The types of Employee Data GoDaddy collects depends on the nature of your position and role within GoDaddy and the requirements of laws applicable to your employment (for example, as they might vary based on your country of residence). Regardless, when any information is collected about you and processed by us (whether directly or by a third party provider on our behalf), you will be notified of such collection and use, whether by this Policy or at the time of collection. Most commonly, however, Employee Data includes the following information:
- your name, address and other personal/contact details, including social security/national identification or insurance number, email address and telephone number, date of birth and gender;
- details of your qualifications, skills, experience and employment history, including start and end dates, with previous employers;
- information about your compensation, including benefits such as 401K, stock options or insurance cover;
- your bank account number and routing information;
- information about your marital status, next of kin, dependents and emergency contacts;
- the name, relationship, address and telephone number of your designated beneficiaries;
- information about your nationality and eligibility to work in a particular jurisdiction;
- information about your criminal record;
- details of your schedule (days of work and working hours) and attendance at work;
- details of periods of leave taken by you, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave;
- details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence;
- CCTV footage;
- recordings of your voice;
- login username and password;
- assessments of your performance, including appraisals, performance reviews and ratings, performance improvement plans and related correspondence;
- information about medical or health conditions, including whether you have a disability for which GoDaddy needs to make reasonable accommodations;
- information pertaining to any workplace accident / first-aid records and reports; and
- photographs and other visual images of you.
Sensitive personal data (e.g., data that reveal race, ethnic origin, religious or philosophical beliefs, health, sexual orientation, political opinions, or trade union membership) are collected only where allowed by law and are used and disclosed only to fulfill legal requirements unless employee provides consent for such collection or disclosure.WHY WE COLLECT EMPLOYEE DATA
To ensure proper application of and adherence to governing law, to perform ordinary HR/employment administrative functions, education and training, for application purposes, including as may be considered for promotions, transfers or other job related considerations, to deliver benefits to you and your dependents, make annual assessment respecting pay/total compensation and rewards, for payroll and direct deposit purposes, to ensure suitability for position and for the general welfare and protection of the company and its other employees, prevention of fraud, complying with health and safety laws, handling employment disputes, business planning, attrition monitoring, security management and equal opportunities monitoring etc., and for the enforcement and defense of legal rights.HOW DO WE COLLECT EMPLOYEE DATA
We may collect Employee Data in a variety of ways. For example, Employee Data might be collected through:
- interviews, CVs or resumes;
- passport or other identity documents such as your driving license;
- forms completed by you at the start of or during employment (such as in WorkDay, any application or benefit nomination forms);
- correspondence with you;
- CCTV and IT/communication systems; and
- timesheets or time clocking systems.
In some cases, GoDaddy may collect personal data about you from third parties, such as references supplied by former employers, information from employment or criminal records background check providers as permitted by law, information from medical practitioners or health insurances, information from credit reference agencies, and information from tax bureaus or other governmental authorities.WHO HAS ACCESS TO DATA?
Your information will be shared internally, including with members of the HR team, payroll, your manager, GoDaddy’s directors, executives and/or IT staff if access to the data is necessary for performance of their roles. We may also share your data with third party vendors that process data on our behalf, including but are not limited to:
- vendors that facilitate with the recruiting and employment verification process (i.e., recruiters, background check vendors)
- vendors that work within the provision of employee compensation, benefits, and leaves (i.e., payroll companies, health insurance providers); or
- access management or other internal tool vendors that allow us to build our infrastructure and run our business effectively and securely (most notably, Workday).
The information which you give to us may be transferred to countries outside of the jurisdiction of your employment. For example, some of our third-party providers may be located outside of the European Union (“EU”). Where this is the case, we will take steps to make sure adequate technical and operational measures are in place so that your privacy rights will continue to be protected as outlined in this policy. By submitting your personal data, you’re agreeing to this transfer, storing or processing.HOW DOES GODADDY PROTECT EMPLOYEE DATA?
