Employee Privacy Notice
What Personal Information Do We Collect?
Greenleaf Foods, SPC, its parent company and other affiliates (collectively “Greenleaf”, “we” or “us”) collect and maintain different types of personal information in respect of those individuals who seek to be, are, or were employed by us. This includes personal information contained in:
- resumes and/or applications;
- references and interview notes;
- photographs and video;
- letters of offer and acceptance of employment;
- mandatory policy acknowledgement sign-off sheets;
- payroll information; including but not limited to social insurance number, pay cheque deposit information, and GRRSP/ESP information;
- wage and benefit information;
- forms relating to the application for, or in respect of changes to, employee health and welfare benefits; including, short and long term disability, medical and dental care;
- vaccination information;
- beneficiary and emergency contact information; and
- background screening information.
In addition to the examples listed above, personal information also includes information such as name, home address, telephone, personal email address, date of birth, employee identification number and marital status, and any other information necessary to Greenleaf’ business purposes, which is voluntarily disclosed in the course of an employee’s application for and employment with Greenleaf.
We may also collect certain demographic data that qualifies as sensitive personal information, such as race, ethnicity, sexual orientation, and disability to help us understand the diversity of our workforce. This information, when collected, is done so on a voluntary consensual basis.
Most often, the personal information we collect from employees and employee applicants is collected from them directly. In some cases, we may collect personal information about employees and employee applicants from third parties, for example, when we perform background checks that are necessary for the role to be performed by the employee. In most circumstances, we will get your permission before we collect personal information about you from a third party.
If we ask you to provide any other personal information not described above, we will identify the nature and purpose of collection at the point we collect it.
How Do We Use Personal Information?
Employee-related personal information is used and disclosed for our business purposes, including establishing, managing or terminating your employment relationship with Greenleaf. Such uses include:
- determining eligibility for initial employment, including the verification of references and qualifications;
- administering pay and benefits;
- processing employee work-related claims (e.g. worker compensation, insurance claims, etc.)
- identifying and establishing training and/or development programs;
- assessing our overall workforce, employee engagement and satisfaction;
- conducting performance reviews and determining performance requirements;
- assessing qualifications for a particular job or task;
- gathering evidence for disciplinary action, or termination;
- establishing a contact point in the event of an emergency (such as next of kin);
- complying with laws and regulations (e.g.) labour and employment, health and safety, tax, and human rights laws);
- compiling directories;
- information systems security and administration;
- ensuring the security of company-held information;
- such other purposes as are reasonably required by Greenleaf in connection with your employment; and
- other legitimate purposes reasonably required for day-to-day operations, such as accounting, financial reporting and business planning.
We may also use your personal information for other lawful purposes which we will tell you about, and if required by applicable laws, we will secure your consent to collect and use it.
Greenleaf physically and electronically monitors our facilities, as well as the use of our information and communications systems, for specific purposes. For example, we may monitor activities at our facilities with badge readers, sign-in sheets, and surveillance cameras. We generally do these things to prevent unauthorized access and for safety, health, welfare and protection of our employees, authorized visitors, the animals under our care and our property.
We may also monitor or record activity on our information and communications systems and network, such as internet traffic, website filtering, email communications or systems accessed. More information on electronic monitoring can be found in our Acceptable Use Policy and our Information Security Awareness Policy.
Where permitted by law, we may also carry out monitoring for other purposes such as:
- Proof of business transactions and archiving;
- Training and evaluation of employees;
- Protection of confidential information, intellectual property and other business interests;
- To investigate breaches of Greenleaf policies and procedures, or other unlawful or improper acts;
- For compliance with a legal obligation; and
- Other legitimate purposes as permitted by applicable law.
With Whom Do We Share Your Data?
We take care to allow your personal information to be accessed only by those who really need to in order to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it.
If we go through a corporate sale, merger, reorganization, dissolution or similar event, personal information we gather from you may be transferred in connection with such an event. Any acquirer or successor of Greenleaf may continue to use the data as described in this notice provided that the acquirer or successor is bound by appropriate agreements or obligations and may only use or disclose your personal information in a manner consistent with the use and disclosure provisions of this notice, or unless you consent otherwise.
We may also disclose your personal information to a third party under the following circumstances:
- if we in good faith believe we are compelled by any applicable law, regulation, legal process or government authority;
- where necessary to exercise, establish or defend legal rights, including to enforce our agreements and policies;
- to protect Greenleaf’ rights or property;
- in connection with regular reporting activities to other members of the Greenleaf’ corporate family;
- to protect Greenleaf, our other customers, or the public from harm or illegal activities;
- to respond to an emergency which we believe in good faith requires us to disclose data to prevent harm; or
- with your consent.
International Operations and Transfers Out of Your Home Jurisdiction
Your personal information may be collected, used, processed, stored or disclosed by us and our service providers outside your home jurisdiction, including in the U.S. and Canada, and in some cases, other countries. These countries may have data protection laws that are different the laws of your country. Greenleaf transfers personal information to another country, including within the Greenleaf corporate family, in accordance with applicable privacy laws.
How Do We Secure Your Data?
We use appropriate technical and organizational security measures to protect the security of your personal information both online and offline including the implementation of access controls, implementation of firewalls, network intrusion detection and use of anti-virus software. Please note that no system is completely secure. So, while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
How Long Do We Retain Your Personal information?
We follow our Records Retention Policy and the retention schedules adopted thereunder to guide our retention practices. We will keep your personal information for as long as is needed to carry out the purposes we’ve described in this notice, or as otherwise required by law. Generally, this means we will keep your personal information until the end of your employment with us, plus a reasonable period of time after that where necessary to respond to any employment inquiries, deal with legal, tax, accounting or administrative matters, or to provide you with ongoing pensions or other benefits.
Where we have no continuing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information until deletion is possible.
How Can You Access and Update Your Personal information?
It is important that the information contained in our records is both accurate and current. We offer various self-help tools that will allow you to update certain of your personal information in our records (including MySuccess and Shareworks). If your personal information changes during the course of your employment, please use these self-help tools where available. For all other personal information, please make the request through your HR Business Partner. We may ask you for information to verify your identity and evaluate your right to access the personal information requested. You can also ask that we delete personal information that you believe is inaccurate or no longer relevant in this same way. Please note that we might need to refuse access to, or deletion of, personal information in certain cases, such as when providing access might infringe someone else’s privacy rights or impact our legal obligations.
Looking for more Information?
For more information on Greenleaf’s approach to personal information, including how your information is protected, you can email firstname.lastname@example.org.