Revised July, 2018
A separate agreement governs the delivery, access, and use of our Services (the “Master Services Agreement”), including the processing of Personal Information and data submitted through Services. The organization (e.g., Employer or “Client”) that entered into the Master Services Agreement (“Client”) is the data controller for its instance of the Services (their “Platform”) and any associated client data. If you have any questions about specific Platform settings, the processing of Personal Information in the Platform, or its privacy practices, please contact your Account Manager for the Platform you use.
INFORMATION WE COLLECT
Information Voluntarily Provided
When using the Site and/or Services, we may collect, use, store, and transfer the following categories of personal information about you, which you may voluntarily provide to us:
- Account and Registration Information – name, address, telephone number, title, birth date, employment history or details, billing, user name, password, and any other information you provide to our staff
- Payroll Information – new hire information (including reference to information Client lists on W4s and I9s), direct deposit authorizations for employees including name, address, social security number, bank account information, date of birth, phone number, other personal information, and information we receive from third parties such as child support orders, retirement plan providers, other garnishers, etc.
- Personal Profile or Service Information – Site profile personal preferences and any other personal profile information such as demographic information
- Payment Information – credit card/bank billing information for payment processing
- Site Interaction Information – communications to us via our Site, such as by email, blog, event registration, uploads, notifications, and other communications
- Marketing and Communications – your preferences and/or explicit consent in receiving marketing and other communications from us
- Social Media Accounts – communications and other content provided to us as a result of your communications via your social media accounts
- Account History – your service purchase and transaction history with us, or from any future affiliation with our bank, or others
Information Automatically Collected
When using the Site and/or Services, we may automatically collect, use, share, store, and transfer the following categories of personal information about you:
- Clickstream – As you use the Internet, a trail of electronic information is left at each web site you visit. This information, which is sometimes referred to as “clickstream data,” can be collected and stored by a web site’s server. Clickstream data can tell us the type of computer and browsing software you use and the address of the web site from which you linked to the Site. We may collect and use clickstream data in an anonymous aggregate form to anonymously determine how much time visitors spend on each page of our Site, how visitors navigate throughout the Site and how we may tailor our site’s architecture and web pages to better meet the needs of visitors. This information will be used to improve our Site and our Services. Any collection or use of clickstream data will be anonymous and aggregate and will not intentionally contain any Personal Information.
- Other Tracking Technologies – We and/or our third party service providers may automatically collect Technical Information about your equipment, browsing actions and patterns such as IP host address, pages viewed, browser type, duration and frequency of visits, and other data via pixels, beacons, and mobile application identifiers to help us recognize you across different sites and Services, improve your experience, increase security, measure use and effectiveness of our Services, and serve advertising.
- Social Media Integration. If you choose to access, visit and/or use any third party social media service(s) that may be integrated with our Site and/or Services, we may receive your data that has been made available to those Services, including information about your contacts on those Services. For example, some social media services allow you to push Content from our Service to your contacts or to pull information about your contacts so you can connect with them on or through our Site and Services. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service. For more information about social media platform and network privacy practices, please review the privacy policies and settings of the social media platforms you use.
- Log Data. Whenever you visit our Site, we collect information that your browser sends to us that is called Log Data. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics.
