Job Applicant Privacy Notice

last updated: 05/07/2026

Introduction
Simply Stated: BRG uses data about you, a job applicant, during the application process, and this Notice explains what BRG does with your data. BRG is responsible for how it uses your data.

Thank you for your interest in working at Berkeley Research Group LLC (“BRG,” “we,” and “us”). This Privacy Notice (“Notice”) describes how we collect, use, share, and protect your personal data when you interact with our careers website and during our other online and offline interactions with you related to the recruitment process.

For information about BRG’s privacy practices in other contexts, please read our general Privacy Policy. If you are a current or former employee, please contact HR at HR@thinkbrg.com for more information about how we process your personal data in employment-related contexts.

For the purposes of this Notice, personal data means any information about an identifiable individual collected in connection with the recruitment process. Personal data excludes anonymous or de-identified data that is not associated with a particular individual.

The Data Controller

BRG is the data controller under applicable data protection law for any personal data collected, processed, used, disclosed, or transferred in connection with your job application or the recruitment process.

Types of Personal Data We Collect

Simply Stated: BRG collects various personal data during the recruiting process, including your contact details, demographic information, professional and educational background, internet activity, audio/video recordings, and any other information you provide.

BRG may collect the following categories of personal data in connection with our recruiting process:

  • Identifiers and contact information, such as your name and any aliases or nicknames, title, date of birth, driver’s license number, passport number, Social Security or other national identification number, home address, phone number, email address, or other addresses at which you can receive communications.
  • Demographic information, such as your age, gender, military service information, and veteran status, and, where permitted by local law and if you choose to disclose it, your race or national origin.
  • Professional, educational, and background information, such as your resume, employment preferences, current or past education and work history, professional qualifications and certifications, special competencies, salary expectations, language skills, reasons for prior terminations, the names of relatives working at BRG or of individuals who may have referred you to a position, interview notes, and, where permitted by local law, criminal background check information.
  • Citizenship and visa information, such as your citizenship country and status, visa information including the issuing country, status, type, effective date, and expiration date, and your current work status to work in a particular country and whether you require sponsorship.
  • Internet-related activity information, such as your IP address, device identifiers, login credentials for our careers website, analytics data about your use of the website, such as the dates and times you access it, your browsing behavior, and other interactions with the website, including data from cookies.
  • Audio, video, and pictures, such as recordings of your video interviews, to the extent you provide consent to these recordings, and security footage that may include your image if you visit one of our facilities.
  • Health information, such as any disability that you self-identify or for which you require accommodation and, where permitted by local law, drug test results.
  • Any other information you voluntarily provide to us during the application process such as supporting documentation attached to your application or your responses to our questions.
  • Any other information that you have made publicly available, such as through social media profiles like LinkedIn.

How We Collect Personal Data

Simply Stated: We get data directly from you, from trackers on our careers website, from posts you make on social media, and sometimes from third parties for things like background checks.

BRG may collect personal data in connection with our recruiting activities:

  • From you: Information may be collected when you provide it to us via your job application or during other online or offline interactions, such as an interview or emails with a recruiter.
  • From your devices: The devices you use to access our careers website may provide information to us, including the device model, operating system, your Internet Protocol (“IP”) address, and other unique identifiers. To collect much of this information, we use cookies, web beacons, and other similar technologies. Please see the section below titled “Cookies and Similar Technologies” for more information.
  • From third parties: Our vendors and service providers, such as the hosting partner for our recruitment site, Workday, may collect your information on our behalf or provide us information about you or your use of the careers website. We may also access information about you from service providers, such as our background check providers or drug test providers, to the extent permitted by law. You may also give us permission to access your information from third parties such as your former employers or other references you provide.
  • From publicly available information: If you choose to post publicly on third-party websites, such as on social media networks like Facebook or LinkedIn, we may collect information that you make public on these sites.

How We Use Personal Data

Simply Stated: We only use your personal data for hiring decisions, to match you to job vacancies that may meet your skills or interests, or for meeting legal and security requirements.

