CCPA Privacy Notice

Effective Date: January 18, 2022

De La Cultura and its affiliated companies, referred to as "De La Cultura," "we," "us," or "our," are pleased to provide this Privacy Notice, which applies to California resident employees, employee applicants, owners, directors, officers, and contractors of De La Cultura. Additionally, this notice encompasses the emergency contacts and beneficiaries of these individuals who are California residents. Our aim with this Privacy Notice is to elucidate our practices concerning information that can reasonably be associated with an individual, commonly referred to as "Personal Information." We adhere to the requirements of the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), collectively known as the "CA Privacy Law."

Please be aware that there may exist other privacy notices or disclosures governing our utilization of your Personal Information that differ from or supplement the CA Privacy Law. In cases where the collection, use, and disclosure of Personal Information fall within the purview of the CA Privacy Law, this Privacy Notice shall take precedence. Conversely, for instances of Personal Information collection, use, and disclosure beyond the scope of the CA Privacy Law, the corresponding and relevant privacy notices and disclosures shall take precedence.

Collection and Disclosure of Personal Information

The following outlines the categories of Personal Information we gather and manage, as well as those categories of Personal Information we share with our affiliates for business and employment purposes, covering the 12 months preceding the last update of this Privacy Notice. Our affiliates encompass a range of entities, including service providers offering payroll, benefits, consulting, training, expense management, medical benefits, IT, and various other services; professional advisors like accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory bodies and law enforcement agencies; and business partners who assist us in delivering services to you (e.g., corporate credit card providers).

  1. Identifiers, including names and government-issued identifiers (e.g., Social Security numbers).

  2. Personal information, as defined in the California safeguards law. This encompasses details such as name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, educational background, employment information, employment history, bank account numbers, credit card numbers, debit card numbers, or any other financial information, medical information, or health insurance information.

  3. Protected Class Information, which comprises characteristics related to protected classifications under California or federal law, such as age, gender, medical conditions, marital status, sex (including pregnancy, childbirth, breastfeeding, and related medical conditions), race, color, religion or creed, ancestry, national origin, disability, genetic information, sexual orientation, gender identity and expression, citizenship, primary language, immigration status, military/veteran status, political affiliation/activities, domestic violence victim status, and requests for leave.

  4. Commercial Information, which includes transaction information and purchase history, as well as travel expenses. This category covers information about corporate credit card transactions, frequent flyer rewards, and other travel-related programs and expenses.

  5. Biometric Information, like face scans, fingerprints, and voiceprints. Note that biometric information is considered sensitive personal information, as further detailed below.

  6. Internet or Network Activity Information, encompassing data related to browsing history and interactions with our websites and applications. It also includes access and usage details regarding websites, applications, and systems, along with information about online communications, such as browsing and search history, timestamp information, IP addresses, and access and activity logs.

  7. Geolocation Data, which consists of latitude/longitude, precise location information, device location, approximate location derived from IP addresses, and tracking via GPS, WiFi, or Bluetooth Low Energy.

  8. Audio, electronic, visual, and similar information, including photographs, images, call and video recordings (including voicemail and security camera footage), and information regarding the use of electronic devices and systems, key card usage, and photos on websites or in employee directories.

  9. Education Information governed by the federal Family Educational Rights and Privacy Act (FERPA), such as student records and directory information.

  10. Professional or Employment Information, covering work history, previous employers, information from reference checks, background screening data, employment applications, membership in professional organizations, personnel files, personal qualifications, training, eligibility for promotions, and other career-related information. This category also includes information about work preferences, business expenses, wage and payroll details, benefit information, data on leaves of absence or paid time off, performance reviews, and information on internal investigations or disciplinary actions.

  11. Inferences drawn from any of the Personal Information listed above to create a profile or summary regarding an individual's preferences, characteristics, predispositions, and abilities.

Sensitive Personal Information:

Personal Information that discloses an individual’s Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number combined with any required security or access code, password, or credentials granting access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; citizenship; immigration status; or union membership.

  • The contents of mail, email, and text messages unless De La Cultura is the intended recipient of the communication.

  • Genetic data.

  • The processing of biometric information for the purpose of uniquely identifying an individual.

  • Personal Information collected and analyzed regarding an individual’s health.

  • Personal Information collected and analyzed regarding an individual’s sex life or sexual orientation.

Furthermore, we may disclose the aforementioned categories of Personal Information to third parties in the context of various business transactions, including but not limited to reorganizations, financing transactions, mergers, sales, joint ventures, partnerships, assignments, transfers, or other dispositions of all or a portion of our business, assets, or stock. This may also encompass situations arising from bankruptcy or similar proceedings.

It's important to note that we do not engage in the sale of Personal Information belonging to individuals covered by this policy. Moreover, we refrain from sharing or processing Personal Information of covered individuals for the purposes of cross-context behavioral advertising, as defined under the CA Privacy Law. There has been no involvement in such activities in the 12 months leading up to the last update of this Privacy Notice.

Additionally, we do not knowingly sell or share the Personal Information of minors under the age of 16.

Sources of Personal Information

We gather Personal Information from various sources, including yourself, our affiliated entities, your colleagues and supervisors, the references you furnish, previous employers or educational institutions, clients, background check providers, employee benefit service providers, social networks, publicly accessible databases, and cooperative databases. It's worth noting that we also collect Personal Information related to the emergency contacts and beneficiaries of our employees and other individuals, which is provided directly by these employees or individuals.

Purposes for the Collection, Use and Disclosure of Personal Information

At De La Cultura, we may collect and utilize Personal Information to effectively run, oversee, and sustain our operations. This encompasses managing our workforce, addressing various employment-related needs, and achieving our business objectives. The utilization of Personal Information serves various purposes, including but not limited to:

  1. Planning and administering workforce activities, encompassing recruitment, employee onboarding, staffing optimization, performance management, training and professional development, compensation and benefits administration, employee training, and promotions.

