Privacy Statement | Kelly
Kelly Services, Inc. and its subsidiaries respects your privacy and we acknowledge that you have certain rights related to any personal information we collect from you and we have certain obligations in respect of the same. Kelly Services supports the various international and local privacy laws, and has procedures in place to meet the requirements of those laws.
This Privacy Statement supports our privacy principles and informs you about our practices for gathering, storing, and using the personal information of individuals who use our websites, apply for or use our employment or outsourcing services, and those who are representatives of our customers (including prospective customers), service providers, and suppliers.
We encourage you to review this information so that you may understand how we collect, use, and share your personal information.
This privacy statement also covers our group of companies. Each group company is a data controller, and company names and information can be found at this link: Kelly Services, Inc. Company Names and Information (collectively, “Kelly Services or “Kelly”). So, when we mention “Kelly Services”, “Kelly”, “we”, “us” or “our” in this privacy statement, we are referring to the relevant company within our group of companies responsible for processing your personal information. We will let you know which entity will be the controller for your personal data.
Kelly Services, Inc is the controller responsible for managing general questions and speculative applications. Those group companies listed above who are not located in Europe can also be contacted through their representative: Kelly Services (Nederland) B.V., Neptunusstraat 37, 2132 JA Hoofddorp, Netherlands.
If we change anything important about this statement (the information we collect, how we use it, or why we use it) we will highlight those changes in the Change History section at the end of this Privacy Statement and provide a prominent link to it for a reasonable length of time following the change and prior to the change taking effect.
If you have questions, please contact the Data Protection Officer at:
Post: Kelly Services, Inc. in the U.S. can be contacted at 999 W. Big Beaver Road Troy, MI 48084.
Kelly Services, Inc., in Europe can be contacted through its subsidiary, Kelly Services Management Sàrl at Av. Edouard-Dubois 20, CH-2002P Neuchâtel, Switzerland.
Contact information for additional countries can be found at this link: Kelly Services, Inc. Company Names and Information.
Information We Collect
Kelly collects, stores, and uses personal data to provide our recruiting, employment, outsourcing, and consulting services. We collect personal data about individuals who use our websites, apply for employment or engagement with us, or placement by us through our recruitment services, employees, and those who are representatives of our customers (including prospective customers). Kelly does not knowingly direct its services or obtain, sell, or share information from children under age 16.
Most of this data is provided by you directly when you contact us, submit an application, attend an in-person recruiting event, through phone conversations, contact us about our services, or during your outsourcing or employment relationship.
We also collect data about individuals who are employed or engaged by our customers in connection with our provision of outsourcing and consulting services to those customers. This is generally obtained through our interactions with customers, suppliers, and service providers.
We have set out further details below on the types of personal data we collect (and have collected in the prior 12 months), store, and use and the reasons we use your personal data.
Why We Use Your Information
We will use your personal data where:
- you have given your consent to the relevant processing activity for the purposes of which we have informed you. Where this is the case, you always have the right to withdraw that consent;
- it is necessary for the performance of and compliance with your employment contract or other applicable engagement contract with us or in order to take steps prior to entering into that contract or another contract with you;
- we need to process your information in order to comply with a legal or regulatory obligation (for example, complying with duties under employment, social security, social protection, and tax legislation for example, complying with our obligations under equality legislation or in relation to statutory sickness or maternity rights);
- exceptionally it is necessary for vital interests relating to you or another person (for example, avoiding serious risk of harm to you or others); or
- it is necessary for our legitimate interests (or those of a third party) provided that our legitimate interests are not overridden by your interests or rights which require protection of your data.
We will use special categories of personal data where:
- you have provided your explicit consent. Where this is the case, you always have the right to withdraw that consent;
- we need to do so to carry out our legal obligations (e.g. in the context of employment, social security and social protection law, or for a collective agreement) for example, complying with our obligations under equality legislation or in relation to statutory sickness or maternity rights;
- it is necessary for the establishment, exercise, or defense of legal claims;
- it is necessary for the purposes of preventative or occupational medicine, for the assessment of your working capacity, medical diagnosis, or provision of health care (for example, in relation to Occupational Health referrals and reports);
- where it is needed for reasons of substantial public interest, such as for equal opportunities monitoring;
- exceptionally, where it is necessary for vital interests relating to you or another person (for example, avoiding serious risk of harm to you or others) and where you are not capable of giving consent; or
- where you have already made the relevant personal information public.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
As mentioned above, we can, sometimes, use your personal information where this is necessary for our legitimate interests (or those of a third party). This includes where use of your personal information is necessary to:
- ensure effective administration and management of your employment or engagement, benefits, management of the business, and business continuity;
- ensure our assets are protected, kept confidential, and not used for inappropriate or unlawful purposes;
- prevent, detect, or investigate unauthorized use of our systems and ensure we comply with law and our policies;
- ensure we can contact you or your family in the case of an emergency;
- check you are legally entitled to work, manage performance, discipline, and promotion processes;
- manage training and development requirements;
- maintain product development and enhancement, along with effective marketing through analytics and profiling for business intelligence;
- deal with disputes and accidents and take legal or other professional advice;
- comply with another country’s laws and regulations;
- prevent fraud and financial crime; and
- ensure network and information security.
