Swipeclock + IRIS AcquisitionSwipeclock + IRIS Acquisition

Swipeclock Global Privacy Policy

Effective: February 20, 2024

  1. Overview
  2. Information We May Collect
  3. Purposes of Collection
  4. Information Retention
  5. Consent
  6. Biometric Information
  7. Securing Your Personal Information
  8. Your Rights and Choices Regarding Your Personal Information
  9. Children
  10. Changes to Our Global Privacy Policy
  11. Contact Information & How to Update Your Personal Information
  12. No Representations or Guarantees About Independent Companies

Swipeclock (“We”, “Us”, “Our”, or “Swipeclock”) has created this Global Privacy Policy in order to demonstrate our firm commitment to protecting personal privacy.  We believe that privacy is the foundation on which all other personal freedoms are built.  We take this seriously!

You can find a copy of this Privacy Policy in PDF format here.

  1. Overview

This Global Privacy Policy describes the types of information Swipeclock collects from you, including Personal Information (information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular data subject), how we use that information, how we protect that information, and your rights with respect to that information.

This Global Privacy Policy applies to all Swipeclock websites, products, and services (collectively, our “Services”). We may collect information from the following individuals:

  • Current, prospective, and former customers (“Customers”);
  • Suppliers, vendors, subcontractors, business partners, resellers of Swipeclock Services (“Resellers”);
  • Visitors of Swipeclock’s websites and mobile applications (“Visitors”);
  • Employees of Swipeclock’s Customers; and
  • Swipeclock Resellers’ customers as directed by our Customers in the course of using our Services.

The types of information we may collect depend on the nature of the relationship that you have with Swipeclock and the requirements of applicable law.  We collect only information relevant for our business purposes and we do not engage in automated decision-making with regards to your Personal Information.

Our Employee Privacy Policy governs the management of Personal Information of our employees and contractors and shall control in the event of a conflict with this Global Privacy Policy.

  1. Information We May Collect

Depending on how you interact with Swipeclock and/or our websites and the Services you use, we may collect the following Personal Information from you:

Please note that your employer may collect other Personal Information from you that is not shared with Swipeclock. Please contact your employer for additional information on the categories and specific instances of Personal Information they collect.

Please also note that if you provide us with Personal Information about someone else, including any of the below-specified categories of personal information, you are responsible for ensuring that you comply with any obligation and consent obligations under applicable data protection and privacy laws and regulations, including providing notice of your collection and disclosure, and obtaining such other person’s explicit consent before doing so.

Categories of Personal Information We May Collect or Have Collected in the Past 12 Months Specific Personal Information We May Collect Sources of Personal Information We May Collect Categories of Third Parties to Whom We have Disclosed This Information in the Past 12 months
Identifiers

 

Name (including former and maiden names)

Title

Mailing Address

Phone Number

E-mail Address

Social Security Number

Date of Birth

Drivers’ License/Passport Numbers

Citizenship Information (Alien Registration Number/USCIS Number/I-94 Admission Number/Foreign Passport Number)

Business/Company Affiliation

Account Username and Passwords

Employee Identification Number

Your Employer, Contacting Us (via Website, Email, Phone, or by Mail), Employment Applications, Account Registrations/Applications (including those for free trials), Online Surveys/Competitions or Drawings, Social Media Interactions (including your posts to our pages), Downloading Information from Our Website (whitepapers or other publications), Purchases Made on Our Website Service Providers

 

Your employer (if applicable)

Financial Information (information described in CA Code §1798.80) Credit Card Numbers

Banking Information (Direct Deposit Information)

Other Financial Information Related to Payments for Services or Goods

Your Employer, Contacting Us (via Website, Email, Phone, or by Mail), Employment Applications, Downloading Information from Our Website (whitepapers or other publications), Purchases Made on Our Website Service Providers
Internet/ Electronic Activity Device Identification Number/Type

