Gusto

Privacy Policy

Payroll and Compliance Privacy Policy

Last Updated November 10, 2016

This Privacy Policy explains how information is collected, used and disclosed by us, ZenPayroll, Inc., a Delaware corporation doing business as Gusto (“Gusto”), with respect to your access and use of our online payroll service (the “Service”), which is provided through Gusto’s website and/or mobile application operated by Gusto (the “Site”).

Collection of Information and How It's Used

Personally Identifiable Information. You are not required to provide any personal information in order to have general access to the Site. In order to access and use the Service, you are required to provide certain personal information to create an account. We collect personal information about you from the following sources:

  • When you create an account to utilize the Service, we will obtain from you the information we need to create your account and complete your transactions, such as your name, address, telephone number, and email address and/or information regarding your particular business and/or employees for whom you wish to utilize the Service.
  • If you provide us with comments or suggestions, request information about our products and services, or contact our customer service department via phone, email, or other forms of communication.
  • When you submit an application for our Service or register to use our Service.
  • We may collect additional information if you choose to use or participate in one of our various research and development programs.
  • We obtain information concerning the services you utilize and from your transactions and other interactions with us, our affiliates, and others, including our marketing partners and third party service providers.
  • When you use certain features of the Site where you voluntarily submit personal information, for example, in connection with requesting a price quote or registering to receive email updates or a newsletter.
  • We may also collect information we receive from consumer and business reporting agencies.

We use personal information to improve the quality of the services that we offer. We may use the information, including business information, that you have provided us and cross-reference it with other information we receive from our partners in order to provide you an enhanced and more personalized experience at the Site and our Service. We use personal information that we obtain from your use of the Site and our Service to respond to your comments or inquiries, to resolve disputes, to contact you when necessary in connection with the operation of the Site, or for matters involving any product or service transactions, to address problems on the Site or our Service and to enforce our agreements with you.

Non-Personally Identifiable Information. We automatically collect certain information when you visit our Site, such as Internet Protocol (IP) address (if using a browser), operating system, the browser type, the address of a referring site, and any device identifier (if using a mobile device). We use this information to monitor and analyze use of the Site and our Service, for technical administration of the Site, to increase the functionality and user-friendliness of our Site and our Service, and to better tailor it to our visitors’ needs.

We also partner with third parties to manage our advertising on other sites and determine our website performance. Such partners may use “cookies” or web beacons to collect information about your activities on our website and other sites so that we can provide advertising that may be of interest to you or to help us evaluate the efficacy of our marketing programs or website. To prevent our partners from using your information for interest-based advertising, you can visit http://preferences-mgr.truste.com to opt out of certain advertising networks.

We may use both session cookies and persistent cookies to better understand how you interact with our Site, to monitor aggregate usage by our users and web traffic routing on our Site, and to improve our Site. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not allow cookies, however, you may not be able to use some or all portions or functionality of the Service.

Sharing and Disclosure of Your Information

In connection with performing the Service, we are required to disclose certain information to governmental taxing authorities in order to ensure that credit is made for tax withholding deposits. We also use your information (and the information you provide to us) to perform and provide you with the Service and to communicate with you. We will not share personal information about you with other people or nonaffiliated companies, unless we have your permission, or under the following circumstances:

  • We may share any of the information we gather about you with third party agents and service providers to facilitate the operation of the Site and Service, to provide the Site and our Service or functions on our behalf and to perform related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Service’s features, or to process credit card payments), or to assist us in analyzing how our Site and Service is used. These third parties may have access to personal information needed to perform their functions, but may not use it for other purposes.
  • We will cooperate with government and law enforcement officials and private parties to enforce and comply with the law and will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our property and rights or those of a third party, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical or legally actionable.
  • We may share aggregated information that does not include personal information and we may otherwise disclose such information with third parties for industry analysis, demographic and analytical profiling and other purposes. Any aggregated information shared in these contexts will not contain your personal information.
  • We may sell, transfer or otherwise share some or all of our assets, which could include your personal information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Changing or Deleting Your Information

You may review, update, correct or delete your personal information through your account or by contacting us. If you completely delete all such information, then your account will become deactivated and you will not be able to access our Service through your account. If you would like us to delete your record in our system, please contact us with a request that we delete your personal information from our database. We will use commercially reasonable efforts to honor your request, however, we may retain an archived copy of your records as required by law or for other legitimate business purposes.

Security

We employ administrative, physical and electronic measures designed to protect your information from unauthorized access, however, despite those efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.

Links to Other Sites

The Service may contain links to other sites. Any information you provide on those sites is provided directly to the owner of that site and is subject to that party's privacy policy. This Privacy Policy does not apply to such sites, and we are not responsible for the content or privacy and security practices and policies of those sites.

