Skip to main content

Privacy Policy Recruitment

Who We Are

Seminole Hard Rock Digital, LLC, a Delaware limited liability company, its service providers and its  subsidiaries (collectively referred to in this Policy as “SHRD”, “we”, “us”, “our” and other similar pronouns) know that your privacy is important to you. This Privacy Policy (“Policy”) explains the types of information we collect through our recruitment and application process, and any related websites and social media platforms (each, a “Site”), as well as the Hard Rock or affiliated company branded applications (each, an “App”), referred to collectively in this Policy as the “Service(s)”).

The Personal Information We Collect

“Personal Information” is any information that can be used to identify you as an individual. We collect Personal Information in different ways including:

  • You providing it to us (“User-Provided Information”)
  • Your use of our Services (“Service Use Information”)
  • From publicly available sources such as the internet and social media platforms.

We need some of your Personal Information to make our Services work, to process your application, and we need some to comply with laws and regulations.  You’re not legally required to provide all information described in this policy, but if you choose not to provide it we may not be able to provide you with some or all of our Services, or process your application.  Examples of information that affects our ability to provide Services or process your application are contact information, demonstration of rights to work in certain countries, and geographic location.

Depending on the role or roles you apply for the specific types of Personal Information we request, collect, and process may change, for example this could be affected by a combination of your country of residence, the country in which each role is located, and your right to work in any associated countries.

As you progress through the application process we may capture additional information such as photographs, video, or audio recordings. Should this be done you will be provided with advance warning and your consent requested. Depending on the specific combination of your application and the role that you’re applying for particular additional information may be required, more information about this will be provided to you at the time if it becomes necessary.

If you receive an offer from us, we may then conduct a background check and, to the extent permitted by applicable law, we may also collect data related to criminal offences and proceedings. As part of the offer and acceptance process we may also collect Personal Information about you from third parties, such as professional recruiting firms, your references, prior employers, our employees involved in your application and recruitment process, and, to the extent permitted by applicable law, employment background check providers. We may also collect personal data about you online to the extent that you have chosen to make this information publicly available on professional social media websites such as LinkedIn.

Sensitive Personal Information includes categories such as ethnicity, health, religious or philosophical beliefs, sexual orientation, and other categories as prescribed by law. We may collect sensitive Personal Information about you to the extent permitted or required by applicable laws (e.g., U.S. equal opportunity laws) and to support our efforts to create an inclusive and diverse work environment. In some specific and limited circumstances, to the extent permitted by applicable law, we may also collect sensitive Personal Information to meet any legal obligations we have and to provide reasonable accommodations to facilitate the interview process.

User-Provided Information includes:

  • Biographical information (e.g. name, employment history, qualifications, country of residence, right to work)
  • Contact information (e.g. email, telephone numbers, postal address)
    • Role application information (e.g. assessments for the role being applied for, communications through our system)
  • We may also collect information we need to meet our legal and regulatory requirements.

Service Use Information includes:

  • Connection Information (e.g. IP address, your domain name, your internet provider, referral link)
  • Device Information (e.g. Device ID, telephone number, browser, operating system, system settings, mobile network, mobile apps installed or running on the device, the geographic location of your device, Personal Information associated with files on the device)
  • Interaction Information (e.g. content you use and how long you use it, ads you see and which you click on, downloads, search terms you use on our Services or any referral website, the website you go to after you leave our Services)

One of the reasons we process Service Use Information is to measure how engaging our Services are, to show you things we think will interest you, and also to protect you by detecting and preventing fraud. We mainly collect this information in two ways:

Cookies 

Cookies are small files stored on your device when you use our Services.  These files help us to recognize you as the same person or device that used our Services in the past so that we can identify you and link your Personal Information together correctly.  One of the great things about Cookies is that we can use them to make your experience better, for example by remembering your preferences and username so you can log in easily and stay logged in as you use different Services.

You can set your browser to notify you when our Services place a cookie, so you can decide if you want to accept it or not. If you choose not to accept cookies it can prevent parts, or all, of our Services from working.