If you would like further information on our legitimate interests as applied to your personal information, please contact the Data Protection Officer.
Failure to provide information where required
Where we are requesting information from you in order to employ or engage you, or in order to place or job-match you, if you do not provide the information that we have identified as required we may be unable to properly assist with your request for employment, placement, or job-matching to be performed by Kelly Services.
Retaining Your Information
We will retain your personal information for as long as is necessary in connection with our agreement with you, to provide you with the services requested, for legitimate business reasons or for other necessary purposes such as compliance with a law, regulation, or other legal authority, or as is otherwise permitted to be maintained for other legal purposes, such as audit, security, fraud prevention, or preserving and defending Kelly’s legal rights.
Additionally, job applicants and individuals whose assignment has ended will be maintained in Kelly’s talent pool to be potentially contacted about other employment opportunities. European talent pools will retain your applicant data for no longer than three years. Individuals located outside of Europe will be retained in alignment with local legal requirements, but in all cases no longer than ten years. Where applicable, Kelly will remove your information from the talent pool upon verified request.
Where Your Information May Be Shared
Kelly Services holds its employees, agents, and suppliers accountable for maintaining the trust that you place in us with your personal information.
For individuals, Kelly shares the data that is necessary to perform its staffing and outsourcing services with other Kelly Services entities, customers, suppliers, or with service providers that may be engaged to assist in managing the processes required to provide these services.
Any engagement of a customer, supplier, or service provider will be governed by appropriate contractual requirements prohibiting the use of your information for any purposes beyond those specifically directed by Kelly, and requiring that they ensure sufficient administrative and technical security mechanisms are in place to prevent your information from being improperly used, disclosed, or accessed.
Your Rights and Choices
We respect your right to access and control your information. The amount of personal information you are required to supply when requesting our services is consistent with Kelly’s interests in providing our services to you. Kelly complies with applicable data protection laws and regulations.
We process personal data about you for the purposes set out in this Privacy Statement, including to provide recruitment, placement, employment or outsourcing services, operate our business, comply with our legal and contract obligations, and fulfill other legitimate interests of Kelly. In most countries in which Kelly has an employment contract with you, the processing of contact, payroll, and benefit information is a contractual or statutory obligation, and failure to provide information to allow processing may restrict your ability to be employed by Kelly
You may have certain rights in relation to your personal data. The availability of these rights and the ways in which you can use them are set out below in more detail.
How We Transfer Information We Collect Internationally
International Transfers of Information We Collect
We collect information globally and may transfer, process, and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the services. Whenever we transfer your information, we take steps to protect it.
International Transfers Within Kelly Services: To facilitate our global operations, we transfer information globally and allow access to that information from countries in which the Kelly owned or operated companies have operations for the purposes described in this privacy statement. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we disclose information about you within and among Kelly Services, we make use of the EU-U.S. Data Privacy Framework to receive personal data transfers from the European Union/European Economic Area to the U.S. (see “EU-U.S. Data Privacy Framework Notice” section below), and the standard contractual data protection clauses, which have been approved by the European Commission, to safeguard the transfer of information we collect from the European Economic Area, the United Kingdom (the "UK"), and Switzerland.
International Transfers to Third Parties: Some of the third parties described in this privacy statement, where services are provided under a contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we disclose information of data subjects in the European Economic Area, the UK, or Switzerland, we make use of the European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer.
Data Privacy Framework Notice
In order to ensure transfers of personal information from the European Union, United Kingdom or Switzerland to the U.S. are done in a secure and compliant manner, Kelly is a participant in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), including the UK Extension to the EU-U.S. DPF and Swiss-U.S. Data Privacy Framework (Collectively the “DPF”). If there is any conflict between the terms in this Privacy Statement and the DPF, the DPF Principles shall govern.
As a participant in these programs, Kelly self-certifies annually its continued commitment to uphold the DPF Principles for all data received from the EU, the UK (and Gibraltar) or Switzerland in reliance on the DPF, and to be subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC). To learn more about the Data Privacy Framework, and to view our certification, visit the U.S. Department of Commerce’s Website.
Kelly provides individuals with the ability to resolve complaints or make inquiries directly with the company by contacting firstname.lastname@example.org or through other methods outlined in the section titled How to Contact Kelly.
For any disputes which cannot be directly resolved with the company, Kelly agrees to provide access to an independent dispute resolution body designed to address the privacy-related complaints of EU and as applicable, the United Kingdom or Swiss data subjects at no cost.