When you access our careers website or apply for a job, BRG may use the personal data we collect:

  • To process your employment application, including collecting relevant employment and skills data, assessing your suitability for the role, scheduling and holding conversations or interviews with you, and communicating with you about the status of your application and our hiring decisions.
  • To promote diversity and inclusion, including non-discrimination in hiring, equality of opportunity or treatment,promoting and maintaining a diverse workforce, and reporting statistics to government agencies.
  • To respond to your inquiries and requests.
  • To verify your information and carry out employment, criminal background, and reference checks, where applicable,subject to your consent and where permitted by law.
  • To suggest job vacancies that may meet your skills or interests.
  • To store your candidate profile information for future job applications and to meet our legal retention obligations, as described in the “Retention of Personal Data” section below.
  • To comply with applicable laws, regulations, industry codes of conduct, and our legal obligations.
  • To protect our rights, property, safety, and those of our users and employees, including to detect, prevent, or otherwise address fraud, security, or technical issues.

We will only process your personal data for the purposes we collect it. If we need to process your personal data for another purpose, we will inform you of this and, if required by law, seek your consent.

Legal Bases to Process Personal Data

BRG uses personal data when one of the following legal bases applies:

  • With Your Consent, such as if you choose to receive marketing communications from us, permit us to collect certain personal information like your race or ethnic origin, request that we retain your candidate profile for an extended period, or permit the collection of your personal information through cookies and similar technologies.
    • If you provide your consent, you may withdraw your consent at any time by contacting us using the contact details listed at the end of this Notice. Revoking your consent will not affect the lawfulness of our handling and processing of your personal information based on your consent before its withdrawal.
  • Our Legitimate Interests. We have a legitimate business need to manage, operate, maintain, and secure our careers platform, our network systems, and other assets. We may also process personal information for our legitimate business interest in filling our job vacancies with qualified candidates. We believe that our legitimate interests are not outweighed by your rights and freedoms under applicable law. If you wish to object to processing based on our legitimate interests, please get in touch with our Privacy Office using the contact information listed below.
  • When Necessary to Meet Our Legal Obligations. We may process personal information as required by law, including to respond to lawful requests by public authorities (e.g., to investigate fraud or respond to a government request).

How We Share Personal Data

Simply Stated: BRG only shares your personal data with third-party service providers for recruitment purposes. Additionally, your data might be shared with law enforcement or others if required by law or to protect safety and legal rights.

BRG may share your personal data for the following purposes:

  • With third-party service providers that we hire to perform various services and functions to assist us with administering the recruitment process and our careers platform, such as data storage, website hosting, background checks, or legal services. Your information will only be shared on the condition that the service providers use your information only to fulfill the agreed services on our behalf.
  • With law enforcement or governmental agencies if required by law.
  • With a third party if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of BRG,our customers, or others.

Cookies and Similar Technologies

Simply Stated: BRG uses cookies and similar technology to collect technical information for our careers website’s necessary functionality and security.

BRG uses the technologies described below to collect technical information to provide, secure, maintain, analyze, and improve our careers website. We do not use these technologies to collect or process personal data except as is strictly necessary to provide the careers website. We do not use these technologies for advertising, analytics, or personalization purposes.

  • Cookies: Small files that are transferred to your device’s hard drive to store user preferences and other types of information to help us provide you with certain features.
  • Tags: Pieces of code, or tags, which gather information about users. For example, tags are used on our careers website to load certain content on the site and communicate with the platform hosting our careers site.

To learn more about the cookies used on our careers website, please click the Cookie Settings link in the cookie notice banner or in the footer of the website.

You may alter your browser settings to block cookies. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. However, if you block all cookies with your browser, some portions of our careers website may not function correctly. For more information on cookies and how to disable them, you can consult the information provided by visiting the Networking Advertising Initiative site at https://optout.networkadvertising.org/ and the Digital Advertising Alliance site at https://youradchoices.com/.

What We Do Not Do with Your Personal Data

We do not sell job applicant personal data for monetary or other valuable consideration. We also do not share job applicant personal data for behavioral advertising purposes, including cross-context behavioral advertising. We do not use sensitive personal data for inferring characteristics about individuals. We do not use automated processing of personal data for profiling purposes.

Data Transfers

Simply Stated: BRG may transfer your personal data to countries with different data protection laws than your country, and BRG ensures compliance with relevant regulations. For transfers from the EEA to the U.S., BRG adheres to the EU-U.S. Data Privacy Framework to protect your personal data.

At times, your personal data may be transferred to service providers or systems in countries that may not offer a level of data protection equivalent to that in your country, including the United States. Where such transfers occur, BRG complies with the cross-border data transfer and export control laws of the countries in which it operates.

