Careers (California) Privacy Notice 

RGA is a global reinsurance company with its headquarters in the United States of America which focuses primarily on life- and health-related reinsurance solutions. Our core products and services include life reinsurance, living benefits reinsurance, group reinsurance, health reinsurance, financial solutions, facultative underwriting, and product development. 

• What personal information we may collect and hold;
• The purposes for which your personal information may be collected, held, used, and disclosed;
• How we collect and hold your personal information;
• What other information we use about you;
• How we protect your personal information;
• Who we may share your personal information (including overseas recipients);
• How you may access and correct your personal information; and
• How you can contact us

It is RGA’s policy to comply with the privacy legislation for each jurisdiction where RGA has operations.  At times the privacy legislation and an individual’s right to privacy differ by jurisdiction.  RGA recognizes that certain laws might be modified to require stricter standards than those described in this privacy notice, in which case we will ensure compliance with those stricter standards.

RGA will handle personal information in accordance with local law at the place where the personal information is collected. If applicable law provides for a lower level of protection of personal information than that established by this privacy notice, then this privacy notice shall prevail. Links to additional country-specific privacy policies can be located on HR’s Intranet, Connect.

Personal information is any information or combination of pieces of information that could reasonably allow an individual to be identified or that relate to an identifiable person. It includes information that can be used to identify a person, directly or indirectly, by reference to another piece of data. It includes ‘Sensitive Personal Data’ that is subject to additional protections.

If you are applying for a position with RGA, we collect your personal information in the following ways (to the extent permissible under local law):

• from your application and resume, which you provide directly to us;
• from your application and resume, which a recruiter provides to us on your behalf;
• by interviewing you and conducting assessments to test your suitability for a role;
• by performing background checks with employment screening agencies or publicly available registers (as permitted by law). For example, RGA may check your name against lists developed by various governments for the prevention of money laundering and terrorism;
• from publicly available professional profiles on websites or social media (e.g. LinkedIn); and
• from former employers or other referees

If you are an employee, we may collect your personal information (to the extent permissible under local law):

• directly from you, when you first joined the company and from time to time throughout your employment;
• from our communications with you throughout your employment;
• from managers, other employees, clients, or service providers that provide feedback about you throughout your employment;
• by performing background checks with employment screening agencies or publicly available registers, such as lists developed by various governments for the prevention of money laundering and terrorism;
• from professional or regulatory bodies;
• through the use of CCTV on our premises; and
• by monitoring the use of our IT systems in accordance with RGA’s Acceptable Use Enterprise Standards.

To the extent permissible under local law, we may collect the following categories of personal information about you:

• personal details (e.g. name, aliases, date, and place of birth);
• contact details (e.g. phone number, email address, postal address, or mobile number);
• photographs and video;
• identification numbers and documents to verify your identity (e.g. postal address, social security number, national identifiers);
• biometric information (e.g., fingerprints);
• race;
• educational and professional background information (e.g. educational history, qualifications, certifications, skills,
• licenses, professional memberships, compensation history);
• resumes and/or applications;
• reference or interview notes;
• information about your marital status, family, and dependents for insurance, tax, and emergency contact purposes;
• employment information (e.g. bank account details, payroll information, tax information, benefits, retirement, and/or pension information);
• information about any health issues or disabilities to administer sick pay, to monitor and manage sickness absence, to comply with health and safety legislation, and to adapt the workplace or facilities where necessary;
  citizenship or immigration information for insurance purposes;
• IT information (e.g. IP addresses); and, browser history, call history, company emails); or
• Assessments.

Some of the information we ask you to provide is mandatory, which means that you must provide this to us in order for us to continue employing you and/or to fulfill our legal obligations. Where it is mandatory for you to provide certain information, we will make this clear to you when we ask for the information.

If you are applying for a position with us or are one of our employees, some of the categories of information we collect are sensitive categories of personal information (sometimes referred to as "special category personal information”). These include (to the extent permissible under local law):

• Credit checks/financial soundness;
• Criminal, civil, and administrative actions of record;
• Health or disability information to administer sick pay, monitor and manage sickness absence, comply with health and safety legislation, and adapt the workplace or facilities where necessary; and
• Diversity-related information.