Web Beacons 

Web beacons (also known as pixel tags, clear gifs and single-pixel gifs) are tiny images on our Services and in our emails to help us understand if our products, services, offers, and content are interesting and effective.  Web beacons are used for a lot of things, for example:

  • Telling us if you’ve visited our site or opened an email we sent to you
  • Telling us how many people have visited our website, or looked at particular content
  • Letting us know of some technical problems with our Services that might be affecting your experience.

Analytics

Service Use Information helps us to understand how our Services are used, how well they are performing, and how we can improve them.  Analytics is very complicated and we use other companies to help us with it, one of the companies we use is Google Analytics. Our use of Google Analytics meets all legal requirements including asking for your explicit consent when needed.

Do-Not-Track Disclosures

Our Services don’t recognize Do-Not-Track requests from web browsers and we don’t ask our third parties to do so.

Social Media

One of the ways we communicate to you is with social media and some of those sites are run by other companies like Facebook, Instagram,  X (formerly known as Twitter) , TikTok, Snapchat and LinkedIn. We are not responsible for how those companies process your personal information, they have their own privacy policies and we encourage you to read them.

We encourage you to read the third-party’s privacy policy before using these features.

Refer a Friend

In some locations we have a way for you to recommend us to your friends or forward them an opportunity with us.  If you use these tools we’ll ask you for some contact information of the other person, for example their name and email address, and we’ll manage that information as we describe in this Policy.

How We Use Your Personal Information

We use the Personal Information we collect from and about you for the purposes below.  We may also process your Personal Information for other reasons, but if that happens, we’ll inform you and ask for any required consent.

If you choose not to provide your Personal Information to us it may mean that we are unable to provide you with our products and services.

What we do: Identifying and evaluating candidates for potential employment, as well as for future roles that may become available.
‍Our legal basis: Our legitimate interests and your consent as appropriate.

What we do: Maintaining records in relation to recruiting and hiring.
‍Our legal basis: Our legitimate interests, your consent as appropriate, and performing contractual and precontractual measures relating to your potential employment.

What we do: Ensuring compliance with legal requirements, including those relating to public health and workplace safety.
‍Our legal basis: Our legal obligations.

What we do: Foster our diversity and inclusion programs and practices.
‍Our legal basis: Legal obligation and our legitimate interests.

What we do: If you receive an offer from us, conducting background checks, including, to the extent permitted by applicable law, criminal history checks.
‍Our legal basis: Legal obligation (depending on the role), our legitimate interests, and performing contractual and precontractual measures relating to your potential employment.

What we do: Protecting our legal rights to the extent authorized or permitted by law.
‍Our legal basis: Legal obligation and our legitimate interests.

What we do: Protecting the workplace and communicating with medical professionals, law enforcement, or other public authorities in the event of an emergency or public health event, such as when the health or safety of you or one or more individuals may be endangered.
‍Our legal basis: Legal obligation and in certain circumstances the vital interests of individuals.

What we do: Create and manage your account and profile in our application processing systems.‍
Our legal basis: Performing contractual and precontractual measures relating to your potential employment.

What we do: Providing you with access to our Services to process your application.
‍Our legal basis: Performing contractual and precontractual measures relating to your potential employment.

‍What we do: Assess how effective our marketing and communication is.
‍Our legal basis: Our legitimate interests to have effective marketing and communication.

‍What we do: Ensure that we meet all legal, regulatory, and contractual obligations.
‍Our legal basis: Legal obligation.

‍What we do: Send service messages to you like changes to our Services, Terms, or this privacy notice.
‍Our legal basis: Performing contractual and precontractual measures relating to your potential employment, and legal obligation.

‍What we do: Provide you with a personalised use of our Services.
‍Our legal basis: Our legitimate interests to give each user a quality tailored experience.

‍What we do: Test, maintain, improve, and update existing products and services.  Develop and test new products and services.
‍Our legal basis: Our legitimate interests in developing and improving our products and services.

‍What we do: Monitor and maintain the security and functionality of our technical systems.
‍Our legal basis: Our legitimate interests to protect our systems, and your Personal Information.

