PRIVACY POLICY
Effective January 2020
Information Collection Purpose
Information Collection Methods and Sources
PayIt Human Resources Information Collection Types, Methods, and Sources
CONSUMER RIGHTS AND COMPLIANCE
California Consumer Privacy Act (CCPA)
European Union General Data Protection Regulation (EU GDPR)
Individually Identifiable Health Information Notice and Patient Rights
PayIt provides an award-winning platform that enables governments to simplify interactions with their constituents. Our solutions revolve around multiple platforms, such as taxes, utilities, professional licensing, and motor vehicles, and function as mobile, in-person, and web-based applications. In order to facilitate these interactions, PayIt collects personal information from a combination of its government clients and from constituents themselves. Please read the following carefully to understand PayIt’s views and practices regarding personal information and how PayIt will treat it.
PayIt’s business is built upon the trust and integrity that our government clients, constituents, and stakeholders place in our company, and therefore the privacy and security of the data that PayIt stores, processes, and transmits on behalf of our government clients and constituents is of paramount concern to the entire company, including our employees and investors. As part of this commitment, PayIt has published a Privacy Policy that outlines:
PayIt is committed to complying with all applicable laws and regulations regarding the collection, storage, processing, transmission, dissemination, and protection of personally information.
This policy applies to all personal information stored, processed, and transmitted by PayIt using Company-owned assets, systems, and applications.
PayIt is contracted by our government clients to be a third-party service provider for their interactions. As part of these interactions, PayIt must collect information from our government clients in order to facilitate the transaction, such as the amount of an outstanding property tax bill and the name under which the property is registered, and constituents in order to complete the transaction, such as a credit card number to pay the property tax bill. The collection and processing of constituents’ personal information is contractually and legally authorized by our government clients.
PayIt stores evidence of each transaction in order to register the interaction with our government clients and provide customer support to both government clients and constituents regarding the interaction.
PayIt may use your personal information to:
By accessing and using PayIt’s Services, you agree that PayIt may use and maintain your personal information as outlined in this document. You give PayIt permission to combine information you enter or upload for the Services with that of other users of the Services and/or other PayIt services.
The type of personal information collected by PayIt depends on the type of service the constituent is pursuing. The following is a comprehensive list of categories of personal information that PayIt may collect:
PayIt receives personal information through the following methods:
When a constituent interacts with PayIt, the information provided during that transaction may be linked to information obtained from our government clients to create a singular record of information on an individual.
All data is stored, processed by, and transmitted to and from assets located within each government client’s country of origin, e.g. if the government client is located in the United States, the data is stored in the United States.
PayIt makes every effort, working in conjunction with our government clients, to ensure the accuracy and completeness of all personal information that it stores, processes, and transmits.
PayIt collects the following data for human resources purposes from its employees:
Prospective employees who apply to work at PayIt are asked to submit the following information for hiring consideration:
All of this information is submitted directly and voluntarily by current and prospective employees, respectively, as a condition of hiring and/or employment. All data is stored, processed, and transmitted in the United States.
PayIt will only disclose data within the scope of this policy to external entities under the following circumstances:
PayIt may disclose the following personal information to the government client(s) through which your specific interaction(s) are facilitated:
PayIt may disclose the following personal information to any third-party service providers with whom we partner in order to deliver PayIt’s Services:
The following information collected from current and prospective employees for the purposes of PayIt’s human resources may be disclosed to third-party service providers with whom we partner to deliver human resources services:
PayIt will not, without your permission, publish or share your personal information to third parties for their marketing purposes. PayIt does not sell personal information to third parties or government clients.
Residents of the state of California have the following rights related to his or her personal information:
Because PayIt routinely refreshes data collected from our government clients, the ability to remove personal information as per the rights listed above may be limited to transactional and account data that you have voluntarily provided PayIt. You will be notified of the personal information categories that we are able to purge from our records in compliance with the CCPA.
You will not be charged for the requests listed above, up to twice per year. Additional requests may incur a processing fee. Requests may be verified in order to ensure their authenticity. The “Contact Information” section outlines where requests may be sent. PayIt will respond within thirty (30) days.
