- SolutionsWith a strategic solution that works for you and your business, you can unlock revenue-generating opportunities and begin managing your fleet as an investment.Overview
- About UsWhen Holman was founded in 1924, we set something positive in motion. Our consistent focus on people and our commitment to integrity make us who we are today.Overview
Join Our TeamWe’re not just in the automotive business, we’re in the people business. Join us for the ride.Browse Careers
California Job Applicant Privacy Policy and Notice of Collection
EFFECTIVE DATE: July 7, 2023.
JOB APPLICANT PRIVACY POLICY & NOTICE OF COLLECTION
California
Holman Automotive Group, Inc. and its affiliates and subsidiaries (collectively, the “Holman” or “we”) provide this California Privacy Policy and Notice (“Policy”) to describe our privacy practices with respect to our collection of Personal Information as required under the California Consumer Privacy Act (“CCPA”). This Policy applies only to job applicants and candidates for employment who are residents of the State of California (“Consumers”) and from whom we collect “Personal Information” as defined in the CCPA. We provide you this Policy because under the CCPA, California residents who are job applicants qualify as Consumers. For purposes of this Policy, when we refer to Consumers, we mean you only to the extent you are a job applicant who resides in California.
Collection of Personal Information and Sensitive Personal Information
When you apply for a position or interact with us regarding potential job openings, we may collect Personal Information from you in a variety of different situations and using a variety of different methods, including, but not limited to, on our website, your mobile device, through email, in physical locations, through written applications, through the mail, and/or over the telephone. Generally, we may, and have in the last 12 months, collected, received, maintained, and used the following categories of Personal Information, depending on the particular purpose and to the extent permitted under applicable law. For each category of information, the categories of third parties to whom we have disclosed the information within the last 12 months are referenced by a letter that coincides with the letter in the list of categories of service providers and third parties that follows soon after this table. Holman has not sold or shared any personal information or sensitive personal information within the last 12 months.
| CATEGORY | EXAMPLES | Disclosed in Last 12 Months to | Retention Period |
| Personal Identifiers |
Name, alias, social security number, driver’s license or state identification card number, passport number.
| A, B, C, D, E, F | If hired, then name will be retained permanently, and the rest will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Contact Information |
Home, postal or mailing address, email address, home phone number, cell phone number.
| A, B, C, D, E, F | If hired, this data will be retained permanently. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Protected Classes |
Race, ethnicity, national origin, sex, gender, sexual orientation, gender identity, religious or philosophical beliefs, age, physical or mental disability, medical condition, veteran or military status, familial status, language, or union membership.
| B, C | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Pre-Hire Information |
Information provided in your job application or resume, information gathered as part of background screening and reference checks, pre-hire drug test results, information recorded in job interview notes by persons conducting job interviews for Holman, information contained in candidate evaluation records and assessments, information in work product samples you provided, and voluntary disclosures by you.
| B, C, D | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Employment History |
Information regarding prior job experience, positions held, and when permitted by applicable law your salary history or expectations.
| B, C, D | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Education Information |
Information contained in your resume regarding educational history and information in transcripts or records of degrees and vocational certifications obtained.
| B, C, D | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Inferences |
Based on analysis of the personal information collected, we may develop inferences regarding job applicants’ predispositions, behavior, attitudes, intelligence, abilities, and aptitudes for purposes of recruiting and hiring assessments and decisions.
| B, C, D | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
| Internet, Network, and Computer Activity |
Internet or other electronic network activity information related to a job applicant’s usage of Holman networks, servers, intranet, or Holman-owned computers and electronic devices, including system and file access logs, security clearance level, browsing history, search history, and usage history.
| B, C, D, F | 4 years |
| Online Portal and Mobile App Access and Usage Information |
Where a job applicant or candidate must create an account to apply for a job, collect the applicant’s username and password, account history, usage history, and any information submitted through the account.
| B, C, D, F | 4 years |
| Video Recordings on company premises |
Images recorded or captured in surveillance camera footage on the Company’s premises.
| F | Surveillance footage: 90 days; |
| Medical and Health Information | Information related to symptoms, exposure, contact tracing, diagnosis, testing, or vaccination for infectious diseases (e.g., COVID-19), pandemics, or other public health emergency.
| Not Disclosed | If hired, this data will be retained for duration of employment plus 6 years. If not hired, it will be retained for 4 years from when position is filled or the date we receive your information, whichever is longer. |
By referring to the letter corresponding to the category, the above table specifies to what categories of service providers and third parties we disclose personal information.
Of the above categories of Personal Information, the following are categories of Sensitive Personal Information the Holman may collect:
- Personal Identifiers (social security number, driver’s license or state identification card number, passport number)
- Account Information (your Holman account log-in, in combination with any required security or access code, password, or credentials allowing access to the account)
- Medical and Health Information
Personal information does not include:
- Publicly available information from government records
- Information that a business has a reasonable basis to believe is lawfully made available to the general public by the job applicant or from widely distributed media
- Information made available by a person to whom the job applicant has disclosed the information if the job applicant has not restricted the information to a specific audience
- De-identified or aggregated information
We may collect your personal information from the following sources:
- You, the applicant, when you apply for a position of employment or voluntarily submit information
- Company systems, networks, software applications, and databases you log into or use in the course of applying for a position with the Company, including from vendors the Company engages to manage or host such systems, networks, applications or databases
- Surveillance cameras at our physical locations
- Drug (substance) testing and physical testing providers and vendors
- Credit and consumer reporting agencies
- HR support vendors
- Recruiters
- Staffing agencies
- Job platforms and career sites like Indeed, LinkedIn, etc.