Webpage Views

Websites or Applications You Navigate To or From Our Site

Referral URL, Browsing History

Mobile Device Interactions, Website Cookies Service Providers

Data Analytics Providers

Geolocation Data Location Information Mobile Device Interactions, Website Cookies Your employee (if applicable)
Professional or Employment-Related Information Paystub and W-2 Information, Salary

Date of Hire/Termination

Employee Classification

Emergency Contact Information**

Time-In/Time-Out

Your Employer, Contacting Us (via Website, Email, Phone, or by Mail), Employment Applications, Account Registrations/Applications (including those for free trials) Service Providers

 

Your employer (if applicable)

Audio, electronic, visual, thermal, olfactory, or similar information. Recordings of product demonstrations (subject to notice provided to you)

Recordings of calls to our customer service or other remote audio interactions with us (subject to notice provided to you)

Interactions with our website, product demonstrations, and remote audio interactions with us (subject to notice provided to you) Service Providers

In addition, we may also share information about the use of our website, applications, products, or Services publicly or with third parties, but this will not include Personal Information.

Swipeclock does not…

  • Sell your Personal Information to third parties, however, we may have otherwise shared some elements of Personal Information with third parties in the previous 12 months, such as information derived from website cookies.
  • Share your Personal information with third parties for cross-context behavioral advertising purposes, or,
  • Disclose sensitive personal information about you for any reason, such as your social security number or geolocation information, for purposes other than the following:
    • To provide our services.
    • As reasonably necessary to prevent, detect, and investigate any potential security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information.
    • To resist malicious, deceptive, fraudulent, or illegal actions directed at our business.
    • To ensure the physical safety of individuals.

Important Note about Biometric Identifiers: Swipeclock does not collect or store any biometric identifiers that may be collected on the timekeeping devices that we sell or license to employers or Resellers. For more information, please see the Biometric Data section of this policy.

Our Use of Cookies

When you use our Services, we and certain of our service providers may use cookies, web beacons, pixel tags, and other tracking technologies (collectively, “Cookies”) to customize our Services, content, and advertising, as well as to measure the effectiveness of promotions and ensure that our Services are functioning properly.

Some Cookies are strictly necessary to make our Services available to you (“Essential Cookies”). We cannot provide our Services without these Essential Cookies.

We also may use Cookies to maintain and improve our Services or your experiences, and for marketing purposes (collectively, “Non-Essential Cookies”). Some of the Non-Essential Cookies used are set by us to collect and process certain data on our behalf and some are set by third parties, including Google Analytics, which allows us to view information about traffic to our webpage and helps us understand how website visitors use our Services, and which allows Google Analytics to serve advertisements to you across the Internet based on your visit to our websites. More information on Google Analytics is available in the Google Analytics Terms of Use, the Google Analytics’ Privacy and Data Protection Guidelines and in the Google Privacy Policy.

Non-Essential Cookies may collect information about your online activities over time and across third-party websites or other online services. The manner in which these third parties collect, use, store, and disclose your information is governed by the policies of such third parties. Swipeclock has no responsibility for the privacy practices or other actions of any third party that may be enabled within, or integrated with, the Services.

Your Choices Regarding Cookies

You may stop or restrict the placement of some types of Cookies on your device or remove them by adjusting your preferences as your browser or device permits. You can also consult the “Help” section of your browser for more information (e.g. Internet ExplorerGoogle ChromeMozilla Firefox, or Apple Safari). However, please note that cookie-based opt-outs are typically not effective on mobile applications. You may opt-out of personalized advertisements on some mobile applications by following the instructions for AndroidiOS and others. Please note that we do not recognize nor respond to browser-initiated do-not-track (“DNT”) signals, which are a privacy preference that users can set in certain web browsers, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and developing a common approach to responding to DNT. To learn more about Do Not Track, you can do so here.

The online advertising industry additionally provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiativethe Digital Advertising Alliancethe European Digital Advertising Alliance, the Your Ad Choices for App tool, and the Digital Advertising Alliance of Canada. Please note you must separately opt out in each browser and on each device.

