If you use the Website on behalf of an entity, company or organization (collectively, organization”) you agree to the Terms on behalf of yourself and the organization that you represent (collectively, “users”, “you”, or “your”).
2. Use of Your Information.
We want to be clear about what information we collect and how we use it to deliver our services to you, to improve your workforce management, to operate our business, and help make our services more useful, more intelligent, and work better for you. We do not sell or share Your Information (collectively defined below in Sections 2.1 and 2.2) with third parties for their own commercial uses without your consent. By using this Website, you consent to the uses identified in this Section unless a law or regulation specifically requires otherwise.
2.1 Collected Information.
We collect information when you register or use the Website, purchase services from us through or on the Website, apply for a job through our online services, register for an email subscription, create an account on our Website, view our online advertisements, update your profile on your account, request information from us, choose to complete our surveys or questionnaires, use any other service available through the Website, call us for support, given us feedback or otherwise access the Website (collectively, the “Services”).
We may also automatically collect certain usage information when you access our Services (“Usage Data”), such as Internet Protocol (“IP”) addresses, log files, unique device identifiers, pages viewed, browser type, any links you click on to leave or interact with our Services, and other usage information collected from cookies and other tracking technologies. Please see below in Section 5 for Cookies Policy.
We may collect information from additional sources.
- We may collect information provided by you which can be used to identify you (“Account Personal Information”), such as your name, your organization, billing address, email address, telephone number, Linked-In address, resume, username and password.
- We may collect additional information you provide to us, including your organization’s prior vendors for services similar to ours.
- In connection with purchasing Services relating to ACA Employer Reporting, EEO-1 Reporting, California SB 973, other reporting, pay equity and/or diversity, equity and inclusion analytics, we may collect personal information including name, social security number, date of birth, address, phone number, email, health coverage benefits enrollment information, wage and/or hour information (“Employee Personal Information”). Additional provisions governing the privacy of such information are set forth in a separate written agreement governing the provision of those services.
- In connection with the use of our TaxAdvantage or other Tax Credit services, we may collect driver’s license information as well as other Employee Personal Information to perform those services. Additional provisions governing the privacy of such information are set forth in separate written agreement governing the provision of those services.
- In connection with your submission of a job application with us, we may collect your name, phone number, Linked-In address, email address, and resume.
All of the foregoing information that we may collect are referred to as “Your Information.” All of the foregoing Account Personal Information or Employee Personal Information are collectively referred to as “Personal Information,” unless such information is aggregated or de-identified (“De-Identified Information”). Our Services may change over time and we may introduce new features that may collect new or different types of information.
2.2 Use Your Information.
Unless prohibited by law, regulation, and to the extent applicable under a separate written agreement, we may use Your Information for the following purposes:
2.2.1 Account Registration.
We may use Your Information as needed to communicate important information to you. If you set up an Administrator account for your organization, as an Administrator, you may have access to all Account Personal Information of your organization on the Website. If there are multiple Administrators, each Administrator may see and have the ability to change or delete the other Administrator’s Account Personal Information on the Website. Your Account will be periodically checked to ensure that the stored Account Personal Information is accurate. If you would like to update the Account Personal Information we hold about you, please contact us at firstname.lastname@example.org with your request.
2.2.2 Operate Our Business.
We may use Your Information as needed to operate our business, including account set and payment set up for the requested Services, and to help us protect our Website and Services, including to combat fraud and protect your information.
2.2.3 Provide Our Services.
We may use Your Information, including Your Personal Information, to provide the Services you requested and only to the extent needed to provide those Services. The terms governing the privacy of such information are specified in that separate, written agreement.
2.2.4 Improvement of Services and Development of New Services.
We may use Your Information as needed to personalize or customize your experience on the Website and the receipt of Services, to pre-populate fields to make it easier for you to provide information when you return to our Website, to validate Your Information (and, in some cases, match it against information that has been collected by a third party) to check that the data we hold about our users is accurate, consistent and current; and develop new features or services, and to improve the overall quality of our Services.
2.2.5 Customer Service and Technical Support.
We may use Your Information, including name, address, phone number, email address, and information about your computer configuration, as needed, to resolve technical support questions related to your use of the Website any Services through the Website and to follow up with you about your experience.
2.2.6 Communicate with You and Tell You About Other Services.
We may use Your Information as needed to communicate with you about our Services and to give you offers for third party products and services that we think may be of use to you.
We may use any information you volunteer in surveys you answer for us and combine them with answers from other users in order to better understand our Services and how we may improve them. Answering any survey is optional.
