Last Updated January 2018
Thank you for visiting Asure Software, Inc. (“Asure”).
We at Asure are committed to protecting the information that you share with us, and explaining how we collect, process, and share that information online.
End Users of Asure Enterprise Products and Services. Asure is a leader in helping global organizations optimize their workforce and workspace utilization through innovative SaaS-based cloud technology and other solutions. In this capacity, Asure may obtain and process on behalf of our corporate customers (“Clients“) certain personal information about our Clients’ employees, representatives, consultants, contractors, agents, or other end users who are authorized to use our Enterprise Products and Services (“End User Data“). If you are an employee or other end user of a Client, please contact your employer with any questions about how your End User Data is collected and processed, or to seek clarification or exercise any rights you may be offered under data protection laws in your jurisdiction. Asure is a processor or agent that processes End User Data on behalf of our Client, which is the controller or owner of such data under applicable data protection laws. As such, Asure assists our Clients to address data protection inquiries from end users to the extent applicable to our services, but typically does not respond directly to such inquiries from end users.
What types of Personal Information do we collect and process about you?
We receive and store certain types of information from you when you interact with our Sites to deliver the products you request from us, and help improve your overall online experience. For example, like many other websites, we store “cookies” and other web-based files on user devices to get certain types of information when your web browser accesses our Site.
Information You Provide. For public areas of our Site, we generally collect and process only Personal Information you voluntarily provide to us. We don’t require you to give us Personal Information to access certain public areas of our Site. This is true unless you live in a country that defines Personal Information to include network identifiers like your Internet Protocol addresses. For some secure areas of our Site, however, we require you to provide Personal Information, including your login credentials. If you choose not to provide us with the Personal Information that we legitimately require, we may be unable to provide you with the information or services you have requested.
Public areas of our Sites ask for Personal Information from you when you engage in the following activities:
- Register for an account with us;
- Sign up for newsletters;
- Apply for a job;
- Submit comments, reviews, or other user-generated content;
- Connect or interact with us through social networks (e.g., Facebook, Google+, Twitter);
- Register for an Asure-sponsored event; and/or
- Request customer or technical support.
This Personal Information may include:
- Postal or billing address;
- E-mail address;
- Telephone or mobile number;
- Payment card information;
- Location via IP address;
- Device being used (for our mobile site);
- Previous login history with Asure; and
- Other relevant data.
Information Collected Through Technology. We may also obtain information in other ways through technology. Some of this information may be linked to you personally. We process this information to help our Sites function correctly, and better understand the needs of our customers.
Device Information. Depending on the permissions you’ve granted and other factors, we may receive information about your location and your mobile device when you download or use apps created by our Sites, including a unique identifier for your device. Examples of the device information we collect include:
- Attributes such as the operating system, hardware version, device settings, battery and signal strength, and device identifiers.
- Certain device locations, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals are gathered if you enabled the functionality within the Asure product configuration.
- Connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address.
Most mobile devices allow you to turn off location services, and we encourage you to contact your device manufacturer for detailed instructions on how to do that.
Payment Information. If you pay for a service, product, or event registration on our Site, we may collect payment card information from you through our third party service provider, including your name, expiration date, authentication code, and billing address. This information will be securely transmitted consistent with payment card industry rules to the appropriate payment facilitators.
Use of metadata and other advertising activities online
We advertise in a number of ways, including online through managed social media presences, and on other unaffiliated sites and mobile applications. To understand how our advertising campaigns are performing, we may collect certain information via our Sites through our advertising service providers. We, or our vendors, use several common online tracking tools to collect this information, such as browser cookies, web beacons and other, similar technologies. The information we collect includes IP addresses, the number of page visits, pages viewed via our Sites, search engine referrals, browsing activities over time and across other websites following your visit to one of our Sites or applications, and responses to advertisements and promotions on the websites and applications where we advertise.
We also use certain information to:
- Identify new visitors to our Sites;
- Recognize returning visitors;
- Advertise on other websites and mobile applications not affiliated with us;
- Analyze the effectiveness of our advertisements;
- Better understand our audience, customers, or other Site visitors; and
- Determine whether you might be interested in new products or services.
Controlling Our Tracking Tools. Your browser may give you the ability to control cookies. How you do so, however, depends on your browser and the type of cookie. Certain browsers can be set to reject all browser cookies. If you configure your computer to block all cookies, you may disrupt certain web page features, and limit the functionality we can provide when you visit or use our Sites. If you block or delete cookies, not all of the tracking that we have described in this policy will stop. If you continue without changing your settings, we will assume that you are happy to receive all cookies on this Site. You can change your cookie settings at any time. Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These browser features are still not uniform, so we are not currently set up to respond to those signals.
Controlling Online Interest-Based Ads. We sometimes work with online advertising vendors to provide you with relevant and useful ads. This may include ads served on or through our Sites . This may also include ads served on other companies’ websites. These ads may be based on information collected by us or third parties. For example, your postal code may be used to target an ad for people in your area. These ads may also be based on your activities on our Sites or on third party websites.
