Privacy Statement

Dayforce's Job Applicant Privacy Statement

This Privacy Statement was updated on July 1, 2024 .

Scope

Dayforce, Inc. and its affiliates and subsidiaries (herein “Dayforce”) are committed to protecting your Personal Information and processing it responsibly. This Privacy Statement (“Statement”) describes our general practices relating to the collection, use and disclosure of data relating to Dayforce’s job applicants (“Personal Information”).

Table of Contents

The Personal Information Dayforce Collects
How Personal Information is Used
How Personal Information is Disclosed
Cross Border Transfers
Sale / Share of Personal Information
How Personal Information is Protected
Retention of Personal Information
Do Not Track Disclosure
How to Exercise Your Rights
How to Contact Dayforce and Dispute Resolution Mechanism
Changes to this Privacy Statement

The Personal Information Dayforce Collects

Directly from You

Dayforce collects Personal Information directly from you when you interact with us online, through our mobile app or through other communication channels such as telephone, email or in person. For example:

When you apply for a role, we collect your contact information, details of your current and past employment, education and training, citizenship information, and the contact information of your personal references;
We may collect or infer additional demographic information about you, though such data will be used solely for purposes of supporting our efforts to detect and prevent bias;
When you create an account on the Dayforce platform or through the Dayforce mobile app, we collect authentication credentials such as username and password;
When you access our website, we automatically collect information about your device including your browsing history, IP address, and other system settings, and use of the website through cookies and similar technologies;
If you interact with our chatbot as part of the application process or otherwise interview with us, we also record answers you provide to questions we may ask or any other content you volunteer.

From Other Sources

Dayforce obtains Personal Information from third parties. For example:

During the recruitment process:
- We may work with service providers to collect information for background checks;
- We collect information about your past employment experience from previous employers and/or personal references provided by you;
When Dayforce is proactively recruiting for a role, we may collect contact information of eligible candidates and details of their current and past employment, education and training from third party recruiting services or from publicly available sources, as permitted or required by applicable law.

How Personal Information is Used

Dayforce uses Personal Information for Dayforce’s legitimate business purposes which include, among others, to:

Manage all parts of the applicant administration process, such as screening applications and resumes, including with the help of technological solutions that incorporate AI (and training the AI technology), interviewing, selecting and hiring staff and conducting background check investigations;

Dayforce does not make decisions based solely on automated processing;
You may opt out of the use of your Personal Information in technological solution used to evaluate resumes by following the steps outlined in the ‘How to Exercise Your Rights’ section below;
For more information about our machine-learning technology used to assist in evaluating resumes, please see our statement on the Use of AI In the Recruitment Process At Dayforce below

Support efforts to ensure our application and recruitment processes are fair and free from inappropriate biases;
Communicate with job applicants or with potential candidates;
Provide you access to the Dayforce application;
Develop and improve our Dayforce recruitment module through research, development, analytics and business intelligence;
Manage network security, which includes disaster recovery and business continuity;
Prevent fraud;
Comply with data protection legislation, information security requirements and other legal requirements.

Depending on the circumstances and applicable law, Dayforce processes Personal Information on a number of lawful bases, including obtaining your consent, performance of a contract, compliance with a legal obligation or for other legitimate interests. In Europe and other jurisdictions where this is permitted, we rely on “legitimate interest” for example, for fraud prevention, network security, and evaluating resumes.

In the event that Dayforce de-identifies Personal Information in support of legitimate business purposes, we will not attempt to re-identify the data.

How Personal Information is Disclosed

Within Dayforce

Dayforce allows access to applicant Personal Information to people within the Dayforce family of companies who have a “need to know” that information in relation to the recruitment process and other legitimate business purposes. For example, your recruiter will disclose your resume information to Dayforce employees who will be interviewing you for an open position.

Service Providers

We disclose Personal Information to companies or individuals that provide us with services. These services include pre-employment screening and office security. Service providers can only process Personal Information as instructed by Dayforce.

Business Transaction

In the event that Dayforce sells or divests assets or any portion thereof, Dayforce may disclose Personal Information to the company involved in the business transaction in support of the sale or divestiture, and where applicable, in support of integration activities. It is Dayforce’s practice to require appropriate protection for Personal Information in these types of transactions.

Applications and Tools

We offer tools, widgets and applications on our website, such as search engine functionalities, that are powered by third parties. If you use those applications or tools, any Personal Information that you provide will be disclosed to the third party that provides that functionality. The third party’s use of that Personal Information is subject to their Privacy Statement.

Law Enforcement

We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe will aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your Personal Information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or the release of your Personal Information will protect the rights, property, or safety of Dayforce, or another person.

Legal Process

We may disclose your Personal Information with others as required by, or permitted by, law. This includes disclosing your Personal Information to governmental entities, or third parties in response to subpoenas, court orders, other legal process, or as we believe is necessary to exercise our legal rights, to defend against legal claims that have been brought against us, or to defend against possible legal claims that we determine in our sole discretion might be brought against us.

Cross Border Transfers

To run our business, we may store and process your Personal Information in any country where Dayforce and authorized third parties operate. When we transfer your Personal Information in this manner across country borders, we implement adequate measures for its protection and for compliance with applicable laws.