2.3 Single Sign On.
We may make available access to the Website via single sign on, which allows a user to use one set of login credentials (e.g., name and password) to access multiple applications through or within the Website (“SSO”). We provide SSO for the convenience of our users. However, SSO adds a risk to security in that an attacker who gains control over a user’s SSO credentials will be automatically be granted access to every application to which the user has rights through the SSO. In making SSO available, we will collect certain information for security purposes in order to verify your authorized access to an account or to reset your password if you cannot access your account. Some Services may require added security and you may be asked to provide additional information. The email address and password that you use to sign up for an account with us are your “credentials” that you will use to authenticate with our Website’s network. We assign a unique ID number to your credentials to track you and your associated information. Our Services do not allow sharing of accounts between users or individuals.
2.4 How We Share Your Information.
We do not sell Your Information. We will not share Your Information with any third parties other than:
2.4.1 Third Party Service Providers for Business Operations.
We may share your information, which may include Account Personal Information and Usage Data, with third party service providers who perform various functions to enable us to operate our business, such as website design, sending email and postal communications, facilitate SSO to your Account, fraud detection and prevention, customer care, payment processing, or performing analytics. Our contracts with these third parties require them to maintain the confidentiality of the Account Personal Information we provide to them, only act on our behalf and under our instructions, and not use Account Personal Information for purposes other than the product or service they’re providing to us or on our behalf.
2.4.2 Subcontractors to Assist in Providing Services.
We may share Your Information, including Personal Information with third party subcontractors who provide various products or services to assist us in providing our Services to you. This may include the subcontractor’s affiliates, the companies providing the hosting services, our subcontractor’s professional advisers, consulting partners, data scientists, and data management consultants. Our contracts with these subcontractors require them and those providing services to them who may have access to Personal Information to maintain the confidentiality of all confidential information we may provide to them, including Your Information, only act on our behalf and under our instructions, and not use the provided information for purposes other than the product or service they’re providing to us or on our behalf.
2.4.3 Comply with the Law, Including Response to Subpoenas and Other Legal Requests.
We may share Your Information with a court of law, law enforcement agency, or other government body when we have a good faith belief that we have a duty to disclose, are required or permitted to do so by law, including but not limited to, meeting national security or law enforcement requirements, protection of our company, or responding to a court order, subpoena, search warrant, or other law enforcement request.
2.4.4 Protection of Trusaic and Others.
We may share Your Information when we believe it is appropriate to enforce or apply our Terms of Service and other agreements or to protect Trusaic’s rights, our Services, our users or others. This includes exchanging Account Personal Information and Usage Data with other companies and organizations for fraud protection and credit risk reduction. This does not include selling, renting, sharing, or otherwise disclosing Your Information for commercial purposes in violation of the commitments set forth in this Privacy Statement.
2.4.5 Reporting to Credit Bureaus.
We may share Your Information (but expressly excluding Personal Information) with credit bureaus, consumer reporting agencies, and card associations. Late payments, missed payments, or other defaults on your account may be reflected in your credit report and consumer report. We may also share your information with other companies, lawyers, credit bureaus, agents, government agencies, and card associations in connection with issues related to fraud, credit, or debt collection.
2.4.6 Sale of Our Business.
If we sell, merge, or transfer any part of our business, we may be required to share Your Information in the event of such information will be one of the transferred assets or otherwise required as part of the sale, merger or transfer.
2.4.7 With your Consent.
Other than as set forth above and to the extent the legal basis for sharing with third parties is consent, we will provide you with notice and the opportunity to choose to withdraw your consent. You may withdraw your consent by contacting us. See Section 12.
3. Updating Your Account Personal Information.
In connection with your right to manage your Account Personal Information you provide to us, you may access, update, change, correct or request deletion of your information either through the Website or through our client support. You can reach our client support by emailing us at email@example.com.
4. Data Retention and Your Access Rights.
4.1 Data Retention.
In accordance with and as permitted by applicable law and regulations, we will retain Your Information as long as necessary to serve you, to maintain your account for as long as your account is active, as required by Trusaic’s records and information management policies to comply with our legal and reporting obligations, resolve disputes, enforce our agreements, complete any outstanding transactions and for the detection and prevention of fraud, or as otherwise needed to operate our business. When you close your account, we may continue to communicate with you about our Services, give you important business updates that may affect you, and let you know about products and services that may interest you, unless you have opted out of receiving marketing communications. We may also continue to use some of your information for business purposes and to improve our offerings or in some cases to develop new ones.
