Last Updated: October 3, 2024
At Archer, our mission is to advance the benefits of sustainable air mobility. We have a talented workforce that helps us accomplish this mission. Here we describe our privacy practices for our global workforce. This includes employees, contractors, consultants, and other individuals (collectively, "personnel") who currently work or have previously worked for Archer Aviation Inc., its affiliates, or subsidiaries (collectively, "Archer", "we" or “us”). This policy also covers individuals who have applied to work for us (“candidates”).
You will learn about the data we collect, how we use it, how you can access and control it, and the measures we take to keep it safe. Specifically, we'll cover:
Personal Data We Collect
How We Use the Personal Data We Collect
How Personal Data is Shared
Your Rights to Access and Control Your Personal Data
Data Retention
Data Security
Changes to This Policy
How to Contact Us
Personal Data We Collect
As used in this policy, “Personal Data” refers broadly to any information related to you or which could be used to identify you. We collect different kinds of Personal Data depending on whether: 1) you have applied for or were recruited for a job with us; 2) you currently work for us; or 3) you previously worked for us. We may collect data directly from you or through third party sources, such as when you authorize us to check your background, as permitted under applicable law. Personal Data may be collected for business administration purposes, as required by law, or to comply with contractual requirements. The collection of any personal or otherwise protected information will be made clear at the time of collection. The Personal Data we collect includes the following types of information:
Personal details: including:
Your name or other identifiers such as government or other national identification numbers;
Contact information such as your address, email address, or telephone number;
Audio and visual information such as your image and voice;
Demographic information such as your gender, age or date of birth;
Location information derived from RFID technology in company technology and property including employee badges;
Detailed device usage, application usage, and internet usage information, and location information from any device owned by Archer or upon which we have installed mobile device management technology;
Any information which you may enter into, or obtain while using, software or technology owned or licensed by Archer;
Information that may be necessary to lawfully complete a background check, confirm your eligibility for employment, or administer benefits; and
Other information that you may provide to us or otherwise consent to us obtaining.
Personnel records: including but not limited to professional references and information about your education, training, work experience, employment history, performance evaluations and feedback, and other documents relevant to establishing, maintaining or terminating the employment relationship;
Compensation and benefits information: including details of your benefits and compensation; bank account number(s); and identifiers or other information about your dependents, spouse or partner that may be necessary for the administration of payroll, health insurance, or other benefits;
Work information: including professional or employment-related information about your activities while working for Archer. This may include information necessary to support human resources activities and business operations such as leave and attendance information, travel and other expense data, and data generated from your use of work resources. Other information is collected to protect the safety of Archer personnel, equipment, and property, such as building access data, information collected through the use of Archer’s information technology and communications systems, and data collected from office video cameras; and
Special categories of Personal Data: in certain circumstances, we process special categories of Personal Data subject to the European Union's General Data Protection Regulation ("GDPR") and Brazil’s General Data Protection Law (“LGPD”). This includes demographic information about race or ethnic origin and health information. For example, we may need to process information about your health in order to ensure occupational health and safety, to monitor sick leave, make decisions about sick pay, to administer benefits and make decisions about the need for adjustments in the workplace. Other special categories of Personal Data are political opinions, religious or philosophical beliefs, trade union membership, sex, and sexual orientation. Even if we do not request this information, you may disclose it to us in the course of your relationship with us. For example, you may request time off to observe a religious holiday or join an employee resource group for LGBT workers.
How We Use the Personal Data We Collect
We use the information we collect to carry out and support our human resources activities and business operations, as well maintaining legal compliance and a safe workplace. Examples include the following:
Talent acquisition and personnel lifecycle management: including recruiting and hiring job candidates (which may include conducting background checks, where permitted by applicable law); developing and retaining talent; monitoring, evaluating, and managing personnel performance; facilitating personnel mobility and managing international assignments; and managing the personnel separation process;
Human resources or operational purposes: including administering compensation and benefits; verifying identification; managing the company directory; managing information technology and communications systems; managing attendance and leaves of absence; accounting for purchases; performing workforce analytics and reporting; and managing integration planning, including business continuity and disaster recovery planning;
Policy management and compliance purposes: including enforcing Archer’s code of conduct; administering and privacy and security training programs; facilitating incident reporting and security management; administering the personnel whistleblower hotline; managing employee relations claims; conducting ethics and disciplinary investigations; and managing audit and compliance matters;
Compliance with applicable laws, regulations, legal processes, or governmental requests: including compliance with immigration, visa, or work permit requirements; fraud prevention; internal controls and company security; compliance with tax and other financial regulations; and fulfilling health and safety obligations; and
Promotion of safety and security: we may also use your Personal Data to protect the rights and property of Archer, its personnel, candidates, and the public as required or permitted by law.
If you are offered and accept a job with Archer, the Personal Data collected during the application and recruitment process will become part of your personnel record.
For Personal Data subject to the GDPR and/or LGPD, we rely on several legal bases to process the data. These include:
Compliance with personal contractual obligations: we use your data to manage the employment relationship with you and to ensure that we pay you your benefits;
When we have a legitimate interest in processing your Personal Data: such legitimate interests include maintaining and improving efficiencies and processes in the workplace, internal management, personnel administration; maintaining the safety and security of Archer personnel and property, compliance with contractual obligations, enforcing Archer rules and policies, and defending Archer’s interests in legal proceedings;
When required by law and regulation: for example, we may be required by law to keep certain data about your leave (including medical leave) or to report benefits information to tax authorities; and
When required to preserve the safety and security of Archer personnel and others: particularly, sharing Personal Data in the event of an accident or emergency.
