Skip to main content
Public home
Privacy Policy

Global Workforce Member Privacy Notice

Last Updated: September 2022
This global notice ("Notice") explains how Citi and its affiliated companies (collectively, "Citi") handle the personal information of employees, applicants, interns, former employees, dependents, beneficiaries, contractors, consultants and temporary agency workers ("Workforce Members") in the course of its activities. Citi cares about your privacy and is committed to processing your Personal Information in accordance with local and regional employment and data privacy laws.

Personal Information includes Personally Identifiable Information, each as defined in the Citi Privacy and Bank Customer Confidentiality Policy.

Citi maintains computer systems in data centers at locations in various countries throughout the world, which may change from time to time, including Chile, Costa Rica, China, Singapore, Philippines, Brazil, India, Hong Kong, Mexico, and the United States. Citi may collect, store, process, disseminate or use Personal Information about our Workforce Members in a manner that causes the data to be transferred across borders or accessed from computer systems located or operated in another country owned or operated by or on behalf of Citi (or a third-party vendor to Citi).

Legal bases for Processing

We will process your Personal Information on legal bases which include the following:

  • The performance of a contract with you.
  • Public interest, including the health and safety of you and your colleagues.
  • The legitimate interests of Citi to run our businesses efficiently and effectively.
  • As required by law; and
  • Your vital interests.

We will process your highly restricted or confidential / sensitive Personal Information on legal bases which include the following:

  • Your explicit consent.
  • Health and safety of you and your colleagues.
  • Publicly available data.
  • As required by law; and
  • Your vital interests.

In some of our locations, regional or country specific requirements may apply. Certain rights, based on job location or where you are regularly employed if you are engaged in a Citi mobility program, may be exercised by individuals and require Citi to share certain information with you. You can access the Citi Privacy and Bank Customer Confidentiality Policy, along with other related policies noted below, on our Intranet. This Notice is relevant only to the extent that Citi uses your Personal Information and:

  • details the type of Personal Information we collect and use, such as your personal contact details*, payroll information, information about the job you hold and your employment, performance, absences and any process you are involved with or work that you complete that identifies you personally as a result of your employment with us [*Personal contact details may include but not limited to Home Address, Personal Phone Numbers, Date of Birth, National ID numbers, Personal Email Addresses; Work History, Education History, etc.];
  • sets out the reasons for which we collect, use and store Personal Information about you, which include the important goals of maintaining trust in Citi as a responsible employer and as a globally regulated financial service provider, and to enable the most talented people to be employed and work for us which is in our interests and those of our clients; and
  • provides a list of the types of individuals who will be able to access and use your Personal Information, including your manager(s), human resources, your work colleagues (to allow them to work and collaborate with you) and other functions within Citi, for example, Compliance, Finance and Internal Audit, to the extent that their processes may involve you or information that concerns you. This also includes external third parties where required.

Citi also will monitor and filter the use of company devices, network, and internet traffic for lawful business purposes, and will monitor workers entering and leaving Citi locations, in particular for:

  • Ensuring adequate Information Systems integrity and detecting and preventing criminal activity, including cyber-crime. Protecting information, including, but not limited to, Personal Information, confidential information, and high-value business information against destruction, loss, alteration, unauthorized access, disclosure or hacking.
  • Understanding the wellbeing of workers with respect to their presence in a Citi office, using company devices, accessing the Citi network and/or using applications on that network.
  • Enabling workers to do, and are doing, their jobs and understanding both efficiencies and effectiveness relating to job performance. Supporting the health and safety of you and your colleagues. Securing the effective operation of Citi's Information Systems. Enabling compliance with applicable regulatory and self-regulatory obligations; and
  • Detecting instances of non-compliance with Citi policies on internet use and the Code of Ethics.

Citi will retain Personal Information in accordance to our data retention policies and procedures outlined in the Citi Records Management Policy.

In the country where you usually perform work, there may be additional privacy requirements and rules concerning your Personal Information. To the extent that there may be any inconsistency between those rules and this Notice or the policies listed below, the applicable local privacy requirements will prevail.

Importantly, many countries where Citi operates have rules that restrict or govern the transfer of Personal Information outside of the country where our Workforce Members work. If you are based in one of these countries, we will only access/use your information in another country to the extent that this is permitted by law and in accordance with the requirements of Citi's regulators.

This Notice will be reviewed on an annual basis.