With respect to Personal Information, we will only store such information for as long as necessary for the purposes set forth in Section 2.2.
4.2 Your Access Rights to Account Personal Information.
If you have created an online account with us and would like to update the Account Personal Information you have provided to us, you can access your account to view and make changes or corrections to your Account Personal Information.
You may withdraw your consent to have us hold your Account Personal Information at any time. To do so, please contact us. See Section 12 (Contact Us). You may ask us to correct inaccurate or outdated information held about you in the Account Personal Information. If you would like to correct or update the Account Personal Information, you may do so directly by logging on to your profile. You may ask us to delete your Account Personal Information. If you would like us to delete the Account Personal Information we hold about you, please contact us using the details below, specifying why you would like us to delete your Account Personal Information. To do so, please contact us. See Section 12 (Contact Us).
4.3 Opting Out of Communications
If you have subscribed to or are otherwise receiving news, alerts, blog posts, or similar information from us by email and no longer want to receive such information in the future, you may opt-out of receiving these emails by contacting us at clicking the “unsubscribe” link at the bottom of those emails you receive. Please allow ample time for us to process your request. If you are having difficulty unsubscribing, please contact us at firstname.lastname@example.org.
Please note that even if you opt-out of receiving emails, you may still receive communications related to your interaction with us (such as confirmation of a registration or form submission) or otherwise as required by law. Also note that we may need to keep your Personal Information we have collected about you to respect your decision to opt-out, for record-keeping and other purposes.
Cookies are small text files saved to your computer’s hard drive that track, save and store information as well as your interactions and usage of our Website. When you visit our Websites, we may collect information from you automatically through cookies or similar technology. The primary purpose for collection of data from users to our Websites is to allow us to provide a smooth efficient and personalized experience while using our Websites, including keeping you signed in and understanding how you use our Websites. We may use functionality cookies to allow us to recognize you on our Websites and remember your previously selected preferences. We may use advertising cookies to collect information about your visit to our Websites, the content you viewed, the links you followed and information about your browser, device, and your IP address. You are advised that if you do not consent to the use and saving of cookies from the Website on to your computer hard drive then you should take necessary steps within your web browser security settings to block all cookies from the Website and its external serving vendors. You can set your browser not to accept cookies. However, please note that in order to use certain applications on the Websites, cookies are required for authentication, without which those applications on the Websites may not be accessible.
6. Security of Your Information.
Keeping Your Information safe is important to us.
Although Trusaic maintains reasonable security measures, please note, however, that the internet is not an absolute, secure medium and we cannot guarantee the security of any information you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us responsible for any breaches.
7. International Transfers of Personal Data.
While we do not generally transmit or receive any data outside of the United States, to the extent that the specific Service so requires to trigger application of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation or "GDPR"), the following additional provisions apply.
Trusaic securely stores Your Personal Information (“Personal Data” for purposes of this Section 7) within the United States on data servers subject to appropriate safeguards, including annual SOC auditing. See Section 6 for further details on the Security of Your Information.
To the extent that Trusaic Processes any Personal Data, it is only in its capacity as a data processor for clients acting as a data controller of Personal Data of its employees. Trusaic conducts such Processing solely to perform services under a written contract and pursuant to the instructions set forth therein, including with respect to the collection and transmissions of Personal Data. Without such Personal Data, Trusaic would not be able to perform the services for such client under such written contract.
As specified in the applicable written contract with the client, any Personal Data Processed by Trusaic will be kept in in a form which permits identification of the employees Data Subjects for no longer than is necessary for the purposes for which the Personal Data is Processed and Processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorized or unlawful Processing and against accidental loss, destruction or damage, using appropriate security measures.
Processing is limited to the processing of Personal Data within the US and transmitted to or received from a client subject to the GDPR. Trusaic does not transmit Personal Data outside of the US except to a country subject to the GDPR. In such Processing of Personal Data, Trusaic does not maintain any automated decision-making system, including profiling.
If you have any questions, you may contact us. See Section 12.
Verasafe has been appointed as the Company’s representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union(“EU Rep”) and as the Company’s representative in the in the United Kingdom pursuant to Article 27 of thew United Kingdom General Data Protection Regulation (“UK Rep”).
If you are located in the European Economic Area, in addition to the contact identified in Section 12, you may contact the EU Rep only on matters related to the processing of personal data.
If you are located in the United Kingdom, in addition to the contact identified in Section 12, you may contact the UK Rep only on matters related to the processing of personal data.
To contact the EU Rep, please use the contact form on this link:https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.
