Information We Collect
Personal and Other Sensitive Information. No information is required to simply visit and browse our website. However, when additional information is requested from us or our customers engage us to provide Services to them, we collect certain personal information and other information as described below. The categories of personal information and other information we may collect include but are not limited to the following, depending on the request or Services selected by our customers:
- Contact information that allows us to communicate with our customers and their representatives, such as first and last name, company name, mailing address, telephone numbers, email address or other addresses that allow us to send messages and other information regarding our Services.
- Customer relationship information that helps us do business with customers, such as the types of products and services that may be of interest, information on a company’s size, geographic location, and demographics.
- Customer employee information necessary to provide our Services related to our online time and attendance and human capital management offerings, including our customers’ employee names, addresses, social security numbers, date of birth, telephone number(s), gender, marital status, email addresses, dependent information, information for payroll, payroll data, biometric facial recognition, geolocation, medical and beneficiary information, as well as any information that can be linked to an individual employee.
- Customer employee information to necessary provide our Services related to our online meeting room management offerings, including our customers’ employee names, email addresses, work locations, any information entered in meeting request descriptions – as any information can be entered in this free text area – as well as any information that can be linked to an individual employee.
- Customer and employee information, including financial and bank account information, to provide certain of our payroll and other human capital management benefits administration Services, to the extent authorized by customers or their employees to provide such Services.
- Credit, debit, or cash/payment card information if used, such as for billing to the extent authorized by customers to provide our Services.
- Credit or debt history regarding customer creditworthiness or credit history.
- Customer employee employment history and application information that can be used to determine eligibility for a job opening via our recruiting module.
Notice to Employees of our Customers. We collect and receive personal information from our customers about their current, prospective and former employees as well as employee dependents and family members, as needed to provide our Services as selected by them. If you are an employee of one of our customers, this notice explains our practices with regard to all of the personal information we receive as a data processor from our customers (your employer) related to you as their employee.
We collect and process your personal information only as instructed or permitted by our customers (the employer) or you. We will at all times maintain reasonable and appropriate security controls to protect your information as set forth below under the caption “Security”.
Certain of our Services may require employees to submit biometric facial recognition in connection with your employment by your employer. If this applies to you, please see our biometric data policy below under the caption “Biometric Data Policy”.
We will disclose all of your personal information to the employer and to other entities when instructed by the employer. We may disclose your personal information to our affiliates and data processors as needed to provide the Services that your employer and you have requested. These entities are all contractually bound to limit use of your personal information as needed to perform the Services requested by your employer and you. We will also always disclose personal information when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the United States and other countries where we operate.
If you questions about your individual privacy rights, please contact your employer’s human resources department. You may also contact us at the contact information listed below under the caption “Questions.”
Non-Personal Information We Collect. Non-Personal Information is information that without the aid of additional information cannot be directly associated with a specific person or entity. We use technology to automatically collect this type of non-personal information from our customers and their employees when they access and use our Services. The information we collect through these technologies may include:
- Information from your Browser or Device. The web servers for our Services automatically record certain non-personally identifiable computer information. For instance, when you use any of our Services, we collect your browser type and IP address. This information is gathered for all visitors and users of our Services. This information is used in aggregate form to help us understand how our customer use our Services.
- Technical Data. The servers we use also collect usage, viewing and technical data when visiting our website or using our Services through us and our service providers. The data entries in these logs are used for server and network operation and maintenance and to help us understand general usage patterns.
- Geolocation. Certain of our technologies we use collect information that identifies a device’s location (geolocation information) either provided by a mobile device interacting with our website or our Services or associated with a user’s IP address.
Aggregated, Non-Personal Information. We may collect general, non-personal, statistical information about the users of our Services in order to determine information regarding the use of our Services, and general information about our customers. We may also group this information to provide general aggregated data. The aggregated data will not personally identify any user of our Services.
How We Use Collected Information
We use the information provided or submitted to us to perform the Services requested of us and for purposes related to our business. We limit the collection of information that we need to collect to:
- Facilitate customer requested Services, technical and other support, training and other services as requested by our customer.
- Manage our everyday business needs, product development, contract management, business continuity, general research, analytics or statistical purposes.
- Establish necessary third party provider relationships required for the operation of our Services.
- Administer and improve our website and Services.
- Detect fraud or theft to protect our business and customers information identification and authentication purposes and otherwise to protect the security or integrity of our Services and our business.
- Comply with legal, reporting and regulatory requirements.
- Financial Information – As noted above, certain financial and bank account information and credit card billing information including mailing address maybe required. That information may be stored by us, and, may also be collected and stored by our payments processing vendor(s) for the purpose of processing payments made to us or to you depending on our customer requested Services. We (and our vendors) will not use that information for any other purposes.
- Contact you with information on Services, new Services or products, or upcoming events.
How We Disclose the Information We Collect
- To third party vendors, suppliers and affiliates who process information on our behalf so that we can provide and operate the Services and our business, such as hosting providers and payment processing providers and who are bound by law or contract to protect information and only use information in accordance with our instructions. These service providers are only given the information needed to perform their specialized services and not to use or disclose the information for any other purpose.
- As needed to support external auditing, legal compliance and corporate governance functions.