If you voluntarily supply other types of sensitive personal information to us, we will process this information in accordance with the law, and only for the purposes for which you have disclosed it (for example, to make special arrangements to accommodate religious beliefs or to promote diversity in the workplace).

If you are applying for a position with us, we use your personal information to:

a) facilitate the recruitment process and match your details to job opportunities;
b) match your experience to role criteria;
c) communicate with you in relation to your application;
d) keep you informed of job opportunities that we think may be of interest;
e) check whether you have previously applied for a job with us; and
f) monitoring diversity among job applicants and foster inclusion.

If you are an employee with us, we use your personal information to:

a) carry out and support human resources administration including recruitment and selection, compensation, performance evaluation and development, promotions, training, payroll administration, immigration and mobility, pension and insurance or other benefits administration, succession planning, employment status, reporting, and management;
b) enable you to fulfill your role in providing services to our clients;
c) conduct investigations and resolve employee disciplinary or grievance issues;
d) carry out performance appraisals, promotion assessments, and salary reviews;
e) comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies;
f) deal with your inquiries and requests; and
g) maintain the security of our premises, facilities, and data.

Monitoring

In the course of conducting business and to the extent permissible under local laws, RGA may monitor employee activities and its premises. Some of RGA’s offices are equipped with closed-circuit surveillance cameras.  These surveillance cameras are for the protection of RGA’s employees and assets.  Closed Circuit Television (CCTV) is primarily used at office entrances and exit points, elevator lobbies, rooms where there may be valuable equipment, such as servicer rooms, and in other select areas with a high risk for theft or with highly sensitive assets.  CCTV is not used in private spaces such as restrooms or new mothers’ rooms, nor is it used to monitor employee workstations for performance reasons.  Recorded images are maintained for a maximum of 30 days unless there is a suspicion of a crime in which case they may be turned over to the police or other governmental agency. 

You should be aware that any message, files, data, document or facsimile, or any other types of information transmitted to, through or from, received or printed from, or created, stored, or recorded on our IT and communications systems and information assets (included via the use of personal devices accessing corporate IT systems) are presumed to be business-related and may be monitored or audited by RGA in accordance with applicable law and RGA’s Acceptable Use Enterprise Standard.  To facilitate this, RGA has implemented Data Loss Prevention (DLP) on its network.  The purpose of DLP is to monitor and: 

• protect the confidentiality and integrity of data belonging to the company, its Workforce Members, clients, suppliers, and other business associates;
• properly treat identified security risks and threats;
• ensure efficient and proper operation of its systems;
• ensure RGA is in compliance with applicable laws; and
• protect its Workforce Members and the workplace environment from harassment and discrimination.

To view the full DLP Notice, please click here.

We may use technology (including technology provided by third-party service providers) to process your personal information in a manner that constitutes "profiling" (to the extent permissible under local laws). This involves the use of software that is able to evaluate your personal aspects and predict risks or outcomes. The main examples of when we conduct profiling are:

• when we use personality or psychometric tests, particularly in the recruitment process. These tests analyze your responses to highlight potential strengths and weaknesses and your possible match for certain types of roles, but we do not use these tests to automatically select or eliminate candidates; and
• for workforce management. We may use software to ensure our workforce is managed and utilized efficiently, to predict risks in staff retention, and to ensure that employees are being compensated fairly.

Although we may use profiling to assist our decision-making, we do not make solely automated decisions about individuals. We do not make decisions about hiring, compensation, dismissal, promotion, or other matters which may significantly impact an individual, without assessing all the circumstances.