For Personal Data subject to the LGPD, we may also rely on additional legal bases to process the data, including exercising rights in judicial, administrative, or arbitral proceedings, protecting credit, and protecting health in connection with a procedure carried out by health professionals or health entities.
How Personal Data is Shared
We may use your Personal Data for the following purposes:
For internal processing: We share your Personal Data amongst and between personnel of Archer, its affiliates and/or its subsidiaries within the United States and in other jurisdictions. This Personal Data is shared within the ordinary scope of personnel job responsibilities and as prescribed by law for purposes of carrying out human resources activities and facilitating business operations.
For external processing: We may transfer your Personal Data to third party service providers and other partners who process it for us, based on our instructions, and in compliance with this privacy policy, appropriate confidentiality and security measures, and applicable law. These service providers and partners provide us with global services, including those related to recruiting, benefits, and payroll processing; hosting our company directory; and supporting our human resources, information technology, and other business functions around the world.
With your consent, for legal reasons, or to prevent harm: We will share your Personal Data with third parties if we have your consent. We may also preserve or disclose Personal Data to comply with a law, regulation, legal process, or governmental request (including requests from law enforcement and security agencies); to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our agreements or policies, or threats to the security of our systems, services, or the physical safety of any person.
In connection with a merger, acquisition, or sale of all or a portion of the business: If we are involved in an actual or potential merger, acquisition, or sale of all or a portion of the business, we may share Personal Data with an actual or potential acquirer or investor or their professional advisors. In such cases, we will continue to take appropriate measures to protect the confidentiality of Personal Data.
As disclosed to you: we may also use or share Personal Data for other reasons, as disclosed to you, or consented to by you, outside of the scope of this policy.
We may also share non-Personal Data that is aggregated or de-identified so that it cannot reasonably be used to identify an individual.
Your Rights to Access and Control your Personal Data
We provide you with applications and tools to access and control the Personal Data associated with your personnel record, as required by the laws or regulations of the jurisdiction where you reside. If you live in the European Economic Area, Switzerland, or United Kingdom, you have legal rights in certain circumstances to access, edit, export, and delete your Personal Data, including Personal Data contained within your personnel file. In addition, when we process your Personal Data based on our legitimate interests (including as described in the How We Use Personal Data section above), you may have a right to object to our processing of your Personal Data, based upon applicable laws and regulations where you reside. If you would like to exercise any of these statutory rights, please contact legal@archer.com. If you need further assistance regarding your rights, please contact us at legal@archer.com, who will consider your request in accordance with applicable laws. You may also have a right to lodge a complaint with your local data protection authority.
Data Retention
We store Personal Data associated with your application or personnel record as required by law, as necessary to resolve disputes, or for as long as is reasonably required for business purposes. If you do not want us to retain your Personal Data, please contact legal@archer.com. Please note that we will process requests as quickly as practicable, but that the timing of such processing may be impacted by legal preservation requirements or by any superseding needs to prevent harm or protect the interests of Archer.
Data Security
We work hard to keep your Personal Data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your Personal Data. For example:
Archer employees undergo regular information security training.
Archer has a formal security risk management program that seeks to ensure the company is operating at an acceptable level of risk with regards to the confidentiality, integrity, and availability of information.
Access to internal networks is restricted and managed according to access policies and the requirements of business applications.
Physical access to Archer's corporate facilities is restricted to authorized Archer personnel as required to perform their job responsibilities.
No method of transmitting or storing data is completely secure, however.
Privacy Notice for California Residents
If you are a California resident, the following additional privacy rights (in this section) are available to you under the California Consumer Privacy Act of 2018, as modified by the California Privacy Rights Act of 2023 (“CCPA”). While the term “Personal Data” is used in this section, for the purposes of this section that term is intended to align with the definition of “personal information” within the CCPA.
You have the right to contact us directly to request details on the specific Personal Data we’ve collected about you during the past 12 months.
You have the right to request disclosure of information shared or sold.
You have the right to opt out of selling of your Personal Data.
You have the right to request deletion of data, unless an exception applies.
You have the right to make two free requests in any 12-month period. We will respond to your request within 45 days, and in more difficult cases we may extend our response time by another 45 days.
You are entitled to exercise the rights described above free from discrimination.
To make any inquiries, request, or exercise any of your rights granted under California Consumer Protection Act, you can contact us by email at privacy@archer.com.
As we address throughout this Privacy Policy, we collect Personal Data to carry out and support our human resources activities and business operations, as well maintaining legal compliance and a safe workplace. In the last twelve months, we have collected the following types of Personal Data about our personnel and candidates (either directly as provided by you, or indirectly as provided by third parties and as described more fully above): personal details, personnel records, compensation and benefits information, work information, and special categories of personal data. In the past 12 months, we’ve disclosed the above categories of information with our service providers, affiliates, and other third parties to carry out and support our human resources activities and business operations, as more fully described above. We have agreements with our service providers which limit their ability to use your information and require them to ensure its confidentiality.
International Operations and Data Transfers
We may operate internationally and transfer Personal Data to the United States and other countries for the purposes described in this policy.
Changes to this Policy
We may change this privacy policy from time to time. Each version of this policy is identified by its date of last update.
Who We Are And How To Contact Us
The Archer entity or affiliate that employs you acts as the controllers of your Personal Data. If you have questions, suggestions, or concerns about this policy, or about our use of your Personal Data, please contact us at legal@archer.com. If you live in the European Economic Area, Switzerland, or United Kingdom and seek to exercise any of your statutory rights, please contact us at legal@archer.com.