Dayforce utilizes the adequacy determinations made by the European Commission to transfer Personal Information to countries with data protection that is adequate to the EU. Dayforce also utilizes Standard Contractual Clauses (SCCs) for the transfer of Personal Information from the EU, UK and Switzerland to other countries.

EU-US and Swiss- US Data Privacy Framework

Dayforce US, Inc. and all its U.S. affiliates and subsidiaries using the Dayforce brand name, complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Dayforce has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Dayforce also utilizes SCCs and the UK Addendum to the SCCs for the transfer of Personal Information from the EU, Switzerland and UK to other countries.

To learn more about the Data Privacy Framework (DPF) Program, and to view Dayforce’s certification, please visit https://www.dataprivacyframework.gov/.

Sale / Share of Personal Information

Dayforce does not sell your Personal Information, that is provide it to third parties for monetary or other valuable consideration. Disclosure of device information and internet activity to third parties through cookies and other trackers may be considered “sharing” under some US state laws. Dayforce obtains opt-in consent before dropping non-strictly necessary cookies. You may opt-out by visiting our Cookie Preference Center.

How Personal Information is Protected

Dayforce has implemented policies and procedures to protect Personal Information. Dayforce uses recognized industry standard security safeguards appropriate to the sensitivity of the Personal Information. Dayforce reviews its security policies and procedures on a regular basis and updates them as needed to maintain their relevance. Dayforce makes reasonable security arrangements to protect Personal Information from and against risks, such as loss or theft, as well as unauthorized access, collection, use, disclosure, copying, modification, disposal and destruction. The methods of protection include physical, organizational and technological measures. Dayforce requires all third parties to whom it transfers Personal Information to maintain adequate safeguards in compliance with applicable laws and standards to protect Personal Information. In the event that Dayforce is required by law to inform you of a breach of your Personal Information, we will notify you electronically, in writing or by telephone, if permitted by law.

Retention of Personal Information

Dayforce will retain your Personal Information for as long as necessary to fulfill the purpose for which it was collected or as required to comply with legal obligations, and, thereafter, Dayforce will securely delete the Personal Information. Dayforce will retain Personal Information of applicants that are not hired for no more than two years, unless a longer or shorter period is required by applicable law, in which case we will only store it as long as legally required. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

Do Not Track Disclosure

Do Not Track (DNT) is a preference that users can set for their browsers to opt out of the online tracking activities by some websites. Dayforce responds to DNT and GPC signals where required to do so by applicable law.

How to Exercise Your Rights

Dayforce makes reasonable efforts to keep Personal Information as accurate, complete and up-to-date as is necessary to fulfill the purposes for which the information is to be used. Unless Dayforce is permitted or required by law to prohibit access, you can view and if necessary, update and correct your Personal Information. Depending on the jurisdiction in which you are, you may have additional rights such as the right to request deletion of your Personal Information, the right to restrict or object to processing your Personal Information by Dayforce or the right to transfer your Personal Information to another organization. Individuals can submit requests for any of these rights here or by using the toll-free number (1-888-975-7674).

Note that, as required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name and contact information. We may also ask you to provide a signed declaration confirming your identity. In some circumstances, you may designate an authorized agent to submit requests on your behalf here. We will require verification that you provided the authorized agent permission to make a request on your behalf. If you choose to exercise any of these rights, we will not discriminate against you.

Individuals can raise concerns or file complaints here. Dayforce will investigate all complaints and take appropriate action to remedy any issues.

How to Contact Dayforce and Dispute Resolution Mechanism

If you have any inquiries or complaints about our handling of your Personal Information, please contact Dayforce at:

Chief Privacy Officer

Dayforce US, Inc.

3311 E. Old Shakopee Road

Minneapolis, MN 55425

Telephone: 1-888-975-7674

e-mail: privacy@dayforce.com

If you have unresolved issues, you may contact your local privacy regulator.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Dayforce commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), regarding unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain circumstances, you may invoke binding arbitration. To learn more visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.The Federal Trade Commission has jurisdiction over Dayforce’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Changes to this Privacy Statement

Dayforce may update this Statement periodically to reflect changes to our privacy practices. We will provide notice online when we make any material changes to this Statement.

Use of AI in the Recruitment Process at Dayforce

Overview

Dayforce uses a feature called Candidate Grading as part of its recruitment process that leverages AI technology. The purpose of this feature is to provide a standard and fair way to screen many candidates in a shorter time with the aim of making the overall recruitment process more equitable. In this context, we process personal information about candidates – i.e. potential employees. This supplemental privacy notice provides information on how we use this AI technology in our recruitment processes.

The Candidate Grading feature uses machine learning to help determine how well the candidate’s qualifications described in their submitted resume and/or application, match the Dayforce job requisition for the role the candidate is applying for by using candidate application data and historical recruiting decisions made by the Dayforce recruitment team. Based on how well the candidate’s qualifications match, the candidate’s application is assigned a “grade.”

This feature does not make any recruitment decisions. It only assists the recruiter in the preparatory aspect of sorting submitted resumes and/or applications. The ultimate decision as to whether to progress a candidate to the next stage in the recruitment process remains with Dayforce’s recruitment team.

