personal information” does NOT include publicly available information that is lawfully made available to the public from federal, state, or local government records.
Category C. Characteristics
Characteristics of protected classifications under California or federal law such as race, color, sex, age, national origin, disability, citizenship status, genetic information, ancestry, sexual orientation, gender identity or expression, religion, medical conditions, AIDS/HIV, marital status, military/vet status, political affiliations or activities, victims of domestic abuse and/or assault/stalking.
Category D. Commercial Information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Category E. Biometric
Records used to uniquely identify a person including fingerprints, retinal scans, facial scans, signatures, handwriting analysis and voice pattern recognition.
Category F. Internet Activity
Internet or other electronic network activity information, including but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement.
Category G. Geolocation
Used to identify an electronic device’s physical location, such as GPS coordinates.
Category H. Sensory
Audio, electronic, visual, thermal, olfactory, or similar information.
Category I. Employment Related
Professional or employment-related information such as job application, salary, and job performance information.
Category J. Education
Non-publicly available information that pertains to school, grades or years attended.
Category K. Inferences
Inferences drawn from any of the above identified information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Category L. Sensitive Personal Information
Non-publicly available personal information that reveals:
• A consumer’s social security, driver’s license, state identification card or passport number.
• A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
• A consumer’s precise geolocation.
• A consumer’s racial or ethnic origin, religious or philosophical beliefs or union membership.
• The contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication.
• A consumer’s genetic data.
Sensitive Personal Information also includes:
• The processing of biometric information to uniquely identify a consumer.
• Personal information collected and analyzed regarding a consumer’s health or sex life or orientation.
2. Information Practices
We collect personal information from and about Workers through many mediums (e.g., audio, video, electronic, internet, paper, social media, etc.). This includes information that you provide directly, information that we collect indirectly and information we procure from third parties and other sources about you. During the prior 12 months, we would have collected and shared personal information for each of these categories (A-L). However, the fact that we collected or shared information for a category does not mean that we collected or shared all the information in the category. For example, category A (identifiers) includes name, address, driver’s license, social security number, passport, etc. If we state that we collect this category of information, it does not mean that we collected every one of these identifiers.
Below, we further describe the specific pieces of personal information collected and shared, the reasons we do so, and the sources from which we collect such information as well as the sources with whom we share your personal information.
A. Employee Benefits
To support employee benefits administration and various medical and welfare benefit plans and services such as those for medical, dental, vision, life and disability, prescription, medical stop loss, supplemental insurance, surgery plus program, post-65 retiree health insurance plans and HRA accounts, workers compensation programs, direct billing for health and welfare premiums, HSA and FSA plans, consultants and brokers, we collect information (from you and service providers) such as your name, contact information (e.g., address, phone & email), SSN, marital status, gender, employment status, work & job information, health and benefit elections and information regarding dependents, too. We share this information with 3rd service providers and administrators for such programs who may share it with various healthcare service providers (e.g., Kaiser, Cigna, VSP, Aetna, CVS, Metlife, Wage Works, Alight, and WebTPA). (Categories A, B, C, D, I and L).
For the pricing of workers compensation insurance policy, we would collect name, and job and work information (from you and a service provider) and share this with a service provider. (Categories A, B and I).
For the administration of leave of absence programs and employee assistance programs, we would collect name, contact information, job and employment information (from you and service providers) and share this with a service provider. (Categories A, B, C and I).
B. Employee Relations and Training
For employee relations investigations, and other employee relations, we collect information (from you and/or service providers) such as name, email address, notes, performance issues, contents of communications such as email, employee and work information (yours and others), issue of concern and resolution and may share this with a consultant service provider and for legal purposes (Categories A, B, C, F, I & L).
For employee performance and training purposes, we collect information (from you and/or service providers) such as name, work email, employee and work information (e.g., title & supervisor), training details, employee number, performance details, productivity details, and instructor details. We may share this information with you and with third party service providers (e.g., a trainer/instructor). (Categories A, B and I).
For other employee training such a license for sales employees, we collect information (from you) such as name, age SSN, contact information (e.g., phone and email), employee and work information (e.g., employee ID, license number, and job title). We don’t share this externally with a third party. (Categories A, B, C, I and L).
C. Retirement and Compensation Planning
If we engage in market pricing we may share your information such as name, pay, job title, and job code with a third-party service provider that assists with this function. (Categories A, B and I).
For various service award, promotional travel, and recognition programs we may share your information such as name, contact information (e.g., address, email and phone), service date, signature, date of birth, credit card, employee number and manager with a third-party service provider that assists with these programs. (Categories A, B and I).
To administer our 401(k), we may share your information such as name, contact information, SSN, date of birth, beneficiary information and employment and work information with a third-party provider (e.g., T. Rowe Price). (Categories A, B, C, I, and L).
