Privacy Policy
All Fields Required
SUREPAYROLL PRIVACY POLICY
This privacy policy ("Policy") describes how SurePayroll, a Paychex company, also doing business as RunPayroll and/or Business Online Payroll, uses, shares, and protects business, financial, and personal information ("SurePayroll" or "we" or "us"). This Policy applies to all information provided, transmitted, or submitted to SurePayroll in connection with the Services provided to or on behalf of our clients ("Services"), including on this website and mobile applications ("Site"). This Policy is available on the homepage of this Site and at every login page where personally identifiable information may be requested.
We are committed to protecting the privacy of those who visit our Sites, and the information that is provided or transmitted to our Sites by visitors. We have structured our Sites so that people have the option to visit without identifying themselves or revealing any personal information.
We use reasonable care to protect data provided to us by or on behalf of our clients or prospective clients ("Clients") and their workers or from visitors of our Site (collectively "You" or "Your") from loss, misuse, unauthorized access, disclosure, alteration, and untimely destruction. This Policy governs personal information collected, processed, or disclosed by us for our own purposes as well as information provided to us as a Service provider for our Clients. It protects information collected online as well as offline. We may receive personal data from our Clients about their current and/or prospective workers, as well as workers' dependents and/or family members as needed to provide Services. We will collect and process Your personal information as instructed or permitted by our Clients or in accordance with this Policy. We do not grant access to personal information about you except as otherwise set forth herein. We do not share or sell personal information that's been shared or transmitted on the Sites with any third parties for their own marketing purposes.
This Site may contain links to other Sites. We encourage our users to be aware when they leave our Site, and to read the privacy statements of every that uses personally identifiable information.
What Information is Collected
We limit the information that we collect to the information that we need to provide our Services, to administer and improve the Site or our Services, and to fulfill any legal and regulatory requirements.
The categories of personal information that we may collect include the following:
- Contact information to allow us to communicate with You or to provide the Services
- Account information necessary for processing payroll and other Services
- Financial and bank account information as needed to provide the Services
- Social security number, date of birth, name, address, email address, phone number, including mobile phone number, and other details as needed to provide the Services
- Credit, debit, or payment card information if used for billing
- Credit or debt history regarding creditworthiness or credit history, with proper disclosures
- Employment history and application information submitted through our recruiting and applicant tracking Service
- Geolocation data, including your IP address, to provide Services or if geolocation Services are enabled for time and attendance tracking
- Other personal information as needed to provide specific Services
- Certain pages of our Site contain forms that allow you to request information about our products or Services or to gain access to valuable resources (like white papers and research documents) in exchange for contact information. In completing one of these forms, you may be required to provide contact information, such as your name, phone number, and/or email address. This information is for our use only. By providing your contact information, you consent to receive periodic emails related to products and Services. You may unsubscribe from our marketing emails at any time.
How Personal Information is Collected or Transmitted
To access or use certain information, features, or Services, You may be required to provide personal information. Personal information is primarily collected, submitted, and/or transmitted:
- When a Client provides it to us to facilitate the processing of the Services
- From You when You utilize the Site or Services
- From applications, forms, webinars, surveys, and other information You provide us
- If You provide us with comments or suggestions, request information about our Services, or contact our customer service or support departments via phone, email, chat or other forms of communication
- From consumer and business reporting agencies regarding Your creditworthiness or credit history
- Between us and third-party vendors
- From information You may provide via social media
How Personal Information is Used
We may use personal information to:
- Facilitate current, prospective, or former employer requested Services, transactions, investments, distributions and/or benefits
- Administer and improve our Site
- Facilitate billing and collections
- Contact Clients and consumers with information on Services, new Services or products, or upcoming events, including via SMS or MMS text messaging if mobile phone number is provided for that purpose
- Market our Services to Clients and consumers or for auditing our interactions
- Detect fraud or theft or for other security purposes
- Comply with legal, reporting, and regulatory requirements
- Maintain, manage, or service accounts
- Provide customer service or support
