Privacy Policy

Last updated: November 24, 2021

Introduction

We at Sutherland Global Services, Inc. and our Affiliated Companies worldwide (“Sutherland” or “Company”) are committed to respecting your online privacy and recognize your need for appropriate protection and management of any personally identifiable data (“Personal Data”) you share with us.

Affiliated Companies” means with respect to any specified person or entity, any other person or entity Controlling, Controlled by or under common Control with such entity, where “Control” with regard to an entity, means the beneficial, equitable or legal ownership, either directly or indirectly, of more than fifty percent (50%) or more of the capital stock (or other ownership interest, if not a corporation) of such entity ordinarily having voting rights, or effective control of the activities of such entity regardless of the percentage of ownership.

Sutherland’s Privacy Policy outlines how Sutherland collects, uses, shares, and secures your Personal Data. This policy also describes your choices regarding use, access, and correction of Personal Data.

Definitions

Personal Data

Personal Data is any data relating to an identified or identifiable natural person. Your name, address, phone number and bank account number are examples of Personal Data.

What personal data we collect and how we use it 

Sutherland processes your Personal Data to ensure the efficiency and effectivity of Sutherland business activities and relationships, conduct business and commercial transactions, maintain the recruitment/employment relationship, and plan and conduct marketing.

Below is a description of the Personal Data Sutherland may have collected and/or used over the last 12 months:

Category of Personal DataDescriptionPurpose and Uses Legal Bases
Category of Personal Data:
Identifiers
Description:
Name, contact information (postal address, email address, phone number), Internet Protocol address.
Purpose and Uses :
Sutherland may use Identifiers to fulfil a contract with the organization for which you work, or to conduct business activities such as marketing and business communications. Sutherland may also process Identifier information to fulfil legal requirements and protect Sutherland's legal and business interests.
Legal Bases:
Sutherland conducts direct marketing with your consent. Otherwise, Sutherland processes Identifiers for Contract or Legal reasons.
Category of Personal Data:
Customer Records Information
Description:
Name, signature, employment information (title, role), contact information
Purpose and Uses :
If you currently work or previously have worked for a business customer or vendor organization, we may have collected information about you in our Customer Records in order to fulfil a contract with your organization, or to conduct business activities such as marketing and business communications.
Legal Bases:
Sutherland conducts direct marketing with your consent. Otherwise, Sutherland processes Customer Records Information for Contract or Legal reasons.
Category of Personal Data:
Commercial Information
Description:
Products or services purchased or other purchasing or consuming histories or tendencies
Purpose and Uses :
Sutherland may collect Commercial Information in order to customize and plan marketing activities, make business decisions, and make financial and resource forecasts.
Legal Bases:
Sutherland conducts these activities with Legitimate Business Interests, and in some cases to fulfil Contracts or for Legal reasons.
Category of Personal Data:
Internet or Other Electronic Network Activity
Description:
Browsing history, search history, information regarding interaction with our networks, websites and advertisements
Purpose and Uses :
To better manage and design our websites, customize and serve ads, perform website analytics, and manage marketing activities, Sutherland collects Internet or Other Electronic Network Activity information. As individuals access Sutherland online applications and networks, Sutherland tracks and manages access in order to maintain security.
Legal Bases:
Sutherland collects this network, online and online advertising information for its Legitimate Business Interests.
Category of Personal Data:
Geolocation Data
Description:
Non-Precise Geolocation information at the country level, based on IP address
Purpose and Uses :
Sutherland may recognize the country from which a web visitor comes to a Sutherland website through IP address in order to customize a web visitor's experience, manage security and protect against fraud, and fulfil requests. Web visitors may also provide Sutherland country location in order to establish web experience preferences.
Legal Bases:
In some cases, Sutherland obtains Consent for country-level location data. In other cases, Sutherland uses this information for Legitimate Business Interests or to fulfil Contracts with web visitors.
Category of Personal Data:
Professional or Employment-Related Information
Description:
Name, contact information, job history, job title, performance information, education history, IP Address, CV or resumes, background check data (such as criminal and financial background checks), racial or ethnic origin, data related to compensation.
Purpose and Uses :
In order to find, communicate with (i.e. sending emails and/or SMS messages), evaluate and hire the right job candidates, Sutherland collects and uses Professional or Employment-Related Information.
Legal Bases:
Sutherland collects and uses this information to support Legal requirements and claims and operate business activities under its Legitimate Business Interests. Job candidates may provide Consent for some data processing activities.
Category of Personal Data:
Education Information
Description:
Title, certifications
Purpose and Uses :
In addition to education information provided in the recruiting contexts, Sutherland captures Education Information about business contexts during the normal course of communication; for example, where a contact individual provides title or certification information in the signature line of emails.
Legal Bases:
Sutherland collects and uses this information to fulfill Contracts with vendor and business customer organizations; and in the recruiting context with Consent or for its Legitimate Business Interests.