D. Talent Acquisition
To administer background checks and drug tests for sensitive positions, and for applicants and in post-employment circumstances, we use a third-party service provider to collect your personal information from service providers and from government and legal sources. This information can include your name, contact information, signature, date of birth, and SSN. We may share the results with you. (Categories A, B, C, E, I, and L).
For employment consideration including a candidate interview, we may collect name, contact information, employment, and education history from you. This information is not shared with a third-party. (Categories A, B, C, I, and J).
For talent marketing, we use a third-party service provider, to collect your information including your name, contact information, candidate profiles from social media platforms (e.g., LinkedIn) that would include employment and education information, application information including name, contact information and social media information. Aside from the third-party service provider collecting this information about you on our behalf, we don’t share this information with third parties. (Categories A, B, C, F, I, and J).
For employment consideration, we also use a third-party service provider applicant tracking system that collects applicant information from you including name, contact information, resume and employment information, background information, and driver’s license. This information may be shared with third party service providers. (Categories A, B, C, E, F, I, J and L).
We also use cookies, tags (also referred to as pixel tags, 1x1s, or transparent GIFs), and other technologies to manage our email programs. These tags gather information to analyze the performance of our email marketing and help us understand how consumers respond to our messages. (Category A, B, and F).
E. Payroll Purposes
For employment tax reporting purposes, we collect from and share with a service provider (ADP) your personal information including name, address, salary, and masked SSN. (Categories A, B, I and L).
For employee pay slip purposes, we collect personal information from you and our benefit administrator service provider such as your name, address, pay, deductions, last 4 digits of your financial account and may share it with an HR service provider. (Categories A and B).
For garnishment purposes in which moneys are deducted from an employee’s salary pursuant to a court order, we collect from government/legal sources your personal information such as name and SSN and share it with a 3rd party service provider (ADP) that assists with payroll. (Categories A, B and L).
For employee life cycle purposes (hire, current and post-termination) we collect personal information from you, government/legal sources and service providers, such as name, driver’s license, SSN, work visa (if applicable), signature and background information and share it with a 3rd party service provider (Sterling). (Categories A, B, C, E, I, J, and L)
F. Security Purposes
Our efforts to safeguard personal and company information, facilities, and people require that we monitor and collect information by different means and from many environments. This could include through video surveillance, manual sign in, a badge scanner, license plate reader technology, vehicle dash cams, monitoring your workstation or device, or internet/online activity for cyber security purposes. Sources may include from the consumer, third party security providers and/or government entities including law enforcement. (Categories A, B, E, F, H, I and L). This information could be shared with law enforcement and service providers such as 3rd party security.
G. Legal, Regulatory & Compliance Purposes
We may collect personal information for legal, regulatory and compliance purposes. For example, to assist in processing a VISA work permit, we may collect or have a 3rd party service provider/law firm, collect information such as name, passport, birth certificate, work permit numbers, driver’s license from you to process your application. This could be shared with you, service providers, and legal and government sources. (Categories A, B, C, E, I, J and L). To respond to a complaint from the California Department of Fair Employment and Housing (DFEH), we would collect information about you and may share it with the DFEH (or other regulatory agency) in our response. (Categories A, B, C, E, I, J and L). In the event of litigation, we could collect or have a third-party law firm collect information from you (via discovery) or from data vendors, government/legal sources, and service providers. (Categories A, B, C, D, E, F, H, I, J and L).
H. Using Our Career Site
Our online career site is administered by a third-party service provider. We and our third-party service providers (such as analytics providers) use cookies, web beacons, clear GIF, pixels, internet tags, and other similar tracking technologies (collectively, “tracking technologies”) to gather information when you interact with our career site, and email communications. These tracking technologies help us optimize our career site, maintain the security of our website and your account, prevent crashes, fix bugs, note your preferences, and assist with the career site’s operations. (Category A, B, F and G).
When you submit your application for employment and use our career site, we collect personal information about you. This information includes, but is not limited to, your name; address; email address; password that you set; telephone number; information about your education and occupation background; skills and experience; awards; memberships and affiliations; activities and interests; information imported by you and/or connections from third party sites; information about third parties, such as references or contacts, which you provide to us with the third parties’ express written consent to do so; your resume, cover letters, work examples, and other documents; your preferences; your age, gender, race or ethnicity, if permitted by federal, state or local law and you choose to provide it. We may use the information we collect about you in a variety of ways, including processing your application for employment and communicating job opportunities to you, performing background checks, operating and improving our sites, responding to you, and preventing security breaches. (Categories A, B, C, D, F, I and J).
We may share your information when we work with service providers (including the service party that administers the career site) that provide us support services such as applicant management, and background (and when permitted by law, credit checks), and skills analysis.