Removal of Information from Children

The Service is not directed to children under 13 and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information of a child under 13, we will take steps to delete such information from our files as soon as possible.

Changes

Any information that is collected is subject to the Privacy Policy in effect at the time such information is collected. We may, however, modify and revise our Privacy Policy from time-to-time. If we make any material changes to this policy, we will notify you of such changes by posting them on our site, through the Service or by sending you an email or other notification, and we will indicate when such changes will become effective. By continuing to access or use our Service after those changes become effective, you are agreeing to be bound by the revised policy.

Questions?

Please contact us at support@gusto.com if you have any questions about our privacy policy.

Benefits Policy

Last Updated September 17, 2015

This Privacy Policy explains how information is collected, used and disclosed by us, ZP Insurance LLC, a Delaware limited liability company doing business as With Gusto Insurance Services, LLC (“Gusto Insurance”), with respect to your access and use of our online benefits procurement and management service (the "Service"), which is provided through the Gusto Insurance website and the website of our affiliate, ZenPayroll, Inc., Delaware corporation doing business as Gusto (“Gusto” and the websites, the "Site").

Privacy Policy

This Privacy Policy provides information regarding the privacy practices and policies of Gusto Insurance. These practices and policies have been adopted to ensure that the information that we obtain and maintain for our clients and customers, which may also include information about the employees, dependents, former employees and dependents, and other eligible participants on a group health plan for which we are providing services (“Protected Parties”), is protected in accordance with relevant state and federal rules. The Privacy Policy outlines our practices, policies, and legal duties to maintain and protect against prohibited disclosure of personally-identifiable financial information (as required by the federal Gramm-Leach-Bliley Financial Modernization Act (“GLB Act”), and the various state laws implementing those requirements), Protected Health Information of those Protected Parties (under the privacy regulations mandated by the Health Insurance Portability and Accountability Act and further expanded by the Health Information Technology for Economic and Clinical Health Act provisions in Title XIII of the American Recovery and Reinvestment Act (“HITECH”) and the regulations related to these laws and mandates), and the protection of personally- identifiable information under 45 CFR § 155.260 (collectively referred herein as “Privacy Rules”).

THIS POLICY DESCRIBES HOW MEDICAL INFORMATION ABOUT A PROTECTED PARTY MAY BE COLLECTED, USED AND DISCLOSED. PLEASE REVIEW IT CAREFULLY. THE PROTECTION OF THE PRIVACY OF THE INFORMATION GUSTO INSURANCE MAINTAINS IS IMPORTANT TO US.

  1. Statement of Gusto Insurance’s Duties.

    Gusto Insurance is required by law to maintain the privacy of non-public personal information (“NPPI”), protected health information (“PHI”), and personally-identifiable information (“PII”) (collectively referred herein as “Protected Information”) of the Protected Parties and to provide Gusto Insurance’s clients with this Privacy Policy. Gusto Insurance reserves the right to change the terms of this Privacy Policy and to adopt any new provisions regarding the Protected Information that it maintains about the Protected Parties. Any information that is collected via our Service is covered by the Privacy Policy in effect at the time such information is collected. If Gusto Insurance revises this Privacy Policy, it will notify you of those changes by posting them on the Service or by sending you an email or other notification, and we’ll update the “Last Updated Date” above to indicate when those changes will become effective.

  2. Statement of the Client’s Rights under Privacy Rules.

    As a Gusto Insurance client or customer, you have a right to know how Gusto Insurance may use or disclose the Protected Information it maintains on those Protected Parties with whom there is a direct relationship. A direct relationship shall be one in which the Protected Party has interacted directly with the Site. In the event that a Gusto Insurance customer or client is an employer sponsoring a group health plan, Gusto Insurance does not have a direct duty to their employees, dependents, former employees or dependents or other eligible participants on the group health plan unless those individuals personally utilize the Site, thereby establishing a direct relationship. Gusto Insurance’s obligations to not disclose the Protected Information it maintains about those individuals may arise due to our contractual obligations as a Business Associate of both the client or customer, as well as to any other third party who is a Covered Entity under the Privacy Rules, but does not create a special legal duty to provide notice to those individuals of their rights through a Notice of Privacy Practices.

    Primary Uses and Disclosures of Protected Information. Gusto Insurance uses and discloses Protected Information about Protected Parties to carry out payment, health care, and other benefits related operations in connection with providing the Service. Privacy Rules do not generally “preempt” (or take precedence over) state privacy or other applicable laws that provide individuals greater privacy protections. As a result, to the extent state law applies, the privacy laws of a particular state, or other federal laws, rather than the Privacy Rules, might impose a privacy standard under which Gusto Insurance will be required to operate. For example, where such laws have been enacted, Gusto Insurance will follow more stringent state privacy laws that relate to uses and disclosures of the Protected Information concerning HIV or AIDS, mental health, substance abuse / chemical dependency, genetic testing, reproductive rights.

