Who We Are
Our website address is: https://www.hollingsworthllc.com.
What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Hollingsworth Policy for Personally Identifiable Information
Certain Hollingsworth employees, in the course of their normal job responsibilities, will come into contact with Personally Identifiable Information (PII). It is important for employees to understand their roles in the collection, storage and transfer of PII. Personally Identifiable information is information which can be used to distinguish or trace an individual’s identity.
Purpose
The company philosophy is to safeguard personal employee information in its possession to ensure the confidentiality of the information. Additionally, the company will only collect personal information that is required to pursue its business operations and to comply with government reporting and disclosure requirements.
Personal employee information will be considered confidential and as such will be shared only as required and with those who have a need to have access to such information. All hard copy records will be maintained in locked, secure areas with access limited to those who have a need for such access. Personal employee information used in business system applications will be safeguarded under company proprietary electronic transmission and intranet policies and security systems. Participants in company benefit plans should be aware that personal information will be shared with plan providers as required for their claims handling or record keeping needs.
Scope
All staff, employees, contractors and entities working on behalf of Hollingsworth who are using Hollingsworth owned or personally-owned computer or workstations that are connected to the Hollingsworth network are subject to this policy.
Procedure
Identifying PII
There are two (2) types of Personally Identifiable Information (PII) and identification of each type will dictate the actions needed to ensure its safety and integrity.
- Public PII
This is information that is available in public sources such as telephone books, employee directories, public websites, etc. The following information can be considered Public PII: - First and Last Name
- Address
- Work Telephone Number
- Work email address
- Mobile, office or home telephone number
- General educational credentials
- Photos and videos
- Organizational Charts
- Protected PII
This is defined as any information which, if lost, compromised or disclosed without authorization could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. It includes any one or more of the types of information that are outlined below:
- Social Security Number
- Username and password
- Passport number
- Alien registration number
- Credit card number
- Clearances
- Banking information
- Salary information
- Biometrics, health or medical information
- Date and place of birth
- Mother’s maiden name
- Criminal, medical and financial records
- Educational transcripts
- Photos and video including any of the above
Maintaining PII
Because Protected PII requires special handling due to potential risk associated with its disclosure, it is important to 1) verify the need for the existence of PII on the Hollingsworth network with the department head and 2) ensure that the information is properly secured.
- Verifying the need to collect PII
Best practice dictates that an organization only collects the least amount of information in order to follow standard business procedures. Caution should especially be taken when collecting Protected PII. The need to collect the information should be periodically reviewed by the department head, and if deemed unnecessary, the business practice should be altered to reflect the change and any stored data should be reviewed to determine if it can be destroyed. - Collection Procedures
If PII does need to be collected, employees have certain responsibilities in making sure the data is secured. Any employee that handles PII, must sign a Hollingsworth Confidentiality Agreement. Any written information as a result of a phone conversation must be destroyed via shredding. Physical files that contain PII must be locked in a secure cabinet inside a locked room when not being actively viewed or modified. Keys must be kept by only the individual who is responsible for its storage and their department head. Any PII data collected should not be stored on any computer’s local desktop or workstation; it would need to reside on the Drive assigned to the department that employee works in, where it is encrypted and backed up. Departments with a need to store sensitive information will be instructed which network drive is available for them to use. See your department head or the IT department to determine where PII may be stored for your use. Please note all PII files must be password protected before being saved. - Verifying the need to store PII
Whenever PII is found residing in the Hollingsworth network, a determination needs to be made regarding whether the information is needed for an existing business practice, or if it can be securely disposed of. If the information does need to be retained, please contact the HR or IT department for guidance on the best means to secure or dispose of the information properly.
- Authorized dissemination of PII
In the event an outside entity would need to have any data that includes protected PII, said entity would need to confirm that they understand the sensitivity of the information, and the need to properly safeguard it. Once it leaves the Hollingsworth network, the IT team cannot guarantee its security. Transport of data should be done through secure means (ideally shared through an upload to the receiving company’s portal; otherwise One Drive, encryption or secured transport are necessary.) If the information must be emailed, it must be sent “encrypted” via Outlook 365, or, at a minimum password protected.- Unauthorized dissemination of PII
In the event of an unauthorized disclosure or access of PII:
- Unauthorized dissemination of PII
- Report the incident to your direct supervisor
- Send an email to the Director, IT and the Vice President of HR
- Do NOT forward any compromised information in the email
- Include the location of the information (email or network location)
- If email, include the sender and subject (unless the subject contains the PII)
- Include any other relevant details, such as location and contact phone number
- Comply with the instructions from the IT department
Enforcement
This policy is for our employees’ protection and the person handling the PII. Violation of this policy could be subject to potential disciplinary action, up to and including termination and or legal action.