‍What we do: Detect and prevent crime
‍Our legal basis: Legal obligation, also in our legitimate interests to protect ourselves from the impacts of crime

What we do: Detect and prevent improper use.
‍Our legal basis: Our legitimate interests to ensure quality of service and provide an enjoyable experience for all users of our Services.

What we do: Collecting and analyzing data collected by ‘cookies’ and similar technology.
‍Our legal basis: Some cookies are strictly required for our products and services, others we collect on use based on your consent.  You can control your cookie options through the account or application settings.

We may also use your personal for data analytics purposes, including in aggregated/pseudonymized form, to improve our recruitment and hiring process and augment our ability to attract successful candidates.

Who We Share Your Personal Information With

We share your Personal Information with others for a range of reasons with organizations such as the following:

  • our corporate parents, and within the Hard Rock group
  • service providers
  • identity verification agencies and background check providers
  • governmental agencies, regulatory authority, and licensing bodies
  • law enforcement agencies
  • previous employers or academic institutions
  • organizations that introduce you to us
  • third parties involved in a business transfer, sale, change, or dissolution
  • third parties you permit us to share your data with

We also share non-personally identifiable Service Use Information (e.g. statistics or summaries) in a form that does not include your name or contact information.

We may use third party companies to serve ads when you visit our Services. These companies use cookies, web beacons, and other tracking technologies to show you relevant ads.  For information about third party advertisers and how to stop them using your information visit Aboutads.info at www.aboutads.info/choices/ or Your Online Choices at www.youronlinechoices.eu.

Your Rights

The rights you have over your personal information and personal data can depend on where you are.  We’ve provided some details below, for more information or to exercise  any of your rights please reach out to us by sending us an email at [email protected].

European Union (EU) and United Kingdom (UK) 

  • Withdraw your consent
  • Lodge a complaint with any relevant Data Protection Authority and UK

Information Commissioner’s Office (ICO)

  • Confirm whether or not we are processing your Personal Information
  • Access to your Personal Data that we hold or process
  • Correction of any inaccurate or out of date Personal Data
  • Erasure, or deletion, of your Personal Information
  • Restrict our processing of your Personal Data in certain circumstances
  • Portability of your Personal Data, including providing it to a third party
  • Object to any processing we carry out in our legitimate interests
  • Challenge any significant decision made entirely by automated processing
  • Seek confirmation that we do not make any legal, or similarly significant,

decisions about you with entirely automated decision making.

Exercising Your Personal Information Rights 

To exercise any of your personal information rights please submit a verifiable consumer request to us by sending us an email at [email protected]. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information.

The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative, which may include:

  • Name
  • Mailing Address
  • Email Address
  • Telephone Number

Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password-protected account (if applicable) sufficiently verified when the request relates to Personal Information associated with that specific account.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Appealing Our Decision Regarding Your Personal Information Rights

To exercise any appeal please email [email protected] within a reasonable period of time following your receipt of Our decision to decline your request.  You must include any internal reference you have been provided with relating to your request and/or our decision to decline, along with the reasons for your appeal.

Please note, this is an appeals process and emails shall not receive any response if the standard process has not been used first, or the required information is not included.

Security

SHRD takes reasonable physical, technical and process steps to protect your personal information.  However, we can never promise that your personal information will be absolutely safe.

How Long We Keep Your Personal Information

We keep your personal information for as long as it takes to achieve the purposes explained in this policy and to follow laws and regulations like accounting, insurance, and regulatory reporting.  How long we keep any piece of information is different because of the different laws and processing purposes.  For more information reach out to us using the details in the Contact Us section below.

“Linked-To” Web Sites

Our Services contain links, banners, widgets or advertisements that lead to other websites that we do not own or control. We’re not responsible for these other Web sites, each of them will have their own privacy policy and we encourage you to read them.  SHRD are not responsible for how these other companies process your Personal Information.

International Privacy Practices

When you use our Services you’re connected to a system in the US and all processing is taking place in the US.  This is the only way to use our Services, if you don’t want your personal information to be processed in the US do not use our Services.