  1. Purpose of Collection

We may collect Personal Information from you for a variety of reasons, including:

  • Authentication purposes;
  • To detect and prevent fraud;
  • To respond to your inquiries;
  • To provide you with services requested, and administer applications and products you requested;
  • To fulfill contractual obligations;
  • For pre-employment screening and hiring;
  • To analyze, monitor, measure, improve, and protect our content, website, applications, and Services, and provide an enhanced, personal user experience for you;
  • To provide, maintain, protect, and improve any applications, products, Services, and information that you have requested from us;
  • To develop new products and services;
  • To comply with laws, regulations, or government requests, including to detect, prevent, investigate, or remediate crime, illegal or prohibited activities, or to otherwise protect our legal rights (including liaising with regulators and law enforcement agencies for these purposes);
  • To protect our rights, property, and safety or the rights, property, and safety of others;
  • To achieve the purposes described in this Global Privacy Policy;
  • To enforce our terms of use and ensure websites, applications or Services are used in accordance with our end user agreements;
  • To manage and administer your use of applications, products, and Services you have asked us to provide, and to troubleshoot problems you may have, and provide you with related customer services and support activities;
  • To improve the security and performance of our website, applications, systems, and Services;
  • To consider employment applications and recruitment activities, including administration or management if you commence work for Swipeclock;
  • For tailored advertising and communications;
  • To contact you and send notices of changes to a Swipeclock policy;
  • To collect information about use of the functions of the features of our website, applications and Services to improve effectiveness of our website, applications and Services;
  • To conduct research, including statistical information about user operating systems;
  • To deliver joint content and services with third parties with whom you have a separate relationship, including payroll providers; and
  • For corporate governance, including mergers, acquisitions, and divestitures.
  1. Information Retention

We never keep your Personal Information for longer than needed for business purposes and in accordance with applicable law.

By using Swipeclock products and Services, you consent to the collection and retention of your information, as set forth in this Global Privacy Policy.

  1. Biometric Data

Where our Customers or Resellers use Swipeclock’s timekeeping devices for the purposes of authenticating employees based on a fingerprint, hand print or facial scan, the collection of such data is undertaken and controlled by the Customers or Resellers. Swipeclock does not perform or control the collection of such data, and does not receive any biometric identifiers on any of its systems. Such employee data is collected on the devices themselves, which are wholly owned by the Customers or Resellers. The devices create a randomized, de-identified code or number in place of any images of employee data (“authentication data”), which is stored locally on the device. Swipeclock receives and stores authentication data for the purposes of timeclock administration, such as restoring or configuring timeclocks, and to ensure the continuity of its services. We securely store this data for the duration of employment and as otherwise necessary to satisfy those purposes; however, we never keep this data for longer than three years from the date of your last interaction with us.

Access to authentication data is restricted, with additional reasonable safeguards employed, and such data is never shared with any third parties except our cloud service provider that stores the information on our behalf.

To the extent that an employee has questions about our Customers’ or Resellers’ collection or use of biometric identifiers and their use and protection of such data, the employee should consult with their employer or the Reseller directly. Such data collection and use will be governed by employer or Reseller’s privacy policy.

  1. Securing Your Personal Information

Swipeclock takes the security of your Personal Information very seriously and we have implemented reasonable technical, physical, and organizational security safeguards designed to protect your Personal Information from loss, misuse, and unauthorized access and disclosure.  We regularly monitor our systems for possible vulnerabilities and attacks.  However, no electronic data transmission or storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information you transmit to us.  If we have given you (or you have chosen) a password to access certain areas of our websites, applications, or Services, please keep this password safe—we will not share this password with anyone. In the event that Personal Information is compromised due to a breach of security, Swipeclock will promptly notify the affected individuals in compliance with applicable law.