Exceptions
Limited exceptions to the procedure must be approved by the Vice President, HR.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
California Consumer Privacy Act Employment Application Disclosure
Dear California Applicant,
Respecting the privacy of job applicants is an essential part of our privacy program. We are committed to the proper handling of the Personal Information collected or processed in connection with your potential employment relationship with us. This disclosure describes categories of Personal Information we collect and the purposes for which we process that information in accordance with section 1798.100 (b) of the California Consumer Privacy Act. The CCPA defines Personal Information as categories of information that identifies, relates to, describes or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly to a particular individual or household.
We collect, receive, maintain and/or share Personal Information with our service providers Paylocity, Kronos, EVerify, XTDForce, LabCorp, Quest, Concentra and One Source. The categories and the purposes described below for use of personal information reflects data processed across Paylocity, Kronos, EVerify, XTDForce, LabCorp, Quest, Concentra and One Source. Some of the following categories may not be applicable for job applicants and may only apply to current employees.
Categories of Personal Information Collected | |
Category A. | Identifiers, such as name, contact information, online identifiers and Social Security numbers and other government-issued ID numbers1 |
Category B. | Personal information, as defined in the California consumer records law, such as name, contact information, insurance policy number, education, employment, employment history financial information, medical information and health information1 |
Category C. | Characteristics of protected classifications under California or federal law,2 such as sex, age, race, religion, national origin, disability, medical conditions and information, citizenship, immigration status and marital status |
Category D.3 | Biometric information, such as facial recognition and fingerprints |
Category E.3,4 | Internet or network activity information, such as browsing history and interactions with our website, applications or systems |
Category F.4 | Audio, electronic, visual, and similar information, such as images and audio, video or call recordings created in connection with our business activities; |
Category G. | Professional or employment-related information, such as work history and prior employer, human resources data and data necessary for benefits and related administrative services |
Category H. 4 | Education information subject to the federal Family Educational Rights and Privacy Act, such as student records |
Category I. | Inferences drawn from any of the Personal Information listed above to create a profile or summary above, for example, an individual’s preferences, abilities, aptitudes and characteristics |
1 This includes name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
2 This include sex (including pregnancy, childbirth, breastfeeding, and related medical conditions), age (40 and over), race, color, religion or creed, ancestry, national origin, disability, medical conditions, genetic information AIDS/HIV status, marital status, sexual orientation, gender identity and expression, citizenship, primary language, immigration status, military/veteran status, political affiliation/activities, domestic violence victim status, and request for leave.
3 Only applicable where employer has selected to receive time keeping services from Paylocity and Kronos.
4 Only applicable where employer has selected to receive screening and selection services from OneSource & XTD Force.
Personal Information is collected for the following purposes:
1. To comply with state and federal law and regulations; |
2. To process payroll; |
3. To track time and attendance; |
4. To manage workers’ compensation claims; |
5. To administer and maintain benefits, including group health insurance; |
6. To administer and maintain retirement service; |
7. To manage employee performance of their job duties, including promotions, discipline, and/or termination; |
8. To conduct workplace investigations; |
9. To evaluate job applicants and candidates for employment; |
10. To obtain and verify background checks; |
11. To grant and monitor employees’ access to secure company facilities; |
12. To implement, monitor, and manage electronic security measures on devices that are used to access networks and systems (e.g., incident management); |
13. To engage in corporate transactions requiring review of employee records, such as for evaluating potential mergers and acquisitions of the Company; |
14. To maintain commercial insurance policies and coverages, including for workers’ compensation and other liability insurance; |
15. To anonymize and/or aggregate data to perform workforce analytics, data analytics, and benchmarking; |
16. To perform call monitoring and surveillance (e.g., CCTV); and |
17. To provide, validate, or communicate services offered by Paylocity, Kronos, EVerify, XTDForce, LabCorp, Quest, Concentra and One Source directly to individuals. |
If you have any questions about the collection and processing of your Personal Information or about the security of your Personal Information contact Human Resources.
California Consumer Privacy Act (CCPA) Regulations In Effect – HRWatchdog (calchamber.com)