Fibrew Inc Logo

DATA PROCESSING NOTICE

FIBREW INC. DATA PROCESSING NOTICE FOR EMPLOYEES AND APPLICANTS

Last Updated: April 28, 2025

Fibrew Inc., including its subsidiaries and affiliates (collectively referred to as "Fibrew," "we," "us," or "our"), is committed to protecting the privacy and security of your personal information. This Data Processing Notice ("Notice") describes how Fibrew collects, uses, discloses, and retains personal information in relation to your employment or prospective employment with us.

Please review this Notice carefully. This Notice does not form part of any employment or service agreement, nor does it alter the nature of your relationship with Fibrew. We reserve the right to update this Notice as necessary, and we will notify you appropriately when material changes are made.

Definitions

  • Personal Information: Information that identifies, relates to, or could reasonably be linked to a specific individual, and that is protected by applicable data privacy laws.
  • Sensitive Personal Information: Categories of Personal Information that require heightened protection, such as social security numbers, government IDs, racial or ethnic origin, political opinions, religious beliefs, union membership, health data, sexual orientation, biometric data, and criminal background.

Categories of Personal Information We Collect

Fibrew collects and processes a range of personal information during recruitment and employment, including but not limited to:

  • Identifiers (e.g., full name, contact details, date of birth)
  • Employment history and qualifications
  • Immigration and work authorization documents
  • Banking and tax information for payroll
  • Emergency contacts and beneficiary information
  • Health and wellness information (where legally permitted)
  • Usage data from Fibrew systems (e.g., intranet, devices, emails)
  • Security-related data (e.g., building access logs)

A full breakdown is available in Annex A.

How We Collect Your Personal Information

  • Directly from you (e.g., through applications, forms, onboarding documents)
  • From third parties (e.g., background check providers, staffing agencies)
  • Automatically through use of Fibrew systems and facilities

Purposes for Processing Personal Information

We use your information for legitimate business, legal, and HR purposes, including:

  • Recruitment, hiring, onboarding, and termination
  • Payroll, benefits, and tax administration
  • Workforce planning and management
  • Compliance with legal obligations
  • Health, safety, and security monitoring
  • Training and performance evaluations
  • Emergency notifications and business continuity planning

Examples are detailed in Annex B.

Sharing Your Personal Information

We may share your information with:

  • Fibrew subsidiaries, affiliates, and internal departments
  • Service providers (e.g., payroll processors, benefit administrators)
  • Legal, accounting, and auditing professionals
  • Law enforcement or government agencies where required
  • Potential acquirers in the event of a merger, acquisition, or restructuring

All such disclosures will be made consistent with applicable data protection laws.

International Data Transfers

Fibrew operates globally. Your personal information may be transferred to, stored, or processed in countries outside your jurisdiction, including the United States. When transferring data internationally, we implement appropriate safeguards to protect your information.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, and as required by applicable laws, regulations, or contractual obligations. Retention periods are determined based on legal, regulatory, operational, and audit requirements.

Your Data Protection Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccuracies
  • Request deletion
  • Object to or restrict processing
  • Withdraw consent (where applicable)
  • File complaints with data protection authorities

Details specific to jurisdictions such as Canada, the EU, California, and others are included in Schedule 1.

To exercise any of these rights, please contact our Privacy Team at [email protected].

Your Responsibilities

You are responsible for:

  • Providing accurate and up-to-date information
  • Informing Fibrew of changes to your personal information
  • Obtaining consent from third parties where you provide their information (e.g., emergency contacts)

Failure to comply may affect Fibrew's ability to meet legal obligations and could impact your relationship with us.

Safeguarding Your Information

Fibrew has implemented appropriate technical, physical, and organizational security measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. Employees and service providers with access to your information are subject to confidentiality obligations.

Electronic Monitoring

Fibrew uses electronic monitoring tools on its systems (e.g., network, email, internet access) to ensure compliance with corporate policies, protect systems, and detect unauthorized activities. Your use of Fibrew systems constitutes consent to such monitoring where legally permissible.

Contact Information

If you have any questions about this Notice or your rights, or if you wish to make a privacy request, please contact:

Fibrew Inc.
Attn: Privacy Office
28 Church St
Winchester, MA 01890, USA
Email: [email protected]