T-Mobile Employee and Contractor

PRIVACY NOTICE

Effective: January 1, 2023

Overview

T-Mobile USA, Inc. and its subsidiaries (“TMUS” or “we” or “us”) collect personal data about you as a former or current employee in connection with your employment; or former or current contractor in connection with your contractual arrangement with us. This notice describes how we use that personal data, to whom we disclose it, how you can exercise your data choices, and how you can contact us.

Your “personal data” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. This notice also applies to sensitive personal data, a category of personal data. It includes data like your social security number and account log-in credentials, as well as biometric information.

This notice does not cover:

Your interactions with T-Mobile outside of the employment context, such as browsing T-Mobile’s website to check out our products and services or logging into your account as a customer. To learn more about our privacy practices related to those types of interactions, please see our T-Mobile Privacy Notice. 
United States job applicants. To learn more about personal data we collect and use when you apply for a job with us in the US, or for our recruiting purposes, please see our T-Mobile Applicant Privacy Notice. 
International employees or contractors. To learn more about personal data we collect and use from our international employees, contractors, or job applicants, please email IntlPrivSpt@T-Mobile.com for information regarding the applicable Privacy Notice.

What data we collect

Personal data

The categories of employee and contractor personal data we have collected within the last 12 months include the following:

Identifiers/contact information

Like your name, online identifiers such as an Internet Protocol (IP) address, account and usernames, aliases, telephone number, email address, home and postal addresses, signatures, and other identifiers described in the sensitive personal data category below.

Categories required to be listed specifically under certain state laws

Like name, signature, social security number, physical characteristics or description (which may appear on government ID), address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Characteristics of protected classifications under state or federal law

Like race, religion (may include religious dress and grooming practices), sex/gender (includes pregnancy, childbirth, breastfeeding and/ or related medical conditions), gender identity, sexual orientation, marital status, medical condition (genetic characteristics, cancer or a record or history of cancer, military or veteran status, national origin (includes language use and possession of a driver’s license issued to persons unable to prove their presence in the United States is authorized under federal law), disability, request for family care leave, request for leave for an employee’s own serious health condition, request for Pregnancy Disability Leave age (over 40).

Biometric information

Including fingerprint and facial images from which an identifier template can be extracted.

Employment and performance information

Like date of hire, title, transfers and promotions, salary and rewards, training, absences and reasons for absences, letters of appreciation and commendation, grievances or disciplinary matters, and resignation or termination of employment, demographic data such as age, including date of birth, gender, marital status, spouse and dependents, and certain sensitive data categories described below, work permit status and related immigration information, attendance at corporate functions and sites, compensation history with us, performance information, aptitude, disciplinary information, training records and certifications, educational information.

Payroll, tax, and benefits information

Like your bank account details, payroll records, tax information, pension information, benefits elections, investment and portfolio information, vacation and leave of absence information, payroll deduction information, expense reimbursement information, and insurance-related information.

Travel information

Like your loyalty program numbers, dates and length of travel, hotel names and locations, and travel routes.

Medical and health-related information

Including your medical condition or disability, pregnancy status, health, sickness, vaccine record, injuries, temperature, communicable disease or other medical test results, beneficiary, and family information.

Personal or work vehicle information

Like your vehicle license plate number, year, make, model, and location.

Images and recordings of you

Like your photograph, voice, audio/video recordings and transcripts of our in-person or online events, meetings and/or calls, and security footage of you on our premises.

Internet or other electronic network activity and analytics or monitoring data

Including as related to employee or contractor communications and use of T-Mobile systems, Wi-Fi, internet service, internal and external websites, equipment, applications, databases, network resources, and infrastructure (“T-Mobile Systems”); building access, badge information, and software/hardware inventory information, and personal devices used to connect to T-Mobile Systems; including usernames, passwords, system log data like IP address, browser type, and language, device information, access times, and referring website addresses; information collected through web beacons, like cookie IDs; information collected through mobile apps, like mobile device IDs; usage data, such as time spent on T-Mobile Systems, features used, and actions taken in T-Mobile Systems, including page views, links clicked, and documents downloaded; contents, header, metadata, delivery and access information for voice calls, voicemail, emails, chats, messaging, documents, and other communications, data, and files stored or transmitted through T-Mobile Systems.

Geolocation data

Including approximate location data such as based on your IP address, and location data such as office location, conference room booking locations, and travel location information described above.

Audio, electronic, visual, or similar information

Including facial images and voice information like photos, videos, and voice recordings.

Education information

Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).

Other information

Other information you provide to us in the context of your onboarding, employment, contractor role or that we collect for other legitimate human resources, business, security, travel, or safety-related purposes.

Sensitive personal data

We collect certain personal data considered “sensitive” (“sensitive personal data”). To support our legal and business activities, and as permitted by law, we may collect sensitive personal data as part of our employment or contractual relationship with you.

