🔐 Comprehensive Privacy Policy
🛡️ Privacy Commitment
SMRT Payments LLC is committed to protecting the privacy and security of personal information for all employees, customers, and business partners. This policy explains our data practices in compliance with applicable privacy laws including CCPA, GDPR principles, and industry best practices.
Data Sharing and Communication Policy
We are committed to protecting your privacy and the security of your mobile information. Your mobile information will never be shared with third parties for marketing or promotional purposes under any circumstances. Your data will not be transferred to external organizations.
We use your information solely to provide and manage our SMS communications and related services. We implement strict access controls, encryption, and regular audits to prevent unauthorized access or sharing of your data.
If you have any questions about how your data is used, or if you wish to opt out of receiving messages, please contact us at: [email protected].
To opt out of receiving SMS messages, reply to any message with the word STOP.
1. Information We Collect
Employee Information:
- Identity Data: Name, employee ID, phone number, email address, work location
- Timekeeping Data: Clock-in/out times, work hours, attendance records, schedule information
- Communication Records: SMS logs for time clock system, email correspondence, system notifications
- Payroll Data: Hours worked, pay rates, deductions, tax information (processed by authorized payroll systems)
Customer & Business Information:
- Contact Information: Business name, contact person, phone numbers, email addresses, physical addresses
- Transaction Data: Payment processing records, invoice history, service agreements
- Communication Logs: Customer service interactions, technical support requests, business correspondence
- Usage Analytics: Website visit data, system usage patterns, performance metrics (anonymized)
2. How We Use Your Information
| Purpose |
Legal Basis |
Data Types Used |
| Employee Timekeeping |
Legitimate Business Interest |
Identity, timekeeping, SMS logs |
| Payroll Processing |
Contractual Obligation |
Timekeeping, payroll, tax data |
| Customer Service |
Contractual Performance |
Contact info, transaction history |
| System Security |
Legitimate Interest |
Usage logs, access records |
| Legal Compliance |
Legal Obligation |
All relevant records as required |
3. Data Sharing & Third Parties
SMRT Payments does not sell, rent, or trade personal information. We share data only in these limited circumstances:
Authorized Service Providers:
- Payroll Services: Authorized payroll processors for employee compensation
- SMS Provider: Twilio Inc. for time clock messaging (under data processing agreement)
- IT Support: Authorized technical vendors for system maintenance and security
- Legal/Accounting: Professional service providers under confidentiality agreements
Required Disclosures:
- Legal compliance (court orders, subpoenas, regulatory requirements)
- Protection of rights and safety (fraud prevention, security threats)
- Business transfers (mergers, acquisitions, with appropriate safeguards)
🔒 Third-Party Security Requirements
All third-party vendors processing SMRT Payments data must maintain appropriate security measures, sign data processing agreements, and undergo periodic security assessments. We conduct due diligence to ensure vendor compliance with privacy and security standards.
4. Data Security Measures
We implement comprehensive security controls to protect personal information:
Technical Safeguards:
- Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Database Security: PostgreSQL with SCRAM-SHA-256 authentication and access controls
- Network Protection: Firewalls, VPN access, intrusion detection systems
- System Monitoring: Continuous monitoring for security events and anomalies
Administrative Controls:
- Access Management: Role-based permissions with principle of least privilege
- Employee Training: Regular privacy and security awareness programs
- Incident Response: Established procedures for security incidents and data breaches
- Regular Audits: Periodic security assessments and compliance reviews
5. Your Privacy Rights
For All Individuals:
- Access: Request information about data we collect and use
- Correction: Update or correct inaccurate personal information
- Deletion: Request deletion of personal data (subject to legal requirements)
- Opt-Out: Discontinue non-essential communications and services
California Residents (CCPA Rights):
- Right to Know: Detailed information about data collection and use
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Stop sale of personal information (we do not sell data)
- Right to Non-Discrimination: Equal service regardless of privacy choices
- Right to Portability: Receive data in machine-readable format
🎯 How to Exercise Your Rights
Privacy Request Portal: [email protected]
Phone: 888.810.SMRT (7678) (ask for Privacy Officer)
Response Time: We respond to privacy requests within 30 days
Verification: Identity verification required for security purposes
6. Data Retention
We retain personal information only as long as necessary for legitimate business purposes:
- Employee Records: 7 years after employment termination (legal requirement)
- Timekeeping Data: 4 years per Department of Labor requirements
- Customer Data: Duration of business relationship plus 7 years
- SMS Logs: 2 years for compliance and technical support
- Security Logs: 1 year for incident investigation
7. International Data Transfers
SMRT Payments operates primarily within the United States. Any international data transfers are protected by:
- Standard Contractual Clauses approved by relevant authorities
- Adequacy decisions for jurisdictions with equivalent protection
- Additional safeguards as required by applicable law
8. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we discover such collection, we will delete the information immediately and notify parents/guardians as required by law.
9. Cookies & Website Analytics
Our websites use cookies and similar technologies for:
- Essential Functions: Site navigation, security, user authentication
- Performance Monitoring: Load times, error tracking, system optimization
- User Preferences: Language settings, display preferences (with consent)
You can control cookie settings through your browser preferences. Disabling essential cookies may affect site functionality.
10. Changes to This Policy
We may update this privacy policy to reflect changes in our practices or legal requirements. Significant changes will be communicated through:
- Email notification to employees and active customers
- Prominent notice on our websites
- Direct notification for material changes affecting rights
📧 Contact Information
Privacy Officer: [email protected]
General Inquiries: [email protected]
Phone: 888.810.SMRT (7678)
Mailing Address:
SMRT Payments LLC
Privacy Officer
[Business Address]
[City, State ZIP]
11. Regulatory Compliance
This privacy policy is designed to comply with:
- California Consumer Privacy Act (CCPA)
- General Data Protection Regulation (GDPR) principles
- Telephone Consumer Protection Act (TCPA)
- Federal Trade Commission (FTC) guidelines
- State privacy laws and sector-specific regulations
Effective Date: January 1, 2025
Last Updated: January 20, 2025
Version: 2.1
← Back to Legal Center