Sutherland does not as a practice collect Personal Data revealing political opinions, religious or philosophical beliefs, trade-union membership, genetic information, or sex life/sexual orientation.

If Sutherland intends to use or transfer Personal Data for purposes beyond those for which it was originally collected or subsequently authorized by you, or for purposes incompatible for those uses, Sutherland will offer you the opportunity to affirmatively opt in.

In addition to the above, Sutherland is the controller of Personal Data for employees, contractors and other Sutherland workers. Sutherland uses this Personal Data, which can include sensitive personal information, to maintain the employee/worker Contract and for its Legitimate Interests.

Sources of Personal Data

We have collected the above categories and types of personal data directly from individuals through our website and through social media sites such as LinkedIn, and through business interaction and documents such as our contracts and other shared documents. In a few limited cases, Sutherland may have received Personal Data with data subject consent from a third party, such as a third-party recruiter or job site who has permission to pass on job candidate details to Sutherland.

How We Share Personal Data

We may share your Personal Data with third-party service providers under contract to us to assist in our business activities, which may include but are not limited to marketing, advertising our product/service offerings, recruiting, and maintaining and improving our service offerings. These service providers are authorized to use your Personal Data only as necessary to provide these services to us. Sutherland does not sell Personal Data or provide Personal Data to third parties for their own uses.

That said, some third-party advertising or analytics cookies can be considered a “sale” under some definitions, and you can opt out of this sharing through our cookie consent banner that may appear in a ribbon on our website pages, or by following instructions provided in our full Cookies Policy. In addition, though Sutherland does not otherwise sell Personal Data, you can opt out of any future sharing by emailing this request to privacy@sutherlandglobal.com.

Sutherland may also disclose your Personal Data as required by law, such as to comply with a subpoena or other legal process, when Sutherland believes in good faith that disclosure is necessary to protect Sutherland’s rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. We may also share as a part of merger or acquisition activity.

Choice

The choice of whether to provide Personal Data to Sutherland is up to you. The notice Sutherland provides when it collects Personal Data will assist in how you prefer to allow us to use your Personal Data. When you do not want to provide your Personal Data, you can still visit most of Sutherland’s websites; however, please note that you may be unable to access certain options, offers, and services that involve our interaction with you. If you chose to have a relationship with Sutherland, such as a contractual or other business relationship or partnership, Sutherland will naturally continue to contact you in connection with that business relationship.

You may sign-up and consent to receive email or newsletter communications from Sutherland. If you would like to discontinue receiving these communications, you may update your preferences by using the “Unsubscribe” link found in emails or by contacting Sutherland using the information in the “Contact Data” section of this Policy.

Cookies and Other Tracking Technologies

This site uses cookies to store information on your computer. Some are essential to make Sutherland site work; others help Sutherland improve the user experience. A “cookie” is a small text file that may be used, for example, to collect data about website activity. Some cookies and other technologies may serve to recall Personal Data previously indicated by a web user. For greater details, please refer to Sutherland Cookie Policy to learn more.

If you wish to opt out of interest-based advertising, click here or if located in the European Union, click here. Please note you will continue to receive generic ads.

Log Files

Log files may record data such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; internet service provider, clickstream patterns; the files viewed on Sutherland website (e.g., HTML pages, graphics, etc.), referring and exit pages and dates and times that Sutherland site is accessed to analyze trends in the aggregate and administer the site.

Security

Wherever your Personal Data may be held within Sutherland or on its behalf, Sutherland intends to take commercially reasonable and appropriate steps to protect the Personal Data that you share with Sutherland from unauthorized access or disclosure.

If you have any questions about the security of your Personal Data, you can contact Sutherland at privacy@sutherlandglobal.com.

Data Hosting and Retention

Sutherland is a global company and may store your Personal Data in data centers around the world. Regardless of location, Sutherland protects your data with similar controls and safeguards. For example, if Sutherland transfers data from the European Union or from other countries requiring additional measures to allow the data transfer, Sutherland uses Standard Contractual Clauses among other measures to provide adequacy ensuring that your data protection rights travel with your data. Sutherland will not store your data longer than necessary for the purpose for which we have processed your data. How long we retain your data depends on the type of data and the purpose for which we process your data. Contact us at privacy@sutherlandglobal.com for more information about data retention.

Children’s Privacy

Sutherland’s website is a general audience website. Accordingly, Sutherland does not intend to collect Personal Data from anyone Sutherland knows to be under 16 years of age.

If we learn that we have collected personally identifiable information from an individual under 16 years of age, we will take reasonable steps to delete such information from our files as soon as is practicable. Please contact us via this link, if you believe we have any information from or about an individual under the age of 16.