- For inquiries or complaints related to Human Resources Data, Kelly Services will cooperate with EU Data Protection Authorities, the UK Information Commissioner’s Office and the Swiss Federal Data Protection and Information Commissioner (collectively, “Data Protection Authority”) in the investigation and resolution of unresolved complaints concerning our reliance on the DPF, including complying with advice given by Data Protection Authorities (as described in the Data Privacy Framework Principles). Individuals may contact their Data Protection Authority directly to resolve disputes.
- For inquiries or complaints not related to Human Resources Data, Kelly has established an independent recourse mechanism, the International Centre for Dispute Resolution, the international division of the American Arbitration Association (“ICDR/AAA”). The ICDR/AAA can be contacted for resolution of the issue by visiting http://info.adr.org/safeharbor.
Under certain conditions, more fully described on the Data Privacy Framework website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration.
European Privacy Rights
California Privacy Rights
Mexican Privacy Rights
Other Privacy Rights
We record the number of visitors to the relevant sections of our website and track movement between the sections by means of “cookies.”
Protecting Your Information
Kelly Services takes care to secure your personal information.
We regularly monitor industry standards for securing information and review our physical, technical, and organizational security practices in order to determine how best to prevent the loss, misuse, alteration, unauthorized access, destruction, or disclosure of your personal information.
Any personal data sent to us, either in writing or e-mail, may be insecure in transit and we cannot guarantee its delivery.
Passwords must be kept confidential and not disclosed to a third party. Kelly does not ask you for your password.
Updates to this Privacy Statement
Kelly may update this Privacy Statement from time to time, so please review it frequently.
If we change our Privacy Statement, we will post the revised version here and will describe the changes in the Change History section.
If we make significant changes to our Privacy Statement, we may also notify you by other means prior to the changes taking effect, such as, prominently posting a notice of such changes on our websites, providing notice of the change through our online portals, or by directly contacting you.
If you would like to access previous versions of this Privacy Statement contact the Data Protection Officer at email@example.com.
How to Contact Kelly
If you have any questions or comments about this Privacy Statement, would like to exercise any of your rights under applicable data protection law, or believe that Kelly has not adhered to this Privacy Statement, please e-mail our Data Protection Officer at firstname.lastname@example.org. Additionally individuals can contact Kelly Services in the U.S. at:
Kelly Services, Inc.
ATTN: Privacy Officer
999 W. Big Beaver Road
Troy, MI 48084
Or in the EEA, United Kingdom, or Switzerland at:
Kelly Services Management Sàrl
ATTN: Privacy Officer
Av. Edouard-Dubois 20
Those group companies listed who are not located in Europe can also be contacted through their representative:
Kelly Services (Nederland) B.V.
2132 JA Hoofddorp
- We reformatted some of the information regarding international data transfers in “Where Your Information May Be Shared” into a new section titled “How We Transfer Information We Collect Internationally.”
- We added information to the “How We Transfer Information We Collect Internationally” to provide information about our compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), including the United Kingdom Extension and Swiss-U.S. Data Privacy Framework (Collectively the “DPF”).
- In “Information We Collect” we clarified the categories of Personal Data we collect, the Legal Basis for Processing the categories of Personal Data, and information about automated processing.
- In “California Privacy Rights” we updated the information regarding exercising your rights under California law.
- We updated the address in Switzerland.
- In “Kelly Services, Inc. Company Names and Information” we updated the list of entities.
- We removed references to EU/US Privacy Shield, including the section outlining the arbitration options available under the Privacy Shield program.
- We updated the Privacy Statement to include references to the California Consumer Privacy Act.
- We updated the Privacy Statement to clarify applicability to Kelly employees.
- We updated the Privacy Statement to inform individuals that we do not collect information related to minors under age 13.
- We updated our Privacy Statement to include references to the United Kingdom separate from references to the European Union or European Economic Area.
- We updated our representative for group countries who are not located in the European Union to our entity located in the Netherlands.
- We updated the Privacy Statement to provide a more layered presentation of information.
- In “Information We Collect” we presented the information in a more user-friendly format.
- We renamed “How We Use the Information” to “Why We Use the Information” and provided additional transparency on Kelly’s use of the information, including easier category groupings.
- We separated out and added information about the standards we use to determine how long data is maintained. This information is now in a separate section called “Retaining Your Information.”
- In “Your Rights and Choices” we created easier groupings for privacy rights based on specific jurisdictions, and provided notification and additional transparency for the rights of those located in the EEA or Switzerland.
- In “Where Your Information May be Shared” we provided additional transparency regarding the potential countries or areas where information may be shared.
- In “Updates to this Privacy Statement” we provided additional clarification on how we would provide notice of significant changes to this Privacy Statement.
- We created a Change History section to show updates to this Privacy Statement.
- We made minor edits for clarity and grammar.
- We updated the Privacy Shield section to provide information about our compliance with the Swiss-U.S. Privacy Shield Framework.
- In “Where Your Information May Be Shared” we added additional transparency regarding our responsibility for our processor’s actions.
- We updated “Safe Harbor” to “Privacy Shield” and provided information about our compliance with the EU-U.S. Privacy Shield Framework.