PRIVACY POLICIES

• Generic Information

  Consists of general information such as name, mailing address, phone numbers, email addresses and other contact information which allows us to identify and communicate with you.

• Personally, Identifiable Information

  Consists of information collected through the course of performing business services. Such information may include (but not limited to):

  • Your name
  • Address
  • Email addresses and phone numbers
  • Date of birth
  • Social Security number
  • Compensation
  • Bank account(s) information
  • Dependent information
  • Employee benefit information
  • Human resources information
• Generic Information

  Examples of generic information include how and when you access Primepoint technology, such as, IP address, hardware used, browser type and version. Additionally, activity is logged recording any additions or changes that you make while using Primepoint technology.

• Use of Personal Information

  Primepoint uses both types of Personal Information to perform data processing functions for which our business clients have contracted with Primepoint. Primepoint also uses Personal Information to assist in managing our day-to-day business including (but not limited to):

  • systems development & enhancements
  • data security and analysis
  • fraud prevention
  • tax reporting to federal, state & local tax agencies
  • data integration with system/service providers authorized by our business clients
• Sharing of Personal Information

  Primepoint does not sell any Personal Information. Primepoint will only share Personal Information to 3rd parties in order to perform the services for which our business clients have engaged us. We consider such 3rd party organizations as Related Providers. Examples of Related Providers with whom we would share information include:

  • Automated Clearing House(ACH) providers
  • Time system providers
  • Delaware Valley Payroll,Inc. (Primepoint’s tax service provider)
  • Retirement plan providers
  • Employee benefit systems providers
  • Business partners (an individual or company that has a business relationship with our business client).
  • Examples of such partners might be:
  • The business’s accountants or bookkeepers
  • The business’s insurance agents, benefit providers, or retirement advisors

  Primepoint shares Personal Information with such Related Providers when they manage products or provide services affecting you, and only after receiving written authorization from our business client.

• Security of Personal Information

  The safety and integrity of your Personal Information is of utmost importance to Primepoint. Consequently, Primepoint has established an informational security program designed to utilize best-practices to help protect your Personal Information. This program incorporates physical, technical and educational safeguards.

  Physical Safeguards
  Primepoint has established and tested controls (documented in our SOC I Type II audit report) restricting access to Primepoint’s facility, systems and Personal Information to properly authorized individuals. Such individuals include Primepoint employees, authorized insurance and accounting auditors and authorized business partners.

  Technical Safeguards
  Primepoint utilizes industry-standard tools and technologies to prevent unauthorized access into our systems. Client contacts as well as employees using Primepoint’s web portals are assigned unique user IDs. The system is configured to enforce minimum password standards used for the application. These password parameters govern minimum length, expiration, and complexity. The configured settings are as follows.

  • A password may contain no fewer than 8 characters.
  • A password must contain digits and letters.

  If a user fails to enter a correct password a maximum of 5 times in a row within any 30-minute span of time, the account is disabled for 30 minutes. The operations department of Primepoint must be contacted in order to re-enable the user’s password.

  Other technical safeguards used to help secure Personal Information include the use of malware detection tools, system firewalls, encryption of data transmitted online as well as co-location data backup and storage routines.

  Primepoint, LLC will continually strive through technological advances and policy changes to enhance the privacy and security of each individual’s Personal Information.

• Educational Safeguards

  Primepoint utilizes a number of outside educational & informational resources to stay up to date on best practices for securing and protecting information. Primepoint is a member of the NJCCIC (State of New Jersey’s Cybersecurity & Communications Integration Cell) which provides weekly threat updates as well as educational threat deterrent and prevention resources.

  In addition, Primepoint utilizes other educational resources from both the private and public sector to stay abreast of the latest cyber threats and associated protective measures.

• Cookies and Other Technology

  We use “cookies” to collect information from you when you visit our Sites. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes.

• Children Under 13

  The Sites, Product and Services provided by the Company are not directed to persons under 13. We do not knowingly collect PII from children under 13. If you become aware that your child is accessing the Sites, or Services and providing PII without your consent, please contact us by using the information provided in the Contact and Electronic Communications section of this Privacy Policy. We will take steps to remove PII from the Company’s servers and terminate the account should the Company determine that a child under 13 has accessed the Sites or Services.

• California Residents’ Rights

  (As provided by California Civil Code Section 1798.83)

  A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.

  Please note that whenever you opt-in to receive future communications from a third party, your information will be subject to the third-party’s privacy policies and practices. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policies and practices of any party that collects your information to determine how that entity will handle your information. California customers may request further information about our compliance with this law by e-mailing [email protected]. Please note that we are only required to respond to one request per client each year, and we are not required to respond to requests made by means other than through this e-mail address.

• Changes or Updates to this Privacy Policy

  We reserve the right to revise or update this Privacy Policy at any time, and you agree to be bound by those revisions or updates.