At Fitbit, our mission is to inspire and empower people to live a healthier, more active life. We have a talented workforce that helps us accomplish this mission.
Here we describe our privacy practices for our global workforce. This includes employees, contractors, consultants, and other individuals (collectively, "personnel") who currently work or previously have worked for Fitbit, Inc. or an affiliate or subsidiary (collectively, "Fitbit" or "we"). This policy also covers individuals who applied to work for Fitbit or were recruited by us.
You will learn about the data we collect, how we use it, how you can access and control it, and the measures we take to keep it safe. Specifically, we'll cover:
INFORMATION WE COLLECT
We collect different kinds of information depending on whether you currently work or formerly worked for us, or applied or were recruited for a job. The provision of certain information is mandatory and may be required under applicable law or in accordance with a contractual requirement. The collection of any such information will be made clear at the time of its collection. We may collect data directly from you or from third party sources, such as when you authorize us to check your background as permitted under applicable law.
The data we collect includes the following types of information:
• Personal details: including identifiers and contact information such as your name, government or other national identification numbers, address, email address, telephone number, and other contact details; audio and visual information such as your image and voice; demographic information such as your gender, and age or date of birth; and other information that may be necessary to complete a background check, where permitted by applicable law, or otherwise to confirm your eligibility for employment or to administer benefits;
• Personnel records: including education information and professional or employment-related information about your education, training, work experience, employment history, performance evaluations and feedback, references and background reports, and other employment documents relevant to establishing, maintaining or terminating the employment relationship;
• Compensation and benefits information: including details of your benefits and compensation; bank account number, identifiers and other information about your dependents, identifiers and other information about your spouse or partner, and other information that may be necessary for the administration of payroll, health insurance, or benefits;
• Work information: including professional or employment-related information about your activities while working for Fitbit, attendance and leave information, travel and other expense data, other information that supports our human resources activities or our business operations, and data generated from your use of work resources and physical premises, such as from your building access, through your use of our information technology and communications systems, and from office video cameras and CCTV used to protect the safety of Fitbit staff, visitors, equipment, and property;
• Field test and research information: if you have consented to participate in a Fitbit field test or other type of test or research project (including testing a product, feature or service), we collect personal data in accordance with your authorization in order to administer the test. This data may include biometric information from a Fitbit device, such as steps, heart rate, location, and sleep stages, depending on the device you test; and
• Fitbit Wellness Program ("Workplace Challenge") information: if you have consented to join the Fitbit Wellness Program ("Workplace Challenge"), we receive certain data in accordance with your authorization in order for you to participate in the Workplace Challenge, including biometric information from your Fitbit account, such as your steps, distance, floors, and active minutes. You can revoke your consent to share this data with us anytime using your Fitbit account settings.
Special categories of personal data: in certain circumstances, we process special categories of personal data subject to the European Union's General Data Protection Regulation ("GDPR"). This includes demographic information about race or ethnic origin, health information, or genetic or biometric information. For example, we may need to process information about your health in order to ensure occupational health and safety, to monitor sick leave, make decisions about sick pay, to administer benefits and make decisions about the need for adjustments in the workplace. Other special categories of personal data are political opinions, religious or philosophical beliefs, trade union membership, sex life, and sexual orientation. Even if we do not request this information, you may disclose it to us in the course of your relationship with us. For example, you may request time off to observe a religious holiday or join an employee resource group for LGBT workers.
HOW WE USE INFORMATION
We use the information we collect to carry out and support our human resources activities and business operations and for other business purposes, such as the following:
• Talent acquisition and personnel lifecycle management: including recruiting and hiring job applicants (which may include conducting background checks, where permitted by applicable law); developing and retaining talent; monitoring, evaluating, and managing personnel performance; facilitating personnel mobility and managing international assignments; and managing the personnel separation process;
• Human resources or operational purposes: including administering compensation and benefits; verifying identification; managing the company directory; managing information technology and communications systems, such as the corporate email system; managing attendance and leaves of absence; accounting for purchases; performing workforce analytics and reporting; and managing integration planning, including business continuity and disaster recovery planning;
• Policy management and compliance purposes: including administering code of conduct and privacy and security training programs; facilitating incident reporting and security management; administering the whistleblower hotline for personnel; conducting ethics and disciplinary investigations and managing claims; and managing audit and compliance matters;
• Compliance with applicable laws, regulations, legal processes, or governmental requests: including in relation to work permits or visas (as may be necessary), and complying with immigration requirements; fraud prevention; internal controls and company security; for the purposes of financial and tax regulations; and health and safety obligations; and
• Promotion of safety and security: we may also use your information to protect the rights and property of Fitbit, our users, personnel, applicants, candidates, or the public as required or permitted by law.
If you are offered and accept a job with Fitbit, the information collected during the application and recruitment process will become part of your personnel record.
For personal data subject to the GDPR, we rely on several legal bases to process the data. These include:
• in order to comply with our contractual obligations with you; we use your data to manage the employment relationship with you and to ensure that we pay you your benefits;
• when processing is necessary in our legitimate interests to maintain and improve efficiencies and processes in the workplace, internal management, and effective personnel administration; we may also process data where we have a legitimate interest in doing so to maintain the safety and security of Fitbit personnel and others, to comply with contractual obligations, to enforce Fitbit policies, and to defend our interests in legal proceedings;
• when legal and regulatory obligations require us to process your personal data (including special categories of data): for example, we may be required by law to keep certain data about your leave (including medical leave) or to report benefits information to tax authorities; and
• in order to protect the vital interests of Fitbit personnel (particularly sharing information in the event of an accident or emergency).