    Gusto Insurance also may use or disclose Protected Information in the following situations:

    For Your Access. Gusto Insurance might use and transfer your Protected Information to Gusto’s website in order for you to gain access to information regarding your enrollment and billing information related to your selected benefit(s) plans (such as your selected group health plan) via the Gusto website. Gusto Insurance might also use and transfer aggregated, summary benefit(s) plan data to clients and customers – this summary data will not include any individually-identifiable information.

    Payment: Gusto Insurance might use and disclose your Protected Information for all activities that are included within the definition of “payment” within the Privacy Rules. For example, Gusto Insurance might use and disclose a Protected Party’s Protected Information to assist with the payment of services by doctors, hospitals, pharmacies and others for services that are covered by a group health plan. Gusto Insurance might also use your information to determine your eligibility for benefits, to coordinate benefits, to examine medical necessity, to obtain premiums, and to issue explanations of benefits to the person who subscribes to the health plan in which you participate.

    Health Care Operations: Gusto Insurance might use and disclose a Protected Party’s Protected Information for all activities that are included within the definition of “health care operations” within the Privacy Rules. For example, Gusto Insurance might use and disclose the Protected Information of a Protected Party to an insurer to determine the premiums for your health plan, to conduct quality assessment and improvement activities, to engage in care coordination or case management, and to manage its business.

    Business Associate Subcontractors: In connection with its payment, health care, and other benefits related operations activities, Gusto Insurance contracts with individuals and entities (called “subcontractors”) to perform various functions on its behalf or to provide certain types of services. To perform these functions or to provide the services, Gusto Insurance’s subcontractors will receive, have access to, create, maintain, use, or disclose Protected Information, but only after Gusto Insurance requires the subcontractor to agree in writing to contract terms designed to appropriately safeguard your information.

    Other Covered Entities: In addition, Gusto Insurance might use or disclose your Protected Information to assist health care and other benefits providers in connection with their treatment or payment activities, or to assist other covered entities in connection with certain of their health care and other benefits related operations. For example, Gusto Insurance might disclose a Protected Party’s Protected Information to a health care provider when needed by the provider to render treatment to that party, and Gusto Insurance might disclose Protected Information to another covered entity or subcontractor to conduct health care operations related to billing, claims payment or enrollment. For all other uses and disclosures, Gusto Insurance first must obtain your permission.

  3. Information Gusto Insurance Collects About You.

    You are not required to provide any Protected Information in order to have general access to the Site. In order to access and use the Service, you are required to provide certain Protected Information to create an account. Gusto Insurance collects the following categories of information for group and/or individual policies from the following sources:

    A. Information that Gusto Insurance obtains directly from you, in conversations or on applications or other forms that you or a Protected Party completes.

    B. Information regarding current or prospective benefit plan participants Gusto Insurance obtains about them on applications or other forms.

    C. Information about the benefit plan’s transactions with Gusto Insurance’s affiliates, others or itself.

    D. Information that Gusto Insurance obtains as a result of its transactions with you.

    E. Additional information that Gusto Insurance obtains as a result of your choice to participate in one of Gusto Insurance’s various research and development programs.

    F. Information concerning the services you utilize and from your transactions and other interactions with Gusto Insurance, its affiliates, and others, including Gusto Insurance’s marketing partners and third party service providers.

    G. Information that Gusto Insurance obtains when you use certain features of the Site where you voluntarily submit Protected Information, for example, in connection with requesting a price quote or registering to receive email updates or a newsletter.

    H. Information Gusto Insurance receives from consumer and business reporting agencies.

    At times, Gusto Insurance may use some types of Protected Information, when not restricted by law, to improve the quality of the services that Gusto Insurance offers. Gusto Insurance may use the information, including business information, that you have provided and cross-reference it with other information Gusto Insurance receives from our partners in order to provide you an enhanced and more personalized experience at the Site and our Service. Gusto Insurance uses Protected Information that it obtains from your use of the Site and its Service to respond to your comments or inquiries, to resolve disputes, and to contact you when necessary in connection with the operation of the Site, or for matters involving any product or service transactions, to address problems on the Site or Gusto Insurance’s Service and to enforce Gusto Insurance’s agreements with you.

    We may sell, transfer, or otherwise share some or all of our assets, where permitted by law, which could include your Protected Information, in connection with a merger, acquisition, reorganization, or sale of assets or in the event of bankruptcy.