Examples of sensitive personal data that we collect include:

Government-issued identifiers, such as social security information, driver’s license information, state identification card, or passport information
Account log-in, financial account, debit card, or credit card number in combination with a security or access code, password, or credentials that allow access to an account
Precise geolocation
Racial or ethnic origin, religious or philosophical beliefs, or union membership
Biometric information (where used for the purpose of uniquely identifying you)
Health information
Information relating to sex life or sexual orientation

Sources of personal data

We collect personal data from a variety of sources, including:

Directly from you
Previous and current employers
Service providers (e.g., time entry, payroll, and expense reimbursement services)
Insurance and benefits providers
Travel partners (e.g., travel agents and portals, car service, and ride share companies)
Background check services
Online sources including social networks
Open government databases and other public sources

We also collect personal data through our use of cookies, web beacons, mobile analytics, and similar technologies to operate our websites, applications, and online services accessible to you in the context of our employment relationship. We use these technologies to help us collect the data necessary to operate and manage our business. This includes analyzing and measuring device, application, and system usage, detecting and preventing illegal, fraudulent, or unauthorized activity, enforcing T-Mobile policies, and protecting our devices, systems information, and infrastructure. The information we collect using these technologies includes personal data, such as the pages you visit, the links you click on, usage and crash information, identifiers, and device information, as described above in our Collection notice as internet or other electronic network activity and analytics or monitoring data.

What are cookies and similar technologies?

Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser overtime each time it connects to that web server.

Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and set and read its cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.

Mobile analytics are generated by operating systems for mobile devices (iOS and Android). They can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our analytics providers to access these mobile IDs.

How do we and our providers use cookies and similar technologies?

We, and our analytics providers, use these technologies in our websites, apps, and online services to collect personal data when you access and use our services, including personal data about your online activities over time and across different websites or online services. This data is used to store your preferences and settings, enable you to sign in, analyze how our websites, apps, and services perform, track your interaction with the site or app, develop inferences, combat fraud, and fulfill other legitimate purposes. We and/or our providers share the data we collect or infer with other providers for these purposes, as described in the “Disclosures of Personal Data” section below.

Use of personal data

We use personal data that we collect as appropriate to administer and carry out the employment relationship, including for human resources and operational, business, safety, and security purposes including as described in this Notice and below.

Human resources uses, including:

Payroll and compensation.
Benefits administration.
Career planning and development.
Equal employment opportunity, diversity, inclusion and accessibility programs.
Performance management and review.
Legal and policy compliance administration and enforcement, including for the purpose of anti-discrimination laws and government reporting obligations.
Recruitment.

Business uses, including:

Managing, monitoring, measuring, analyzing. protecting, and improving, T-Mobile Systems, assets, and resources, including managing and protecting unauthorized access and use of T-Mobile, personal, and customer data, devices, systems, and infrastructure; and protecting T-Mobile Systems from intrusions.
Managing, monitoring, measuring, analyzing, protecting, and improving campus, parking, buildings, office space, conference rooms, facilities, catering and café services, including monitoring and administering building occupancy and campus parking and transportation; operating and monitoring physical security systems, such as CCTV, key card entry systems, and guest logs; registering personal vehicles and logging exit and entry times; and emergency notification services.
Managing and improving workplace efficiency and effectiveness.
Communications and collaboration.
Delivery of information, goods, and services.
Legal and policy compliance administration and enforcement, including monitoring access and use of T-Mobile Systems.
Research and improvement of T-Mobile Systems, processes, products, services, and technology.

We may use de-identified information in accordance with applicable law.

Disclosure of personal data

We may disclose personal data, including sensitive personal data, to the following categories of recipients, for the business purposes described in this Notice and below.

Our subsidiaries and affiliates

For example, T-Mobile entities share business processes and common data systems.

Vendors or agents working on our behalf

For example, companies T-Mobile hires to provide recruiting, payroll, benefits, and administrative services, and protect and secure our systems and service.

Independent third parties

For example, benefits partners T-Mobile hires to facilitate benefits administration, (e.g., health and insurance providers) and third-party providers of products and services (e.g., travel agents, ride share services). To the extent that T-Mobile provides personal data to such third parties, that personal data is governed by their privacy statements.

Parties to a corporate transaction or proceeding

For example, a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.

The general public

For example, T-Mobile may provide features or services that permit employees and contractors to publicly display and disclose certain personal data, such as their name or username, profile or directory information, or other personal data that employees and contractors choose to disclose.

Law enforcement and those with legal necessity

We will access, transfer, disclose, and preserve personal data to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; operate and maintain the security of T-Mobile Systems, including to prevent or stop an attack on our computer systems or networks; protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies; or act in urgent circumstances such as protecting the health or personal safety of a candidate, employee, contractor, agent, customer, user of T-Mobile services, or member of the public.

We may share de-identified information in accordance with applicable law.

