ContinuumCloud, Inc., ContinuumCloud, LLC, Datis HR Cloud Inc., Datis, LLC, or any associated companies (“Company”) is committed to respecting the privacy rights and concerns of all users (“Users”) of any Company website(s) (“Websites”) and the services Company provides (“Services”). (“Website” and “Services” are collectively referred to as the “Online Services”). As such, we have established and implemented this Privacy Policy (“Privacy Policy”) to inform Users how we use and protect the personal information we collect (“Personal Information”).
By visiting or using the Online Services, you consent to Company’s collection, use, storage, deletion, and disclosure of information relating to you as set forth in this Privacy Policy. This Privacy Policy is subject to change at any time for any reason and without notice. Any modifications will take effect when posted. Therefore, each time you access the Online Services, you need to review the Privacy Policy upon which access and use of these Online Services is conditioned. By your continuing use of the Online Services after changes are posted, you will be deemed to have accepted such changes. This Privacy Policy is only applicable to the Online Services and not to any other website that you may be able to access from the Online Services, which may have its own data collection and use policy.
Except as set forth in this Privacy Policy, or unless we have your consent, we will not share your personal information with any person or entity other than those affiliated with us, entities acting on our behalf, and relevant third parties, such as those needed to collect and maintain our servers and perform technology and related Online Services. We do not share your personal information with third parties for marketing purposes.
As part of Company’s Online Services, our customers may load data into Company servers. Company will not share or distribute any such customer data except as provided in the contractual agreement between Company and customer, or as may be required by law.
On the Websites you may post comments, for example on a blog or bulletin board. These comments and discussions are moderated and may be accessed for technical reasons. We will not use the information you post on an online forum beyond the purpose for which you posted it. You should only post personal information to online forums with the awareness that the information will be made available to others inside and outside of Company. Any comments posted by individuals on an online forum, such as a blog, are their own and should not be considered as reflecting the opinion of Company. To request removal of your personal information from our blog or community forum, contact us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
The Online Services uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. These analytics and performance cookies are used only when you acknowledge our cookie banner and are used to view site traffic, activity, and other data and/or to provide you with a personalized experience. Cookies may also be used to keep track of your login name and password, to track your visits to the Site, to personalize your experience, and improve a Company Website so the pages you view and other behavior may be stored by cookies on your device. These cookies contain no personally identifiable information. You may still access the Online Services if you set your browser not to accept cookies.
We may use web analysis tools to measure and collect anonymous session information. We use this information to monitor and analyze in a depersonalized form how users use the Online Services, to provide customers with the Online Services, and to maintain and improve the Online Services. We may also collect similar information from emails we may send to you, which then help us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Online Services.
The personal data collected when you visit the Online Services include:
We may collect certain personal information in connection with your account or an employer’s account with us, including your mailing address, phone number, date of birth, social security number, driver’s license or state identification number, financial information, information about your employment, and other information that may be required. If payment is required from you for any service, you will also be required to provide a credit card number and billing address, or other payment information. We also collect personal information when you receive customer or technical support.
We will not sell, rent, lease, or transfer your data to any third-party commercial entity for the purpose of marketing or selling unrelated products or services for our financial gain or economic benefit. We use your personal information to provide Online Services to you, deliver products and services, complete transactions, handle your questions or issues, and send communications to you about promotions, updates, or special offers that may be of interest to you. Other uses include verifying your identity, preventing fraud, and alerting you of new products, features, or enhancements to the Online Services. We may also use your email address to send you messages about your account or the Online Services, as well as other general announcements.
The personal information uploaded by you will be shared only with authorized persons required to provide the Online Services. We may also use your depersonalized personal information to provide analyses of our users in the aggregate (including Analytical Data subject to the terms of this Privacy Policy) to prospective partners and other third parties.
By submitting personal information through the Online Services, you authorize Company to share this personal information for the purposes identified herein, and you grant us a royalty-free, worldwide, perpetual, irrevocable, and fully transferable right and license to use your personal information in connection with the creation and development of analytical and statistical analysis tools (the “Analytical Data”). We are expressly authorized to make any commercial use of the Analytical Data, including without limitation sharing the Analytical Data with third parties, provided that we do not sell, trade, or otherwise transfer from us any part of the Analytical Data that personally identifies any Users.
