Privacy Policy

Privacy Policy

This Privacy Policy describes how Asure Software, Inc., and its subsidiaries and affiliates (“we,” “us” or “our”) collect, use, disclose and protect personal and other sensitive information. This privacy policy applies to all personal and sensitive information collected or submitted on our website, through the use of our online software products, our mobile based applications, and our product devices (together, the “Services”). The purpose of this Privacy Policy is designed to provide an understanding of how we collect and use this information.

We may add to, or amend, this policy with other notices. Additionally, due to changes in technology and development of our business, we may need to modify this policy from time to time as discussed under “Changes to Our Privacy Policy” below.

Informed Consent.  By visting our website, using our Services, or otherwise providing us with personal information, you expressly consent to our collection, use, and disclosure of personal information as described in this Privacy Policy, subject to your rights described under “Commercial Messages and Your Right to Opt-Out” and “Access to and Accuracy of  Your Personal Information” below.

Information We Collect

Personal and Other Sensitive Information. No information is required to simply visit and browse our website. However, when additional information is requested from us, our customers engage us to provide Services to them, or individuals seek employment or are employed by us, we collect certain personal information as described below. The categories of personal information we collect depends on the request or Services and includes:

  • Contact information that allows us to communicate with our customers and their representatives/employees, such as first and last name, company name, mailing address, telephone numbers, email address that allow us to send messages necessary to provide our Services.
  • Customer employee information necessary to provide our Services related to our online time and attendance and human capital management offerings, including our customers’ employee names, addresses, social security numbers (where permitted), date of birth, telephone number(s), gender, marital status, email addresses, dependent information, information for payroll, payroll data, biometric facial recognition, geolocation, medical and beneficiary information, as well as any personal information that can be linked to an individual employee.
  • Customer employee information to necessary provide our Services related to our online meeting room and space management offerings, including our customers’ employee names, email addresses, work locations, any personal information entered in meeting request descriptions – as any information can be entered in this free text area – as well as any personal information that can be linked to an individual employee.
  • Customer and employee information, including financial and bank account information necessary to provide certain of our payroll and other human capital management and benefits administration Services, to the extent authorized by customers or their employees to provide such Services.
  • Credit, debit, or cash/payment card information if used, such as for billing and payment to us to the extent authorized by customers to provide our Services.
  • Credit or debt history regarding customer creditworthiness or credit history.
  • Customer employee employment history and application information that can be used to determine eligibility for a job opening via our recruiting module.
  • Personal information relating to our own employees for employment purposes with us.
  • Personal information voluntarily submitted through an email to us or public forum. See “Notice Regarding Public Forums” below.
  • IP addresses automatically collected by our web servers which may also be personal information in certain countries. See “Information We Automatically Collect Through Tracking Technologies” below.
  • We may also collect personal information from other sources, either with the consent of the individual or where permitted or required by law. Examples of indirect sources of personal information include background checks, employers or personal references.
  • Any of the foregoing information collected by us may be stored and retained by us and may be processed or used as set forth in this Privacy Policy.

Notice to Customers. In most cases, our customers are responsible to notify their employees why  personal information is being collected and for obtaining appropriate consent when they collect personal information from their employees. Personal information transferred to us by our customers to be processed using our Services shall be deemed to have been collected with appropriate notification. We assume no responsibility for obtaining or validating that appropriate consent has been obtained in respect of data transferred to us by organization(s)/customers.

Notice to Employees of our Customers. We collect and receive personal information from your employer who is our customer about their current, prospective and former employees as well as employee dependents and family members, as needed to provide our Services as selected by them. If you are an employee of one of our customers, this notice highlights our practices set forth in this Privacy Policy with regard to all of the personal information we receive as a data processor from our customers (your employer) related to you as their employee.

