We at Primepoint understand the sensitive nature of the personal demographic and financial information that we continually accumulate on business clients and the individuals of business clients for which Primepoint technology is use to deliver services. Consequently, we take great caution in securing this information and using the information to perform the services for which we’ve been contracted.
Types of Personal Information
Generic Information –Consists of general information such as name, mailing address, phone numbers, email addresses and other contact information which allows us to identify and communicate with you.
Personally, Identifiable Information – Consists of information collected through the course of performing business services. Such information may include (but not limited to):
- Your name
- Email addresses and phone numbers
- Date of birth
- Social Security number
- Bank account(s) information
- Dependent information
- Employee benefit information
- Human resources information
Generic Information – Examples of generic information include how and when you access Primepoint technology, such as, IP address, hardware used, browser type and version. Additionally, activity is logged recording any additions or changes that you make while using Primepoint technology.
Use of Personal Information
Primepoint uses both types of Personal Information to perform data processing functions for which our business clients have contracted with Primepoint. Primepoint also uses Personal Information to assist in managing our day-to-day business including (but not limited to):
- systems development & enhancements
- data security and analysis
- fraud prevention
- tax reporting to federal, state & local tax agencies
- data integration with system/service providers authorized by our business clients
Sharing of Personal Information
Primepoint does not sell any Personal Information. Primepoint will only share Personal Information to 3rd parties in order to perform the services for which our business clients have engaged us. We consider such 3rd party organizations as Related Providers. Examples of Related Providers with whom we would share information include:
- Automated Clearing House (ACH) providers
- Time system providers
- Delaware Valley Payroll, Inc. (Primepoint’s tax service provider)
- Retirement plan providers
- Employee benefit systems providers
- Business partners (an individual or company that has a business relationship with our business client).
Examples of such partners might be:
- The business’s accountants or bookkeepers
- The business’s insurance agents, benefit providers, or retirement advisors
Primepoint shares Personal Information with such Related Providers when they manage products or provide services affecting you, and only after receiving written authorization from our business client.
Security of Personal Information
The safety and integrity of your Personal Information is of utmost importance to Primepoint. Consequently, Primepoint has established an informational security program designed to utilize best-practices to help protect your Personal Information. This program incorporates physical, technical and educational safeguards.
Primepoint has established and tested controls (documented in our SOC I Type II audit report) restricting access to Primepoint’s facility, systems and Personal Information to properly authorized individuals. Such individuals include Primepoint employees, authorized insurance and accounting auditors and authorized business partners.
Primepoint utilizes industry-standard tools and technologies to prevent unauthorized access into our systems. Client contacts as well as employees using Primepoint’s web portals are assigned unique user IDs. The system is configured to enforce minimum password standards used for the application. These password parameters govern minimum length, expiration, and complexity. The configured settings are as follows.
- A password may contain no fewer than 8 characters.
- A password must contain digits and letters.
- If a user fails to enter a correct password a maximum of 5 times in a row within any 30-minute span of time, the account is disabled for 30 minutes. The operations department of Primepoint must be contacted in order to re-enable the user’s password.
- Other technical safeguards used to help secure Personal Information include the use of malware detection tools, system firewalls, encryption of data transmitted online as well as co-location data backup and storage routines.
- Primepoint, LLC will continually strive through technological advances and policy changes to enhance the privacy and security of each individual’s Personal Information.
Primepoint utilizes a number of outside educational & informational resources to stay up to date on best practices for securing and protecting information. Primepoint is a member of the NJCCIC (State of New Jersey’s Cybersecurity & Communications Integration Cell) which provides weekly threat updates as well as educational threat deterrent and prevention resources.
In addition, Primepoint utilizes other educational resources from both the private and public sector to stay abreast of the latest cyber threats and associated protective measures.
Cookies and Other Technology
We use “cookies” to collect information from you when you visit our Sites. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes.
Children Under 13
California Residents’ Rights
(As provided by California Civil Code Section 1798.83)
A California resident who has provided personal information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were disclosed.
Please note that whenever you opt-in to receive future communications from a third party, your information will be subject to the third-party’s privacy policies and practices. If you later decide that you do not want that third party to use your information, you will need to contact the third party directly, as we have no control over how third parties use information. You should always review the privacy policies and practices of any party that collects your information to determine how that entity will handle your information. California customers may request further information about our compliance with this law by e-mailing firstname.lastname@example.org. Please note that we are only required to respond to one request per client each year, and we are not required to respond to requests made by means other than through this e-mail address.