GoDaddy has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Where GoDaddy engages third parties to process Employee Data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organizational measures to ensure the security of data.HOW LONG DOES GODADDY KEEP EMPLOYEE DATA?
Except as otherwise permitted or required by applicable law or regulations, we will retain Employee Data only for as long as we believe it is necessary to fulfill the purposes for which the Employee Data was collected (including, for the purpose of meeting any legal, accounting or other reporting requirements or obligations). This will vary depending on the nature of the data, but please review our ‘Record Retention Policy’ on the Planet for questions relating to any specific or certain type of Employee Data.YOUR RIGHTS: ACCESS, CORRECTION & DELETION
If you want to review, verify, correct or delete the Employee Data that we hold about you, please log into Workday and review your Employee Data under the “Personal Information” Icon, or submit a request to HR@godaddy.com.
We endeavor to ensure that Employee Data in our possession is accurate, current and complete. If you believe that your Employee Data incorrect, incomplete or outdated, you may request the revision or correction of that information. We reserve the right not to change any Employee Data we consider is accurate. If it is determined that Employee Data is inaccurate, incomplete or outdated, we will use reasonable efforts to revise it and, if necessary, use reasonable efforts to inform agents, service providers or other third parties, which were provided with inaccurate information, so records in their possession may also be corrected or updated.
You may request that we delete the Employee Data about you that we hold. There are instances where applicable law or regulatory requirements allow or require us to keep Employee Data. In such case, the request to delete this Employee Data will not be honored. For example, if you inquire about deletion of certain Employee Data needed to maintain the employment relationship, we would not be able to delete that data as it is necessary for the administrative processing of your ongoing employment relationship with GoDaddy. However, in such event that we cannot delete your Employee Data, we will inform you of the reasons why (subject to any legal or regulatory restrictions). Similarly, requests to delete your personal information submitted by you (or by us on your behalf) to a third-party provider for the processing of certain benefits, such as stock accounts held with E-Trade, health benefits processed by United Healthcare, 401k (for US residents) processed by Wells Fargo, and so-on, cannot be honored by GoDaddy. If you require such a third-party to delete any of your personal information, you must contact the third party directly to request such deletion.
In certain circumstances, you may have provided express consent in connection with your providing certain Employee Data to us of for a specific use of your Employee Data (for example, use of a photograph for your company profile picture). You may withdraw such consent of use, but in such cases we cannot ensure that information previously published can be removed from all mediums in which it was submitted.THE E.U-U.S AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS.
Our parent company,GoDaddy Operating Company, LLC (and our related entities, including GoDaddy.com, LLC, Blue Razor Domains, LLC, Starfield Technologies, LLC, Domains by Proxy, LLC, Outright, Inc., Mad Mimi, Inc. and Media Temple, Inc.) participates in and has certified its compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. Go Daddy Operating Company, LLC is committed to subjecting all personal data received from the EU or Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
GoDaddy Operating Company, LLC is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. GoDaddy Operating Company, LLC complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to each Privacy Shield Framework, GoDaddy Operating Company, LLC is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, GoDaddy Operating Company, LLC may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
We reserve the right to modify this Policy at any time. If we decide to change our Policy, we will post those changes to this Policy and any other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make material changes to this Policy, we will notify you here, by email, or by means of a notice on The Planet, at least thirty (30) days prior to the implementation of the changes.DATA PROTECTION AUTHORITY
If you are a resident of the European Economic Area (EEA) and believe we maintain your personal data subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to your local supervisory authority or our lead supervisory authority, the UK's Information Commissioner’s Office, as noted below:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Phone: 0303 123 1113CONTACT US
Attn: Office of the Data Protection Officer, 14455 North Hayden Road, Suite 219, Scottsdale, AZ 85260 USA,
or for employees established in the EEA,
Attn: Legal, Office of the DPO, 5th Floor, The Shipping Building, Old Vinyl Factory, 252-254 Blyth Road, Hayes, UB3 1HA.
By Phone: 800-790178