Privacy Policy
Your privacy is extremely important to us at the Employer Services Assurance Corporation (ESAC), and we’re committed to protecting and maintaining the confidentiality and security of the information you provide to us. This privacy policy applies to ESAC.org, AccessESAC.org, ESACorp.org, and other domains/sub-domains owned and operated by ESAC.
As part of its privacy policy, ESAC will notify users of:
- What personally identifiable information ESAC collects;
- What personally identifiable information third parties collect through the website;
- How ESAC uses and shares the information;
- What choices are available to users regarding collection, use and distribution of the information;
- What measures ESAC takes to protect the information under its control; and
- How users can correct any inaccuracies in the information.
If you have questions or concerns regarding this statement, please contact ESAC at info@ESAC.org.
This privacy policy describes the information we collect about you and what may happen to that information. Please review this privacy policy posted on the ESAC site periodically, as it may be amended without notice for minor changes not affecting personally identifiable information. We post our most current privacy policy on the ESAC site and changes will be effective upon such posting. By using the ESAC site, you consent to the use of your information as expressed in this privacy policy.
Notwithstanding the above provisions, ESAC agrees to not resell, trade or rent any of your personally identifiable information to any third party. Your personal information may be shared with third parties only in the ways that are described in this privacy policy.
YOUR INFORMATION AND HOW IT IS USED
Visiting the ESAC Site:
The ESAC site collects two kinds of information: (i) information that identifies you or your company (collectively, “Personally Identifiable Information”); and (ii) information that does not identify any person or company such as browser type, operating system type, access time and page views (collectively, “Non-Personally Identifiable Information”). As a general policy, only Non-Personally Identifiable Information is automatically collected from your visit to the ESAC site.
Information Collected During the Application and Accreditation Process:
If you apply for accreditation, you will be asked to provide us with certain specific information about yourself and/or your company including (i) contact information such as your name, phone/fax number, mailing/e-mail address, and primary contact person (collectively, “Contact Information”); and (ii) information about your company’s policies, procedures, operations and staff as they pertain to the financial, ethical and operational standards required for accreditation (collectively, “Business Information”). During initial accreditation processes, we will only share your Contact Information and Business Information with the ESAC staff and service providers involved in verifying your company’s compliance with the accreditation requirements. None of these individuals will be employed by or own a financial interest in any other company in the same or similar business as your company, and all of these individuals will have executed a non-disclosure confidentiality agreement with respect to information provided to them by ESAC. Your Contact and Business Information will only be shared with Independent Directors on the ESAC Board of Directors as a part of the accreditation process. These Directors have executed a non-disclosure confidentiality agreement similar to the agreement executed by ESAC staff. If the ESAC Independent Directors approve your company for accreditation, ESAC will make a press release and update the ESAC site identifying by company name, address, phone number and website address that your company is now accredited, but no other Contact Information or Business Information will be released to the public without your express written permission. ESAC will also make available your company’s Contact Information and Business Information to any state and federal regulator to whom you have authorized access to such information on the ESAC site as part of your request to take advantage of ESAC’s alternative registration/licensing compliance program as approved by that state or federal agency. It will be your responsibility to notify ESAC of your desire to cancel any such access to this confidential information. We will maintain your Contact and Business Information in our secure and protected information databases as long as you maintain accreditation.
If you wish to take advantage of a voluntary and free subscription to the ESAC Edge, ESAC’s e-newsletter, your e-mail address will only be used to send newsletter issues to you. If you wish to opt-out of receiving the ESAC Edge, please follow the unsubscribe link in the footer of each newsletter or e-mail info@ESAC.org.
We do not resell, trade or rent any of your personally identifiable information to anyone.
Non-Personally Identifiable Information:
We may aggregate Non-Personally Identifiable Information to create statistical data, which will be used to help analyze site traffic and improve our services. We may also use such aggregated information to describe ESAC’s website services to potential partners or other third parties. At no point, however, will the aggregated information identify you, your business or your clients.
LEGAL REQUIREMENTS
We reserve the right to disclose any Personally Identifiable Information or Non-Personally Identifiable Information if required to do so by law or if we believe that such action is necessary in order to (i) conform with the requirements of the law or to comply with legal process served on ESAC; (ii) to protect or defend the legal rights or property of ESAC, the ESAC site, or its users; or (iii) in an emergency to protect the health and safety of ESAC’s website users or the general public.
Children’s Privacy:
In accordance with the Children’s Online Privacy Protection Act (COPPA), we never collect or maintain information on our website from those we actually know are under the age of 13, and no part of our website is structured to attract anyone under 13.
California Disclosures:
California Information-Sharing Disclosure: California residents may request a list of all third parties with respect to which we have disclosed any information about you for direct marketing purposes and the categories of information disclosed. If you are a California resident and want such a list, please send us a written request by email to Legal@ESAC.org with “California Privacy Rights” in the subject line.
