Effective Date: January 1, 2020 (view archived version)
I. Corporate Commitment to Privacy
We urge you to read this Privacy Statement so that you understand our commitment to you and your privacy, and how you can participate in that commitment.
- visitors to, or users of, its websites;
- current customers using the Services pursuant to a written agreement with Zenefits;
- prospective and current customers using the Services pursuant to a clickwrap, browserwrap, or other online agreement;
- service providers and business partners;
- other third-parties that use the Services, including without limitation including without limitation the end users of prospective and current customers.
III. FTC Enforcement Power
Zenefits is subject to the investigatory and enforcement powers of the Federal Trade Commission.
IV. Personal Information
Definition of Personal Information
Personal information refers to any information relating to an identified or identifiable natural person, such as an identification number, physical, physiological, mental, economic, cultural, or social identifiers.
Definition of Personal Information (Special Categories of Information)
Special categories of personal data refers to genetic and biometric data which can identify a unique individual. Under GDPR, these categories require additional privacy protections.
V. Definition of Non-Personal Information
We may also collect information that is related to you but that does not personally identify you (“Non-personal Information”). Non-personal Information also includes information that could personally identify you in its original form, but that we have modified (for instance, by aggregating, anonymizing or de-identifying such information) in order to remove or hide any Personal Information.
Zenefits collects personal information about you in connection with many of our services. When working or using our company, you may be prompted to make an account which may hold personal information such as your name, mailing address, email address, or credit card information. Prior to collecting this information, Zenefits will obtain your consent. At any point in time, you can revoke consent and we will cease using and processing your data immediately.
VII. Information Collected Automatically
Zenefits may also collect Technical Information about you when you visit our websites, which your web browser automatically sends whenever you visit a website on the Internet. “Technical Information” is information that does not, by itself, identify a specific individual but which could be used to indirectly identify you. Our servers automatically record this information, which may include your Internet Protocol (“IP”) address, browser type, browser language, and the date and time of your request. Gathering your information helps us ensure our websites and other services work correctly and support out customer analytic efforts.
VIII. Information Collected Automatically (Examples)
We may use pixel tags and cookies in our marketing emails so that we can track your interaction with those messages, such as when you open the email or click a URL link that’s embedded within them. When recipients click on one of those URLs, they pass through a separate web server before arriving at the destination page on a company website. We use tools like pixel tags and cookies so that we can determine interest in particular topics and measure and improve the effectiveness of our communications.
When you download or use our mobile-device applications, or access one of our mobile-optimized websites, we may receive information about your mobile device, including a unique identifier for your device.
Cookies and Similar Technologies
We may collect information about your use of the websites through cookies and similar technology. A “cookie” is a unique numeric code that we transfer to your computer so that we can keep track of your interests and/or preferences and recognize you as a return visitor to the websites. For example, we may use these technologies to collect information about the ways visitors use our websites, to support the features and functionality of our websites, and to personalize your experience when you use our websites.
IX. Information Collected from Other Sources
Zenefits may also collect information about you from other sources to help us correct or supplement our records, improve the quality or personalization of our service to you, and prevent or detect fraud. We work closely with third parties (for example, business partners, service providers, sub-contractors, advertising networks, analytics providers, search information providers, fraud protection services) and may receive information about you from them. The following are some examples:
In order to provide the services and improve Zenefits’ websites, we may engage the services of third-party vendors. In the process of supplying services to Zenefits, these third-party vendors may need to collect Personal Information about you.
Log files record website activity on our services and enable us to gather statistics about our users’ browsing habits. These entries help Zenefits determine (among other things) how many and how often users have accessed or used our services, which pages they’ve visited, and other similar data.
Clear GIFs, sometimes called “web bugs” or “web beacons,” are small electronic images that are placed on a web page or in an email message. We use clear GIFs to monitor user behavior, deliver cookies, collect information, count visits, understand usage and campaign effectiveness, and to tell if a recipient has opened and acted upon an email.
X. Permitted Use of Personal Information
Zenefits uses your personal information to provide you products and services, such as to fulfill your requests for products or to help us personalize our offerings to you. We also use your personal information to support our business functions, such as fraud prevention, marketing, and legal functions. To do this, we combine personal and non-personal information, collected online and offline, including information from third party sources. The following are some examples:
To fulfill your requests for products and services and communicate with you about those requests;
Understand Customer Behavior
To better understand customer behavior so that we may improve our marketing and advertising efforts and to improve the distribution of our products and services;
To help us personalize our service offerings, websites, mobile services, and advertising;
To comply with legal and/or regulatory requirements;
Responding to Customer
To respond to reviews, comments, or other feedback you provide us;
For industry benchmarking and analysis consistent with our legitimate business purpose;
XI. Promotional Messaging or Advertising
Zenefits uses your contact information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or special offers or to notify you about our upcoming events.