We may also disclose your information if we believe that the disclosure is required by law. We collect information about you by way of a variety of technologies including cookies, which contain information that can later be read by a web server. We mainly use cookies to allow you to access and use our career site, to help us analyze and estimate traffic on our career site, and to remember information for you to save you the trouble of re-entering information.
You may elect to receive information about our careers when you sign up for our Talent Community. The information you receive will be based on the information you provide in your Talent Community profile. If you opt out of receiving Talent Community communications from us, you may still receive emails about the status of your application.
We do not intend for our career site or online services to be used by anyone under the age of 18. If you are a parent or guardian and believe we may have collected information about a child, please contact us as described in our FAQ section of our career site.
3. How We Protect Your Personal Information
Protecting your information is important to us. We maintain physical, electronic, and procedural safeguards to protect your personal information. For example, we limit access to this information to authorized employees and contractors who need to know. We review the information security practices of vendors with whom we share personal information. Please be aware that although we make every effort to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
4. Contacting Us
If you have questions regarding this Notice and/or our information practices, please contact us at:
Automobile Club of Southern California
Attention: Pleasant Holidays Human Resources
2404 Townsgate Rd, Westlake Village, CA 91362
By email. humanresources@pleasant.net
5. Changes to This Notice
We may amend this Privacy Notice at any time. Please review it periodically. Any changes are effective upon the date at the top of this Notice and upon our posting of the revised Notice. Your use of our website following any such change constitutes acceptance.
6. Your Privacy Rights
California Consumer Privacy Act
California adopted privacy legislation, the California Consumer Privacy Act (CCPA), that provided new privacy rights to California residents, and which was amended through the California Privacy Rights Act (CPRA) that provides additional privacy rights in employment circumstances effective January 1, 2023. (Throughout this Notice, CCPA and CPRA will be referenced collectively as “CCPA.”) You have privacy rights to your personal information including the right to not be discriminated against or retaliated against for exercising any of these CCPA rights. You have a right to:
- a copy of your personal information (subject to statutory exceptions) that we collected since January 1, 2022, including a disclosure of the categories of personal information collected, sold and shared for a business purpose.
- delete personal information we collected from you unless we need to keep it as permitted by the CCPA. For example, we need your personal information to provide employee benefits and to administer the Club Pension Plan. We can also keep your personal information when we generally use it internally; and
- correct your personal information.
Frequency & Method of Request
You can request your information twice in a 12-month period. We must respond and provide your information within 45 days unless we inform you that we need more time in which event we will have 90 days to respond.
You can exercise your privacy rights and make a CCPA request by emailing the Club’s People Service Center at peopleservicecenter@aaa-calif.com or by calling 866-842-4222. We will first confirm that you are a Worker and authenticate your identity.
Designating an Agent on Your Behalf
You may designate an authorized agent to submit a request on your behalf to access, correct or delete your personal information by calling 866-842-4222. To do so, you must 1) provide that authorized agent written and signed permission to submit such a request, and 2) verify your own identity directly with us. Please note, we may deny a request from an authorized agent that does not submit proof.
Sensitive Personal Information Statement
The CCPA also provides a right to limit the use and disclosure of sensitive personal information unless we use such information within permitted purposes or don’t use it to infer characteristics about you. For example, we can use such information i) to perform the services or provide benefits requested by you; ii) to detect security incidents; iii) to perform employment 15 | P a g e services on behalf of us; and iv) to verify or maintain the quality of services we provide. Since we use sensitive personal information within permitted purposes, we are not required to offer you the option to limit or opt-out of the use of such information through a “Limit My Sensitive Personal Information” option. However, if our Sensitive Personal Information use practices change, we would offer such an option at that time.
CCPA Exempt Information
Please note that certain personal information is exempt from the CCPA. For example, protected health information pursuant to HIPPA and HITECH is excluded. As a result, this information would not be disclosed.
Sale and Sharing of Personal Information and the Right to Opt-Out
We do not sell, or share your personal information for cross context behavioral advertising under the CCPA. Consequently, you are not being provided a right to opt-out because we do not engage in this practice. However, if this practices changes, we would offer such an option at that time.
Selling or Sharing Personal Information of Those Under 16 years of Age
We do not sell personal information of consumers under 16 years of age nor do we have actual knowledge of sharing such information for cross context behavioral advertising purposes for those under 16 years of age. However, there are circumstances when we provide you a benefit involving those under 16 years of age (e.g., dependents) and in these events personal information could be shared with a third party. For example, if you select an employee benefit for your dependent such as health, vision or dental insurance, or designate someone under 16 as a beneficiary to your life insurance policy, then in those circumstances information about the child would be collected from you.
How Long Do We Retain Each Category of Personal Information?
We retain your personal information in line with our legal obligations, record retention policy, or as otherwise permitted by law. We will delete your personal information once the legal obligation expires or after the period of time specified in our record retention policy. The period of retention is subject to our review and alteration.