Legal Notices and Cookies

Last Updated: November 19, 2019

OSI takes the privacy and security of your information seriously. This Policy describes how OSI and its affiliates and subsidiaries (collectively “OSI”, “we” or “us”) collect, use, transfer, and disclose your information.

This Policy covers information OSI collects in connection with our Recruitment Services, Consulting Services, and Products (collectively, the “Services”). This Policy also covers information collected through:

• web sites we operate from which you are accessing this Policy (the “Site”),
• the software applications we make available for use on or through computers or mobile devices (the “Apps”),
• our social media pages and apps to which the Site links (collectively, our “Social Media Pages”), and
• HTML-formatted email messages we send to you that link to this Policy (collectively, including the Site, Apps, and our Social Media Pages, the “Online Systems”).

This Policy also covers other means by which we collect information. For example, it also covers how we collect information from in person discussions, telephone conversations, and through non-electronic communications (i.e., collection through other means than our Online Systems).

WHO WE ARE

OSI is a global organizational consulting firm. We help companies design their organization – the structure, the roles and responsibilities, as well as how they compensate, develop and motivate their people. We also help organizations select and hire the talent they need to execute their strategy.

OSI offers services to help companies recruit new personnel and attract talent (“Recruitment Services”). We provide Recruitment Services to clients searching for talent at the board-level, chief executive, and other senior executive positions. We also help clients find talent for middle to upper level management. Our teams also provide recruitment process outsourcing or project recruitment services to help clients attract top people.

We are also a global management consulting firm that provides consulting services (“Consulting Services”). We help our clients implement their business strategy by consulting with them on strategy execution and organization design, talent strategy and work design, and other talent needs. Additionally, we advise on Mergers and Acquisitions to support our client’s key objectives.

Often, our client may be your employer or an organization with which you are seeking employment.

PERSONAL INFORMATION WE COLLECT

OSI collects information that identifies you as an individual or relates to an identifiable individual (“Personal Information”) to provide Services to you, our clients and to operate our business. The type of Personal Information we collect about you depends on the situation at hand.

• We may collect your name, contact details and your preferred means of communication. We may also collect your responses to survey and assessment questions.
• In the course of our Recruitment Services, we may collect the following types of information about you as a potential candidate: name, address, telephone number, e-mail address, resume information (employment history, education, professional credentials, memberships in professional organizations, skills, etc.), citizenship, information from former employers and other references, and additional information to the extent we have acquired or you have provided us with such information. We also use photos of you that you provide to us or that you make publicly available on the Internet (e.g., LinkedIn). As permitted by applicable laws, we obtain background verification information.
• Where permitted by law, we may collect compensation and benefits information about you to consult with you or our clients on rewards and benefits.
• In certain cases, we request sensitive Personal Information about you. We may use this information to ensure that our Services conform with legal requirements, including equal opportunity laws. Our assessments and surveys may include demographic survey questions like questions about gender, race, age, or country of origin. Except in these limited cases, we encourage you not to provide any other sensitive Personal Information to us, such as government identification numbers, payment card numbers, information related to racial or ethnic origin, political opinions, religious or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership.

Please do not provide us with any Personal Information if you do not agree with this Policy.

HOW WE COLLECT PERSONAL INFORMATION

As you interact with OSI, you provide some Personal Information directly.

Personal Information about you may also come from our clients to whom we provide Services.

We may also obtain Personal Information about you from third parties.

We use third-party companies to handle the sale of books, assessments, and other physical products featured on our Online Systems as well as event registration. If you wish to purchase a physical product or register for an event, you may be directed to a webpage that is hosted by the third party (or its service providers) and not by OSI.

• Any Personal Information that you provide through those pages to the third party will be subject to the third party’s privacy policy, rather than this Policy. OSI does not control, and is not responsible for, the third party’s use of information collected through those pages. Please note that this Policy does not address the collection and use of information through the third party’s page or the privacy or information practices of the third party.

HOW WE USE THE PERSONAL INFORMATION WE COLLECT

OSI uses the Personal Information it collects in several ways. The summary below provides additional details about the ways we use the Personal Information we collect.