  1. Your Rights and Choices Regarding Your Personal Information

Based upon where you reside, certain choices and rights with regards to your Personal Information may be available to you. Please see below for information on how to contact us to exercise these rights.

Residents of the EEA

Swipeclock does not operate in the European Economic Area (“EEA”), however our products may be licensed for use by entities operating there. As a result we may collect incidental information from residents of the EEA and to that extent we acknowledge that under the General Data Protection Regulation (“GDPR”) residents of the EEA have the following rights:

  • The right to object to our processing of your Personal Information.
  • The right to request that your Personal Information be erased or restricted from further use.
  • The right to correct, amend, or update the Personal Information you have given us.
  • The right to contest any automated decisions we have made about you. Please note that Swipeclock does not engage in automated decision-making.
  • The right to register a complaint with your supervisory authority.

When handling a data access or correction request, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. Such requests are provided free of charge however a reasonable fee may be applied charged to cover our administrative costs incurred for requests that are manifestly unfounded, excessive or repetitive.

Cross-Border Data Transfers

We operate globally and may transfer your Personal Information to affiliated companies of Swipeclock or third parties in locations around the world for the purposes described in this Global Privacy Policy.  By agreeing to this Global Privacy Policy, you expressly consent to the processing of your data in any jurisdiction, including, without limitation, the United States of America, in accordance with this Global Privacy Policy and applicable privacy and data protection laws and regulations, including Standard Contractual Clauses approved by the European Commission; and Binding Corporate Rules.

Residents of Specific U.S. States

Residents in the States of California, Colorado, Connecticut, Virginia, and Utah may have the following rights regarding their personal information:

  • Right to Know. You may have the right to receive information regarding our privacy practices (please note that this information is generally available in this Privacy Policy).
  • Right to Access. You have the right to request that we provide you the following information about our collection and use of your personal information over the past twelve (12) months. Once your verifiable consumer request has been confirmed, we will disclose to you:
    • The categories of personal information we have collected about you.
    • The categories of sources for the personal information we have collected about you (e.g., use of cookies, third party, etc.).
    • Our business or commercial purpose for collecting or selling that personal information.
    • The categories of third parties with whom we share or have shared that personal information.
    • The specific pieces of personal information we collected about you (also called a data portability request).
    • If we have not sold or disclosed your personal information for a business purpose, we will disclose this fact. If we have sold or disclosed your personal information for a business purpose, including direct marketing, we will provide you with two separate lists disclosing:
      • Sales, identifying the personal information categories that each category of recipient purchased; and
      • Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
  • Right to Deletion: You may have the right to request that Swipeclock delete your personal information. This right may be limited to the extent that Swipeclock is permitted or required by applicable law to retain information. Please note that if you request deletion of your personal information, you may no longer be able to use or access our Services. If you decide to use or access the Services again, Swipeclock may consider this a new account, and may collect personal information associated with that account in accordance with this Privacy Policy.
  • Right to Opt-Out of “Sale” and Certain Sharing Practices: Depending on your relationship with us, you may have the right to opt-out of certain information sharing practices with third parties who do not act as our service providers. In some states, such as California, this information sharing may qualify as a “share” or a “sale” under applicable law, while in other states, like Virginia, this information sharing may qualify as “targeted advertising” (collectively, “personalized advertising”). If you wish to opt-out of personalized advertising, please contact us at the phone number or email address set forth below in this Privacy Policy.
  • Right to Correction: You may have the right to request the correction of inaccurate personal information that we may have on file about you.
  • Right to Obtain additional details regarding our information practices: You may have the right to request disclosures regarding our information practices. (Note that this information is generally available in this Privacy Policy).

California residents are additionally entitled to request a notice that identifies the categories of personal customer information that we share with our affiliates and/or third parties for marketing purposes, and contact information for those entities. If you are a California resident and would like this information, please submit a written request to us using the contact information below in the “Exercising Your Rights” section below.

Exercising Your Rights

To exercise any of the rights described above, please email us at [email protected].