More information on the CCPA can be found at https://www.oag.ca.gov/privacy/ccpa.
The Personal Information Protection and Electronic Documents Act (PIPEDA)
Residents of Canada have the following rights related to his or her personal information:
You will not be charged for the requests listed above, up to twice per year. Additional requests may incur a processing fee. Requests may be verified in order to ensure their authenticity. The “Contact Information” section outlines where requests may be sent. PayIt will respond within thirty (30) days.
More information on the PIPEDA can be found at https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/r_o_p/.
Individuals who reside within a country that is a part of the European Union have the following rights related to his or her personal information:
Because PayIt routinely refreshes data collected from our government clients, the ability to remove personal information as per the rights listed above may be limited to transactional and account data that you have voluntarily provided PayIt. You will be notified of the personal information categories that we are able to purge from our records in compliance with GDPR.
Requests may be verified in order to ensure their authenticity. The “Contact Information” section outlines where requests may be sent. PayIt will respond within thirty (30) days.
More information on GDPR can be found at https://gdpr-info.eu/.
If you believe your privacy rights regarding your Individually Identifiable Health Information have been violated, you can contact PayIt, as outlined in the “Contact Information” section below. Individuals can also contact the United States Department of Health and Human Services at https://www.hhs.gov/.
You have the following rights related to your Individually Identifiable Health Information:
PayIt’s headquarters is located in the United States in Kansas City, Missouri. PayIt has a designated Privacy Officer that handles all inquiries regarding this document and our privacy practices. Requests which fall under the CCPA must also submit inquiries through the Privacy Officer. All requests for further information, questions, complaints, or amendment requests can be addressed to:
PayIt
c/o Privacy Officer
1812 Broadway Blvd.
Kansas City, MO
64118
E-Mail Address – privacy@payitgov.com
Phone Number – 1-800-268-9153
All communications will be evaluated on a case-by-case basis, and will be processed in accordance with all Federal, State, International, Provincial, and Local laws and regulatory requirements. Responses to constituents will be in a readable, structured, portable, and commonly-used format.
PayIt employs a variety of physical and logical security measures and controls, including data encryption, to protect against the loss of confidentiality, availability, or integrity of personal data. Policies and procedures are in place to direct how personal data is to be protected within the organization, the processes by which data protection mechanisms are employed, and to outline disciplinary measures for violations.
Access to personal data is managed according to the principle of least privilege and is restricted to only those employees and contracted third parties with a need to know. Internal and external compliance and regulatory reviews of PayIt’s data collection, storage and processing practices, and security measures are performed on a regular basis.
PayIt retains personal information from an interaction and transactional standpoint for customer service and accounting purposes for a minimum of six years and a maximum of ten years. The minimum amount of time for which PayIt maintains transactional information is dictated by state laws detailing the minimum amount of time financial information must be maintained. Applicable data removal requests, as outlined in this document, will be processed after the minimum amount of time for data retention has passed.
PayIt has a duty to protect the privacy of its government clients and constituents, and undergoes regular reviews to ensure adherence to documented internal policies and procedures, as well as compliance with all applicable laws, regulations, and requirements, as dictated by Federal, State, International, Provincial, Local, and regulatory authorities.
The official version of this policy will be maintained on PayIt’s website, https://payitgov.com/privacy/, and will be provided to anyone upon request.
The Privacy Policy is maintained by PayIt’s Privacy Officer, which is overseen by the Chief Technology Officer. Changes to the Privacy Policy are developed and approved through PayIt’s internal governance documentation review process. The document is reviewed every twelve months.
This document may be updated as needed; however, previous versions of this policy are on-file at PayIt’s Corporate Headquarters and are available upon request. A notice of any changes will be prominently posted on the front page of PayIt’s website, https://payitgov.com/.
The date the Privacy Policy was last modified is at the bottom of this document. You are responsible for ensuring you periodically visit our Sites, Services, and Privacy Policy to check for any changes. By continuing to use PayIt’s Services, you agree to the changes in this Privacy Policy.