This Privacy Disclosure (“Disclosure”) describes how MassMutual processes Personal Information about job applicants as well as current and former employees (collectively, “Personnel”) in connection with employment-related functions. This Disclosure does not apply to Personal Information collected about other types of individuals or Personal Information collected from you in different contexts. For example, if you interact with our commercial websites or job applicant websites, the MassMutual California Consumer Privacy Disclosure and/or privacy disclosure posted on that website will apply rather than this Privacy Disclosure.
Changes: We may update this Disclosure from time to time. Any updated Disclosure will be effective when posted. Please check this Disclosure periodically for updates. If required by law, we will contact you directly to provide you with an updated Disclosure.
We collect Personal Information about you from the following sources:
A. Directly from you. We may collect Personal Information you provide to us directly, such as when you apply for employment with us, when you register for benefits, sign up for events, provide feedback, and through other interactions with us prior to, during, or after your employment with us.
B. Data collected automatically and through tracking technologies. We may automatically collect information or inferences about you, such as through tracking technologies. This may include information about how you browse the internet using Company devices and systems, and send and receive emails.
C. From third parties, such as companies that provide recruitment partners that operate independently. Where permitted or otherwise authorized by law, information received from third parties may include the results of background checks.
D. From service providers who collect information on our behalf.
E. From other Personnel and our affiliates and subsidiaries. For example, we may receive Personal Information from your colleagues or supervisors in the context of performance evaluations.
F. From MassMutual financial professionals (such as agents and brokers).
G. From publicly available sources. We may collect Personal Information about you from publicly available sources, such as public profiles and websites.
We may combine information that we receive from the various sources described in this Disclosure, including third party sources, and use or disclose it for the purposes identified below.
We may collect the following types of Personal Information:
A. Identifiers, such as your name, email address, physical address, telephone number, business contact information, and device identifiers.
B. Records about you, such as financial information (including financial account number used for payroll), signatures, background check information (where permitted or required by law), and your physical characteristics or a description of you.
C. Protected class and demographic information, such as age (including birthdates) and gender.
D. Commercial information, such as records of business transactions, salary and wage information, and payroll and benefits data.
E. Internet or other electronic network activity information, such as information relating to your use of or interactions with MassMutual networks, systems, devices, email, applications, and platforms, including your browsing history, search history, and other interactions.
F. Non-precise geolocation data, such as your location as derived from your IP address.
G. Audio, visual, or other sensory information, such as photographs, security camera footage in the public areas of MassMutual’s facilities, and recordings of calls and video conferences.
H. Professional or employment-related information, such as job title, organization, professional licenses, credentials, specialty, professional affiliations, professional experience, references, performance and other evaluation information, disciplinary information, resumes, interview notes, human resource records, payroll, board of directors appointments, or other professional information.
I. Education information.
J. Inferences drawn from any of the information we collect about your preferences and behavior.
K. Sensitive Personal Information, such as Social Security number, driver’s license number, or passport number; account log-in information; racial or ethnic origin, if you voluntarily provide it; content of mail, email, and text messages where we are not the intended recipient (such as messages that we monitor for compliance and security purposes); information about your health; medical or health insurance information, including insurance policy number; and information relating to sexual orientation, if you voluntarily provide it.
We may use Personal Information for the following purposes:
A. In connection with an employment application, such as assessing your application, interview, and test results for suitability for the position for which you have applied or other open positions; communicating with you concerning job openings or your application; conducting pre-employment verification and screening; offering you the job position, in our discretion; notifying you of job opportunities (including from affiliates in our group, where we have shared your job application with them); and dealing with any inquiry, challenge, or request for feedback received in relation to our recruitment and hiring decisions.
B. Human resources management, such as administering payroll and benefits (including leave of absence benefits and use, pensions, government-related programs); logistics; planning and managing corporate travel and other reimbursable expenses; development and training; absence monitoring; timekeeping; performance appraisals; disciplinary and grievance processes; administration of termination of employment; career planning; administration of relocation; assessing qualifications and eligibility for a particular role or project; diversity and inclusion surveys and other activities (including to understand make up and representation in the workforce, for pay gap initiatives, and to allow us to offer support to certain demographic groups); background checks and reference checks; and complaint/hotline programs.
C. For our internal business purposes, such as managing and improving our recruitment and employment functions; enforcing our policies and rules; management reporting; managing MassMutual assets including: office locations and emergency planning; project management; auditing; maintaining records on employment business activities (such as accounting and commercial activities); document management and similar activities; budgeting; IT administration of our technologies, network, and intranet; IT security management and tasks; analyzing and managing meeting information (including, but not limited to, recording content, conversations and discussions, which may include your voice and/or images in case of video conferences, trainings, meetings, and other events); documenting corporate decision-making processes; making online events available to our Personnel for training purposes and/or to allow them or our partners to review such events after they have finished; helping Personnel improve meeting management; increasing meeting productivity; optimizing meeting resource distribution; and providing insights into interactions with people you network with.