XII. Ability to Opt-In to Promotional Messaging or Advertising
Zenefits allows you to opt-in to receive advertisements based on your interests. If you do not opt-in, you will still receive advertisements but they will not be tailored to your interests.
XIII. Disclosure of Categories of Personal Information
The California Consumer Privacy Act (CCPA) requires us to disclose categories of personal information we collect and how we use it, the categories of sources from whom we collect personal information, and the third parties with whom we share it, which we have explained above.
We collect the following categories of personal information and in the preceding twelve months, we have disclosed these categories of personal information for a business purpose to affiliates, service providers and third parties:
- Identifiers such as your name, username, email address, phone number, unique device identifiers, your IP address
- Personal information categories described in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) such as signature, insurance policy number and health insurance information
- Personal characteristics protected by law, such as your gender and age
- Commercial information, such as purchases made and payment information
- Internet or electronic network activity information, such as information about your device and your use of our Services
- Geo-location data, when shared through your device settings or photos
- Electronic, visual, or similar information, such as photos
- Professional or employment information, when you link your account to other accounts
- Education information
- Inferences we draw or derive about users, such as your interests or preferences
- Other information you provide, such as your profile picture, bio, pins, and comments
XIV. Disclosure of Personal Information for Business Purposes
If Zenefits sells any part of its operations, Zenefits may transfer personal information in connection with the sale. Prior to a sale occurring, Zenefits will contact you to gain your consent for the disclosure of your personal information.
XV. Disclosure of Personal Information for Legal and Safety Reasons
Zenefits may be required to disclose personal information to the authorities, law enforcement agencies, government agencies, or legal entities. We may disclose information by law, litigation, or as a matter of national security to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law. We may also need to disclose personal information in the event of an emergency that threatens an individual’s life, health, or security.
XVI. Disclosure of Personal Information Via Links to Third-Party Websites, Services, and Applications
XVII. Onward Transfer Liability
In cases of onward transfer to third parties of your personal data, Zenefits is potentially liable. In particular, Zenefits remains responsible and liable if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with its principles, unless Zenefits proves that it is not responsible for the event giving rise to the damage.
XIX. Ability to Disable Technologies
Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer, tablet or mobile device. Although you are not required to accept cookies, if you block or reject them, you may not have access to all features available through our services. For more information, visit the help page for your web browser or see http://www.allaboutcookies.org
XX. Consequences of Disabling Technologies
Please note that if you disable your web browser’s cookies and other technologies, certain features of our website and services will be disabled and you will limit the functionality we can provide when you visit our site.
XXI. Security Measures Taken to Protect Personal Information by Zenefits
Security of all information is of the utmost importance for Zenefits. Zenefits uses technical and physical safeguards to protect the security of your personal information from unauthorized disclosure. Nevertheless, such security measures cannot prevent all loss, misuse or alteration of personal information and we are not responsible for any damages or liabilities relating to any such incidents to the fullest extent permitted by law. In the case of a data breach, we will notify you without delay of any loss, misuse or alteration of personal information that may affect you.
XXII. Security Measures to Protect Personal Information by Third Parties
We require that our third party service providers and channel partners agree to keep all confidential information we share with them and to use the information only to perform their obligations in the agreements we have in place with them. These third party service providers and channel partners are expected to maintain privacy and security protections that are consistent with Zenefits’ privacy and information security policies.
XXIII. Data Retention and Storage
Zenefits retains your information for business purposes as long as is reasonably necessary to provide you with our products and services, but in no event for longer than twenty-seven (27) months. Zenefits will also retain your information as reasonably necessary to comply with our legal obligations, resolve disputes and enforce our agreements. We may also retain cached or archived copies of your information for a reasonable period of time, but in no event for longer than twenty-seven (27) months. At any point in time, you can withdraw consent and we will immediately stop processing your data.
XXIV. Choice: Your Privacy Rights
Zenefits gives you choices about the ways we collect, use, and share your personal information. You can choose what contact information will be stored in your account and preferences. However, if you choose not to provide certain details, some of your experiences with us may be affected. If at any point in time you wish to know what data we process about you, you can request to access the information by contacting us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
XXV. Collection of Information from Children
We recognize the importance of protecting the privacy and safety of children. Our website and services are primarily directed towards the general audience and are not directed towards children. We do not knowingly collect information about children under the age of 13 without the consent of a parent or guardian, however there may be instances where a parent or guardian opts, at their sole discretion, to upload and/or store such information (such as adding a dependent to an insurance policy). A parent or guardian of a child may contact us by visiting this page if they have a Zenefits.com account or this page if they do not have a Zenefits.com account to request that we delete such information.
