Privacy Policy (version updated September 9, 2020)

  1. General.
    First Capitol Consulting, Inc. dba Trusaic (“Trusaic”, “we”, “our”, or “us”) respects your privacy and the confidentiality of personal information you provide to us. Along with the Terms of Service and any separate written agreement for services to be provided by Trusaic, this Privacy Policy governs the use of our websites and/or any service through our websites, which include but is not limited to, trusaic.com, firstcapitolconsulting.com, payparitybasic.com, humanefits.com, company.humanefits.com, candidate.humanefits.com, employee.humanefits.com, admin.humanefits.com, acatimes.com, payparitypost.com, portal.trusaic.com, datadriven.firstcapitolconsulting.com, datadriven.trusaic.com, workforce.firstcapitolconsulting.com, and workforce.trusaic.com (each, the “Website,” and collectively the “Websites”) and any information collected through the Websites.

If you use the Website on behalf of an entity, company or organization (collectively, organization”) you agree to the Terms on behalf of yourself and the organization that you represent (collectively, “users”, “you”, or “your”).

To the extent of any conflict between any separate written agreement and the Terms of Service and/or Privacy Policy, the separate written agreement controls.

  1. Use of Your Information.
    We want to be clear about what information we collect and how we use it to deliver our services to you, to improve your workforce management, to operate our business, and help make our services more useful, more intelligent, and work better for you. We do not sell or share Your Information (collectively defined below in Sections 2.1 and 2.2) with third parties for their own commercial uses without your consent.

2.1 Collected Information.
We collect information when you register or use the Website, purchase services from us through or on the Website (the “Services”), apply for a job through our online services, register for an email subscription, create an account on our Website, view our online advertisements, update your profile on your account, request information from us, choose to complete our surveys or questionnaires, use any other service available through the Website, call us for support, given us feedback or otherwise access the Website.

We may also automatically collect certain usage information when you access our Services (“Usage Data”), such as Internet Protocol (“IP”) addresses, log files, unique device identifiers, pages viewed, browser type, any links you click on to leave or interact with our Services, and other usage information collected from cookies and other tracking technologies. Please see below in Section 5 for Cookies Policy.

We may information from additional sources.

  • We may collect information provided by you which can be used to identify you (“Account Personal Information”), such as your name, your organization, billing address, email address, telephone number, Linked-In address, resume, username and password.
  • We may collect additional information you provide to us, including your organization’s prior vendors for services similar to ours.
  • In connection with purchasing Services relating to ACA Employer Reporting or EEO-1 Reporting, we may collect employee personal information including name, social security number, date of birth, address, phone number, email, wage and hour information. The provisions governing the privacy of such information are set forth in separate written agreement governing the provision of those services.
  • In connection with purchasing Services relating to Tax Credits, we may collect employee personal information including name, social security number, date of birth, address, phone number, email, wage and hour information, and tax credit targeted group information. The provisions governing the privacy of such information are set forth in separate written agreement.
  • In connection with purchasing Services relating to the Pet Tool Tracker, we may collect de-identified information about your employees, including but not limited to, gender, ethnicity, race, other protected category status, job title, job level, business unit, performance, position within the organization, tenure, age, bonus and salary (“Deidentified Employee Information”). The provision of this Deidentified Employee Information is mandatory and failure to do so will result in our inability to provide those services.
  • In connection with the use of our Humanefits services, we may collect employee personal information including name, social security number, date of birth, address, phone number, email, driver’s license, wage and hour and other personal information. The provisions governing the privacy of such information are set forth in separate written agreement governing the provision of those services.
  • In connection with your submission of a job application with us, we may collect your name, phone number, Linked-In address, email address, and resume.
    All of the foregoing information that we may collect are referred to as “Your Information.” Our Services may change over time and we may introduce new features that may collect new or different types of information.