- Verify consumer identity as well as eligibility to receive Services, information, and products
- Research and develop technological improvements
- Send transactional communications as part of our Services
- Improve, upgrade, or enhance our Services
- Administer quality and safety maintenance for our Site or Services
- For other purposes that are compatible with this Privacy Policy or where permitted by applicable law
- In any other way we may describe when You provide the information, or for which You provide authorization
Parties With Whom Information May Be Shared
Information is shared to facilitate the Services requested by or on behalf of our Clients, for business operations, or as needed in order to properly and efficiently handle duties related to Your account. We may share information with:
- Our affiliates, partners, or subsidiary organizations
- Government agencies to fulfill legal, reporting and regulatory requirements
- Attorneys, accountants and auditors
- Our employees, affiliated companies, subsidiaries, contractors, agents and third-party vendors to perform Services related to Your account, to offer additional Services, perform analysis to determine qualification to receive future services, collect amounts due, or for our business operations
- Third-party providers for services that You may sign-up for via our Site or Services
- Banking and brokerage firms to process payroll-related and/or securities transactions
- To a buyer or successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred
- Credit bureaus and similar organizations, law enforcement or government officials. We reserve the right to release information if we are required to do so by law or if, in our business judgment, such disclosure is reasonably necessary to comply with any court order, law, or legal process, in a fraud investigation, an audit or examination
- Health and welfare providers in support of benefit Services
- Cloud providers, customer management platforms, security providers, and similar Services in connection with providing products, Services and in the support of daily operations
- Any other entity disclosed by us when You provide the information, or for which You provide authorization
Cookies and Spotlight Images or Web Beacons
A "cookie" is a piece of data that our Site may provide to Your browser while You are at our Site. The information stored in a cookie is used for user convenience purposes, such as reducing repetitive messages, tracking helper tool versions, and retaining user display preferences. If a user rejects the cookie, they will be able to browse the Site but will be unable to use our online application.
During Your interaction, a Service may automatically collect information from Your activity or device including:
- Computer, device, and connection information, such as browser type and version, operating system and other software installed on Your device, mobile platform and unique device identifier and other technical identifiers, including IP addresses, error reports and performance data
- Usage data such as user preferences including features, settings, date and time stamps, and pages visited
We use session cookies to limit popup windows to a single browser instance. We also use Java scripting in cooperation with cookies and "spotlight images" or "web beacons" to track Site traffic and email response. A "spotlight image" or "web beacon" is an electronic image, called a 1-by-1 pixel or clear GIF, that can recognize certain types of information on your computer, such as your cookie number, time and date of a page view or location. You may refuse cookies by turning off that feature in your web browser.
In addition, we may use or allow third parties, such as Google Analytics, Marketo and Pardot, to serve cookies on our Site to help us monitor our Site traffic, understand visitor behavior, and to target ads.
You can opt-out of this information tracking using a web browser that supports Do Not Track functionality, or by manually opting out via Sites like the Digital Advertising Alliance Consumer Choice Page. (http://www.aboutads.info/choices)
If you are simply browsing or navigating through our Sites information about your computer and the pages you visit on our Site is transmitted and may be used in the aggregate. This data is often referred to as clickstream or navigation data. We use this information for research, analysis, and reporting so that we can improve our navigation, page structure, and page content to help visitors find information more quickly and provide more value when they find what they are looking for on our Sites. Additionally, as you interact with different pages and content on our Site, this behavioral data may be tracked and used to provide targeted content and Site recommendations.
The following are things you can do while visiting our Site if you prefer NOT to share information about your visit:
- Disable cookies within your browser before visiting our Site;
- Choose not to submit information via web forms located within our Site;
- Choose not to enroll in or purchase our products or Services;
- Choose not to "opt-in" to certain programs that are available on our Sites;
- Choose not to complete any surveys available on our Site.
- The following describes the information we use and how that information is used to provide our visitors with the optimal online experience.
Data Retention
We retain personal information for as long as necessary to provide the Services and fulfill the transactions requested by or on behalf of Clients, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, enforcing our agreements, and for any other necessary business purpose.