We will also share the personal information we collect from you under the following circumstances:
Feedback. You may choose to, or Company may invite you to, submit comments, bug reports, ideas, or other feedback about the Online Services (“Feedback”). By submitting Feedback, you agree that Company is free to use such Feedback at its discretion without any obligation to you. Company may also choose to disclose Feedback to third parties. You hereby grant Company a royalty-free, perpetual, irrevocable, transferable, sublicensable, worldwide, nonexclusive license under all rights necessary to incorporate and use your Feedback for any purpose.
Asset Transfers. If we become involved in a merger, acquisition, or other transaction involving the sale of some or all of Company’s assets, User information may be included in the transferred assets. Should such an event occur, we will use reasonable means to notify you through email and/or a prominent notice on the Site.
If you make a purchase or need to upload payment information through the Online Services, we may use a third-party payment processor such as Stripe or Paypal. Payments are encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
Although no method of transmission over the Internet or electronic storage is 100% secure, Company follows all PCI-DSS requirements and implements additional generally accepted industry standards.
Re-Targeted advertising uses information collected on an individual’s web browsing behavior such as the pages they have visited or the searches they have made. This information may then be used to display Company employment opportunities to you if you have visited our careers page. The information collected is only linked to an anonymous cookie ID (alphanumeric number); it does not include any information that could be linked back to a particular person, such as their name, address, or credit card number. The information used for targeted advertising either comes from Company or through third-party website publishers. If you would like to opt-out of re-targeted advertising from Company, please delete your cookies when leaving our site. Please note this does not opt you out of being served advertising. You will continue to receive generic ads.
In general, the third-party providers used by us will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner your personal information will be handled by these providers.
Certain providers may be located in a different jurisdiction or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
You may withdraw your consent to receive communications by following the “unsubscribe” link at the bottom of our emails. You may withdraw your consent to use an electronic signature at any time by contacting us. If you withdraw your consent, you may be unable to access the Online Services, and we will be unable to continue to process any pending applications for products and services.
The personal information that you provide to us is stored on servers that are located in secure facilities with restricted access and protected by protocols and procedures designed to ensure the security of such information. We restrict access to only those Company employees, independent contractors, and agents who need to know this information in order to develop, operate, and maintain the Online Services. All Company personnel who have access to this information are trained in the maintenance and security of such information. However, no server, computer, or communications network or system, or data transmission over the Internet, can be guaranteed to be 100% secure. As a result, while we strive to protect User information, we cannot ensure or warrant the security of any information you transmit to us or through the use of the Online Services and you acknowledge and agree that you provide such information and engage in such transmissions at your own risk.
In the event that personal information you provide to us is compromised as a result of a breach of security, when appropriate we will take reasonable steps to investigate the situation, notify you, and take the necessary steps to comply with any applicable laws and regulations.
You agree that in the event any dispute or claim arises out of or relating to this Privacy Policy, you and Company will attempt in good faith to negotiate a written resolution of the matter directly between the parties. You agree that if the matter remains unresolved for forty-five (45) days after notification (via certified mail or personal delivery) that a dispute exists, all parties shall join in mediation services in the state of Company’s principle office with an arbitrator chosen by Company in an attempt to resolve the dispute. Should you file any arbitration claims or any administrative or legal actions without first having attempted to resolve the matter by mediation, then you agree that you will not be entitled to recover attorneys’ fees, even if you would otherwise be entitled to them.
We may collect customer information from persons other than the individual or individuals using the Online Services. Such information, as well as other personal or privileged information subsequently collected, may in certain circumstances be disclosed to third parties without your authorization as permitted by law. If you would like additional information about the collection and disclosure of customer information, please contact us.
Under the General Data Protection Regulation (GDPR) of the European Union (EU), EU citizens are entitled to certain privacy protections regarding the use of, storing, and processing of your personal information as well as having right to be notified if personal information is stolen, copied or accessed on an unauthorized basis.
The GDPR is a modern privacy rights framework adopted to create better transparency and control over who, how and when your personal data may be used, including the “right to be forgotten”.
This section will explain how Company complies with the GDPR and how your personal data may be collected, stored, and used. We also explain under what circumstances and for what purposes we may use your personal data and also provide instructions on how you can “opt-out” from our using your personal data and also request the removal of your personal data from our systems.