- If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, their employees or others, to protect the safety and security of our website and Services, to enable us to take precautions against liability, or to law enforcement agencies or for an investigation related to public safety. In some cases, disclosure may be required by law to be without notice.
- In addition, if we or our subsidiaries are involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding or event, we may transfer the personal information we have collected or maintain to the buyer or other successor.
- Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports that contain aggregated and statistical data about our customers and their employees. These reports do not contain any information that would enable the recipient to contact, locate or identify you. These reports also do not contain any identifiable company information. We may disclose aggregated information about many of our users, and information that does not identify any individual or device.
The security, integrity and confidentiality of collected information is important to us. We have implemented reasonably commercial technical, administrative and physical security measures that are designed to protect information from unauthorized access, disclosure, use and modification. For example, we use industry-standard encryption technology to secure personal and sensitive information when it is being collected and transmitted over the Internet as well as firewalls, site monitoring and intrusion detection software. Please be aware though that, despite our efforts, no security measures are perfect or impenetrable. Users of our Services are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password protected or secure areas of any of our Services. In order to protect you and your information, we may suspend your use of our Services, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure area of our Services is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
Notice Regarding Public Forums
Our websites and Services may provide forums and other areas where you can communicate with others and publicly post information. You have no privacy rights in public postings. All the information posted will be accessible to anyone with Internet access, and any information include in a posting may be read, collected, and used by others. For example, if you post an mail address, you may receive unsolicited messages. Please use caution when posting any information.
If at any time after registering for information, your personal information changes or you change your mind about receiving information from us, send us a request specifying updated information or your new choice. Simply send your request to http://asure-backup.cambiostage.com/support or postal mail at the contact information listed below under the caption “Questions.”
Data Retention Policy
Biometric Data Policy
Our Facial Recognition Products. We offer to our customers the ability to use facial recognition technology software through our GeoPunch® mobile time collection application and our AirClock™ time collection device. We offer these products for use with our AsureForce® time and attendance on demand Services to more efficiently capture time collection as well as effectively prevent buddy punching and other deceptive employee practices. These products create a facial biometric scan (a “face scan”) of a person’s facial features, like the distance between the eyes, nose and ears, based on a photo submitted to us through the use of these products. The photo and face scan are submitted to us solely in connection with such person’s employment with our customer. We collect, use and store these photos and face scans on our customer’s behalf to validate and authenticate an employee’s time punch (in and out). We use these face scans solely for the purposes as requested by our customer (the employer) to perform the time and attendance Services we have been engaged for. All transmission of face scans are encrypted and we cannot use a face scan to recreate an image of any person.
Policy Applies to Persons in Jurisdictions with Biometric Data Privacy Laws. Our policy applies to persons residing in jurisdictions with biometric data privacy laws which include Illinois and Texas, or any future jurisdiction that adopts such a law. The purposes of this policy is to inform those persons residing in such states who use our GeoPunch and AirClock products in connection with their employment with our customer (the employer) who have engaged us to provide such Services that:
- a biometric identifier (face scan) is being collected and stored by us;
- we collect, use and store this information solely in connection with a person’s employment with our customer (the employer) and as directed by our customer (the employer);
- the purpose for collecting this information on our customer’s (the employer’s) behalf is to provide time and attendance Services to our customer (the employer) that improves time collection, and to prevent buddy punching and other deceptive employee practices within our customer’s organization;
- we collect, use and store this information for an individual employee for the period of time as directed by our customer under our service agreement with them, subject to a shorter or longer time period as required under applicable law;
- we will retain this information for as long as needed to fulfill the purposes outlined above or for a longer period of time as may be permitted or required under law, after which the face scan will be permanently destroyed;
Informed Consent. By using one of our facial recognition technologies, such person who is using the technology consents to our and our service provider’s who assist in performing our Services, collection, use and storing of such person’s photos and face scans in accordance with the terms of this policy or applicable law. Our customer is initially responsible for obtaining its employees consent to the collection, use, and storing of a face scan. This is typically done upon initial employment or through enrollment and training in the use of our products. We will also endeavor to obtain through our technology where possible a minimum one time consent from each person to the collection, use and storing of such person’s face scan in connection with providing our Services to our customer and such person as an employee of our customer.
Do Not Track
Without a common industry or legal standard for interpreting Do Not Track (DNT) signals, we do not respond to browser DNT signals. We will continue to monitor further development of a DNT standard by the privacy community and industry.
Children Under 13
We do not knowingly collect personal information from children under 13. If you are under 13, do not submit any information to us through our general website or otherwise. If we learn we have collected or received personal information from a child under 13 we will endeavor to delete that information from our databases. If you have reason to believe that a child under 13 has provided personal information to us through our website or Service, please contact us, so we can endeavor to delete that information from our databases.
Your California Privacy Rights
Under California Civil Code 1798, California residents with an established business relationship can request information about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like more information, please contact us below under the caption “Questions.”
We may periodically update this policy due to legislative changes, changes in technology or our privacy practices or new uses of customer information not previously disclosed herein. Revisions are effective upon posting and the continued use of this website and our Services will indicate your acceptance of those changes. Please refer to this policy regularly.
or sent by regular mail addressed to:
Asure Software, Inc.
110 Wild Basin Road, Suite 100
Austin, Texas 78746