XXVI. International Transfer of Personal Information
Zenefits may share customer information within our family of companies for a variety of purposes, for example to provide you with the latest information about our products and services and offer you our latest promotions. To facilitate our global operations, Zenefits may transfer personal data from your home country to other Zenefits locations across the world. To protect your personal information, we will only transfer data to countries who provide an “adequate” level of personal data protection. If the data is transferred to counties without ‘adequate’ protection as determined by the European Parliament, we will use additional safeguards to ensure your data is protected.
XXVII. Contact Point to Update/Delete Personal Information
You have the right to access and limit the use and disclosure of your personal data. If you would like to express your point of view, challenge an explanation of data use, or otherwise obtain further information, contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account. If at any time after registering for information, your personal information changes, notify us and we will update your contact information. Please note, at any time, if you desire to obtain or transfer your information, we will provide you with your personal data in a structured and commonly used electronic format.
XXVIII. Location of Data Processing/Storage
Personal information collected about EU data subjects via our website or our Services is processed in the United States by Zenefits or by a third party acting on our behalf. When you provide personal information to Zenefits, you consent to the processing of your information in the United States. Our websites are hosted in the United States.
XXIX. California Privacy Rights
Right to Know and Access
You may submit a verifiable request for information regarding the: (1) categories of personal information we collect, use or share; (2) purposes for which categories of personal information are collected or used by us; (3) categories of sources from which we collect personal information; and (4) specific pieces of personal information we have collected about you. To make such a request, please call us at +1 855-547-2456 or visit this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account. In order to verify any request, you may need to log in to your account or respond to an email verification request.
Right to Delete
You also have the right to request the deletion of your personal data that have been collected in the past 12 months. To make such a request, please call us at +1 855-547-2456 or visit this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account. In order to verify any request, you may need to log in to your account or respond to an email verification request.
Do Not Sell My Personal Information
We do not sell personal information. However, the Service Providers we partner with (for example, our advertising partners) may use technology on the Service that “sells” personal information as defined by the CCPA law. If you wish to opt out of the use of your personal information for interest-based advertising purposes and these potential sales as defined under CCPA law, you may do so calling us at +1 855-547-2456 or visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Right to Equal Service
We will not discriminate against you if you exercise your privacy rights, including by: (1) denying goods or services to you; (2) charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties; (3) providing a different level or quality of goods or services to you; or (4) suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising Your CCPA Data Protection Rights
To exercise any of your California Privacy Rights, you can call us at +1 855-547-2456 or visit this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account. In order to verify any request, you may need to log in to your account or respond to an email verification request.
We will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice.
XXX. Europe Privacy Rights
Right of Access
At any point in time, you can confirm your data is being processed and request to access your data. If you wish to access/confirm you data is being processed, please contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Right to Consent
Before collecting and using your personal data, Zenefits will obtain consent. At any point in time, you can revoke consent and Zenefits will stop using and processing your personal data.
Right to Erasure
You have the right to request Zenefits erases all of your personal data on a number of grounds, including if the data is no longer necessary for its original purpose or if you withdraw consent. If Zenefits receives a request, we will inform all third parties who have the data of this request. For additional information on when you can request data erasure, please contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Right to Rectification
If any personal data is inaccurate or incomplete, you can request Zenefits corrects the data. When this occurs, Zenefits will notify third parties who have access to the data of the change. If you wish to alter your data, please contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Right to Restrict Processing
Even if personal data is still stored by a company, now or in the future, you can request Zenefits stops using or processing your data. If you wish to restrict data processing, please contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Right to Object
You have the right to object to your personal data being processed for profiling, direct marketing, scientific research, and statistics. If you wish to object, please contact us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account.
Rights Related to Automatic Decision Making and Profiling
At any point in time, you can contact a Zenefits representative to express your point of view, challenge an explanation of data use, or otherwise obtain further information on automatic data processing.
Right to Data Portability
You have the right to transfer your personal data from one electronic processing system to another without being prevented from doing so by Zenefits’ data processor. Unless extended by Zenefits request, within ninety (90) days, Zenefits will respond to the request and provide you with the desired information for free in a structured and commonly used electronic format.
Exercising of Your GDPR Data Protection Rights
You may exercise your rights of access, rectification, cancellation and opposition by contacting us by visiting this page if you have a Zenefits.com account or this page if you do not have a Zenefits.com account. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, if you are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.