We use your Personal Information to provide our Services.

We use Personal Information to render Services to you and our clients. We do this to fulfill our contractual relationships with you and our clients and where we have a legitimate, beneficial interest in using Personal Information to conduct our business.

In the course of our Recruitment Services, we may use Personal Information that we have collected to create a profile about you. This profile may be used to identify professional opportunities that we think may be of interest to you.

• We may contact you from time to time regarding those opportunities. We may also contact individuals from time to time for referrals. We may solicit names of, or additional Personal Information regarding, potential candidates in connection with our Recruitment Services to understand the market and provide other advisory services to our clients.

You can always object to our creating a profile about you.

If you object, we will remove your profile from our database, but this will also mean that you will not be considered for opportunities in the future, and our service will not be available to you.

In the course of our Recruitment Services, we also use your Personal Information to confirm references and conduct education and background checks as appropriate.

• We further use your Personal Information that we collect to aggregate and disclose diversity and other statistical information regarding our candidates and placement activities. We do so to manage our contractual relationship with you, with your consent, or because we have a legitimate business interest.

We use your Personal Information to respond to your inquiries, to verify your information, or to share information with you.

• We use your Personal Information to respond to your inquiries and fulfill your requests. If you contact us, we keep a record of your contact information and correspondence, and we use information you provide in your message to respond to your inquiry. We do so to manage our contractual relationship with you.

From time to time we use your Personal Information to send you important information regarding the Online Systems, changes to our terms, conditions, policies, and other administrative information.

• We may also contact you to verify that the Personal Information we collected about you is accurate and current. We use the Personal Information to manage our contractual relationship with you or to comply with a legal obligation.

We use your Personal Information to operate our business.

We use your Personal Information for our business purposes, such as audits, internal communication regarding candidates and clients, determining the effectiveness of our promotional activities, administering our Services, maintaining and securing our infrastructure, and for procurement and financial transactions.

We use this Personal Information to manage our contractual relationship with you and our clients, to comply with a legal obligation, and because we have a legitimate beneficial business interest.

We may use Personal Information to conduct analytics and thought leadership materials. Any published product will refer only to larger aggregations of individuals and will not identify you personally or include any results attributable to you. We perform analytics because we have a legitimate beneficial business interest in doing so.

We may retain and use Personal Information about you for research, publication, development, benchmarking and norms, validation, longitudinal studies, trend analysis, to improve and enhance our Services or to develop and market new Services. We may use Personal Information about you to ensure that our Services conform with legal requirements like equal opportunity laws. We also use your name and other personal identifiers to associate and combine information about you that is collected from one Service with information about you collected through other Services.

• We often pseudonymize or key-code your Personal Information, meaning that the personal is stripped of all information that may directly identify you and is replaced with a code to minimize unwanted or unintended identification. Such key-coded information can be de-coded by using the key so that it identifies you again.
• We may also anonymize, aggregate or de-identify Personal Information so the end-product does not identify you or any other individual. For example, we may use this information to generate norms by industry, geography, level, etc., enable us to understand where our Services are being utilized, conduct ongoing validation studies, compile reports, and publish journal articles to further the knowledge base of organizational and leadership science. Such aggregated, anonymized or de-identified information is not considered Personal Information for purposes of this Policy and we may use it for any purpose.

We may use your Personal Information to send you information or marketing materials. Please note that if we obtained your Personal Information because of a consulting engagement with our client, or you are using our Products at the request of your employer, you will not receive marketing materials as a result of the Personal Information we obtained from those Services.

OSI sends informational e-mails, articles, white papers, proposals, engagement letters, and information regarding our Services. We also use your Personal Information to conduct surveys.

• We do so either with your consent or because we have a legitimate beneficial business interest.
• Occasionally, we may desire to use your Personal Information in press releases and direct marketing materials. Before we use your Personal Information in that way, we will obtain consent from you.

WHO HAS ACCESS TO YOUR PERSONAL INFORMATION

How your Personal Information is disclosed will depend upon the situation.

We use your Personal Information to provide our Services.

While providing our Services, we may disclose your Personal Information to clients who have engaged our services.