Data Subject Rights

Depending on where you live, you may have certain rights regarding your Personal Data. To exercise any of the following rights, please contact us at privacy@sutherlandglobal.com, complete an individual rights request using this Individual Rights Form, or if you are a California resident and calling from the US you can call us toll free at 1-866-I-OPT-OUT (1-866-467-8688) and enter Service Code 843.

Note that there may be exceptions and limited applicability to some individual data rights, and Sutherland may not be required or able to fulfill your request. In most cases, we will respond to your request within 30 days unless legal requirements dictate otherwise. Below is a summary of individual data rights you may have, depending on local requirements:

Right to Know and Right to Request Information

You may have the right to request that we disclose what personal information we collect, use, disclose or sell.  You have the right to request information about the personal information we’ve collected about you within the last twelve months, and you may have the right to receive a machine-readable copy of your Personal Data and/or have us provide your Personal Data to a third party.  You may request to know if we have collected, sold or shared with third parties, including the following information:

  • The categories of personal information we have collected about you
  • The categories of sources of personal information we collected about you
  • Our business or commercial purpose for collecting or selling personal information about you
  • The categories of third parties with whom we share personal information
  • The specific pieces of personal information we have collected about you
  • Whether we have sold your personal information and if so the categories of personal information that each category of recipient purchased; and
  • Whether we have disclosed your personal information for a business purpose and if so, the categories of personal information that each category of recipient received.

Right to Request Correction or Deletion

  • If you believe that we have some Personal Data about you that is incorrect, you can request that we update or correct that information.
  • You have the right to request that we delete your personal information. Under certain circumstances we may be unable to delete your personal information, for example, to comply with legal obligations, or to complete a business transaction that you have requested.

Right to Object, Withdraw Consent, and Data Portability

  • You may have the right restrict (stop any active) processing of your personal data.
  • In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.

Right to Non-Discrimination

  • You have a right not to receive discriminatory treatment for exercising your privacy rights.

Right to Complain to a Regulator

If you have unresolved concerns, you may have the right to complain to the data protection authority where you live, work or where you believe a breach may have occurred.

In Canada, you may contact the Office of the Privacy Commissioner of Canada (OPC) to help resolve a privacy concern you have at https://www.priv.gc.ca.

In the European Union, find your Data Protection Authority’s contact information at https://edpb.europa.eu/about-edpb/board/members_en.

In the United Kingdom, you can make a complaint about us to the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.

In the Philippines, you can contact the National Privacy Commission at complaints@privacy.gov.ph.

You may also contact the privacy regulator in your country, state, or province. Most privacy regulators can be contacted online using the resources provided at https://icdppc.org/participation-in-the-conference/members-online/.

Commitment 

Sutherland is committed to privacy. Protecting your privacy online is an evolving area, and this website is constantly evolving to meet these demands.

If you have any comments or questions regarding Sutherland’s Privacy Policy, please contact Sutherland at privacy@sutherlandglobal.com.  While Sutherland cannot guarantee privacy perfection, Sutherland will address any issue to the best of its abilities as soon as possible.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

EU – U.S. Privacy Shield

Sutherland and the following subsidiaries, Sutherland Healthcare Solutions Inc., Sutherland Government Solutions Inc., Nuevora Inc., Sutherland Global Services New York Inc., SGS USA Inc., Adventity Inc., Sutherland Global Collection Services LLC, Sutherland Mortgage Services Inc., Sutherland Global Services SPV Inc. and Sutherland Global Holdings Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  Sutherland has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Sutherland is responsible for the processing of Personal Data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, including the onward transfer liability provisions.

With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, Sutherland is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (FTC). Anent the discussion under the Legal heading above, in certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website, https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Update: On July 16, 2020, the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield framework. In light of this judgment, Sutherland is using the Standard Contractual Clauses issued by the European Commission under decision 2010/87/EU (“SCC”) as its lawful data transfer mechanism for transfers of Customer data containing EU Personal Data, to United States of America.

International Personal Data Transfers Outside the EEA

Sutherland may, subject to applicable law, transfer your information outside the country where you are located and to where information protection standards may differ (e.g., your information may be stored on servers located in other jurisdictions). We will utilize appropriate safeguards governing the transfer and usage of your personal information such as Standard Contractual Clauses pursuant to Article 46 of the GDPR. If you would like further detail on the safeguards we have in place you can contact us directly as described in this Privacy Notice.

Contact Data

You can contact our Global Chief Data Protection Officer, Canadian Privacy Officer, EU Data Protection Officer, and the global privacy team generally at:

Sutherland Data Privacy Office

Attention. Chief Data Privacy Officer

Sutherland Global Services Inc.,

1160 Pittsford Victor Road

Pittsford, NY 14534

privacy@sutherlandglobal.com

Changes to This Privacy Policy

You should review this Privacy Policy on a routine basis as Sutherland reserves the right change this Privacy Policy, or any portion thereof, an updated version of our Privacy Policy will be posted to our website.

TRUSTe