Privacy Statement

Effective as of September 2, 2021

HR Cloud, Inc. (“HRCloud.com,” “We”, “Us”, “Our” or “the Company”) is committed to privacy protection for HRCloud.com website visitors and registrants for the Company’s events (attendees) and services (customers). This privacy statement applies to www.HRCloud.com, HR Cloud app (iOS and Android), corehr.HRCloud.com, API’s, workflows, and workmates. HRCloud.com is owned and operated by HRCloud.com. This policy also describes the choices available to you regarding our use of your personal information and how you can access and update this information. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client (Employer) has engaged.

Our practices related to personal information collected from our website and the human resources data of our employees are covered by our Website Privacy Policy here:
https://corehr.hrcloud.com/PrivacyPolicy

California Consumer Privacy Act (CCPA)

If you are a resident of the state of California, under the California Consumer Privacy Act (California Civil Code §1798.100 et. Seq. (as amended from time to time, the “CCPA”)), you have the following rights:

  • The right to know or request that a business disclose what Personal Information of yours that it collects, uses, discloses and sells.
  • The right to request that a business delete Visitor Personal Information collected or maintained by the business.
  • The right to opt-out of the sale or transfer of Visitor Personal Information for consideration by a business (aka “Do Not Sell My Information”).
  • The right not to receive discriminatory or differentiated treatment by a business because you exercised a right conferred by the CCPA.

To submit a right to know, delete or opt-out (aka Do Not Sell My Information) request regarding Visitor Personal Information, click here. You may only make a verifiable customer request for access twice within a 12-month period. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

If you submit a right to know or deletion request, HR Cloud will attempt to verify your identity with a reasonably high degree of certainty. HR Cloud will require you to sign a declaration attesting to your identity. Please see below for information on how to submit an authorized request on another’s behalf. If HR Cloud cannot verify your identity it will, in accordance with its obligations under the CCPA, decline to comply with your request.

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (for a maximum total of 90 days), we will inform you of the reason and extension period in writing. We do not charge a fee to process or respond to your verifiable consumer request unless the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. Alternatively, we may decline to respond to the request and notify you of our reason for doing so.


Collection of Personal Information under the CCPA

Depending on how a Visitor used our website or signed up for content sponsored by HR Cloud and/or one of its partners or co-sponsors, the following personal information is collected by HR Cloud:

Category Source Business Purpose Categories of Third Parties Shared With
Name
Email
Phone Number
Title
Company
Country		 Form submissions by Visitor/Lead Providers

Partners and/or Event or Content Co-Sponsors		 Provide the Service and/or Marketing Partners and/or Event or Content Co-Sponsors

Service Providers who help us provide the Services
Cookie Related Information* Visitor's use of website Website analytics/Marketing Service Providers/third party ad networks
Disclosure or Sale of Personal Information

If a Visitor signed up for content or an event that is offered by HR Cloud and a HR Cloud partner or co-sponsor, HR Cloud will disclose (i.e. transfer under the CCPA’s definition of a sale) the Visitor’s Personal Information to the partner or co-sponsor. The categories of personal information that may be disclosed are name, email, phone number, title, company and country. Additionally, a Visitor’s cookie related information may be disclosed to our third-party ad networks. HR Cloud does not process, sell or disclose Personal Information of minors under 16 years of age.


Authorized Agent

If a Visitor would like to use an authorized agent to exercise its rights under the CCPA, the Visitor may do so by providing either (1) a copy of Visitor’s written permission for the authorized agent to submit a request on Visitor's behalf and information sufficient to verify the authorized agent’s identity or (2) power of attorney pursuant to California’s Probate Code. HR Cloud will verify the identity of the authorized agent and require that the authorized agent sign a declaration under the penalty of perjury attesting to their designation as an authorized agent of the Visitor.


Information EU – U.S. Privacy Shield and Swiss – U.S. Privacy Shield

HRCloud.com complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. HRCloud.com has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, HRCloud.com is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. HR Cloud uses standard contractual clauses, as needed, to transfer data to and from the EU.