2.2 Use Your Information.
Unless prohibited by law, regulation, and to the extent applicable under a separate written agreement, we may use Your Information for the following purposes:

2.2.1 Account Registration. We may use Your Information as needed to communicate important information to you. If you set up an Administrator account for your organization, as an Administrator, you may have access to all Account Personal Information of your organization on the Website. If there are multiple Administrators, each Administrator may see and have the ability to change or delete the other Administrator’s Account Personal Information on the Website. Your Account will be periodically checked to ensure that the stored Account Personal Information is accurate. If you would like to update the Account Personal Information we hold about you, please contact us at support@trusaic.com with your request.

2.2.2 Operate Our Business. We may use Your Information as needed to operate our business, including account set and payment set up for the Services you requested, and to help us protect our Website and Services, including to combat fraud and protect your information.

2.2.3 Provide Our Services. We may use Your Information, including Employee Personal Information, to provide the Services you requested and only to the extent needed to provide those Services. The terms governing the privacy of such information are specified in that separate, written agreement.

2.2.4 Improvement of Services and Development of New Services. We may use Your Information as needed to personalize or customize your experience and the Services, to pre-populate fields to make it easier for you to provide information when you return to our Website, to validate Your Information (and, in some cases, match it against information that has been collected by a third party) to check that the data we hold about our users is accurate, consistent and current; and develop new features or services, and to improve the overall quality of our Services.

2.2.5 Customer Service and Technical Support. We may use Your Information, including name, address, phone number, email address, and information about your computer configuration, as needed, to resolve technical support questions related to your use of the Website any Services through the Website and to follow up with you about your experience.

2.2.6 Communicate with You and Tell You About Other Services. We may use Your Information as needed to communicate with you about our Services and to give you offers for third party products and services that we think may be of use to you.

2.2.7 Feedback. We may use any information you volunteer in surveys you answer for us and combine them with answers from other users in order to better understand our Services and how we may improve them. Answering any survey is optional.

2.3 Single Sign On.
We may make available access to the Website via single sign on, which allows a user to use one set of login credentials (e.g., name and password) to access multiple applications through or within the Website (“SSO”). We provide SSO for the convenience of our users. However, SSO adds a risk to security in that an attacker who gains control over a user’s SSO credentials will be automatically be granted access to every application to which the user has rights through the SSO. In making SSO available, we will collect certain information for security purposes in order to verify your authorized access to an account or to reset your password if you cannot access your account. Some Services may require added security and you may be asked to provide additional information. The email address and password that you use to sign up for an account with us are your “credentials” that you will use to authenticate with our Website’s network. We assign a unique ID number to your credentials to track you and your associated information. Our Services do not allow sharing of accounts between users or individuals.

2.4 How We Share Your Information.
We do not sell Your Information.  We will not share Your Information with any third parties other than:

2.4.1 Third Party Service Providers for Business Operations. We may share your information, which may include Account Personal Information and Usage Data, with third party service providers who perform various functions to enable us to operate our business, such as website design, sending email and postal communications, facilitate SSO to your Account, fraud detection and prevention, customer care, payment processing, or performing analytics. Our contracts with these third parties require them to maintain the confidentiality of the Account Personal Information we provide to them, only act on our behalf and under our instructions, and not use Account Personal Information for purposes other than the product or service they’re providing to us or on our behalf.

2.4.2 Subcontractors to Assist in Providing Services. We may share Your Information, including Employee Personal Information and/or De-Identified Employee Information with third party subcontractors who provide various products or services to assist us in providing our Services to you. This may include the subcontractor’s affiliates, the companies providing the hosting services, our subcontractor’s professional advisers, consulting partners, data scientists, and data management consultants. Our contracts with these subcontractors require them and those providing services to them who may have access to employee personal information to maintain the confidentiality of all confidential information we may provide to them, including your information and employee personal information, only act on our behalf and under our instructions, and not use the provided information for purposes other than the product or service they’re providing to us or on our behalf.