- Personal references and former employers
- Schools, universities, or other educational institutions which you attended
- From friends, family, or colleagues who choose to email you jobs that they think you may be interested in from our application platform
- Our employees, contractors, vendors, suppliers, guests, visitors, and customers based on your interactions with them (if any)
We may disclose your personal information to the following categories of third parties, service providers, and vendors:
A. Government agencies
B. Talent acquisition management systems
C. Vendors providing services for purposes of our human resources information system (HRIS) and management of job applicant data and recruiting process
D. Recruiting and staffing firms or agencies
E. Social media platforms
F. IT, cybersecurity, and privacy vendors and consultants
We may collect and use employee personal information for various business purposes.
- To fulfill or meet the purpose for which you provided the information. For example, if you share your name and contact information to apply for a job with Holman, we will use that Personal Information in connection with your candidacy for employment.
- To comply with local, state, and federal law and regulations requiring employers to maintain certain records (such as immigration compliance records, accident or safety records, and tax records).
- To evaluate, make, and communicate decisions regarding your job application and candidacy for employment.
- To obtain and verify background checks, references, and employment history.
- To communicate with you regarding your candidacy for employment.
- To permit you to create a job applicant profile, which you can use for filling out future applications if you do not get the job you are apply for.
- To keep your application on file even if you did not get the job applied for, in case there is another position for which we want to consider you as a candidate even if you do not formally apply.
- To evaluate and improve our recruiting methods and strategies.
- To engage in lawful monitoring of job applicant activities and communications when they are on Holman premises, or utilizing Holman internet and WiFi connections, computers, networks, devices, software applications or systems.
- To engage in corporate transactions requiring review or disclosure of job applicant records subject to non-disclosure agreements, such as for evaluating potential mergers and acquisitions of Holman.
- To evaluate, assess, and manage Holman’s business relationship with vendors, service providers, and contractors that provide services to Holman related to recruiting or processing of data from or about job applicants.
- To improve job applicant experience on Holman computers, networks, devices, software applications or systems, and to debug, identify, and repair errors that impair existing intended functionality of our systems.
- To protect against malicious or illegal activity and prosecute those responsible.
- To prevent identity theft.
- To verify and respond to consumer requests from job applicants under applicable consumer privacy laws.
- INFECTIOUS DISEASE PURPOSES (pandemic, outbreak, public health emergency, etc.)
a.) To reduce the risk of spreading the disease in or through the workplace.
b.) To protect job applicants and other consumers from exposure to infectious diseases (e.g., COVID-19).
c.) To comply with local, state, and federal law, regulations, ordinances, guidelines, and orders relating to infectious diseases, pandemics, outbreaks, and public health emergencies, including applicable reporting requirements.
d.) To facilitate and coordinate pandemic-related initiatives and activities (whether Holman-sponsored or through the U.S. Center for Disease Control and Prevention, other federal, state and local governmental authorities, and/or public and private entities or establishments, including vaccination initiatives).
e.)To identify potential symptoms linked to infectious diseases, pandemics, and outbreaks (including through temperature checks, antibody testing, or symptom questionnaire).
f.) To permit contact tracing relating to any potential exposure to infectious diseases.
g.) To communicate with job applicants and other consumers regarding potential exposure to infectious diseases (e.g., COVID-19) and properly warn others who have had close contact with an infected or symptomatic individual so that they may take precautionary measures, help prevent further spread of the virus, and obtain treatment, if necessary.
We may disclose your personal information for any one or more of the business purposes identified above.
Holman does NOT and will not sell your Personal Information or Sensitive Personal Information for any monetary or other valuable consideration. Holman does not and will not share your Personal Information or Sensitive Personal Information for cross-context behavioral advertising.
Retention of Personal Information
We will retain each category of personal information in accordance with our established data retention schedule as indicated above. In deciding how long to retain each category of personal information that we collect, we consider many criteria, including, but not limited to: the business purposes for which the Personal Information was collected; relevant federal, state and local recordkeeping laws; applicable statutes of limitations for claims to which the information may be relevant; and legal preservation of evidence obligations.
We apply our data retention procedures on an annual basis to determine if the business purposes for collecting the personal information, and legal reasons for retaining the personal information, have both expired. If so, we will purge the information in a secure manner.
Third-Party Vendors
We may use other companies and individuals to perform certain functions on our behalf. Examples include administering e-mail and background services. Such parties only have access to the personal information needed to perform these functions and may not use or store the information for any other purpose.
Business Transfers
In the event we sell or transfer a particular portion of our business assets, employee information may be one of the business assets transferred as part of the transaction. If substantially all of our assets are acquired, employee information may be transferred as part of the acquisition.