Data retention

We retain personal data for business or tax needs, or legal reasons. For example, we retain personal data in accordance with our obligations under applicable labor and employment law and as necessary to administer and carry out the employment relationship and our post-employment obligations.

Your data choices

We offer all employees and contractors in the U.S., Puerto Rico, and the US Virgin Islands choices about their personal data. Please note that your choices and contact methods may vary depending on where you reside and the laws that apply. If you have questions, please contact us using the information below. Your options include:

Communications preferences

You can choose whether to receive optional communications from us by email, SMS, and telephone related to new jobs or roles that become available. If you receive these optional email or SMS messages from us and would like to stop, you can do so by following the directions in that message or by contacting us as described in the “Contact Us” section below. If you receive a call from us related to new jobs or roles that become available, and no longer wish to receive such calls, you can ask to no longer receive those calls. These choices do not apply to certain informational communications, including communications about an existing application with us.

Browser or platform controls

Cookie controls

Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and need to be recreated.

Global Privacy Control

Some browsers and browser extensions support the “Global Privacy Control” (GPC) or similar controls that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales and/or targeted advertising, as specified by applicable law. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting or similar control recognized by regulation or otherwise widely acknowledged as a valid opt-out preference signal.

Do Not Track

Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the websites you visit, indicating you do not wish to be tracked. Unlike the GPC described above, there is no common understanding of how to interpret the DNT signal; therefore, our websites do not respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the GPC, cookie controls, and advertising controls described above.

Mobile advertising ID controls

iOS and Android operating systems provide options to limit tracking.

Email web beacons

Most email clients have settings that allow you to prevent the automatic downloading of images, including web beacons, which avoid the automatic connection to the web servers that host those images.

Notice and consent

We provide employees and contractors with a notice about the personal data we collect, how it will be used, and with whom we disclose personal data.

We will get consent from employees and contractors for the collection and use of personal data where such consent is required by applicable law. Failure to provide necessary personal data may disqualify an employee or contractor from employment or restrict participation in certain plans or programs.

Privacy rights & choices

Access, delete, and correct

Access

In some jurisdictions you have a right to access (or “know”) your personal data. To access your personal data, submit a personal data request. Once we receive your request and confirm your identity, we will disclose to you: 

The categories of personal data we have collected 
The sources from which we collect personal data 
The types of third parties we share personal data with
The types of personal data we disclose for business purposes

T-Mobile provides this information, where possible, in a format you can read, use, and transfer to other entities. Note that T-Mobile does not sell or share HR data, so your access report will not include categories of information sold or shared since that does not apply to your personal data in this context.

Delete

In some jurisdictions you have a right to request deletion of your personal data. To delete your personal data, submit a personal data request. You may ask us to delete the personal data we have collected about you. If you do, we may not delete all your data because certain exceptions may apply. For example, we may keep personal data that is necessary to provide employment or contractor services, detect security problems, or to comply with laws.

Correct

In some jurisdictions you have a right to request correction of your personal data. Employees and contractors can correct or make changes to your personal data through several methods. Learn how to correct your personal data.

Authorized Agent

Authorized agents may act on your behalf by submitting an access, correction, or deletion request. To protect your information, we will request that you verify your own identity before fulfilling a request submitted by your agent. Any responses or fulfilled requests will go directly to the employee or contractor and will not be sent to the authorized agent.

Verification of your identity

We have to verify your identity before we can give you access to or delete your personal data. If we can’t verify your identity, we’ll unfortunately have to deny your request. This is to protect you.  

To verify your identity, we’ll need information from you, like your email address and phone number. You may have to share your U.S. driver’s license, state ID, or passport. We may also need a photo of your face so we can ensure the photo ID truly belongs to you.

We will also be asking for additional personal and professional data to validate your employment. Please answer as many questions accurately as possible.

Appeal

If we deny your request, residents of certain states are entitled to submit an appeal. Instructions for how to submit your appeal will be included in our response explaining why we denied your request.

If you have questions about these choices, please read our privacy FAQs.

T-Mobile never discriminates against anyone for making privacy requests.

Opt-out

Employees and contractors in some jurisdictions have a right to opt-out from the “sale” or “sharing” of personal data, each of which is defined under applicable law.

Note that we do not “sell” or “share” personal data and have not done so in the past 12 months.

Limit use and disclosure of sensitive personal information

We do not use or disclose sensitive personal data to infer individual characteristics.

Future changes

From time to time, we may update this Employee and Contractor Privacy Notice.

This Employee and Contractor Privacy Notice does not form any part of any contract of employment.

To review TMUS’ Privacy Notices addressing information that TMUS collects outside of the hiring/employment context (such as information collected about you as a consumer), please visit our Privacy Center.

Contact us

If you have any questions about this Employee and Contractor Privacy Notice, please contact us at Privacy@T-Mobile.com or customer service at 1-800-937-8997.