2.4.3 Comply with the Law, Including Response to Subpoenas and Other Legal Requests. We may share Your Information with a court of law, law enforcement agency, or other government body when we have a good faith belief that we have a duty to disclose, are required or permitted to do so by law, including but not limited to, meeting national security or law enforcement requirements, protection of our company, or responding to a court order, subpoena, search warrant, or other law enforcement request.

2.4.4 Protection of Trusaic and Others. We may share Your Information when we believe it is appropriate to enforce or apply our Terms of Service and other agreements or to protect Trusaic’s rights, our Services, our users or others. This includes exchanging Account Personal Information and Usage Data with other companies and organizations for fraud protection and credit risk reduction. This does not include selling, renting, sharing, or otherwise disclosing Your Information for commercial purposes in violation of the commitments set forth in this Privacy Statement.

2.4.5 Reporting to Credit Bureaus. We may share Your Information (but expressly excluding Employee Personal Information and De-Identified Employee Information) with credit bureaus, consumer reporting agencies, and card associations. Late payments, missed payments, or other defaults on your account may be reflected in your credit report and consumer report. We may also share your information with other companies, lawyers, credit bureaus, agents, government agencies, and card associations in connection with issues related to fraud, credit, or debt collection.

2.4.6 Sale of Our Business. If we sell, merge, or transfer any part of our business, we may be required to share Your Information in the event of such information will be one of the transferred assets or otherwise required as part of the sale, merger or transfer.

2.4.7 With your Consent. Other than as set forth above, we will provide you with notice and the opportunity to choose when Your Information may be shared with other third parties.

  1. Updating Your Account Personal Information.
    In connection with your right to manage your Account Personal Information you provide to us, you may access, update, change, correct or request deletion of your information either through the Website or through our client support. You can reach our client support by emailing us at support@trusaic.com.
  2. Data Retention and Your Access Rights.

4.1 Data Retention.
In accordance with and as permitted by applicable law and regulations, we will retain Your Information as long as necessary to serve you, to maintain your account for as long as your account is active, or as otherwise needed to operate our business. When you close your account, we may continue to communicate with you about our Services, give you important business updates that may affect you, and let you know about products and services that may interest you, unless you have opted out of receiving marketing communications. We may also continue to use some of your information for business purposes and to improve our offerings or in some cases to develop new ones. We will retain and use your information as required by applicable regulations and Trusaic’s records and information management policies to comply with our legal and reporting obligations, resolve disputes, enforce our agreements, complete any outstanding transactions and for the detection and prevention of fraud.
With respect to Employee Personal Information or De-Identified Employee Information, we will only store such information for as long as necessary for the purposes set forth in Section 2.2.3 (Provide Our Service), as applicable and Sections 2.4.2 (Subcontractors to Assist in Providing Services) and 2.4.3 (Comply with the Law, Including Response to Subpoenas and Other Legal Requests), 2.4.4 (Protection of Trusaic and Others), 2.4.6 (Sale of Our Business) and 2.4.7 (With Your Consent), as applicable.

4.2 Your Access Rights to Account Personal Information.
If you have created an online account with us and would like to update the Account Personal Information you have provided to us, you can access your account to view and make changes or corrections to your Account Personal Information.
You may withdraw your consent to have us hold your Account Personal Information at any time. To do so, please contact us. See Section 12 (Contact Us). You may ask us to correct inaccurate or outdated information held about you in the Account Personal Information. If you would like to correct or update the Account Personal Information, you may do so directly by logging on to your profile. You may ask us to delete your Account Personal Information. If you would like us to delete the Account Personal Information we hold about you, please contact us using the details below, specifying why you would like us to delete your Account Personal Information. To do so, please contact us. See Section 12 (Contact Us).