  4. Non-Personally Identifiable Information.

    Gusto Insurance automatically collects certain information when you visit the Site, such as Internet Protocol (IP) address (if using a browser), operating system, the browser type, the address of a referring site, and any device identifier (if using a mobile device). Gusto Insurance uses this information to monitor and analyze use of the Site and its Service, for technical administration of the Site, to increase the functionality and user-friendliness of the Site and Gusto Insurance’s service, and to better tailor it to Gusto Insurance’s visitors’ needs.

    Gusto Insurance partners with third parties to manage its advertising on other sites and determine its website performance. Such partners may also use “cookies” or web beacons to collect information about your activities on its Site and other sites so that Gusto Insurance can provide advertising that may be of interest to you or to help it evaluate the efficacy of its marketing programs or website. To prevent Gusto Insurance's partners from using your information for interest-based advertising, you can visit http://preferences-mgr.truste.com to opt out of certain advertising networks.

    Gusto Insurance may use both session cookies and persistent cookies to better understand how you interact with the Site, to monitor aggregate usage by users and web traffic routing on the Site, and to improve the Site. Most internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not allow cookies, however, you may not be able to use some or all portions or functionality of the Service.

    Gusto Insurance may share aggregated information that does not include Protected Information and Gusto Insurance may otherwise disclose such information with third parties for industry analysis, demographic and analytical profiling and other purposes. Any aggregated information shared in these contexts will not contain your Protected Information.

  5. Permissible Uses and Disclosures of Protected Information.

    Gusto Insurance discloses the information it receives regarding current or prospective plan participants only in accordance with the terms and conditions of the various Business Associate contracts Gusto Insurance has entered into with Covered Entities and Business Associates under Privacy Rules and as permitted under state and federal laws concerning the privacy of your insurance and financial information. Those include:

    Situations Permitted or Required by Law.

    Gusto Insurance may use or disclose your Protected Information without your written permission for other purposes permitted or required by law, including, but not limited to the following:

    A. As authorized by and to the extent necessary to comply with workers’ compensation or other no-fault laws and governmental taxing authorities in order to ensure that credit is made for tax withholding deposits;

    B. To an oversight or insurance regulatory agency for activities including audits or civil, criminal or administrative actions;

    C. To a public health authority for purposes of public health activities (such as to the Federal Food and Drug Administration to report consumer product defects);

    D. To a law enforcement official for law enforcement purposes or in response to a court order or in the course of any judicial or administrative proceeding;

    E. To organ procurement organizations or other entities for approved research; or

    F. To a governmental authority, including a social service or protective services agency, authorized to receive reports of abuse, neglect or domestic violence.

    For Any Purposes to Which You Have Not Objected.

    In certain limited circumstances, Gusto Insurance may use or disclose your Protected Information after Gusto Insurance has given you an opportunity to object and you have not objected. For example, if you do not object, Gusto Insurance may use, where appropriate and in accordance with proper usage of Protected Information, limited information about you to maintain an office directory for internal purposes, to notify family members or any other person identified by you regarding issues directly related to such person’s involvement with your care or payment for that care, or in emergency circumstances.

    For Purposes for Which Gusto Insurance Has Obtained your Written Permission

    All other uses or disclosures of your Protected Information will be made only with your written permission, and you may revoke any permission that you give us at any time.

  6. Gusto Insurance’s Practices Regarding Confidentiality and Security.

    Gusto Insurance restricts access to Protected Information about you to those employees and its subcontractors who need to know that information in order to provide products and services to you. Gusto Insurance maintains physical, electronic and procedural safeguards that comply with state & federal regulations to guard your Protected Information. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.

  7. Gusto Insurance’s Policy Regarding Dispute Resolution.

    Any controversy or claim arising out of or relating to Gusto Insurance’s privacy policy, or the breach thereof, shall be settled by arbitration in accordance with the rules of the American Arbitration Association, and judgment upon the award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof.

  8. Modifying Your Information.

    You can access and modify the Protected Information associated with your account by contacting us at support@gusto.com. If you want us to delete your Protected Information and your account, please contact us with your request. We’ll take steps to delete your information as soon we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.

  9. Opt-Out.

    We may periodically send you free newsletters and e-mails that directly promote the Service. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (either through your Account or by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain communications regarding the Service and you will not be able to opt out of those communications – e.g., communications regarding updates to our terms of service or this Privacy Policy or information about billing.

  10. Responding to Do Not Track Signals.

    Our Site does not have the capability to respond to “Do Not Track” signals received from various web browsers.

  11. Links to Other Sites.

    Our Service may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-party Services that you access.

  12. Contact Person for Questions.

    If you have any questions about Gusto Insurance’s Privacy Policy you may reach the Privacy Officer at:

    Title: Privacy Officer

    Address: 500 3rd St #405, San Francisco, CA 94107

    support@gusto.com