HOW WE USE PERSONAL INFORMATION
We use your information in the following ways:
Identity & Contact Information
- Register you for a specific service
- Send you service messages by email, SMS or otherwise, such as service updates
- Create and manage your account
- Provide customer care and support
- Confirm your identity for security purposes
- Provide you with marketing (subject to your consent)
- Inform you of products and Services of our partners or other third parties from time to time
- Direct you to the right part of the website
- Communicate with you
- Provide you Services (process payroll services, payment, and/or issue refunds)
- Fraud prevention and detection
- Provide you Services
- Provide customer care and technical support
- Customize and enhance our Services for you
- Internal purposes such as auditing, data analysis, and research to improve our Services and communications
Technical & Usage Information
- Improve our Site
- Evaluate the effectiveness of our marketing initiatives and channel partnerships
- Provide aggregate trends to our third parties
- Keep our Site safe and secure
- Customize and enhance our Services for you
- Provide customer service and technical support
- Manage our Services administration and management
- Customize and enhance our Services for you
- Make suggestions and recommendations to you about goods or Services that may be of interest to you
Marketing and Communications Information
- Send you information by email, SMS, post, or otherwise, about our Services
- Administer surveys, sweepstakes, promotions, contests, giveaways and/or events sponsored by us or our affiliates
- Provide customer care and support
- Enable you to share stories and Services if you choose to
SHARING OF YOUR PERSONAL INFORMATION
Except as expressly set out in this policy, we will not sell, distribute or lease your personal information to third parties unless we have your explicit consent or are required by law to do so. However, as an essential part of our provision of Services to you, we share your information with the following categories of affiliates:
- Third Party service providers receive your information from us only to provide services to . These third parties are authorized to use your Personal Information only as necessary to provide these services to us and may include payment service providers; cloud and computing infrastructure providers; sub processors for email, chat, document encryption, and form processing; technical consultants; auditors; other third parties who make our Site and Services available, enhance its functionality, and/or provide associated Services and/or who deal with you in delivering content, samples, products, gifts and prizes; and/or advertising partners and website hosts who help us run our business
- Local, state or federal law enforcement officials as required by law
- Fraud prevention agencies in response to suspected fraud, harassment, physical threats, or other violations of any law, rule or regulation, the Site rules or policies, or the rights of third parties
- Companies approved by you such as social media sites
- Other business entities as successors or in contemplation of a merger or acquisition
USER-GENERATED CONTENT, BLOGS, FORUMS, PROFILES, SURVEYS, REVIEWS ARE NOT PRIVATE
TRANSFER OF PERSONAL INFORMATION OVERSEAS – INTERNATIONAL USERS
We are a United States based company, headquartered in the state of Colorado. Our Site and Services are hosted and administrated in the United States or hosted with service providers who are headquartered in the United States and are intended for users in the United States. Your data may be processed, transferred to, and maintained on, servers and databases located within the U.S. and/or elsewhere where the privacy laws may not be as protective as your jurisdiction. In addition, many of our third party service providers and sub-processors are also based in the U.S. but may be otherwise outside of the U.S. In providing your Personal Information to us, your Personal Information will be sent to the U.S., where the local applicable law may provide you with less protection than under European Union law. If you are an individual who is either based in or a resident of the European Union, we require the recipient to subscribe to international policies and frameworks intended to enable secure data sharing to protect your privacy rights and .
HOW TO OPT-OUT OF MARKETING MESSAGES FROM US
If you do not wish to receive future marketing or other commercial messages from us, simply follow the unsubscribe instructions contained within the message you receive. Please note that you may continue to receive certain communications from us that are necessary for the Services, such as event notifications, invoices, technical notices, updates, security alerts, and support and administrative service notices.
STORING PERSONAL INFORMATION
We are committed to ensuring that your information is secure. To this end we continuously implement and update administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are firewalls and data encryption, and information access controls. In addition, all payment transactions are encrypted. We use Formstack to encrypt credit card information and personal information when submitting this information through our Site. you know or have reason to believe that your account has been lost, stolen, misappropriated, or otherwise compromised or in case of any actual or suspected unauthorized use of your account, please contact us at firstname.lastname@example.org.
No Liability for Breach
Because no data transmission is completely secure, and no system of physical or electronic security is impenetrable, we cannot guarantee the security of the data that you send to us or the security of servers, networks or databases, and by using the Site and/or our Services you agree to assume all risk in connection with your data. We are not responsible for any loss of such data or the consequences thereof.
In the event that we believe the security of your data in our possession or control may have been compromised, we may seek to notify you. If notification is appropriate, we may notify you by e-mail, telephone call or other reasonable means.
PROTECTION FOR CHILDREN AND MINORS
This Site is not intended for users under the age of 13, and we have no intention of collecting Personal Information from children (i.e., individuals under the age of 13). Where appropriate, we take reasonable measures to inform children not to submit such information to our site or in response to advertisements. If a child has provided us with personally identifiable information, we will use all reasonable efforts to delete such information from our database.