  1. Cookie Policy
    Cookies are small files saved to your computer’s hard drive that track, save and store information as well as your interactions and usage of our Website. The primary purpose for collection of data from users to our Website is to allow us to provide a smooth efficient and personalized experience while using our Website.
    You are advised that if you do not consent to the use and saving of cookies from this Website on to your computer hard drive then you should take necessary steps within your web browser security settings to block all cookies from this website and its external serving vendors.
    Please note that in order to use certain applications on the Website, cookies are required for authentication, without which those applications on the Website may not be accessible.
  2. Security of Your Information.
    Keeping Your Information safe is important to us.
    We treat Your Information in strict confidence and we seek to provide reasonable and appropriate security measures in connection with the collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of Your Information. Among these measures include the secure transmittal of Employee Personal Information or De-Identified Employee Information, regular training of our staff and requiring them to safeguard Your Information, engaging in regular reviews and updates of our of security procedures to implement best practices to protect Your Information, seeking periodic SOC II, Type II auditing.
    Please note that the internet is not a secure medium and we cannot guarantee the security of any information you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us responsible for any breaches.
  3. No International Data Transfers.
    We do not transfer any data outside of the United States. All data is stored within the United States.
  4. Collection and Use of Children’s Personal Information.
    We do not knowingly collect information from minors. Our Website and the Services through the Website are intended for and directed only to adults. Our Website and Services are not directed to minors and we do not knowingly collect any personal information from minors.
  5. Your California Privacy Rights
    In connection with providing certain Services (“Affected Services”), we may collect Personal Information from Consumers (“Consumer Personal Information”) as defined by the California Consumer Privacy Act (the “Act”).Although no one under the age of 18 is intended for this Website, please note, if you are a California resident under the age of 18, and a registered user of any site where this Policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted.

Further details are provided in the CCPA Privacy Notice, which is incorporated into this Privacy Policy.  See link.

  1. Changes to our Privacy Policy
    From time to time we may change or update our Privacy Policy. We reserve the right to make changes or updates at any time. Trusaic reserves the right, in its sole discretion, to make changes to this Privacy Policy at any time by posting a revised version of the Privacy Policy on our website or by sending notification to the email address associated with your account. The most current version of the Privacy Policy will supersede all previous versions. Your continued access or use of Website and/or Services through the Website constitutes your acceptance to the modified terms. We encourage you to periodically review the Privacy Policy to stay informed of our updates.
  2. Contact Us

If you have questions or comments about this Privacy Policy, please contact us either by phone or email. We want your feedback and comments.

Trusaic
Attn: Legal Department
3530 Wilshire Blvd., Suite 1460
Los Angeles, CA 90010
(213) 382-1115
legal@trusaic.com

If you would like to update the Account Personal Information we hold about you, please contact us at support@trusaic.com with your request.

CCPA Privacy Notice

(Version September 9, 2020)

This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS supplements the information contained in the Privacy Policy of First Capitol Consulting, Inc. dba Trusaic (“Trusaic”) and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”) when you use any of our websites and/or any service through our websites, which include but is not limited to, trusaic.com, firstcapitolconsulting.com, payparitybasic.com, humanefits.com, company.humanefits.com, candidate.humanefits.com, employee.humanefits.com, admin.humanefits.com, acatimes.com, payparitypost.com, portal.trusaic.com, datadriven.firstcapitolconsulting.com, datadriven.trusaic.com,

workforce.firstcapitolconsulting.com, and workforce.trusaic.com (each, the “Website,” and

collectively the “Websites”) and any information collected through the Websites. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws.  Any terms defined in the CCPA have the same meaning when used in this notice.

