Ropes & Gray LLP
Reviewed February 2023
DATA PROTECTION - YOUR PERSONAL INFORMATION
California Candidate Privacy Notice
Introduction and Who We Are
This Privacy Notice provides an overview of the practices of Ropes & Gray LLP and each of its affiliates and subsidiaries (collectively, “Ropes & Gray”, “We”, “Us”, or “Our”) with respect to the collection, use, and disclosure, for recruitment-related purposes, of personal information and sensitive personal information about candidates who apply for jobs with us (collectively, “Candidates”, “You”, or “Your”).
We are legally obliged to protect personal information that we collect and use under a number of data privacy laws and regulations including the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together referred to herein, the “CCPA”).
Our Collection and Use of Recruitment-Related Personal Information
What Data Do We Collect?
The types of information we collect (directly from you or from public or third-party information sources such as recruitment agencies) depend on the nature of the position or role you are applying for within Ropes & Gray and the requirements of applicable laws.
We may collect the following categories of personal information:
- identifiers
- characteristics of protected classification under California or federal law
- professional or employment-related information
- education information
- internet or other electronic network activity information
- audio or visual information
- geolocation information
- personal information categories listed in Cal. Civ. Code § 1798.80(e)
- inferences drawn from other personal information
- sensitive personal information
Examples of this information include, among other things, the below categories of information. The examples provided are not all-inclusive. We may also collect similar or related information.
- contact information (e.g., name, telephone numbers, and e-mail addresses);
- personal details (e.g., date of birth, preferred language, and immigration status);
- education and training (e.g., education level, field and institution, competency assessments, professional licenses, and certifications); and
- employment history, deal sheet, and pro bono activity.
We also store a soft copy of your curriculum vitae, (“CV”) on our database so any information included on your CV, including photos, details of hobbies, and other information, will be held on our systems.
The provision of this personal information is a requirement which is necessary in order to consider and process your application and, ultimately, to enter into an employment contract with you if your application is successful. You are not obliged to provide this personal information, however, failure to do so is likely to mean that we are unable to consider and process your application or enter into an employment contract with you.
Diversity Data
Where applicable, you may be asked on the application to self identify at your discretion. The application invites you to submit certain personal details relating to your gender, gender identity, ethnicity, disability status, military status, and sexual orientation, only so that we can identify whether there are any trends within responses for particular diverse groups within the application pool. The provision of this personal information is not a statutory or contractual requirement, nor a requirement which is necessary in order to enter into a contract with you. You are not obliged to provide this personal information.
Candidates who are offered and have accepted a position with Ropes & Gray LLP will be provided with an opportunity during the onboarding process to voluntarily self identify certain personal details relating to their gender, gender identity, ethnicity, disability status, military status, and sexual orientation. At this time, you may indicate if you do not want this information shared externally. All self identification information captured during the onboarding process is stored confidentially in our HR System, PeopleSoft.
Ropes & Gray uses sensitive personal information for lawful purposes in compliance with the CCPA, including for equal employment monitoring, and does not use sensitive personal information collected in the context of employment or an application for employment to infer characteristics about you.
How We Use Your Data
We collect the personal information listed above (apart from the diversity data) for the purposes of:
- considering and evaluating your eligibility and suitability for the job role you have applied for;
- passing your data to key stakeholders within Ropes & Gray who are involved in the recruitment process;
- verifying the information you have provided; and
- entering into an employment contract (and potentially other related agreements) with you if your application is successful.
For all types of candidates, once you have submitted your application, our legitimate business purposes for processing your personal information (apart from the diversity data) include ensuring that your application is reviewed and fairly considered for the job role applied for and ensuring that we hire people who meet the requirements of the relevant job role.
Diversity Data
The diversity data collected will be used for the sole legitimate business purpose of gaining an understanding about the diversity makeup of the applicants who apply to Ropes & Gray LLP. Such data will not be used for any other purposes.
Data Retention
Ropes & Gray will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements, which may in some cases be indefinitely. We will typically retain a copy of your personal information, such as your Social Security Number, resume, references, and background check information, throughout the term of your employment and for a period of years after you are no longer employed by Ropes & Gray, as required by law. We may keep identifying information and records of your employment, such as name, hire data, and termination date, for a longer period for recordkeeping and employment verification purposes.
How We Share and Disclose Your Recruitment-Related Data
We may share your personal information listed above (apart from the diversity data) with the following third parties for the purposes described below:
Service Providers: We share your recruitment data with third-party service providers who perform services on our behalf or for your benefit, such as recruitment agents and software platforms such as Lawcruit, Taleo, and E-Verify.
Affiliates: We share your recruitment data with Ropes & Gray International LLP and Ropes & Gray (Ireland) LLP, which are our affiliated legal entities, for internal administrative purposes and uses that are consistent with this Privacy Notice.
Legal Process: We may disclose your recruitment data to various third parties, such as legal advisers and counterparties, in the event that we need to make or defend a legal claim, comply with legal obligations, or enforce agreements.
Business Transfers: Your recruitment data may be disclosed to various third parties, such as prospective or actual buyers of our business or assets, legal advisers, and financial advisers, as part of a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets, and could be transferred to a third party as one of the business assets in such a transaction.
Diversity Data
In relation to the diversity data, all responses will be kept securely, and only authorized members of Ropes & Gray’s HR Team, Attorney Talent Team, and Office of General Counsel will have access to such responses.
The aggregated, quantified, and anonymized diversity data will be shared with the relevant Ropes & Gray personnel (including, without limitation, personnel of Ropes & Gray International LLP and Ropes & Gray (Ireland) LLP) for the purpose of monitoring trends within the data at each stage of the recruitment process. Only non-personally identifiable diversity data will be shared in this way.
What Are Your Rights in Relation to Your Personal Information?
You may have certain rights regarding your personal information under applicable laws. Those rights include:
- The right to know what personal information we collect, including (1) the right to request information regarding the categories of personal information we collect along with other information such as the categories of sources from which the data is collected and third parties with whom it is shared, and (2) the right to request a copy of the specific pieces of personal information we collect (sometimes referred to as the right to access personal information);
- The right to delete personal information that we collect from you;
- The right to correct inaccurate personal information that we maintain about you;
- The right to opt-out of the sale or sharing of personal information;
- Since the Firm does not “sell” or “share” personal information collected in the context of employment, as the terms “sell” and “share” are defined under the CCPA, you are already opted-out;
- The right to limit the use of sensitive personal information in some circumstances; and
- The right not to be retaliated or discriminated against for exercising any of these rights in good faith; however, we reserve all rights we may have under law with respect to requests made in bad faith or that are manifestly unfounded or excessive.
The rights described herein are not absolute, and we reserve all our rights available to us at law in this regard. As a global law firm, we are bound by professional and ethical obligations, and out duties of loyalty and care to our clients are paramount. Where relevant, you can exercise any of these rights by calling toll-free (within the U.S. only) 1-833-458-8316 or emailing privacy@ropesgray.com.