RIGHTS OF CALIFORNIA RESIDENTS
Right to Prevent Disclosure of Personal Information
Pursuant to Civil Code Section 1798.83, California customers have the right to prevent our disclosure of their personal information to third parties for those third parties’ direct marketing purposes and requires certain businesses to respond to requests from California customers asking about the business’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. If you wish to opt-out of our sharing of your data with third parties for the third parties’ direct marketing purposes or to find out more about your opt-out rights, please contact our Data Protection Officer at support@businessASAP.com with the subject line “CA Privacy Rights”.
Pursuant to California Civil Code Sec. 1789.3, California resident users are entitled to know that they may file grievances and complaints with the California Department of Consumer Affairs, 400 R Street, STE 1080, Sacramento, CA 95814. As a resident of California, you may request that we not share your information with certain affiliates or third party providers for marketing purposes, and/or you may inquire as to how we have shared your information with third parties providers for marketing purposes. In connection with such request, we will identify the types of information shared and provide you with the names and addresses of the third parties with whom the information was shared. In this regard, please contact our Data Protection Officer at support@businessASAP.com with the subject line “CA Privacy Rights”.
FOR RESIDENTS OF THE EUROPEAN UNION ONLY
Under General Data Protection Regulation (“GDPR”), EU residents have specific rights in certain circumstances. This section details your rights pursuant to the GDPR.
For the purposes of the GDPR, the Data Controller is ASAP Accounting & Payroll, Inc , registered in the state of Colorado, USA with a registered agent address at \220 East Colorado Avenue, Suite 219 (POB 2710) Telluride, Colorado 81435 USA
You can contact our Data Protection Officer by sending an email to support@businessASAP.com or by writing to the below address with the subject line “EU Privacy Rights”:
ASAP Accounting & Payroll, Inc.
PO Box 2710
Telluride, Colorado 81435 USA
Your Rights Regarding Your Personal Information
At any time, you have the below rights to your personal information. You may exercise these rights by logging in to your account or by emailing our Data Protection Team (click on Contact Us Page to contact us) please include subject line “EU Privacy Rights”. We may ask for further information to identify you and ensure the personal data relates to the individual making the request. We will respond within one month of receiving the information we require to carry out your request.
- Request access to your personal information
- Request modification of your personal information
- Request erasure of your personal information if we do not have a legitimate right to hold it
- Object to processing of your personal information on the basis of our legitimate interest, explaining your justification
- Request restriction of processing your personal information in certain circumstances
- Request transfer of your personal information; and withdraw your consent
- File a complaint. You have the right to file a complaint about our data collection and processing actions to your data protection authority. Contact details for data protection authorities are available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Our Legal Basis and Legitimate Interest
We only collect and process personal information where we have a legal basis for such collection and processing. These legal bases are as follows:
- Our legitimate interests in providing a smooth and efficient customer experience
- Our legitimate interests in preventing fraud and keeping our Site and Services safe and secure
- Our third-party service providers’ legitimate interests
- Your explicit consent to the processing of your personal information
- The performance of a contract to which you are a party
- To comply with a legal obligation such as a law, regulation, search warrant, subpoena, or court order.
COMMUNICATIONS WITH COMPANY
By providing your email address to us, you expressly consent to receive emails from us. We may use email to communicate with you, to send information that you have requested or to send information about other products or Services developed or provided by us, provided that, we will not sell or give your email address to another party to promote their products or Services directly to you. We give you the option to unsubscribe from these communications from us. All unsubscribe or opt-out requests should be sent to us at support@businessASAP.com.
Any communication or material you transmit to us by email or otherwise, including any data, questions, comments, suggestions, or the like is, and will be treated as, non-confidential and nonproprietary. Except to the extent expressly covered by this policy, anything you transmit or post may be used by us for any purpose, including but not limited to, reproduction, disclosure, transmission, publication, broadcast and posting. Furthermore, you agree that we are free to use any ideas, concepts, know-how, or techniques contained in any communication you send to us without compensation and for any purpose whatsoever, including but not limited to, developing, manufacturing and marketing products and Services using such information.
END OF DOCUMENT