California Do Not Track Disclosure: Depending on the browser you are using, you may be able to choose to block third party cookies or browse in a private browsing mode. The public ESAC website can be accessed when private browsing is turned on, but your ability to use some features or areas of our site may be limited. The information we collect is governed by this Privacy Policy.
TRACKING TECHNOLOGIES
Technologies such as cookies, beacons, tags and scripts are used by ESAC and our analytics and programming service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements within the site and gathering demographic information about our user base. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We use cookies to remember user settings. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited, including the application section of the ESAC site which will not function properly if you refuse to accept a cookie or choose to disable your cookies setting. The only information that will be stored in permanent cookies created by the ESAC site is the Applicant ID information that the ESAC site assigns to you.
LOG FILES
As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We do not link this data to personally identifiable information.
LINKS
The ESAC site may contain links to other sites, including websites of accredited firms and service suppliers that are not maintained by ESAC. We cannot guarantee the security of your Personally Identifiable Information on those sites. Please review their privacy policy before submitting any Personally Identifiable Information to such websites.
SOCIAL MEDIA WIDGETS
Our website includes social media widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our site. Your interactions with these features are governed by the privacy policy of the company providing it.
SECURITY PROCEDURES
We have security measures in place to protect against the loss, misuse and alteration of the information under our control, both online and offline. The ESAC site operates secure data networks protected by industry standard firewall and password protection systems. We use a reputable third-party company for encryption of data being sent via the Internet between the browser and our servers. The servers on which we store your personally identifiable information are kept in a secure environment using industry-standard back-up and security procedures and protections.
All application, accreditation and user information is restricted in our offices. All employees have been verified as having a history of honesty and trustworthiness and have signed a non-disclosure agreement prohibiting the unauthorized disclosure, use or distribution of any client or user-related information. Furthermore, all employees are kept up to date on our security and privacy policies and practices and on the importance of securely and confidentially maintaining and working with all client information.
Access to ESAC’s office is restricted after normal business hours with building entry security cards and entry codes for office access. The building is also equipped with security cameras and a burglar alarm system and has a security guard on the premises after normal business hours and on weekends.
To protect user privacy and security, ESAC reserves the right to take reasonable steps to verify user identity prior to granting access or processing changes or corrections. Any requests for access to personal information will be answered within thirty (30) days. Although we strive to protect our users’ personally identifiable information and privacy, please be advised that we cannot guarantee that the security precautions we take will prevent third parties from illegally obtaining your information. However, our procedures provide you with authentication, confidentiality, and data integrity that meets established industry standards.
Be advised that anyone providing a testimonial will have their name, title and possibly the name of their company displayed for public viewing. If you wish to update or delete your testimonial, contact us at info@ESAC.org.
TRANSFER OF SERVICES
If another entity acquires one of our services that contains your Contact, Business Information, Non-Personally Identifiable Information and any other information about your business that we have stored and such information is transferred to such entity as one of the transferred assets, ESAC agrees that any such transfer will continue to be subject to this or an equivalent privacy policy to be legally binding on the acquiring party and its assigns.
CONDITIONS OF USE, CONCERNS
By choosing to visit the ESAC site and interact with ESAC, users agree that their visit and any dispute regarding the protection of their privacy during such visit is subject to this privacy policy including, but not limited to, the provisions regarding limitations on damages and the application of the law of the state of Arkansas.
NOTIFICATION OF CHANGES
If we change our privacy policy, we will post those changes to this privacy policy on the ESAC site and other places we deem appropriate so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We will use information in accordance with the privacy policy under which the information was collected. If, however, we are going to use users’ personally identifiable information in a manner different from that stated at the time of collection, we will notify users via e-mail prior to the change becoming effective. Users will have a choice as to whether or not we use their information in this different manner. However, if users have opted out of all communication with the site, or deleted/deactivated their account, they will not be contacted nor will their personally identifiable information be used in this new manner.
DATA RETENTION
We will retain your information for as long as needed to provide you services. If you wish to terminate your accreditation or request that we no longer use your information to provide you services, contact us at info@ESAC.org. We will retain your information in accordance with our Data Retention Policy and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
CHANGES TO INFORMATION AND QUESTIONS
Each participating user can access and update their personally identifiable information online. Each participating firm also has one or more designated account administrators who can add or delete users and access and update the information of the participating firm and that of all of its users.
If you wish to (i) modify any of the information you have provided to us, (ii) terminate your accreditation process or accreditation status, or (iii) ask us questions about this privacy policy, please contact us by e-mail at info@ESAC.org, by phone at 501.219.2045, or by mail or delivery service at One Financial Centre, 650 S. Shackleford Road, Suite 327, Little Rock, AR 72211-3503.