  • We collect and process your personal information only as instructed or permitted by our customers (the employer) or you. We will at all times maintain reasonable and appropriate security controls to protect your personal information as described under “Security” below.
  • You may also access to your personal information or withdraw your consent regarding the collection, use and disclosure of your personal information, as described under “Access to and Accuracy of Your Information” below.
  • Certain of our Services may require employees to submit biometric facial recognition in connection with your employment by your employer. If this applies to you, please see our biometric data policy below under the caption “Biometric Data Policy.”
  • We will disclose all of your personal information to the employer and to other entities when instructed by the employer. We may disclose your personal information to our affiliates and data processors as needed to provide the Services that your employer and you have requested. These entities are all contractually bound to limit use of your personal information as needed to perform the Services requested by your employer and you. We may, without your consent, also disclose personal information when permitted or when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the United States and other countries where we operate.
  • If you have questions about your individual privacy rights, please contact your employer’s human resources department. You may also contact us at the contact information listed below under the caption “Questions.”

Non-Personal Information We Collect Through Tracking Technologies. Non-Personal Information is information that without the aid of additional information cannot be directly associated with a specific person or entity. We use technology to automatically collect this type of non-personal information to better improve our Services. The information we collect through these technologies may include:

  • Information from your Browser or Device. The web servers for our Services automatically record certain non-personally identifiable computer information. For instance, when you use any of our Services, we collect your browser type and IP address.  This information is gathered for all visitors and users of our Services. This information is used in aggregate form to help us understand how our customer use our Services.
  • Information from Cookies. We may use “cookies” with our Services. A cookie is a text file that is placed on your hard drive by our web server. Cookies are uniquely assigned to a computer, and your computer will only allow our web servers to access our cookies. Cookies allow us to collect web data and information such as web pages visited by using our Services, time and date information, the website you came through to reach our Services, and whether or not you clicked on any links while at our website or using our Services. We may collect this non-personal information through the use of cookies and other similar software technologies. You may have the right to delete cookies placed on your hard drive, which will erase the data automatically saved during your visit. However, that will mean that our Services will not recognize you when your return or that you may not be able to use our Services. You may also be able to modify your web browser to notify you before accepting cookies, or to decline all cookies.
  • Web Beacons. Pages of our Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). Unlike cookies, you cannot decline web beacons. However, setting your browser to decline cookies or to prompt you for a response generally may keep web beacons from storing your activity.
  • Flash Cookies. These are similar to cookies, except that they can store more complex data to provide greater website functionality and to remember your settings, preferences and navigation to, from, and on our Site. Flash cookies operate differently than regular browser cookies, and cannot be removed or blocked via regular web browser settings. To learn more about how to manage flash cookies, you can visit the Adobe website and follow the directions provided by Adobe with respect to the Flash settings and make changes as directed therein. Limiting the acceptance of flash cookies may reduce or impede the functionality of some Flash applications.
  • Technical Data. The servers we use also collect usage, viewing and technical data when visiting our website or using our Services through us and our service providers. The data entries in these logs are used for server and network operation and maintenance and to help us understand general usage patterns.
  • Geolocation. Certain of our technologies we use collect information that identifies a device’s location (geolocation information) either provided by a mobile device interacting with our website or our Services or associated with a user’s IP address.
  • Other. If you ask us to connect with other sites (for example if you ask us to connect with your Facebook account) we may get information that way too; we may record any telephone calls for quality assurance and training purposes.

Aggregated, Non-Personal Information. We may collect general, non-personal, statistical information about the users of our Services in order to determine information regarding the use of our Services, and general information about our customers. We may also group this information to provide general aggregated data. The aggregated data will not personally identify any user of our Services. Once data has been de-identified, aggregated or summarized it shall no longer be considered personal information.

How We Use Collected Information

We use the information provided or submitted to us to perform the Services requested of us and for purposes related to our business. We limit the collection of personal information that we need to collect to:

  • Facilitate customer requested Services, technical and other support, training and other services as requested by our customer.
  • Send product updates or technical alerts.
  • Establish necessary third party provider relationships required for the operation of our Services.
  • Detect fraud, theft or other harmful activity to protect our business, and personal information collected and otherwise to protect the security or integrity of our Services and our business.
  • Comply with legal, reporting and regulatory requirements.
  • Financial Information – As noted above, certain financial and bank account information and credit card billing information including mailing address maybe required. That information may be stored by us, and, may also be collected and stored by our payments processing vendor(s) for the purpose of processing payments made to us or to you depending on our customer requested Services. We (and our vendors) will not use that information for any other purposes.
  • Contact you with information on Services, new Services or products, or upcoming events subject to your rights below under “Commercial Messages and Your Right to Opt-Out.”