OSI discloses Personal Information to third parties who provide support for our Services or business operation.

• OSI works with third parties who provide services that may include, but are not limited to, assessment services, including assessment validation services, website hosting and IT consulting services, data analysis, resume verification, background checking, payroll services, public relations services, marketing services, attorneys, accountants, and other administrative and back-up and security services.
• As part of providing services, these third parties will be provided with access to Personal Information. In addition, our software development partners may use Personal Information to modify, improve, refine, and validate their technology, research and development.

OSI may disclose or transfer all or part of your Personal Information in the event of a sale of our company or one or more of our affiliates. We may also disclose or transfer all or part of your Personal Information in the event of a merger or consolidation involving our company or one or more of our affiliates. This may also occur if there is a sale or transfer of assets or of any portion of our business or the business of one or more of our affiliates.

There may be other times that we disclose your Personal Information.

• OSI may also use or disclose Personal Information (to comply with a legal obligation or because we have legitimate interest to do so) in order to: (i) comply with applicable laws, (ii) respond to inquiries, requests or orders from public or government authorities, including those outside of your country of residence, or (iii) protect the rights, privacy, safety or property, of OSI and our affiliates, you or others.
• We cannot and do not assume any responsibility for the actions or omissions of third parties, such as clients, including the way they use Personal Information received either from OSI or from other independent sources.

OTHER INFORMATION WE COLLECT

OSI collects other information that does not reveal your specific identity (“Other Information”), such as:

• Information collected through cookies, pixel tags, and other technologies,
• App usage data,
• Demographic information and other information provided by you, and
• Aggregated information.

Because Other Information does not reveal your specific identity, we may use it for any purpose. If we combine Other Information with Personal Information that identifies you directly (like combining your name with your location), we will treat the combined information as Personal Information for as long as it is combined.

If we are required to treat Other Information as Personal Information under applicable law, we may use and disclose it for the purposes for which we use and disclose your Personal Information as detailed in this Policy.

We and our third-party service providers may collect Other Information in a variety of ways.

We use “cookies” (small text files placed on a visitor’s computer hard drive) and other similar technologies to help us determine information like the type of content a visitor to the Site consumes, and the length of time each visitor spends at any area of the Site. Cookies and similar technologies enhance your experience on the Site.

You can configure your browser settings to automatically decline cookies or be given the choice of declining or accepting the transfer to your computer of a particular cookie(s) from a particular site. If you disable cookies and similar technologies, your experience on the Site may be diminished and some features may not work as intended.

CHOICE AND ACCESS

Your provision of Personal Information to us is voluntary, although if you do not provide certain Personal Information you may not be able to participate in our Services.

Contact us NYC-OSI@new.osisearch.com if you would like to:

• ask questions about how we handle your Personal Information,
• withdraw your consent to our use of your Personal Information,
• object to our use of your Personal Information for our legitimate business interests, or
• request an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law),
• request to review, correct, update, suppress or restrict the use of your Personal Information,
• To review, correct, update, suppress or restrict the use of your Personal Information, please include all relevant User IDs and e-mail addresses as well as the names of any OSI or OSI-related sites, products, or services you may have accessed in your communication to nyc-osi@new.osisearch.com.
• Although we strive to maintain accurate Personal Information, if it is determined the Personal Information is not accurate, we will work quickly to correct it.

Request that your Personal Information be removed from OSI’s databases,

• To remove your Personal Information from OSI’s databases, please include all relevant User IDs and e-mail addresses as well as the names of any OSI or OSI-related sites, products, or services you may have accessed in your communication to nyc-osi@new.osisearch.com.
• OSI will make reasonable attempts to delete Personal Information upon your request.
• Please note that to maintain consistency in our Services and operations, we retain backup systems. When you ask that your information be removed from OSI’s databases, we may not be able to delete residual copies from our systems or from our backup systems, but they will continue to be protected as required under this Policy.

If you would like to opt-out of receiving marketing communications from us, please contact us at NYC-OSI@new.osisearch.com to have your contact information removed from our marketing databases.