Compliance With Law and Safety
We may disclose specific personal and/or sensitive personal information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect our employees or the public.
Passwords
The personal data record created through your registration for your Company account can only be accessed with the unique password associated with those records. To protect the integrity of the information contained in those records, you should not disclose or otherwise reveal your passwords to third parties.
Job Applicants Under the Age of 16
We do not knowingly sell or share the personal information of job applicants under 16 years of age.
How We Protect the Information That We Collect
The protection of the information that we collect about employees is of the utmost importance to us and we take every reasonable measure to ensure that protection, including:
- We use commercially reasonable tools and controls to protect against unauthorized access to our systems.
- We restrict access to private information to those who need such access in the course of their duties for us.
Rights Under the CCPA and CPRA
This section of the Privacy Policy applies only to California residents. If you are a California resident, you have the following rights pursuant to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
- Right to Know. The right to request, up to 2 times in a 12-month period, that we identify to you (1) the categories of personal information we have collected, shared or sold about you, (2) the categories of sources from which the personal information was collected, (3) the business purpose for which we use this information, and (4) the categories of third parties with whom we disclose or have disclosed your personal information;
- Right to Access. The right to request, up to 2 times in a 12-month period, that we provide you access to or disclose to you the specific pieces of personal information we have collected about you;
- Right to Delete. The right to request, up to 2 times in a 12-month period, that we delete personal information that we have collected from you, subject to certain exceptions;
- Right to Correct. The right to request that we correct inaccurate personal information (to the extent such an inaccuracy exists) that we maintain about you;
- The right to designate an authorized agent to submit one of the above requests on your behalf. See below for how you can designate an authorized agent; and
- The right to not be discriminated or retaliated against for exercising any of the above rights.
You Can Submit Any of the Above Types of Requests by Any of the 3 Options Below:
- Submit an online request on our website at holmanprivacy.ethicspoint.com.
- Call our privacy toll-free line at 844-916-1324.
- Complete a paper form, which can be requested at the [email protected].
How We Will Verify That it is Really You Submitting the Request:
If you are a California resident, when you submit a Right to Know, Right to Access, Right to Delete, or Right to Correct request through one of the methods provided above, we will ask you to provide some information in order to verify your identity and respond to your request. Specifically, we will ask you to verify information that can be used to link your identity to particular information in our possession, which depends on the nature of your relationship and interaction with us. For example, we may need you to provide your name, address, email, phone number, last 4 digits of your social security number, and your date of birth.
Responding to your Right to Know, Right to Access, Right to Delete, and Right to Correct Requests
Upon receiving a verifiable request from a California resident, we will confirm receipt of the request no later than 10 business days after receiving it. We endeavor to respond to a verifiable request within forty-five (45) calendar days of its receipt. If we require more time (up to an additional 45 calendar days, or 90 calendar days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
For a request to correct inaccurate personal information, we will accept, review, and consider any documentation that you provide, and we may require that you provide documentation to rebut our own documentation that the personal information is accurate. You should make a good-faith effort to provide us with all necessarily information at the time that you make the request to correct. We may deny a request to correct if we have a good-faith, reasonable, and documented belief that a request to correct is fraudulent or abusive. If we deny your request to correct, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent or abusive.
Responding to Your Request to Limit the Use of Sensitive Personal Information
We will act upon a request to limit the use of sensitive personal information within fifteen (15) business days of its receipt. We will notify all third parties that use or disclose sensitive personal information of your request to limit and instruct them to comply with the request within the same time frame. We will notify you when this has been completed by mail or electronically, at your option.
A request to limit need not be a verifiable request. However, we may deny a request to limit if we have a good faith, reasonable, and documented belief that a request to limit is fraudulent. If we deny your request to limit, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent.
If You Have an Authorized Agent:
If you are a California resident, you can authorize someone else as an authorized agent who can submit a request on your behalf. To do so, you must either (a) execute a valid, verifiable, and notarized power of attorney, or (b) provide other written, signed authorization that we can then verify. When we receive a request submitted on your behalf by an authorized agent who does not have a power of attorney, that person will be asked to provide written proof that they have your permission to act on your behalf. We will also contact you and ask you for information to verify your own identity directly and not through your authorized agent. We may deny a request from an authorized agent if the agent does not provide your signed permission demonstrating that they have been authorized by you to act on your behalf.
Consent to Terms and Conditions
By applying for a position with the Company or submitting any information for purposes of being considered for or inquiring about employment with the Company, you consent to all terms and conditions expressed in this Privacy Policy.
Changes to Our Privacy Policy
As our services evolve and we perceive the need or desirability of using information collected in other ways, we may from time to time amend this Privacy Policy. We encourage you to check our website frequently to see the current Privacy Policy in effect and any changes that may have been made to them. If we make material changes to this Privacy Policy, we will post the revised Privacy Policy and the revised effective date on this website. Please check back here periodically or contact us at the address listed at the end of this Privacy Policy.
Individuals With Disabilities
This Policy is in a form that is or will be made accessible to individuals with disabilities.
Questions About the Policy
If you have any questions about this Privacy Policy, please contact us at [email protected] or 844-916-1324.