Our business is a “B2B” business, meaning we sell products and services to government agencies and private businesses, and not to individual consumers. Even so, under the GDPR, if you are an employee of or associated with a business customer, certain information may be considered personal data such as your business email, business mobile number or other similar information from which your personal identity may be known. It is also customary in many instances for business associates of business or government customers to furnish their private or personal contact information such as private email address, home telephone number, and similar information. Even if done in the context of a business purpose, this information may be deemed personal data. Therefore, if you believe your business information discloses personal data that you do not wish disclosed, you should not give it to us. You should also ask your employer to change your business contact information an anonymized format, such as changing your email form “my.name@mycompany” to “randomcharacters@mycompany”.
Please be advised that our business has less than 250 employees. Accordingly, we are subject to less stringent recording requirements under GDPR requirements. We are, however, not exempt from other privacy protection and reporting requirements which apply to all businesses equally.
Our ability to use your personal data may come about by the following means:
Additionally, many of our products and services are employment-based products, such as payroll services. As such, personal identity information is required to enable communications and messages to be delivered to you, for other in-network users to identify and communicate with you, and for us and others to authenticate identity and employ various network and information security measures.
We will use your personal data only in connection with furthering our business relationship with you, to enhance and protect the security of your information, and to enable your use of our products and services, and those add-on products and services that may be integrated with our products and services.
If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
However, if you choose not to share your personal data with us, or refuse certain contact permissions, Company might not be able to provide the services you require.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. We have outlined above the various circumstances, purposes, and time periods when we will hold personal data.
At the end of that retention period, your data will either be deleted completely or anonymized, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning. To summarize:
Ten Years from Transaction date. As described above, you should expect your personal data that is Business Transaction Data including any pertinent Relationship Data to be held for ten (10) years from the date of its creation for contract and legal purposes. The same ten-year period would apply to Security Data from the date of its last use or transactional entry.
Your personal data will be stored in the United States unless you are notified otherwise. In certain countries we may a local computer processing center or point of presence and data will be held in the local environment as requested by our customers and to the extent available.
We will not transfer your personal data to any provider in any jurisdiction unless such provider and jurisdiction meet the requirement under the GDPR.
Below is an overview of your various rights.
You have the right to request:
You can contact us to request to exercise these rights at any time by completing an online form. If we choose not to adhere to your request we will explain to you the reasons for our refusal.
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
This right does not include communications and information functions, such as alerts and notices, which are displayed in any application or product interface of ours which is part of the operation of or relates to a normal function of our product. By logging into our products or services, you are expressly giving your consent for such purposes. If you disagree with that then do not log in or use our products or services.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorized a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
You may send us notice of the exercise of your rights, whether to “opt-out” of certain or all marketing channels, to request deletion of your personal data or to correct, receive a copy of your personal data by any of the following means:
Send an Email to:
operations@continuumcloud.com
Please include the subject line “GDPR Request”
Please include the action you are requesting we take, the basis for the action, and any information which can reasonably identify you, and valid means to respond back to you.
Online:
When you send us a communication through a form, you may check a box indicating your preference to opt-out of marketing campaigns and contacts.
We are dedicated to adhering to the EU’s privacy laws for our EU customers. If you believe that we are not fulfilling our obligations in accordance with the law, you may file a complaint with the European Data Protection Supervisor (EDPS). We have provided this link for your convenience (note you are linking to an external third-party site unaffiliated with us):
https://edps.europa.eu/data-protection/our-role-supervisor/complaints_en
RESERVATION OF RIGHTS
We provide this privacy notice to EU citizens in accordance with our understanding of the GDPR and will endeavor to comply with such law on a voluntary basis. We reserve all rights afforded under United States laws and treaties. This privacy notice is not a contractual obligation or guarantee to you that may be enforced in the United States or any other jurisdiction which does not recognize the GDPR as part of its law. Our contract obligations are limited to those contained in the purchase agreements and end-user license agreements between us and our customers. We, for ourselves and on behalf of directors, officers, employees, advisors, and all other persons affiliated with us reserve all rights regarding personal and subject jurisdictional matters, and the applicability and enforcement of the GDPR with respect to US citizens and non-EU citizens. Neither this privacy notice nor any actions taken to comply with the GDPR shall constitute a waiver of such rights or submission to jurisdictional authority of any court, tribunal, or governmental authority outside of the United States.
QUESTIONS
If you have any questions about our privacy practices or this Privacy Policy, please contact us.