If you are an individual in the EU or Switzerland, HRCloud.com acknowledges that you have the right to access your personal information that we have received or processed in the U.S. under Privacy Shield. HRCloud.com has no direct relationship with the individuals whose personal information it processes for its Clients. Such an individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to HRCloud.com’s Client (the data controller). HRCloud.com will assist such individuals in contacting the appropriate Client. If you are an individual in the EU or Switzerland with a direct relationship with HRCloud.com, you may direct your request to access, correct, or delete your information under Privacy Shield to security@HRCloud.com. For more information about the options for correcting inaccurate information in our systems please see “Changing your information” below.

We provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to security@HRCloud.com

HRCloud.com’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, HRCloud.com remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless HRCloud.com proves that it is not responsible for the event giving rise to the damage.

In certain situations, HRCloud.com may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, HRCloud.com commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact HRCloud.com by email at security@HRCloud.com

HRCloud.com has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your complaint involves human resources data transferred to the United States from the EU and/or Switzerland in the context of the employment relationship, and HRCloud.com does not address it satisfactorily, HRCloud.com commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and to comply with the advice given by the DPA panel and/or Commissioner, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Information Collected

When you visit our Website and make a request for information or register on HRCloud.com’s Web site, the Company will collect the following personal information from you on behalf of your Employer.

  • Contact information such as name, Employer name, phone number, and email address.
  • Information your Employer asks us to collect such as electronic signature, physical address, phone numbers, previously used names, nickname, date of birth, gender, tax id/social security number, your profile picture, vehicle make/model/license, and emergency contact name/address/phone/email.
  • Information your Employer asks us to collect to verify employment eligibility such as alien number/expiration, I-94 number/expiration, citizenship status, and passport number/place-of-issue/expiration/issuing-authority.
  • Information your Employer asks us to collect to facilitate payroll processing such as bank account name/routing/account#, tax deductions, and any other withholdings.
  • Information other Employer employees can use to contact you via social media such as your Facebook, LinkedIn, Twitter, google hangouts, google plus, skype, or yammer id’s.
  • Other information your Employer may ask us to collect, will be detailed by your Employer’s privacy policy.

When browsing HRCloud.com the Company may also collect information through the use of data-gathering tools, such as cookies and Web beacons. This information includes your web browser, your internet protocol address, any information your browser attaches to the web request, and the navigation actions you take on the Company’s Web sites.

These are detailed later in the privacy policy.

Use of Information

HRCloud.com utilizes the information collected to

  • supply you with the services you request,
  • supply you with additional information about the Company’s promotions, events, partners, and services,
  • make improvements to the Company’s Services and Web sites.

Sharing collected information

HRCloud.com may share personal information that you provide with organizations that work on behalf of HRCloud.com only in the ways that are described in this privacy statement.

Service Providers

HRCloud.com may share collected personal information with contracted service providers your Employer has optionally chosen as integration with the Company’s Services and Web Sites. These service providers are:

• ADP for direct deposit

  • Bank account #1 type, routing #, account #, amount to deposit
  • Bank account #2 type, routing #, account #, amount to deposit
  • Name, date of birth, name, gender, phone (cell/work), address, location
  • SSN/Tax ID, race, benefits eligibility

• ADP for W4

  • Marital status, alien/citizenship status
  • Legal name, name on SS card
  • Tax withholding information
  • Emergency contacts name, phone, and email addresses

• Checkr for employer background checks

  • Email address

• Engagedly for performance management

  • Position, location, name, email, employee number, date of birth
  • Start date, profile picture

• eVerify for employment eligibility verification

  • Alien/I-94 number, date of birth, citizenship status
  • Email, name, other names used, ssn/tax id, and phone number
  • Drivers license issuing state, expiration, and number
  • Passport issuing authority, location, expiration, and number
  • Case creator email, name, and phone number

• Intercom for employer messaging

  • Email, name

• Intuit QuickBooks for employer accounting integration

  • Name, employee number, email, SSN/Tax ID, gender
  • Address, cell/work phone, date of birth, salary