What elements are used for grading?

When a Dayforce recruiter screens applications for an open position they will have some specific criteria in mind that they are looking for based on conversations with the hiring manager. For example, education, work history, skills, and distance to the office may all be considerations in a recruiter’s decision with respect to a candidate’s job application. The Candidate Grading feature models each of these “elements” separately and determines which are most likely to lead to the recruiter moving the application to the second step in the recruitment process based on historical recruiting decisions. For more details regarding the elements, see Appendix A, below.

By way of example, for a customer service role, the tool examines all previous applications for the same role at Dayforce over time and whether/how they progressed through the recruitment process. It then uses its learnings to grade applications for current customer service role based on these previous patterns. The model may find a pattern of interest from Dayforce in applicants with a certain number of years of experience in customer service roles at any other company. Based on this, applicants with that number of years of customer service experience or more would receive a higher “grade.”

How is the feature is trained?

The Candidate Grading feature is trained only using Dayforce’s own data. Data from other Dayforce clients – or any other data source - is not used to train the model used by Dayforce.

For job requisitions where there is limited to no historical recruiting data to learn from, the feature grades candidates based only on how closely their job application matches the job description.

Retention

Application data and training data is deleted from our system in accordance with the data retention standards stated in our Job Applicant Privacy Statement which is above.

Steps Taken to Avoid Bias

To avoid introducing bias during the process the following steps are taken:

Historical recruiting data is considered for all candidates, not just for those who were hired.
Candidate names are removed from job applications before they are screened to help avoid implicit bias.
The model does not use an individual's age, gender, or picture for grading. Applicant demographics are only used for the legitimate purpose of testing for bias and validating that the models.
Years of experience is only considered up to ten years for each candidate to help avoid age bias.
Specific zip or postal codes are not used. However, the grading does consider a radius around the job location for those roles where location is relevant. In those cases, candidates who are closer to the job's location are weighted higher for that element of the overall grade.
Grades are validated to identify any potential biases. The models are routinely evaluated to ensure the quality of the predictions they are making.
Third-party bias audits are conducted to check if the grades are unfairly favoring or discriminating against specific groups based on factors like race or gender.
Additionally, we monitor for adverse impact as defined by the US Equal Employment Opportunity Commission (EEOC).

Appendix A – Elements

Element Name	Sub-element Name	Explanation
Jobs Does the applicant have a similar work experience to the posted requirements or to employment backgrounds that recruiters have liked in the past?	Overall Work Experience Length	Overall length of all work experience compared to previous applicants.
Relevant Work Experience Length	Estimate of length of work experience in related positions.
Overall Work Experience Length Match to Job Requirements	Work experience length requirements from the job description compared to applicant’s length of work experience.
Relevant Work Experience Length Match to Job Requirements	Relevant work experience length requirements from the job description compared to applicant’s experience identified in resume or application.
Previous Positions	Similarity of applicant’s position title(s) to those recruiters have liked in the past. (This is not a word for word comparison. The tool seeks to understand job titles that are spelled differently but mean the same thing.)
Location (where relevant to the job) How far does this applicant live from the job? We do not look at specific areas, just the distance from the job and locations.	Distance	Distance the applicant lives from the job location. (This does not look at specific locations but rather only distance from the job location.)
Same region as job	Whether applicant is in the same state/province/region as the job location.
Same country as job	Whether the applicant is in the same country as the job location.
Education Does the applicant have a similar education history to the posted requirements or to education backgrounds that recruiters have liked in the past? This is not a word for word comparison. We attempt to understand education entries that are spelled differently but mean the same thing.	Field of Education	Education field (finance, arts, sciences) compared to previous applicants.
Education Level	Level of education compared to previous applicants.
Education Field Match to Job Requirements	Education field requirements from the job description compared to the resume or application.
Education Level Match to Job Requirements	Education level requirements from the job description compared to the resume or application.
Skills We extract professional skills from the resume and apply different scoring techniques.	Standard Skills	We compare the standard skills extracted from the application to previous applicants. We understand the job titles of an applicant and their description of duties, then map those to a set of standard skills to match to previous successful applicants. The skills we use are defined by a standards body and are available at https://ec.europa.eu/esco/portal/skill
Standard Skills Match with Job Requirements	We compare the standard skills extracted from the application to those extracted from the job description. We understand the job titles of an applicant and their description of duties, then maps those to a set of standard skills. The skills we use are defined by a standards body and are available at https://ec.europa.eu/esco/portal/skill. The extracted skills are compared to the ones applicable to the job.
Manual Keywords	This is a scored match of manually defined keywords found in an application that were added by the recruiting team. These are not learned through machine learning. The higher the number keywords in the resume, the higher the score for this element.
Certifications We look for certifications in an applicant's resume and calculate a score for the certifications found. Each can be scored independently and combined into this score. If any of the certifications are in the resume, the application will get the score for this element.	<certification>	The score resulting from our detection of <certification> in the application.

Dayforce may update this Statement periodically to reflect changes to our privacy practices. We will provide notice online when we make any material changes to this Statement.