Alternatively, the EU Rep can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road Cork T23AT2P
To contact the UK Rep, please use the contact form on this link:https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +44 (20) 4532 2003.
Alternatively, the UK Rep can be contacted at:
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL
8. Children’s Personal Information.
We do not knowingly collect information from minors. Our Website and the Services through the Website are intended for and directed only to adults. Our Website and Services are not directed to minors and we do not knowingly collect any personal information from minors. Please note, if you are under the age of 18, and register on the Website, you may request and obtain removal of content or information you have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information to email@example.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested
9. Your California Privacy Rights (California Residents Only)
This Section 9 applies only to California residents and us pursuant to the California Consumer Privacy Act (the “CCPA”). (Any term defined in the Act has the same meaning hereunder.)
9.1 Consumer Personal Information We Collect
We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“Consumer Personal Information”). In particular, we have collected the following categories of Consumer Personal Information within the last twelve (12) months:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||AA name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||YES|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||NO|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.||YES|
|G. Geolocation data.||Physical location or movements.||YES|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||YES|
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. §1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|K. Inferences drawn from other personal information.||Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||NO|
Consumer Personal information does not include:
- Publicly available information from government records.
- De-identified or aggregated information.
- Information excluded from the CCPA’s scope, such as (a) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data and (b) personal information covered by certain sector-specific privacy laws, including the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
We obtain the categories of Consumer Personal Information listed above from the following categories of sources: (a) Directly from our clients or their representatives. For example, from documents that our clients provide to us related to one of more of the Services we provide to such clients, (b) Indirectly from our clients or their representatives. For example, through information we collect from our clients in the course of providing Services to them, (c) Directly and indirectly from activity on our Website. For example, from submissions through one or more of our portals or Website usage details collected automatically, and (d) From third-parties that interact with us in connection with the Services we perform.
9.2 Use of Consumer Personal Information
We may use the Consumer Personal Information we collect for one or more of the purposes identified in Section 2.2 above.
We will not collect additional categories of Consumer Personal Information or use the Consumer Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
9.3 Sharing Consumer Personal Information
We may disclose your Consumer Personal Information to a third party for a business purpose as described in Section 2.4 above.
In the preceding twelve (12) months, we may have disclosed the following categories of Consumer Personal Information, as described in Section 9.1, for a business purpose: A, B, C, F, G, and I.
We disclose your Consumer Personal Information for a business purpose to the following categories of third parties: (a) Our affiliates, (b) Service providers, (c) Subcontractors, (d) other third parties to whom our clients authorize us to disclose your Consumer Personal Information in connection with Services we provide.
In the preceding twelve (12) months, we have not sold any Consumer Personal Information.
9.4 Your Rights and Choices
The CCPA provides California resident consumers with specific rights regarding their Consumer Personal Information. This subsection describes your rights and explains how to exercise those rights.
9.4.1 Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Consumer Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of Consumer Personal Information we collected about you.
- The categories of sources for the Consumer Personal Information we collected about you.
- Our business or commercial purpose for collecting, using or sharing that Consumer Personal Information.
- The categories of third parties with whom we share that Consumer Personal Information.
- The specific pieces of Consumer Personal Information we collected about you (also called a data portability request).
- If we disclosed your Consumer Personal Information for a business purpose, we will identify the Consumer Personal Information categories that each category of recipient obtained.
9.4.2 Deletion Request Rights
You have the right to request that we delete any of your Consumer Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Consumer Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the Consumer Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which it was provided.
9.4.3 Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either (a) emailing us at firstname.lastname@example.org or (b) writing to us at Trusaic, Attention: Legal, at 3530 Wilshire Blvd., Suite 1460, Los Angeles CA 90010
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Consumer Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Consumer Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Consumer Personal Information if we cannot verify your identity or authority to make the request and confirm the Consumer Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Consumer Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
9.4.4 Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Consumer Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
In calendar year 2020, there have been 0 requests that are applicable to any of the rights listed in this Section 9.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not (a) Deny you goods or services; (b) Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (c) Provide you a different level or quality of goods or services; and/or (d) Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services
10. “Do Not Track” Browser Settings.
At this time, we do not use technology that recognizes “do-not-track” signals (“DNT”) from your web browser. If you turn on the DNT setting on your browser, our Websites are not currently capable of following whatever DNT preferences you set. For more information about DNT, visit www.donottrack.us.
12. Contact Us
Attn: Legal Department
3530 Wilshire Blvd., Suite 1460
Los Angeles, CA 90010
(213) 382-1115 email@example.com
If you would like to update the Account Personal Information we hold about you, please contact us at firstname.lastname@example.org with your request.