For more information about our ad service provider and its cookies, including information about how to opt out of these technologies, you may visit http://optout.aboutads.info In addition, users may prevent Google’s collection of data generated by your use of the Sites (including your IP address) by downloading and installing a Browser Plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.
How we use and share your Personal Information?
We do not share your Personal Information with unaffiliated third parties for their own direct marketing purposes. Whatever the purpose may be – whether we share with service providers or other external entities – we only process and share your Personal Information to the extent reasonably necessary to fulfill your requests and meet our legitimate business and legal objectives. When we disclose Personal Information to external entities to perform support services for us, we establish by contract that they may access your Personal Information only for the purposes of performing those support services. We may also use what we know about you to offer you other products and services. We may combine your online information with information collected from offline or online sources, or information we already have. We may also use and disclose certain Personal Information to our affiliated companies and others for any purpose allowed by law.
Asure Business Activities. We generally process and may disclose your Personal Information to others to:
- Provide you with specific products and services covered under the terms of a contract with one or more of our corporate customers, including processing transactions, authenticating authorized users, and marketing our products and services;
- Perform certain benefit administration or other transactions initiated by you;
- Respond to your questions, complaints, or reviews of our product or services;
- Send you communications about online transactions, product information, ads and promotions, electronic newsletters, or other notices you requested or offers tailored to you;
- Enable our advertisers to provide you with more personalized content, and track the effectiveness of certain advertising campaigns;
- Comply with applicable law, obey judicial orders, cooperate with law enforcement authorities, or prevent any suspected illegal activities;
- Help us run our business; or
- For any other everyday business purposes, such as product development and Site administration.
What are Asure’s legal grounds for the collection, use, sharing and other processing of Personal Information?
- Necessary to provide information or otherwise carry out the performance of a contract with you as an individual;
- Our legitimate interests, including:
- Performance of the contract with our Clients;
- Implementation and operation of a group-wide matrix structure and group-wide information sharing;
- Customer relationship management and other forms of marketing and analytics;
- Fraud prevention, misuse of company IT systems, or money laundering;
- Whistleblower scheme operations;
- Physical, IT, and network perimeter security;
- Internal investigations; and
- Intended mergers and acquisitions;
- Compliance with legal obligations and/or defense against legal claims, including those in the area of labor law, social security, and data protection, tax, and corporate compliance laws.
- Protection of the vital interests of any individual;
- Performance of a task carried out in the public interest or in the exercise of official authority vested in Asure; and
- Consent, as permitted by applicable law
Authorized Service Providers. We use other companies and individuals to perform certain functions on our behalf. Those functions include payment card processors, shipping vendors, call-center support, analyzing or hosting data on cloud-based servers, and other companies that help us improve our products and services. We may disclose certain Personal Information to these companies and other individuals performing services in the United States or other locations where Asure conducts business.
Location-based services. We offer to our Clients the ability to use location-based tracking on certain mobile technologies as part of Asure’s Services. To provide location-based services on these Asure products, we and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your device. Where available and enabled within the Asure product configuration, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location.
What is Asure’s policy for the collection, use, and storage of Biometric Data?
We offer certain Clients the ability to use biometrics, including fingerprint and facial recognition technology software, through Asure’s Time and Attendance applications. We rely on the terms and performance of the contract with our Clients to lawfully process Biometrics (as defined below) on our Client’s behalf to authenticate an individual and prevent fraud in the context of his or her employment or contractor relationship with our Client. We use Biometrics solely for the purposes requested by our Client (the employer or customer) to perform the applicable Asure Services. Asure transmits Biometrics securely using encryption, and we take other reasonable steps to safeguard this data against unauthorized access, use, or disclosure. We retain this information until the termination of our services agreement with our Clients (we routinely delete the information within 90 days following the termination of our services agreement), unless otherwise required by the terms of our agreement with our Clients, or unless we have a legal reason to retain it to comply with applicable law, judicial demands, resolve disputes, or otherwise defend or enforce our agreements.
In light of the sensitive and developing nature of the requirements for the collection, use, and storage of Biometrics, Asure’s Clients are responsible for developing and implementing their own biometric privacy policies. To the extent required by law, Asure’s Clients must obtain written authorization from each employee or contractor before implementing any Asure Services that collects, stores, or processes Biometrics. Asure Clients should also:
- Inform employees or contractors in writing that Biometrics are collected, stored, and used;
- Indicate the specific purpose(s) for collecting Biometrics, and length of time for which it is being collected, stored, and used; and
- Receive written consent from the employee or contractor (or his or her legally authorized representative) authorizing the Client and Asure to collect, store, and use Biometrics.
Asure uses facial recognition technology as an optional component for mobile and time clock solutions, and fingerprint scanning is an option on our time clocks. Via a photograph (“Photo”) submitted to our Sites via our solution, algorithms create a biometric identification index (“Facial Index”), which is a numeric interpretation of a person’s facial features, like the distance between the eyes, nose and ears. Similarly, we convert a fingerprint scan into an algorithm that creates a fingerprint identification index (“Print Index”), which again is a numeric interpretation of various distances and angles found on a human fingerprint. We refer collectively to the Photo, Facial Index and Print Index, as “Biometrics.”