How Aggregated, Non-Personal Information is Used
We may collect general, non-personal, statistical information about the users of the Site and our Services to determine information regarding the use of our Site and general information about our Clients and Service interactions. We also use aggregated, non-identifiable information to provide statistical data, or to provide insights to our Clients associated with their workforce as part of our Services.
Children Under 13 Years of Age
We are concerned about the privacy of young children and do not knowingly use any personal information from a child under the age of 13. If we learn that we have personal information on a child under the age of 13, we will delete that information from our records and systems.
All dependent data needed for benefits enrollment is customarily provided by the employee/guardian and kept secure as indicated in this Policy.
Your California Privacy Rights
Under California Civil Code 1798, California residents with an established business relationship can request information about sharing their personal information with third parties for the third parties' direct marketing purposes. If You are a California resident and would like more information, please contact Your service provider.
Communication Preferences
If You have opted to receive any of our marketing emails or if You have otherwise provided us with contact details and no longer wish to receive our marketing emails You can let us know by following the unsubscribe instructions contained at the bottom of any email that we send to You. Also, in compliance with the CAN-SPAM Act, we provide our physical mailing address in all marketing email communications for general correspondence and opt-out communications.
If we lack sufficient information to process Your request, we may contact You to request further information or clarification.
Security
We use reasonable care to protect the confidentiality, integrity, and availability of Your information and we continue to invest in our award-winning security capabilities, including personnel security and physical security; system security, access control, and monitoring; data backup and business continuity management; and vulnerability and intrusion detection. Specifically, we:
- Maintain policies and procedures covering physical and logical access to our workplaces, systems, and records
- Apply physical, electronic, and procedural safeguards aligned with industry-recognized best practices
- Use technology such as backups, virus detection and prevention, firewalls, and other computer hardware and software to protect against unauthorized access to or alteration of Your information
- Encrypt sensitive information transmitted over the internet
- Through formal approval processes, access controls, and internal auditing, limit our employee's access to Client information to those who have a business reason to know
- Require our employees to take information security awareness training upon hire and annually thereafter and apply this training to their jobs every day
- Provide ongoing training and awareness to our employees about security best practices, including internal phishing simulations for education and testing purposes
- Use advanced technologies for the backup and recovery of Your information
- Monitor compliance with established policies through ongoing security risk assessments and internal audits
While we help protect the security and integrity of Your information through procedures and technologies designed for this purpose, the safety and security of Your information also depends on You. We may give You, or You may choose, account credentials to access certain parts of our Site or Services. It is solely Your responsibility to maintain the security and confidentiality of Your account credentials and the information and Services accessible through Your account and the Site. You are not permitted to share or sell Your account credentials to any third-party, unless authorized. If You suspect fraudulent or abusive activity relating to Your account, or if Your credentials have been lost, stolen or compromised in any way, You should immediately change Your potentially compromised credentials and notify us and your employer.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect Your personal information, We cannot guarantee the security of Your personal information transmitted to us. Any transmission of personal information is at Your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.
How to Access and Correct Your Information
Keeping Your information accurate and up-to-date is very important. Clients can review or correct account information on the Site or by contacting a customer service representative. If You have an account on the Site, You may be able to make changes to Your information after You login to the Site using the online tools. Changes to information regarding a worker's dependent(s) or family member(s) must be completed by worker and/or the worker's employer.
California Consumer Privacy Rights
If You do business in California or are a consumer in California, please visit our CCPA Privacy Policy for more information regarding our processing of Your information. The CCPA Privacy Policy is incorporated by reference herein.
Changes to This Privacy Policy
We reserve the right to update or modify this policy at any time, due to legislative changes, changes in technology or our privacy practices, or new uses of customer information not previously disclosed. Updates are effective upon publication and Your continued use of this Site will indicate Your acceptance of those changes. Please refer to this Policy regularly.
Contact Information
If You have any comments, concerns or questions about this Privacy Policy, please contact us at: Privacy_Office@paychex.com.
SurePayroll, Inc.
2700 Patriot Blvd., Suite 300
Glenview, IL 60026
Last revised date: November 8, 2023