• IRS work opportunity tax credit (WOTC) for employer tax purposes

  • Email, name

• Raygun for diagnostics

  • Log entry containing information, this may include any of the information listed in this privacy policy, but will be sent only when an application exception occurs

• Slack for messaging

  • Name, posts (which may contain personal information)

• Tango Card for reward delivery

  • Email, name

• Twitter for showing employee posts

  • Twitter-id

• HubSpot for ticketing & customer support chat

  • Email

• UltiPro for Human Capital Management

  • Address, City, County, State, Country, Zip Code, Location
  • Name, Preferred First Name, Gender, Ethnicity, Cell phone, Work Phone, Email, SSN, Marital Status, Date Of Birth

• Team Software

  • Address, City, County, State, Country, Zip Code, Location
  • Disability number, Employee Number, Pay Rate
  • Ethnicity, First Name, Last Name, Middle Name, Email Address, Gender, Hire, SSN, Veteran status information, Salary
  • Multiple bank accounts for payroll processing requiring account type, transit routing number, amount to deposit, and bank name.

• Caregiver List

  • First Name, Last Name, Email Address

• Bridge

  • First Name, Last Name, Full Name, Email Address

• HRCloud.com Affiliates

HRCloud.com may share customer information with other companies, including affiliates and business partners. For example, information may be shared if you express interest in a jointly offered product with one of the Company’s business partners.

HRCloud.com does not share data about HRCloud.com event attendees with business partners unless you opt-in to share such information, or you attend a Company event and your badge is scanned by one of HRCloud.com’s business partners.

Should you opt-in or have your badge scanned by a business partner your information will be subject to the privacy statement of the business partner.

• Third Parties

HRCloud.com does not permit third parties to collect personal information through advertising and marketing technologies nor does HRCloud.com share personal information with such companies, unless they are listed in this section. HR Cloud may select additional sub-processors to fulfill these functions, however, this privacy policy will be updated to reflect any new sub-processors.

  • Microsoft for Skype, Office 365 calendaring
  • Email, name, date of birth
  • Google for Hangouts, Chat, Plus, G Suite calendaring
  • Hubspot for website usage and tracking
  • TechSmith Screencast to capture and share screenshots
  • Loom Video recording tool to record feature screenshares
  • Lightshot is used for printscreens

• Compelled Disclosure

HRCloud.com may disclose your personal information as required by law, such as to comply with a subpoena, or similar legal process or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request. If HRCloud.com is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Transferring information

HRCloud.com stores information about HRCloud.com visitors in the United States.

Changing your information

Upon request HRCloud.com will provide you with information about whether we hold any of your personal information. Customers may update or change their registration information by editing their user or organization record. To update a user profile, please log in to http://www.HRCloud.com with your registered email address. An email will be sent to update your information. To update billing information, please email support@HRCloud.com. To discontinue your account or request deletion of your information and to have the information you maintained in the Services returned to you, please email support@HRCloud.com, or click on https://corehr.HRCloud.com/PrivacyPolicy/RequestForm. We will respond to your request within 30 days.

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Communication Preferences

When you register for an account, we will use your name and email address to send periodic emails to you transactional in nature.

We will also send you service-related email announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email. You do not have an option to opt-out of these emails, which are not promotional in nature.

Links to 3rd Party Sites

Our Web site includes links to other sites whose privacy practices may differ from those of HRCloud.com. HRCloud.com encourages you to read the privacy statements of other Web sites to gain an understanding of their information practices.

HRCloud.com will ensure 3rd party sites follow our privacy requirements and the privacy requirements of your employer. You may check out the privacy policy of the 3rd party sites listed earlier in this privacy policy.

Tracking Technologies

Technologies such as cookies or similar technologies are used by HRCloud.com and our marketing partners, affiliates, or analytics or service providers. These technologies are used in analyzing trends, administering the Web site, tracking users’ movements around the site, and gathering demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use cookies to remember users’ settings (e.g. language preference) for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

These tracking cookies are identified earlier in this privacy policy.