Personal information we collect may be transferred to or stored in other countries for processing or storage.  By using our Services, you consent to the transfer of your personal information to countries outside your country of residence, which may have different personal data protection rules than in your country.

How We Disclose the Information We Collect

We do not share, sell, rent, or transfer personal information other than as described in this Privacy Policy. We may disclose or share or transfer the information we collect as follows:

  • To third party vendors, suppliers and affiliates who process information on our behalf so that we can provide and operate the Services and our business, such as hosting providers and payment processing providers and who are bound by law or contract to protect information and only use information in accordance with our instructions. These service providers are only given the information needed to perform their specialized services and not to use or disclose the information for any other purpose.
  • As needed to support external auditing, legal compliance and corporate governance functions.
  • If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, their employees or others, to protect the safety and security of our website and Services, to enable us to take precautions against liability, or to law enforcement agencies or for an investigation related to public safety. In some cases, disclosure may be required by law to be without notice.
  • In addition, if we or our subsidiaries are involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding or event, we may transfer the personal information we have collected or maintain to the buyer or other successor.
  • Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports that contain aggregated and statistical data about our customers and their employees. These reports do not contain any information that would enable the recipient to contact, locate or identify you. These reports also do not contain any identifiable company information. We may disclose aggregated information about many of our users, and information that does not identify any individual or device.
Third-Party Websites

Our website and Services may contain links to other sites not owned or controlled by us and we are not responsible for the privacy practices of those sites as they may differ from our privacy practices. We recommend that you read the privacy statement of each website that collects personal information, as their privacy statement will govern any personal or sensitive information you submit to those sites. This Privacy Policy applies only to information collected by us through our Services.

Additionally, if you choose to click on a third party link, we may provide non-personally identifiable information to the third party. Also, the third party may use cookies or other technologies to collect information when you are visiting their websites. The information advertisers or other third parties collect is governed by their individual privacy policies, not by our privacy policy.

Security

The security, integrity and confidentiality of collected information is important to us. We have implemented reasonably commercial technical, administrative and physical security measures that are designed to protect information from unauthorized access, disclosure, use and modification that are appropriate for the type of personal information. For example, we use industry-standard encryption technology to secure personal and sensitive information when it is being collected and transmitted over the Internet as well as firewalls, site monitoring and intrusion detection software. Please be aware though that, despite our efforts, no security measures are perfect or impenetrable. Users of our Services are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password protected or secure areas of any of our Services. In order to protect you and your information, we may suspend your use of our Services, without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure area of our Services is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.

Notice Regarding Public Forums

Our websites and Services may provide forums and other areas where you can communicate with others and publicly post information. All the information posted will be accessible to anyone with Internet access, and any information included in a posting may be read, collected, and used by others. For example, if you post an email address, you may receive unsolicited messages from third parties. Please use caution when posting any information. Although we do not own any personal information, any feedback, comments, submission or information provided to us through an email, public forum, on our social media pages or others similar public forum available through our Services will be our property.

Commercial Messages and Your Right to Opt-Out

You have the right at any time to opt out of receiving commercial and marketing emails or other marketing communications we send you at any time. To opt-out of commercial or marketing messages, you can simply click the link labeled “unsubscribe” at the bottom of any marketing email we send you or for non-electronic messages, you can send your request to us via email or by regular mail at the addresses under “Questions” below. Please note that even if you unsubscribe or opt-out of commercial or marketing messages, we may still communicate with you regarding your use of our Services.

Access to and Accuracy of Your Information

In certain countries, you may have the right to access and seek correction of your personal information we process and request us to correct, update or delete such information, or limit how we use it.

In certain countries, you may also withdraw your consent to the collection, use and disclosure of your personal information at any time; however, withdrawal of your consent to the collection, use and disclosure of your personal information may result in you being unable to continue use our website or Services.

To exercise any of these rights, simply send your request to us as described under “Questions” below.

Data Retention Policy

We will retain personal and sensitive information for the length of time needed to fulfill our Services obligations to our customers or for the purposes outlined in this privacy policy unless a longer or shorter retention period is required or permitted by law, after which we appropriately dispose of such information.