Please note that Consumers have a right to not receive discriminatory treatment for the exercise of these rights under applicable law.

Verification and Appeals

Only you, (or, in some states, a person that you authorize to act on your behalf), may make a request related to your personal information. You may also make a request on behalf of your minor child. In all cases, your request must be verified before we take action (and shall take such action pursuant to the timing permitted under applicable law). Verifying your request may require you to:

  • Provide sufficient information to allow us to reasonably verify that you are the person about whom we collected personal information, or a person authorized to act on your behalf; and
  • Describe your request with sufficient detail to properly understand and respond to it.

We will only use the personal information that you have provided in a verifiable request in order to verify your request. As stated above, we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority.

Making a verifiable request does not require you to create an account with us. We consider a request made through your password-protected account sufficiently “verified” when the request relates to personal information associated with that specific account and you have complied with any of our existing authentication practices.

If you are a resident of Colorado, Virginia, or Connecticut, you have the right to appeal a request we deny when we have verified your identity and still decline to honor your request. The process for that appeal will be sent to you separately if your request is denied.

Response Timing and Format

We aim to respond to customer requests within forty-five (45) days of receipt. If we are unable to deliver a response to verifiable consumer requests within this timeframe, we will inform you of the reason and estimated extension period in writing.[1] We will deliver a response to your existing account with us, if applicable, or a written response by mail or electronically, at your option.

Any disclosures will cover only the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. Data portability requests will be issued in a format that is readily useable, we do not charge a fee unless your request is excessive, repetitive, or manifestly unfounded. If the request warrants a reasonable fee, we will tell you why and provide you with a cost estimate before completing your request.

Fees

Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.

  1. Children

Our Sites are not directed to children under 13.  We do not knowingly collect, use, or disclose Personal Information from anyone under 13 years of age.  If we determine upon collection that a user is under this age, we will not use or maintain his/her Personal Information without the parent/guardian’s consent.  If we become aware that we have unknowingly collected Personal Information from a child under the age of 13, we will make reasonable efforts to delete such information from our records.

  1. Changes to Our Global Privacy Policy

From time to time, we may change this Global Privacy Policy to accommodate new technologies, industry practices, regulatory requirements, or for other purposes.  We will provide notice to you by email and/or prominently display an alert on our webpages if these changes are material.  Where required by applicable law, we will obtain your consent.  If you object to any changes, you may close your account.  You acknowledge that your continued use of our websites after we publish or send a notice about our changes to this Global Privacy Policy means that the collection, use, and sharing of your Personal Information is subject to the updated Global Privacy Policy.

  1. Contact Information & How to Update Your Personal Information

If you have a comment or question about this Global Privacy Policy, our privacy practices, or you would like to exercise any of your rights as outlined in this policy, please send an email to [email protected] or write us at:

Swipeclock

10644 S. Jordan Gateway, Suite 400

South Jordan, UT 84095

You may also contact us toll-free at 888-223-3450.

  1. No Representations or Guarantees About Independent Companies

While we may have contracts with or sell our applications, products, or Services to Your employer or through a Reseller, and we encourage such independent companies to comply with all applicable laws and regulations regarding your Information, including Your Personal Information, we cannot and do not make any representations or guarantees about the practices of these independent companies.

Your employer, or a corresponding Reseller—i.e., if your employer purchased, acquired, or otherwise obtained Swipeclock products from a Reseller—may also collect Information from you, including Personal Information that is not shared with Swipeclock. Resellers may also utilize a mobile application to capture some of this Information. Please note that if a Reseller collects and uses your personal information, such collection and use of that information is subject to the Reseller’s privacy policy and terms of use.

Please contact your employer and, if applicable, corresponding Reseller, for additional information on the categories and specific instances of Personal Information that they collect and refer to their privacy policies for additional information on how your Personal Information is collected, maintained, and shared, by them, as applicable.

[1] The response period may be extended up to forty-five (45) additional days where necessary, taking into account the complexity of your request.