• Log Files

As is true of most Web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We link this automatically-collected data to other information we collect about you. We do this to improve the services we offer you, to improve marketing, analytics, or site functionality.

• IP Addresses

HRCloud.com collects visitors’ Internet Protocol (IP) addresses to gather non-personal information such as the region from which a visitor is located. IP addresses are also collected when users log in to the Company’s services or Web Sites.

• Behavioral Targeting / Re-Targeting

We partner with a third party to either display advertising on our Web site or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests.

Do Not Track

Certain browsers offer a do not track or DNT option. Due to a lack of defined industry standards, HRCloud.com does not currently respond to DNT preference settings. HRCloud.com will continue to monitor changes in standards.

Forums and Customer Testimonials

HRCloud.com may provide comment sections and discussion boards. Information submitted in these areas may be viewed by others and may be used to send you unrequested messages. HRCloud.com is not responsible for the information you post in HRCloud.com forums.

HRCloud.com includes customer testimonials and case studies which may include quotes and comments from customers. HRCloud.com acquires consent prior to posting case studies and testimonials. To request the removal of your personal information from our blog or testimonials, contact us at support@HRCloud.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Security

Security measures are used by HRCloud.com to protect customer data. HRCloud.com uses advanced Internet security measures. The Company’s website is hosted in a secure server environment that uses a next-generation firewall and additional measures to prevent interference from outside sources. When you enter sensitive information (such as login credentials) on our login forms, we encrypt the transmission of that information using secure socket layer technology (https).

We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Web Site, you can contact us at support@HRCloud.com.

Social Media Widgets

HRCloud.com includes Social Media Features, such as the Facebook Like button and Twitter Follow button or interactive mini-programs that run on HRCloud.com. These Features may collect your IP address, which page you are visiting on HRCloud.com, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on HRCloud.com. Your interactions with these Features are governed by the privacy statement of the company providing it.

Information Related to Data Collected through the HRCloud.com Service

Information Related to Data Collected for our Clients:

  • HRCloud.com collects information under the direction of its Clients (Employers or Data Controllers), and has no direct relationship with the individuals whose personal information it processes. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.

Access and Retention of Data Controlled by our Clients:

  • HRCloud.com acknowledges that you have the right to access your personal information. HRCloud.com has no direct relationship with the individuals whose personal information it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to HRCloud.com’s Client (Employer or Data Controller).
  • HRCloud.com will retain personal information we process on behalf of our Clients for as long as needed to provide services to our Client. HRCloud.com will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Your Legal Rights

Right to be informed

  • You have a right to know what information is being collected. This privacy policy details the data items collected and shared.

Right to Access

  • You have a right to access our system and see all data related to you. You may log in to see this information or contact your employer for access.

Right to Rectification

  • You have a right to rectify any incorrect data. Please contact your employer for rectification.

Right to be Forgotten

  • You have a right to request we delete your information. Please contact your employer to initiate this request.

Right to Restrict Processing

  • You have the right to request a restriction or suppression of your personal data. Please contact your employer to initiate this request.

Right to Withdraw Consent

  • You have the right to opt-out. Please contact your employer to initiate this request.

Right to Data Portability

  • You have the right to obtain a copy of your personal data. Please contact your employer to initiate this request.

Right to Object

  • You have the right to object to the processing of your personal data in certain circumstances. Please contact your employer to initiate this request.

You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Privacy Statement Changes

HRCloud.com reserves the right to change this Privacy Statement to reflect changes to our information practices. If changes are made to the Privacy Statement, HRCloud.com will post a notification on the Company website. If we make any material changes you will need to provide consent again.

How to Contact Us

Questions about this Privacy Statement or the information practices of HRCloud.com should be directed to the Company by email at support@HRCloud.com or by mailing HRCloud Inc, 222 North Pacific Coast Highway, Suite 2000| El Segundo, CA 90245.

Data Protection Officer Contact Info

Name: Blaine Ornburg
Email: security@HRCloud.com