  2. Conducting workforce assessments, which include assessing physical or mental fitness for job roles and evaluating work performance.

  3. Handling payroll processing, wage management, and other rewards like stock options, stock grants, and bonuses. Additionally, we handle expense reimbursements and provide healthcare, pension plans, savings schemes, and other benefits.

  4. Operating, maintaining, monitoring, and securing our facilities, equipment, systems, networks, applications, and infrastructure.

  5. Managing attendance records, timekeeping, leaves of absence, and vacation scheduling.

  6. Facilitating effective communication among employees and overseeing workforce travel arrangements.

  7. Implementing quality and safety assurance measures to safeguard the health and well-being of our workforce and others. This includes risk assessment, security control, and monitoring activities.

  8. Conducting research, analytics, and data analysis to support succession planning, ensure business continuity, design and implement employee retention programs, promote diversity, equity, and inclusion initiatives, and advance environmental, social, and governance (ESG) initiatives.

  9. Performing identity verification, accounting, budgeting, audits, and other internal functions. This also extends to handling internal investigations, addressing disciplinary matters, and managing grievances and terminations.

    perating and overseeing IT and communications systems and facilities, allocating company assets and human resources, and engaging in strategic planning and project management.

  10. Ensuring compliance with applicable laws, legal processes, requests from governmental or regulatory authorities, internal policies, and other requirements. This includes handling income tax deductions, maintaining records, adhering to work permit and immigration regulations and reporting obligations, and managing legal claims.

Rest assured, our collection and utilization of Personal Information are guided by a commitment to legal and ethical standards, as well as the best interests of our workforce and the organization as a whole.

Use and Disclosure of Sensitive Personal Information

We may employ Sensitive Personal Information with a clear focus on delivering services essential to our business operations, fulfilling your requested services, and upholding the safety, security, and integrity of our organization, infrastructure, and the individuals we engage with. This encompassing utilization includes, but is not restricted to:

  1. Establishing and sustaining your employment relationship within our organization.

  2. Ensuring the safety and diversity of our workforce, contributing to a more inclusive and equitable workplace.

  3. Designing and executing Environmental, Social, and Governance (ESG) initiatives to advance sustainability and responsible business practices.

  4. Fulfilling legal obligations and responsibilities to adhere to relevant laws and regulations.

  5. Defending or asserting legal claims as needed within the legal framework.

  6. Managing essential payroll processes and overseeing the responsible use of corporate credit cards.

  7. Administering and furnishing benefits to employees as part of their employment package.

  8. Safeguarding access to and utilization of our facilities, equipment, systems, networks, applications, and overall infrastructure.

In all these endeavors, the handling of Sensitive Personal Information is performed with utmost care and in accordance with the highest standards of privacy and security to ensure the well-being and confidentiality of all parties involved.

Retention Period

At De La Cultura, our retention of Personal Information, including Sensitive Personal Information, is governed by a meticulous assessment of the purpose(s) for which it was collected. Our criteria for determining retention periods are as follows:

  1. The duration of your employment, ensuring that we retain information for the duration of your tenure with our organization.

  2. The length of our ongoing relationship with you or your dependents/beneficiaries, and the period following such a relationship during which we may have a legitimate need to reference your Personal Information. This includes addressing any potential issues that may arise.

  3. Adherence to any legal obligations to which we are subject. For instance, certain laws may mandate that we retain your employment records for a specific period of time.

  4. Evaluation of the advisability of retention, taking into account our legal position. This is particularly relevant concerning applicable statutes of limitations, ongoing or potential litigation, or regulatory investigations.

Our commitment to responsible data management ensures that Personal Information is retained only for as long as necessary or permissible, in alignment with our lawful and ethical obligations.

Individual Requests

At De La Cultura, you have the right, as permitted by applicable law, to make the following requests:

  • Request for Disclosure: You can request that we disclose the following information, which pertains to the 12 months preceding your request:

  • The categories of Personal Information we collected about you and the sources from which we obtained such information.

  • The business or commercial purpose for which we collected your Personal Information.

  • The categories of Personal Information about you that we shared with third parties and the categories of those third parties.

  • Request for Correction: If you believe there are inaccuracies in your Personal Information, you can request corrections to be made.

  • Request for Deletion: You may ask for the deletion of certain Personal Information you have provided to us.

  • Request for Access: You have the right to receive a copy of your Personal Information, including the information you provided to us, in a portable format.

We want to emphasize that we will not engage in unlawful discrimination or retaliation against you for exercising your rights under the CA Privacy Law.

To initiate a request, please contact us through the following link: privecy@delacultura.com

We will verify and respond to your request in accordance with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. In some cases, we may need to request additional Personal Information from you to verify your identity and protect against fraudulent requests. If you have a password-protected account with us, we may use our existing authentication methods for your account to verify your identity and may require re-authentication before disclosing or deleting your Personal Information in response to your request for deletion.

Rest assured, we are committed to complying with applicable laws and safeguarding your privacy rights.

Authorized Agents

If you wish to have an authorized agent make a request on your behalf, in accordance with applicable law, the agent may utilize the submission methods detailed above. As a part of our verification process, we may ask the agent to furnish relevant evidence of their status as an authorized representative. Furthermore, we may request that you either verify your identity as outlined previously or affirm that you have granted the agent permission to submit the request on your behalf.

Changes to this Privacy Notice

We may revise or update this notice periodically. In such instances, we will promptly post the updated notice on this page along with a fresh "Last Updated" date.

Contact Us

If you have questions regarding this Privacy Notice, please contact your local Human Resources department, HR Privacy Champion, or email us at privacy@delacultura.com.