What Role Does SyncHR Serve in Data Protection?
PART I: SYNCHR AS A DATA PROCESSOR
SyncHR has entered into separate agreements with our customers to govern the delivery, access, and use of the SyncHR HCM Cloud Platform, including instructions for the processing of personal data on behalf of our customers. Our customers license SyncHR technology and configure their instance of the SyncHR HCM Cloud Platform to serve as a human capital management system to manage core HR functions, benefits, payroll, and HR reporting in a single platform.
In some cases, the SyncHR HCM Cloud Platform may allow you to interact with and receive services from other third-party processors (e.g. 401(k) administrators). These third-party services and the collection and use of your personal data by these third parties is governed by such third parties’ respective terms of service and privacy policies. You are responsible for reviewing these third-party terms and policies and you acknowledge that SyncHR is not responsible for the privacy practices of these third parties.
PART II: SYNCHR AS A DATA CONTROLLER
Why Do We Need Personal Data? We need certain personal data in order to communicate with you, provide you with the services you request through our Sites, and to address any customer service inquiries you make to SyncHR.
Information We Collect
SyncHR may collect information about you from various sources. Specifically, we may obtain information about you:
The types of personal information we may obtain includes:
Automatic Data Collection
As is true of most websites, we gather certain information automatically. We may combine this automatically collected log information with other information that you provide us or that we collect about you. We do this to improve services we offer you, to improve marketing, analytics, or site functionality and to analyze trends in the aggregate and to administer our Sites. The information we may collect by automated means includes:
We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits our Site; and (2) third party cookies, which are served by service providers on our Site, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.
We use the following types of cookies for the purposes set out below:
Type of cookie
These cookies are essential to provide you with our services and to enable you to use some of the features. For example, they help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
These cookies allow our Sites to remember choices you make when you use our services, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of our Sites or services which you can customize. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Sites.
Analytics and Performance Cookies
These cookies are used to collect information about traffic to our Sites and how users use our services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Sites, websites that referred them to our Site, the pages they visited on our Sites , what time of day they visited our Sites , whether they have visited our Sites before, and other similar information. We use this information to help operate our Sites and services more efficiently, to gather broad demographic information and to monitor the level of activity on our Sites .
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Sites and services works. You can find out more information about Google Analytics cookies here:
You can find out more about how Google protects your data here: https://policies.google.com/privacy
You can prevent the use of Google Analytics relating to your use of our Sites by downloading and installing the browser plugin available via this link:
Targeted and Advertising Cookies
These cookies track your browsing habits to enable us to show advertising which is more likely to be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third party advertisers can place cookies to enable them to show ads which may be relevant to your interests while you are on third party websites.
Social Media Cookies
These cookies are used when you share information using a social media sharing button or “like” button on the website or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter or Google+. The social network will record that you have done this.
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings. Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com/uk.
If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Sites.
We, our third party service providers, advertiser or our partners may also use “web beacons” or clear.gifs, or similar technologies, which are small pieces of code placed on a web page, to monitor the behavior and collect data about the visitors viewing a web page. For example, web beacons may be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
How We Use the Information We Collect When Acting as a Data Controller
When you use or communicate with us through the Site, we may use the information we obtain about you to:
We also may use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
Information We Share
We also may disclose information about you (i) if we are required to do so by law such as to comply with a subpoena or other legal process (such as a court order), (ii) in response to a request by law enforcement authorities, or (iii) when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
Your Rights When SyncHR is Your Data Controller
If SyncHR is your Data Controller as described above and you wish to exercise any of the following rights, please contact us using the details below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the rights you would like to enforce. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
Access. You may access the information we hold about you at any time by contacting us directly.
Amend. You can also contact us to update or correct any inaccuracies in your personal data.
Move. Your personal data is portable – i.e. you to have the flexibility to move your data to other service providers as you wish.
Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your data.
SyncHR will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. The user account will remain active until responsible contracting company has either disabled the account or termination of service contract with SyncHR.
How We Protect Personal Information
We maintain appropriate administrative, technical and physical safeguards designed to protect the personal information you provide on our Sites and HCM Cloud Platform against accidental unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. Other personal information (not including payment card information) may be transferred unencrypted and involve (i) transmissions over various networks and (ii) changes to conform and adapt to technical requirements of connecting networks or devices. However, SyncHR will use commercially reasonable efforts, like secure socket layer (SSL), to encrypt information such as your login credentials during transmission.
Please note that no electronic transmission of information can be entirely secure. We cannot guarantee that the security measures we have in place to safeguard personal information will never be defeated or fail, or that those measures will always be sufficient or effective.
Linked Websites and Social Networks
Our Sites may provide links to third-party sites for your convenience and information. SyncHR does not control linked websites, and we do not endorse or make any representations about third-party websites. Linked sites may have their own privacy policies, which you should review if you visit those sites. We are not responsible for the content of any sites not affiliated with SyncHR, any use of those sites, or those sites’ privacy practices.
We may also provide social media features on our Sites that enable you to share SyncHR information with your social networks and to interact with SyncHR on various social media websites. This includes social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our Site. Your use of these features may result in the collection or sharing of information about you. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. We encourage you to review the privacy policies and settings on the social media websites with which you interact to help you understand those website’s privacy practices.
SyncHR does not knowingly collect Personal Information or direct its Sites to children under the age of 16. If we learn that a user of our Site is under 16 years old, we will promptly delete any personal information that the individual has provided to us.
EU-U.S. Privacy Shield and Swiss - U.S. Privacy Shield
SyncHR Inc participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. SyncHR is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. SyncHR is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. SyncHR complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, SyncHR is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, SyncHR may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
How to Contact Us
Attn: SyncHR Privacy Team
1601 Wewatta St., Suite 750
Denver, Colorado 80202
You will receive confirmation of requested updates or deletions within 10 business days after request is made.
Last Updated: December 23, 2019