As part of Company’s Online Services, our customers may load data into Company servers. Company will not share or distribute any such customer data except as provided in the contractual agreement between Company and customer, or as may be required by law.
On the Websites you may post comments, for example on a blog or bulletin board. These comments and discussions are moderated and may be accessed for technical reasons. We will not use the information you post on an online forum beyond the purpose for which you posted it. You should only post personal information to online forums with the awareness that the information will be made available to others inside and outside of Company. Any comments posted by individuals on an online forum, such as a blog, are their own and should not be considered as reflecting the opinion of Company. To request removal of your personal information from our blog or community forum, contact us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
We may use web analysis tools to measure and collect anonymous session information. We use this information to monitor and analyze in a depersonalized form how users use the Online Services, to provide customers with the Online Services, and to maintain and improve the Online Services. We may also collect similar information from emails we may send to you, which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Online Services.
The personal data collected when you visit the Online Services include:
We may collect certain personal information in connection with your account or an employer’s account with us, including your mailing address, phone number, date of birth, social security number, driver’s license or state identification number, financial information, information about your employment, and other information that may be required. If payment is required from you for any service, you will also be required to provide a credit card number and billing address, or other payment information. We also collect personal information when you receive customer or technical support.
We will not sell, rent, lease, or transfer your data to any third-party commercial entity for the purpose of marketing or selling unrelated products or services for our financial gain or economic benefit. We use your personal information to provide Online Services to you, deliver products and services, complete transactions, handle your questions or issues, and send communications to you about promotions, updates, or special offers that may be of interest to you. Other uses include verifying your identity, preventing fraud, and alerting you of new products, features, or enhancements to the Online Services. We may also use your email address to send you messages about your account or the Online Services, as well as other general announcements.
By submitting personal information through the Online Services, you authorize Company to share this personal information for the purposes identified herein, and you grant us a royalty-free, worldwide, perpetual, irrevocable, and fully transferable right and license to use your personal information in connection with the creation and development of analytical and statistical analysis tools (the “Analytical Data”). We are expressly authorized to make any commercial use of the Analytical Data, including without limitation sharing the Analytical Data with third parties, provided that we do not sell, trade, or otherwise transfer from us any part of the Analytical Data that personally identifies any Users.
We will also share the personal information we collect from you under the following circumstances:
Feedback. You may choose to, or Company may invite you to, submit comments, bug reports, ideas, or other feedback about the Online Services (“Feedback”). By submitting Feedback, you agree that Company is free to use such Feedback at its discretion without any obligation to you. Company may also choose to disclose Feedback to third parties. You hereby grant Company a royalty-free, perpetual, irrevocable, transferable, sublicensable, worldwide, nonexclusive license under all rights necessary to incorporate and use your Feedback for any purpose.
Asset Transfers. If we become involved in a merger, acquisition, or other transaction involving the sale of some or all of Company’s assets, User information may be included in the transferred assets. Should such an event occur, we will use reasonable means to notify you through email and/or a prominent notice on the Site.
If you make a purchase or need to upload payment information through the Online Services, we may use a third-party payment processor such as Stripe or Paypal. Payments are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
Although no method of transmission over the Internet or electronic storage is 100% secure, Company follows all PCI-DSS requirements and implements additional generally accepted industry standards.
Re-Targeted advertising uses information collected on an individual’s web browsing behavior such as the pages they have visited or the searches they have made. This information may then be used to display Company employment opportunities to you if you have visited our careers page. The information collected is only linked to an anonymous cookie ID (alphanumeric number); it does not include any information that could be linked back to a particular person, such as their name, address, or credit card number. The information used for targeted advertising either comes from Company or through third-party website publishers. If you would like to opt-out of re-targeted advertising from Company, please delete your cookies when leaving our site. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
In general, the third-party providers used by us will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner your personal information will be handled by these providers.
Certain providers may be located in a different jurisdiction or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
You may withdraw your consent to receive communications by following the “unsubscribe” link at the bottom of our emails. You may withdraw your consent to use an electronic signature at any time by contacting us. If you withdraw your consent, you may be unable to access the Online Services, and we will be unable to continue to process any pending applications for products and services.
The personal information that you provide to us is stored on servers that are located in secure facilities with restricted access and protected by protocols and procedures designed to ensure the security of such information. We restrict access to only those Company employees, independent contractors, and agents who need to know this information in order to develop, operate, and maintain the Online Services. All Company personnel who have access to this information are trained in the maintenance and security of such information. However, no server, computer, or communications network or system, or data transmission over the Internet, can be guaranteed to be 100% secure. As a result, while we strive to protect User information, we cannot ensure or warrant the security of any information you transmit to us or through the use of the Online Services and you acknowledge and agree that you provide such information and engage in such transmissions at your own risk.
In the event that personal information you provide to us is compromised as a result of a breach of security, when appropriate we will take reasonable steps to investigate the situation, notify you, and take the necessary steps to comply with any applicable laws and regulations.