 

  1. Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Consumer Personal Information”) in connection with our Websites. In particular, we have collected the following categories of Consumer Personal Information from consumers within the last twelve (12) months:

  • Category A – Identifiers
    • Examples: Name, postal address, Internet Protocol address, email address, Social Security number, telephone number, driver’s license number or other similar identifiers.
  • Category B – Consumer Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
    • Examples: Name, signature, Social Security Number, address, telephone number, fax number, driver’s license or state identification card number, education, and employment.
  • Category C – Protected classification characteristics under California or federal law
    • Examples: Age, ethnicity, religion or creed, marital status, gender, veteran status.
  • Category D – Commercial information
    • Example: Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Category F – Internet or other similar network activity
    • Examples: Access history and information on your interaction with our application.
  • Category G – Geolocation data.
    • Example: Physical location.
  • Category I – Professional or employment-related information
    • Examples: Occupation, employer information.
  • Category J – Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))
    • Examples: Education level, school attended, aptitude.

 

We obtain the categories of Consumer Personal Information listed above from the following categories of sources:

  • Directly from our clients. For example, from information our clients provide to us related to the services for which they engage us.
  • Directly from you. For example, through information we ask from you when our clients engage our services.
  • Directly and indirectly from you when using our services or visiting our Website. For example, usage details collected automatically in the course of your interaction with our Website.

Consumer Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.

 

  1. Use of Consumer Personal Information

We may use or disclose Consumer Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason for which the information is provided.
  • To provide you with email alerts and other notices concerning our services.
  • To improve our services to you.
  • For testing, research, analysis and product development.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting Your Consumer Personal Information or as otherwise set forth in the CCPA.

We will not collect additional categories of Consumer Personal Information or use the Consumer Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

  1. Sharing Consumer Personal Information

We may disclose Your Consumer Personal Information to a third party for a business purpose. When we disclose Consumer Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Consumer Personal Information confidential and not use it for any purpose except performing the contract.

In the preceding twelve (12) months, we have disclosed the following categories of Consumer Personal Information for a business purpose:

  • Category A:
  • Category B: California Customer Records personal information categories.
  • Category C: Protected classification characteristics under California or federal law.
  • Category D: Commercial information.
  • Category F: Internet or other similar network activity.
  • Category G: Geolocation data.
  • Category I: Professional or employment-related information.
  • Category J: Non-public education information.

 

We disclose Consumer Personal Information for a business purpose to the following categories of third parties:

  • Our clients for which you have engaged in a business contract.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose Your Consumer Personal Information in connection with our services.

In the preceding twelve (12) months, we have not sold any Consumer Personal Information.

  1. Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their Consumer Personal Information. This section describes your CCPA rights and explains how to exercise those rights.

  1. Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of Your Consumer Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of Consumer Personal Information we collected about you.
  • Our business or commercial purpose for collecting that Consumer Personal Information.
  • The categories of third parties with whom we share that Consumer Personal Information.
  • The specific pieces of Consumer Personal Information we collected about you (also called a data portability request).
    1. Deletion Request Rights

You have the right to request that we delete any of Your Consumer Personal Information we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) Your Consumer Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  1. Complete the transaction for which we collected the Consumer Personal Information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

 

  1. Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by email at legal@trusaic.com.

 

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to Your Consumer Personal Information. Although we do not direct our Website to any minor child, if, for any reason, if applicable, you may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Consumer Personal Information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Consumer Personal Information if we cannot verify your identity or authority to make the request and confirm the Consumer Personal Information relates to you.  Making a verifiable consumer request does not require you to create an account with us. We will only use Consumer Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

  1. Response Timing and Format

We endeavor to respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to the registered email associated with the account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt.  The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide Your Consumer Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  1. Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you use of our services.
  • Provide you a different level or quality of services.

 

  1. Changes to our CCPA Privacy Notice

We reserve the right to amend this CCPA Privacy Notice at our discretion and at any time. The date this CCPA Privacy Notice was last updated is identified at the bottom of this page. You are responsible for periodically visiting the Website and this CCPA Privacy Notice to check for any changes.

  1. Contact Information

If you have any questions or comments about this CCPA Privacy Notice, our Privacy Policy, the ways in which we collect and use Your Consumer Personal Information, your choices and rights regarding such use, or wish to exercise your rights under California law, you may contact us toll-free at 1 (877) 866-4222 or via email to legal@trusaic.com.