Other requirements or restrictions may apply to Biometrics beyond those mentioned in this section in accordance with applicable law in your jurisdiction. If you are an employee or contractor who accesses the Asure Services in connection with your employment or contractor status with our Client, please contact your employer or customer for further information about your data.
How do we protect international transfers of Personal Information?
Asure is based in the United States. If you are located in a jurisdiction outside the US, such as the European Union, the data protection laws in the US may not be considered to provide an adequate level of protection under your local data protection laws. If you are a visitor to this Site and prefer not to have your Personal Information transferred to the United States, do not use this Site. Otherwise, by using this Site or providing any information, you consent to the transfer of Personal Information to the US and other destinations outside your home country. For transfers of End User Data, we may base the transfer on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved code of conducts together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient. You can request a copy of the appropriate safeguards by contacting your employer or Asure as set out below.
If you are located in the European Union or other jurisdictions outside the US, what are your rights concerning your Personal Information?
The European Union and certain other non-US jurisdictions maintain local data protection regulations that confer certain data protection rights on individuals. Asure will address such rights as required by applicable laws. Note that if you are an employee or contractor to our Client, and we obtain access or otherwise process End User Data about you in that context, you should contact your employer/customer which will be in the best position to respond to your inquiry. If you wish to exercise any of these rights, please contact us as specified in the “How to contact us” section below.
- Right of access: You may have the right to obtain from us confirmation as to whether or not Personal Information concerning you is processed, and, to request access to the Personal Information. The access information includes, among other things, the purposes of the processing, the categories of Personal Information concerned, and the recipients or categories of recipient to whom the Personal Information have been or will be disclosed. This is not, however, an absolute right, and the interests of other individuals may restrict your right of access. You may have the right to obtain a copy of their Personal Information undergoing processing.
- Right to rectification: You may have the right to obtain from us the rectification of inaccurate Personal Information about you. Depending on the purposes of the processing, you may have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
- Right to erasure (right to be forgotten): Under certain circumstances, you may have the right to obtain from us the erasure of Personal Information concerning you, and we may be obligated to erase that Personal Information.
- Right to restriction of processing: Under certain circumstances, you may have the right to obtain from us restriction of processing your Personal Information. In that case, your data will be marked and may only be processed by us for certain limited purposes. As Asure processes and uses your Personal Information primarily for purposes of carrying out the contract for services relationship with your employer, Asure will have a legitimate interest for the processing which will override your restriction request, unless the restriction request relates to marketing activities.
- Right to data portability: Under certain circumstances, you may have the right to receive the Personal Information about you, which you have provided to us, in a structured, commonly used and machine-readable format, and you may have the right to transmit that data to another entity without hindrance from us.
- Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time to the processing of your Personal Information by us, and we can be required to no longer process your Personal Information.
You also have the right to lodge a complaint with a competent data protection supervisory authority. To exercise your rights, please contact us as set out below.
In addition, if you voluntarily signed up to receive certain communications from us, you can opt-out by clicking the unsubscribe link at the bottom of the message. Even after you opt-out or update your marketing preferences, please allow us sufficient time to process your marketing preferences. It may take up to 10 days to process your e-mail related requests, and up to 30 days for all other marketing-related requests. And even after you’ve opt-out of receiving marketing communications from us, we may still contact you for transactional or informational purposes. These include, for example, customer service issues, returns or product-related inquiries, surveys or recalls, or any questions regarding a specific order.
What kinds of security measures do we take to safeguard your Personal Information?
The security and confidentiality of your Personal Information matters to us. That’s why we have adequate technical, administrative, and physical controls in place to protect your Personal Information from unauthorized access, use, and disclosure. For example, we provide the option to encrypt all information you submit to us using Secure Sockets Layer (“SSL”) technology that helps protect information during transport to our Site. We also review our security procedures periodically to consider appropriate new technology and updated methods. Even so, despite our reasonable efforts, no security measure is ever perfect or impenetrable.
How long do you retain my Personal Information?
What about Minors and Children Under 13?
Our Sites are not intended for minors. We do not knowingly collect any Personal Information from children under the age of 13 or knowingly track the use of our Sites by minors.
Our US postal address is:
Asure Software, Inc.
Attn.: Privacy Office
3700 N. Capital of Texas Highway
Austin, Texas 78746
Our postal address in the United Kingdom is:
Asure Software UK Limited
3 Waterhouse Square
London, EC1N 2SW
+44 (0) 208.328.9460
For Australian consumers: If we fail to respond to your complaint within a reasonable period of receiving it in writing, or if you are dissatisfied with the response that you receive from us, you may lodge a complaint with the Office of the Australian Information Commissioner (“OAIC”). Details of how to contact the OAIC are located at www.oaic.gov.au