D. For our internal research and business improvement purposes.
E. For legal, safety or security reasons, such as complying with legal, reporting, and similar requirements; investigating and responding to claims against the Company, its personnel, and its customers; for the establishment, exercise or defense of legal claims; protecting the Company, your, our customers’, and other third parties’ safety (including managing spread of communicable diseases), property or rights; detecting, preventing, and responding to security incidents; and protecting against malicious, deceptive, fraudulent, or illegal activity.
F. In connection with a corporate transaction, such as if we acquire, some or all of our assets are acquired by another entity.
G. For marketing or promotional purposes, including externally promoting MassMutual and our business. We may do so via social media, through public relations materials and communications, reputation and business-development efforts, branding, at events, and directly to business customers. For example, we may publicly disclose the names and work contact information of sales representatives or post pictures of Personnel who attend MassMutual events.
We may use anonymized, de-identified, or aggregated information for any purpose permitted by law.
We may disclose Personal Information to third parties, including the categories of recipients described below:
| Categories of Personal Information We Collect | Categories of Third Parties With Whom We Disclose Personal Information for a Business Purpose |
|---|---|
| Identifiers (Section 2.A) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Records about you (Section 2.B) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Protected class and demographic information (Section 2.C) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Commercial information (Section 2.D) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Internet or other electronic network activity (Section 2.E) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Geolocation data (Section 2.F) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Audio, visual, or other sensory information (Section 2.G) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Professional or employment-related information (Section 2.H) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Education information (Section 2.I) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Inferences (Section 2.J) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
| Sensitive Personal Information (Section 2.K) | • Affiliates and subsidiaries • Benefits services providers • Professional consultants • Vendors necessary to complete transactions you request • Law enforcement, government agencies, and other recipients for legal, security, and safety purposes • Other entities in connection with a corporate transaction • Entities to which you have consented to the disclosure |
The categories of recipients in the chart above are used to mean:
A. Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.
B. Benefits services providers, such as companies that provide health, wellness and insurance and other financial and voluntary benefits.
C. Professional consultants, such as HR operations consultants, accountants, benefit consultants, IT consultants, staffing consultants, career development, training and outplacement consultants, testing companies, lawyers, accountants and financial advisors.
D. Vendors necessary to complete transactions you request, such as shipping companies.
E. Law enforcement, government agencies, and other recipients for legal, security, or safety purposes, such as when we share information to comply with law or legal requirements; to enforce or apply our agreements and policies; and to protect Company, our customers’, or third parties' safety, property, or rights.
F. Other entities in connection with a corporate transaction, such as if we acquire assets, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.
G. Entities to which you have consented to the disclosure.
Our Information Governance and Records Management Program establishes and maintains company policies and procedures governing the creation, retention, storage, and disposition of corporate records and information, provided that such information to be deleted or destroyed is not subject to regulatory requirement to retain it or a legal hold. We retain corporate records for the minimum time period required by law or regulation and/or for a longer period of time consistent with business needs. We determine retention periods for corporate record information using both legal/regulatory citations and business requirements. Citations for retention periods are regularly reviewed by outside counsel and updated as necessary. CCPA rights request records are subject to a two year retention period as required by California law.
California Consumers may have certain rights, subject to legal limitations, regarding the collection, use, and sharing of Personal Information under the CCPA, such as:
You may exercise a Right to Know, Right to Delete, Right to Correct, and Right to Limit Sensitive Personal Information Processing via our webform.
Non-Discrimination: We will not discriminate against you in any manner prohibited by law for exercising your privacy rights.
Verification: In order to process requests, we may need to obtain information to locate you in our records or verify your identity using reasonable methods. For Right to Know, Right to Delete, Right to Correct, and Right to Limit Processing of Sensitive Personal Information, we will collect some or all of the following data elements: Name, Date of Birth, Email, Phone Number, and Address. We use a third party identity verification and fraud prevention service to verify the information you provide on your rights request form and which may present you with additional knowledge-based questions. When it comes to identity verification, our third party only tells us whether your identity passes verification and we do not use this information for any other purpose. In some cases, we may ask for more or different information if needed to otherwise support your request, such as in cases of authorized agents. To exercise the Right to Opt Out of Sale/Sharing, you may be asked to provide and verify your email address.
Authorized Agents: Authorized agents may exercise rights on behalf of prospective, current, and former workforce by submitting a request via our online webform and indicating that they are submitting the request as an agent. Agents should provide their own information to verify the agent’s identity, after which we will contact the agent with additional instructions to complete the consumer right submission process. We may require agents to demonstrate authority to act on behalf of a consumer by providing signed permission and may require consumers to directly verify their identity with us using the methods described above.
Timing: We will respond to Right to Know, Right to Delete, and Right to Correct requests within 45 days, unless we need more time in which case we will notify you and may take up to 90 days total to respond to your request. We will respond to Right to Limit Sensitive Personal Information Processing within 15 days.
If you need assistance submitting a request or have questions regarding this Disclosure or how the Company uses your Personal Information, please contact us at 1-877-777-9154 or email us at privacyrequest@massmutual.com