All of our processing is performed lawfully as below:

We must have a legal basis to process your personal information. In most cases, our ability to obtain and process your personal information is based on one of the following legal bases:

a) if you are an employee with us to fulfill our contractual obligations to you in connection with your employment contract with us;

b) if you are applying for a job with us, take the necessary steps to conduct the recruitment process fairly and efficiently prior to entering an employment contract with you;

c) to comply with our legal obligations, for example obtaining proof of your right to work status to enable us to meet relevant obligations or for health and safety obligations that we must comply with as your employer or to a third party (e.g. taxation authorities, applicable laws in the reinsurance sector or other applicable employment laws in force from time to time);

d) to meet our legitimate interests, for example, to conduct the recruitment process efficiently and fairly, to monitor compliance with internal policies, and to protect the company (and other employees) against theft, cybersecurity threats, or other crimes. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. You can obtain further information concerning the balancing test that we carry out upon request, using the contact details below; and

e) to protect your or another person's vital interests, for example by providing your health information to a doctor in a medical emergency.

On occasion, we may obtain your explicit consent to collect and use certain types of personal information, for example when we are required to do so by law or if candidates ask us to pass their details to a third party for recruitment purposes. If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy notice.

Where necessary we will share your personal information with third parties under the following circumstances:

• RGA group companies. We operate as a global business, so we may share your contact details as well as other aspects of your employment profile with group companies for human resource management and internal reporting.
• Service providers. We may share your personal information with service providers that perform services and other business operations for us, for example, we may partner with other companies for payroll administration, offering and administering employee benefits, employee vetting, immigration advice, psychometric testing, hosting the Human Resources platform, reimbursement of expenses, business continuity services and analyzing information to improve our processes and policies.
• Hotels, transport providers, and relocation companies, in order to provide relocation support or to arrange transport and accommodation for you, when needed.
• Any law enforcement agency, court, regulator, government authority, or professional body. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation or otherwise to protect our rights or the rights of any third party. We may also check your name against lists developed by various governments for the prevention of money laundering and terrorism.
• Asset purchasers. We may share your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this privacy notice.

We implement technical and organizational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the ongoing integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing.

If you are an employee, we will keep your personal information in accordance with our retention policy for a period of time that enables us to:

• Provide you with any continuing benefits such as pension or insurance;
• Comply with record retention requirements under the law;
• Defend or bring any existing or potential legal claims;
• Deal with any queries or complaints you may have; and
• Conduct checks against departing employees that move to certain controlled functions, in accordance with regulations.
  

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

If you are applying for a job with us, we will retain your personal information until the position you are applying for has been filled, after which we will retain your personal information in accordance with our retention policy for a period of time that enables us to:

• Check our records should you apply for another role with us;
• Comply with record retention requirements under the law;
• Defend or bring any existing or potential legal claims; and
• Deal with any queries or complaints you may have.

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

Because we operate as a global business, your personal information may be transferred to, stored, and processed in other countries, which may include countries that are not regarded as ensuring an adequate level of protection for personal information under local law. A list of the countries in which RGA has offices and hosts personal information is available here.

We have put in place appropriate safeguards in accordance with applicable legal requirements to ensure that your personal information is adequately protected. We have implemented appropriate controls in each RGA location that processes your personal data. For more information on the appropriate controls and safeguards in place, please contact us at the details contained in the "Contact us" section below.

Reinsurance Group of America, Incorporated is the controller responsible for the personal information we collect and process. Other RGA entities may also be controllers in respect of your personal information, depending on the nature of the services they provide

If you would like a copy of this notice in an alternative format, please email us at DataProtection@rgare.com or write to us.

If you have questions or concerns regarding the way in which your personal information has been used, please e-mail us at  DataProtection@rgare.com or call or write to us.

Our global headquarters postal address is:
Reinsurance Group of America, Incorporated
16600 Swingley Ridge Road
Chesterfield, Missouri 63017
United States of America

Our telephone number is: 
+1 636-736-6000

You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time. If we make a significant change to this privacy notice, we will notify you and, where appropriate, give you sufficient advance notice so that you have the opportunity to exercise your rights (e.g. to object to the processing).

You will be able to see when we last updated the privacy notice because we will include a revision date, shown below.