We believe our Services protect your personal information to the level your country needs, and we do this by:

  • Using Standard Contractual Clauses (SCCs) or International Data Transfer Agreements (IDTAs) which are approved by your Data Protection regulator
  • For the EU these are available on the European Commission’s website: https://ec.europa.eu
  • The UK IDTA is available on the Information Commissioner’s website: https://ico.org.uk
  • Processing no more information than we need, and for no longer than we need to
  • Doing regular risk assessments, and
  • Adding any extra protection we think we need because of those assessments

Some country regulators are concerned that in the US our law enforcement can access your personal data in a way that reduces your protection and data rights.  To make sure we are protecting your information we did a detailed risk assessment for that.  We found no reason to believe US law enforcement has ever used these powers in our entire industry, and we have no reason to believe they will do so in future.

EU-U.S. DATA PRIVACY FRAMEWORK (DPF) AND THE UK EXTENSION OF THE EU-US DPF COMPLIANCE

SHRD participates in and complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), and the UK Extension of the EU-US DPF as approved by the European Commission in its adequacy decision issued on July 10, 2023.

We comply with the  EU-U.S. Data Privacy Framework and the UK Extension of the EU-US DPF Principles, that were developed by the U.S. Department of Commerce in consultation with the European Commission in order to provide organizations in the United States with a reliable mechanism for personal data transfers to the United States from the EU while ensuring that EU data subjects and the UK data subjects continue to benefit from effective safeguards and protection as required by European legislation with respect to the processing of their personal data when they have been transferred to non-EU countries.

To learn more about the EU-U.S DPF and the UK Extension of the EU-US DPF and view our certification, please visit the Data Privacy Framework website at https://www.dataprivacyframework.gov/s/participant-search

If there is any conflict between the policies in this privacy policy and the EU-U.S. DPF and the UK Extension of the EU-US DPF Principles, the EU-U.S DPF and the UK Extension of the EU-US DPF Principles shall govern.

We commit to cooperate with the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and comply with the advice given by such authorities with regard to human resources. The Federal Trade Commission has jurisdiction over Hard Rock’s compliance with the EU-U.S. DPF and the UK Extension of the EU-U.S. DPF.

If Hard Rock transfers your Personal Information to a third party, we will ensure the third party is contractually obligated to process your data only for limited, specific purposes consistent with this policy, to apply the same level of protection to that data as the EU-U.S. DPF and the UK Extension of the EU-U.S. DPF Principles, and notify us if it makes a determination that it can no longer meet this obligation. Upon notice, Hard Rock will take reasonable and appropriate steps to stop and remediate unauthorized processing. In cases of onward transfer to third parties of Personal Information received pursuant to the EU-U.S. DPF and the UK Extension of the EU-U.S. DPF, Hard Rock is potentially liable.

When other dispute resolution avenues are exhausted, you may invoke the binding arbitration. We have provided a private sector independent recourse mechanism (located in the United States) to investigate and expeditiously resolve individual complaints and disputes. This dispute mechanism will cover all Personal Information except for human resource data. For more information, visit the website for ICDR®/AAA®EU-U.S. DPF and the UK Extension of the EU-U.S. DPF: International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) at https://go.adr.org/dpf_irm.html.

The services of ICDR/AAA are provided at no cost to you.

If you have any question or complaint regarding our participation in the EU-U.S. DPF and the UK Extension of the EU-U.S. DPF or the processing of your Personal Information you may contact us as indicated below in the section of this Privacy Policy “Contact Information”

Changes to this Privacy Policy 

This privacy policy will change from time to time.  If the change is important we’ll actively inform you of the changes and ask for your consent where we need it.  If the change isn’t significant then we’ll let you know by posting the changed Policy on this page with a new “Effective Date”. Please check back often to ensure you have the most recent information.

Contact Us 

If you have any questions or comments regarding our privacy practices, our DPO can be contacted directly at: [email protected]

Effective Date: 01/31/2025