PayComp

Legal / Privacy

PayComp Privacy Policy

Effective Date: May 29, 2026

Last Updated: May 29, 2026

1. Introduction

PayComp, Inc. ("PayComp", "Company", "we", "our", or "us") provides cloud-based software services and related technologies for payroll, workers' compensation administration, insurance operations, analytics, reporting, and business process management.

This Privacy Policy explains how we collect, use, disclose, retain, and protect information when individuals or organizations use our websites, applications, APIs, portals, dashboards, integrations, and related SaaS services (collectively, the "Services").

This Privacy Policy applies to:

  • Visitors to our websites
  • Customers and prospective customers
  • Employers and administrators
  • Employees and contractors whose information is processed through the Services
  • Authorized users of customer accounts
  • API and integration users

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

2. Scope of Services

This Privacy Policy applies to:

  • Production applications
  • Customer portals
  • Administrative dashboards
  • Mobile and web applications
  • APIs and integrations
  • Demonstration and staging environments
  • Hosted SaaS infrastructure
  • Analytics and reporting systems

Certain Services may be governed by separate agreements, including Master Service Agreements ("MSAs"), Data Processing Agreements ("DPAs"), or Terms of Service.

3. Information We Collect

A. Information You Provide

We may collect information directly provided by users, customers, or authorized representatives, including:

  • Name
  • Business name
  • Email address
  • Telephone number
  • Mailing address
  • Account credentials
  • Payroll information
  • Insurance and underwriting information
  • Employee classification data
  • Compensation information
  • Billing and payment details
  • Customer support communications

B. Information Processed on Behalf of Customers

As a SaaS provider, PayComp may process information submitted by customers in connection with their use of the Services, including:

  • Employee records
  • Payroll and wage data
  • Workers' compensation information
  • Insurance policy information
  • Claims-related information
  • Compliance and reporting data
  • Operational business records

In many cases, PayComp acts as a "Service Provider" or "Processor" under applicable privacy laws when handling customer-submitted data.

C. Automatically Collected Information

We automatically collect certain technical and usage information, including:

  • IP address
  • Browser type and version
  • Device identifiers
  • Operating system
  • Session identifiers
  • Access timestamps
  • Log data
  • Diagnostic data
  • Usage analytics
  • Navigation behavior
  • Referring URLs

D. Cookies and Similar Technologies

We use cookies, local storage, pixels, session technologies, and similar tools to:

  • Authenticate users
  • Maintain sessions
  • Improve functionality
  • Analyze performance
  • Understand usage patterns
  • Detect fraud and abuse
  • Support security operations

Users may manage cookie preferences through browser settings; however, disabling cookies may affect Service functionality.

4. How We Use Information

We use information for legitimate business and operational purposes, including to:

  • Provide and maintain the Services
  • Authenticate and authorize users
  • Manage customer accounts
  • Process payroll and insurance workflows
  • Facilitate underwriting and compliance operations
  • Respond to support requests
  • Improve platform performance and usability
  • Monitor system health and security
  • Prevent fraud, abuse, and unauthorized access
  • Develop new features and services
  • Comply with legal obligations
  • Enforce contractual agreements

We do not sell personal information for monetary compensation.

5. Legal Bases and US Privacy Compliance

Depending on applicable law, we process information based on:

  • Contractual necessity
  • Legitimate business interests
  • Compliance with legal obligations
  • User consent where required
  • Fraud prevention and security purposes

PayComp is designed to support compliance with applicable US privacy frameworks, including:

  • California Consumer Privacy Act (CCPA)
  • California Privacy Rights Act (CPRA)
  • Virginia Consumer Data Protection Act (VCDPA)
  • Colorado Privacy Act (CPA)
  • Connecticut Data Privacy Act (CTDPA)
  • Other applicable US state privacy laws

6. How We Share Information

A. Service Providers and Subprocessors

We may share information with trusted vendors and subprocessors that support our operations, including providers of:

  • Cloud infrastructure
  • Data hosting
  • Authentication services
  • Customer support systems
  • Analytics platforms
  • Monitoring and logging systems
  • Payment processing
  • Email delivery services
  • Security services

These providers are contractually obligated to protect information and use it only for authorized purposes.

B. Customer-Directed Sharing

Customers may authorize integrations or disclosures to:

  • Insurance carriers
  • Payroll providers
  • Accounting systems
  • Government reporting systems
  • Third-party business applications
  • APIs and integration partners

C. Legal and Regulatory Disclosures

We may disclose information:

  • To comply with applicable law
  • In response to subpoenas or legal requests
  • To protect rights, safety, and security
  • To investigate fraud or abuse
  • In connection with litigation or regulatory matters

D. Business Transfers

Information may be transferred as part of:

  • Mergers
  • Acquisitions
  • Financing transactions
  • Asset sales
  • Corporate reorganizations

7. California Privacy Rights

If you are a California resident, you may have rights under the CCPA/CPRA, including the right to:

  • Know what personal information we collect
  • Request deletion of personal information
  • Correct inaccurate personal information
  • Access categories and sources of collected information
  • Understand the purposes of processing
  • Limit certain uses of sensitive personal information
  • Opt out of "sale" or "sharing" where applicable
  • Receive equal service without discrimination

To exercise privacy rights, users may contact us using the information provided below.

We may verify identity before processing requests.

8. Data Retention

We retain information only for as long as reasonably necessary to:

  • Provide the Services
  • Fulfill contractual obligations
  • Comply with legal requirements
  • Maintain audit records
  • Resolve disputes
  • Enforce agreements
  • Preserve security and operational integrity

Retention periods vary depending on:

  • Customer configurations
  • Legal requirements
  • Insurance and payroll regulations
  • Operational and backup policies

9. Security

We implement commercially reasonable administrative, technical, and organizational safeguards designed to protect information, including:

  • Encryption in transit
  • Access controls
  • Authentication systems
  • Role-based authorization
  • Logging and monitoring
  • Vulnerability management
  • Backup and recovery procedures
  • Infrastructure security controls

However, no security system is completely secure, and we cannot guarantee absolute security.

10. Staging, Testing, and Development Environments

Certain PayComp Services may include development, testing, preview, or staging environments.

Users should avoid submitting sensitive production data into non-production environments unless expressly authorized.

Data stored in staging or testing environments may:

  • Be periodically deleted
  • Be anonymized
  • Be reset without notice
  • Have reduced retention periods

11. Third-Party Services

The Services may contain integrations or links to third-party platforms or providers.

PayComp is not responsible for the privacy, security, or content practices of third-party services not operated by PayComp.

Users should review applicable third-party privacy policies separately.

12. Children's Privacy

The Services are intended for business and professional use and are not directed to children under 18 years of age.

We do not knowingly collect personal information from children.

13. International Data Transfers

Although PayComp primarily operates in the United States, information may be processed or stored in other jurisdictions where our providers or infrastructure operate.

Where applicable, we implement reasonable safeguards for international data transfers.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

Updated versions will be posted with a revised "Last Updated" date. Continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Information

For questions, requests, or privacy-related concerns, contact:

Privacy Office

PayComp, Inc.

Email: privacy@paycomp.com

If applicable law requires additional privacy disclosures or designated methods for submitting requests, those methods may be provided separately.