Biometric Data Policy

Our Facial Recognition Products.  We offer to our customers the ability to use facial recognition technology software through our GeoPunch® mobile time collection application and our AirClock™ time collection device.  We offer these products for use with our AsureForce® time and attendance on demand Services to more efficiently capture time collection as well as effectively prevent buddy punching and other deceptive employee practices. These products create a facial biometric scan (a “face scan”) of a person’s facial features, like the distance between the eyes, nose and ears, based on a photo submitted to us through the use of these products.  The photo and face scan are submitted to us solely in connection with such person’s employment with our customer.  We collect, use and store these photos and face scans on our customer’s behalf to validate and authenticate an employee’s time punch (in and out).  We use these face scans solely for the purposes as requested by our customer (the employer) to perform the time and attendance Services we have been engaged for. All transmission of face scans are encrypted and we cannot use a face scan to recreate an image of any person.

Policy Applies to Persons in Jurisdictions with Biometric Data Privacy Laws. Our policy applies to persons residing in jurisdictions with biometric data privacy laws. The purposes of this policy is to inform individuals of our customers who use our GeoPunch and AirClock products in connection with their employment with our customer (the employer) who have engaged us to provide such Services that:

  • a biometric identifier (face scan) is being collected and stored by us;
  • we collect, use and store this information solely in connection with a person’s employment with our customer (the employer) and as directed by our customer (the employer);
  • the purpose for collecting this information on our customer’s (the employer’s) behalf is to provide time and attendance Services to our customer (the employer) that improves time collection, and to prevent buddy punching and other deceptive employee practices within our customer’s organization;
  • we collect, use and store this information for an individual employee for the period of time as directed by our customer under our service agreement with them, subject to a shorter or longer time period as required under applicable law;
  • we will retain this information for as long as needed to fulfill the purposes outlined above or for a longer period of time as may be permitted or required under law, after which the face scan will be permanently destroyed;
  • we may disclose, redisclose or disseminate a person’s face scan in limited ways as permitted under applicable law such as with the person’s consent, the disclosure or redisclosure is required by a national, country, state or local law including to meet national security or law enforcement requirements; the disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction, or the disclosure is consistent with our general Privacy Policy (and permitted under applicable law).

Informed Consent.  By using one of our facial recognition technologies, such person who is using the technology consents to our and our service provider’s who assist in performing our Services, collection, use and storing of such person’s photos and face scans in accordance with the terms of this policy or applicable law.  Our customer is initially responsible for obtaining its employees consent to the collection, use, and storing of a face scan. This is typically done upon initial employment or through enrollment and training in the use of our products. We will also endeavor to obtain through our technology where possible a minimum one time consent from each person to the collection, use and storing of such person’s face scan in connection with providing our Services to our customer and such person as an employee of our customer.

Do Not Track

Without a common industry or legal standard for interpreting Do Not Track (DNT) signals, we do not respond to browser DNT signals. We will continue to monitor further development of a DNT standard by the privacy community and industry.

Children Under 13

We do not knowingly collect personal information from children under 13. If you are under 13, do not submit any information to us through our general website or otherwise. If we learn we have collected or received personal information from a child under 13 we will endeavor to delete that information from our databases.  If you have reason to believe that a child under 13 has provided personal information to us through our website or Service, please contact us, so we can endeavor to delete that information from our databases.

Your California Privacy Rights

Under California Civil Code 1798, California residents with an established business relationship can request information about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like more information, please contact us below under the caption “Questions.”

Changes To Our Privacy Policy

We may periodically update this policy due to legislative changes, changes in technology or our privacy practices or uses of personal information not previously disclosed herein. Revisions are effective upon posting and the continued use of this website and our Services will indicate your acceptance of those changes. We may, at our sole discretion, notify you of a change to this Privacy Policy, for example by announcing the change on our website .  Please refer to this policy regularly.

Questions

Any questions or concerns about this Privacy Policy or how we handle your personal information should be emailed to:

https://www.asuresoftware.com/support

or sent by regular mail addressed to:

Asure Software, Inc.
3700 N Capital of Texas Hwy
#350
Austin, TX 78746
United States
Attn: Privacy Administrator

Our Privacy Administrator will investigate any question or concern and we will notify you  within reasonable timeframe of the outcome of the investigation.

Last Updated:  March 13, 2017