We may collect customer information from persons other than the individual or individuals using the Online Services. Such information, as well as other personal or privileged information subsequently collected, may in certain circumstances be disclosed to third parties without your authorization as permitted by law. If you would like additional information about the collection and disclosure of customer information, please contact us.
Under the General Data Protection Regulation (GDPR) of the European Union (EU), EU citizens are entitled to certain privacy protections regarding the use of, storing, and processing of your personal information as well as having right to be notified if personal information is stolen, copied or accessed on an unauthorized basis.
The GDPR is a modern privacy rights framework adopted to create better transparency and control over who, how and when your personal data may be used, including the “right to be forgotten”.
This section will explain how Company complies with the GDPR and how your personal data may be collected, stored, and used. We also explain under what circumstances and for what purposes we may use your personal data and also provide instructions on how you can “opt-out” from our using your personal data and also request the removal of your personal data from our systems.
Our business is a “B2B” business, meaning we sell products and services to government agencies and private businesses, and not to individual consumers. Even so, under the GDPR, if you are an employee of or associated with a business customer, certain information may be considered personal data such as your business email, business mobile number or other similar information from which your personal identity may be known. It is also customary in many instances for business associates of business or government customers to furnish their private or personal contact information such as private email address, home telephone number, and similar information. Even if done in the context of a business purpose, this information may be deemed personal data. Therefore, if you believe your business information discloses personal data that you do not wish disclosed, you should not give it to us. You should also ask your employer to change your business contact information an anonymized format, such as changing your email form “my.name@mycompany” to “randomcharacters@mycompany”.
Please be advised that our business has less than 250 employees. Accordingly, we are subject to less stringent recording requirements under GDPR requirements. We are, however, not exempt from other privacy protection and reporting requirements which apply to all businesses equally.
Our ability to use your personal data may come about by the following means:
Additionally, many of our products and services are employment-based products, such as payroll services. As such, personal identity information is required to enable communications and messages to be delivered to you, for other in-network users to identify and communicate with you, and for us and others to authenticate identity and employ various network and information security measures.
We will use your personal data only in connection with furthering our business relationship with you, to enhance and protect the security of your information, and to enable your use of our products and services, and those add-on products and services that may be integrated with our products and services.
If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
However, if you choose not to share your personal data with us, or refuse certain contact permissions, Company might not be able to provide the services you require.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. We have outlined above the various circumstances, purposes, and time periods when we will hold personal data.
At the end of that retention period, your data will either be deleted completely or anonymized, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning. To summarize:
Ten Years from Transaction date. As described above, you should expect your personal data that is Business Transaction Data including any pertinent Relationship Data to be held for ten (10) years from the date of its creation for contract and legal purposes. The same ten-year period would apply to Security Data from the date of its last use or transactional entry.
Your personal data will be stored in the United States unless you are notified otherwise. In certain countries we may a local computer processing center or point of presence and data will be held in the local environment as requested by our customers and to the extent available.
We will not transfer your personal data to any provider in any jurisdiction unless such provider and jurisdiction meet the requirement under the GDPR.
Below is an overview of your various rights.
You have the right to request:
You can contact us to request to exercise these rights at any time by completing an online form. If we choose not to adhere to your request we will explain to you the reasons for our refusal.
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
This right does not include communications and information functions, such as alerts and notices, which are displayed in any application or product interface of ours which is part of the operation of or relates to a normal function of our product. By logging into our products or services, you are expressly giving your consent for such purposes. If you disagree with that then do not log in or use our products or services.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorized a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
You may send us notice of the exercise of your rights, whether to “opt-out” of certain or all marketing channels, to request deletion of your personal data or to correct, receive a copy of your personal data by any of the following means:
Send an Email to:
Please include the subject line “GDPR Request”
Please include the action you are requesting we take, the basis for the action, and any information which can reasonably identify you, and valid means to respond back to you.
When you send us a communication through a form, you may check a box indicating your preference to opt-out of marketing campaigns and contacts.
We are dedicated to adhering to the EU’s privacy laws for our EU customers. If you believe that we are not fulfilling our obligations in accordance with the law, you may file a complaint with the European Data Protection Supervisor (EDPS). We have provided this link for your convenience (note you are linking to an external third-party site unaffiliated with us):
RESERVATION OF RIGHTS
We provide this privacy notice to EU citizens in accordance with our understanding of the GDPR and will endeavor to comply with such law on a voluntary basis. We reserve all rights afforded under United States laws and treaties. This privacy notice is not a contractual obligation or guarantee to you that may be enforced in the United States or any other jurisdiction which does not recognize the GDPR as part of its law. Our contract obligations are limited to those contained in the purchase agreements and end-user license agreements between us and our customers. We, for ourselves and on behalf of directors, officers, employees, advisors, and all other persons affiliated with us reserve all rights regarding personal and subject jurisdictional matters, and the applicability and enforcement of the GDPR with respect to US citizens and non-EU citizens. Neither this privacy notice nor any actions taken to comply with the GDPR shall constitute a waiver of such rights or submission to jurisdictional authority of any court, tribunal, or governmental authority outside of the United States.