• If you request to have your information removed from our marketing databases through an email request, please include “Remove User” in the subject line of the e-mail, and include your full name, User ID, and telephone number in the body of the e-mail message.
• You can also forward a copy of the e-mail or marketing communications from which you want to opt-out.
• We will respond to your request consistent with applicable law. We may decline to process requests that in our reasonable opinion may jeopardize the privacy of others or put our intellectual property at risk.
• Please note that when we perform Services at the specific request of our client, your request may need to be directed to that client. We may only be able to provide you with a non-confidential summary of our final assessment report because these reports contain confidential client personal information that we are not allowed to disclose.
• For your protection, we may only implement requests with respect to the Personal Information associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will comply with your request as soon as reasonably practical and may need to contact you to be sure that we understand your request.

LOCATION OF PERSONAL INFORMATION COLLECTED AND MAINTAINED

Depending on the Product or Service we are providing to you, your Personal Information may be collected, used, processed, disclosed, and transferred to and within the United States and other countries where we have facilities or in which we engage service providers. By using our Online Systems, Services, you understand that your Personal Information may be transferred to countries outside of your country of residence, which may have different data protection rules than your country.

• Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en).
• For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission, to protect your Personal Information.

SECURITY

OSI has reasonable organizational, technical, and administrative measures in place to protect against the loss, misuse, and alteration of Personal Information about users of the Online Systems which is under our control. Unfortunately, however, no security system, or system of transmitting information over the Internet can be guaranteed to be 100% secure.

• If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised or your user credentials are no longer secure), please immediately notify us of the problem by contacting us as described in the “Questions” section below.

RETENTION PERIOD

We retain your Personal Information for as long as needed or permitted considering the purpose(s) for which it was obtained.

The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you or our client (e.g., for as long as you have an account with us or keep using the Services),
• A period beyond the time of the ongoing relationship if we have a legitimate internal operations need, such as a need to retain such information for analysis, record-keeping and compliance with data retention schedules,
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period before we can delete them), or
• Whether retention is advisable considering our legal position (such as regarding applicable statutes of limitations, litigation or regulatory investigations).

LINKS TO OTHER WEBSITES

This Policy does not address, and we are not responsible for, the privacy, information, or other practices of any other third parties.

• On the Online Systems, you may have the opportunity to follow a link from or to other websites maintained by OSI affiliates, or other third parties. The inclusion of a link on our Online Systems does not imply our endorsement of the linked site. Because these other websites may not be hosted or controlled by OSI, this Policy does not address the privacy practices of those websites. We encourage you to review the privacy policies of each of those websites.
• Please note that we are not responsible for the collection, usage, and disclosure policies and practices (including the data security practices) of other organizations, such as LinkedIn, Facebook, Apple, Google, Microsoft or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.

UPDATES TO THIS POLICY

OSI reviews its privacy practices regularly, and those practices are subject to change. You can determine when this Policy was last revised by checking the “Revised Date” legend at the bottom of the Policy. Any changes to the Policy will become effective upon posting of the revised Policy on the Internet, accessible through the Site.

USE OF ONLINE SYSTEMS BY CHILDREN

The Online Systems are not directed to individuals under the age of sixteen (16), and we request that these individuals do not provide their personal information through the Online Systems.

SUMMARIES OF POLICY

This Policy is the sole authorized statement of OSI’s practices with respect to the online collection of Personal Information through the Online Systems and the usage of Personal Information. Any summaries of this Policy generated by third party software or otherwise (for example, in connection with the “Platform for Privacy Preferences” or “P3P”) have no legal effect, are in no way binding upon OSI, cannot be relied upon in substitute for this Policy, and neither supersede nor modify this Policy.

QUESTIONS

OSI is responsible for collection, use, and disclosure of your Personal Information under this Policy.

Questions regarding this Policy should be directed to OSI at NYC-OSI@new.osisearch.com or, if by postal mail, at OSI, 733 3^rd Avenue, Suite 1612.

ADDITIONAL INFORMATION REGARDING THE EEA

You may contact us with any questions about this Policy.

You may also lodge a complaint or report an alleged infringement of applicable data protection law with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law has occurred.

Revised Date: 19 November 2019