Where Personal Data is transferred out of the European Economic Area (“EEA”) to a country that is not recognized under an adequacy decision by the European Commission, BRG takes steps to ensure that Personal Data is adequately protected under appropriate safeguards, such as the standard data protection clauses approved by the European Commission, and where necessary, supplemental measures to protect the rights and freedoms of EEA resident employees.

Where Personal Data is transferred from the European Economic Area to the United States, BRG complies with the EU-U.S. Data Privacy Framework as well as the UK extension to the EU-U.S. DPF (together, the “EU-U.S. DPF”) as set forth by the U.S. Department of Commerce. BRG has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. If there is any conflict between the terms in this privacy notice and the DPF Principles, the DPF Principles will govern. To learn more about the Data Privacy Framework Program and to view our certification, please visit https://www.dataprivacyframework.gov/.

Where BRG transfers your personal data to a vendor or third party, BRG ensures that the vendor or third party handles and protects your personal data in compliance with the EU-U.S. DPF and this Privacy Notice. We remain responsible and liable under the DPF Principles if a third party that we engage to process personal data on our behalf does so in a manner inconsistent with the DPF Principles, unless BRG proves that it is not responsible for the event giving rise to the damage.

In compliance with the EU-U.S. DPF, BRG commits to cooperate and comply with the advice of the panel established by the EU data protection authorities with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF in the context of the employment relationship.

How We Secure Personal Data

Simply Stated: We implement security measures to protect your personal data and require our third-party service providers to do the same.

We have reasonable and appropriate security measures in place to protect against the loss, misuse, and alteration of any personal data we receive about you.

We require, by written contract, all of our third-party service providers to implement appropriate security measures to protect your personal data consistent with our policies and data security obligations.

Retention of Personal Data

Simply Stated: We retain your personal data only as long as necessary for its intended purpose or to meet legal requirements. We may anonymize it for other uses. If hired, your personal data becomes part of your employment record.

Except as otherwise permitted or required by applicable law or regulation, we will retain your personal data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal or regulatory requirements. We retain your personal data no longer than is reasonably necessary to carry out the purposes listed in this Notice or as required by law.

If you are offered and accept employment with BRG, the personal data we collected during the application and recruitment process will become part of your employment record, and we may use and retain it in connection with your employment.

Under some circumstances, we may anonymize or aggregate your personal data so that it can no longer be associated with you and continue to use such anonymized and aggregated data for our legitimate business purposes.

If you are a resident of the European Economic Area, we will ask for your consent to store your application data for consideration of future job opportunities.

Your Privacy Rights

Simply Stated: You may have rights under the privacy laws in your country or state, including withdrawing consent, accessing, correcting, deleting, and limiting the use of your personal data. To exercise these rights, contact the BRG Privacy Office via email using the contact information provided at the end of this Notice.

Some privacy laws, including the European General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), provide certain rights for individuals. You may have the following rights, in accordance with applicable laws and subject to necessary validation of your identity:

  • Withdraw Consent. If we use or share your personal data based on your consent, you may withdraw your consent at any time by contacting us.
  • Access. You may request access to or copies of your personal data. You may also request information about what types of personal data we have about you, the purposes for which we process it, and who has received access to or a copy of your personal data.
  • Correction. You may request that we correct your personal data if you think it is inaccurate or incomplete.
  • Deletion. You may request that we erase or delete your personal data.
  • Limitation. You may request that we only process your personal data for specific, lawful purposes. This includes your right to “opt-out” of, “object” to, or “restrict” certain data processing.

To exercise these rights, please send an email to privacy@thinkbrg.com with the details of your request.

You will not receive discriminatory treatment if you exercise any of the rights conferred to you by law. Please note that, depending on the circumstances and where you are located, not all of the privacy rights listed in this Notice may be available to you.

We will handle any request to exercise your rights in accordance with applicable law, but please note that these rights may not be absolute. BRG may refuse or deny a request in accordance with applicable laws.

Lodging a Complaint

If you believe we are disclosing, processing, or otherwise using your personal data in a way that is not in accordance with applicable law, you can lodge a complaint with the relevant data protection authority in your state, country, or region.

Changes to this Notice

We may periodically update this Notice to describe changes to our collection and use of personal data. We encourage you to periodically review this Notice for the latest information on our privacy practices.

Contact Information

All questions, complaints, or comments about this Notice or BRG’s data protection practices can be emailed to our Privacy Office at privacy@thinkbrg.com.You may also send your questions or concerns to Amy R. Worley, BRG’s Data Protection Officer, at DPO@thinkbrg.com.