Updated: March 2024
This Privacy Policy describes the data protection practices of Fluid Financial Technologies Inc. (“Fluid,” “we,” “us,” or “our”). Fluid’s websites, including but not limited to https://www.fluidonboarding.com/,are available on desktop or mobile web (collectively the “Site”). Except as explicitly provided herein, this Privacy Policy applies to information that we collect and use about you when you access or use the Fluid applications, websites, software, and services, or any part thereof (collectively, the “Service”). Undefined capitalized terms used herein shall have the definitions as set forth in our End User License Agreements.
Please read this Privacy Policy carefully to understand how we handle your information. If you do not agree to this Privacy Policy, please do not use the Service. Fluid reserves the right to modify this Privacy Policy at any time, without notice, for any reason. Upon such a change, you will be bound by the new Privacy Policy unless you discontinue use of any product under Fluid. Your use of the Service constitutes your agreement to follow and be bound by this policy.
By submitting any data or information through our Site or Services, you agree to the terms of this Privacy Policy, and you expressly consent to the collection, use, and disclosure of your data in accordance with this Privacy Policy. Without limiting the foregoing, you agree to the processing of your data in connection with your use of the Service. You understand that biometric data, including facial data, is considered a special category of personal data under data privacy regulations, and has particular sensitivities, and in light of this knowledge expressly consent to Fluid's collection, storage, processing, and use of your biometric facial data for the purposes of providing the Service.
We obtain information about you when you use or otherwise access the Service. Please note that we need certain types of information to provide the Service to you. If you do not provide us with such information, or if you ask us to delete that information, you may no longer be able to access or use certain parts of our Service.
We collect information you provide directly to us. For example, you may provide us with information through your:
This Privacy Policy applies to information collected on the Sites and through the Service. We collect two types of information from visitors to our Sites: (1) Personal information and (2) Non-personal information. “Personal information” is information that identifies you personally and that you provide to us, such as your name, address, telephone number, email address, and sometimes your Internet Protocol (IP) address. We may collect this information when you create a profile on our Sites, visit our Sites, or complete a purchase. “Non-personal information” can be technical in nature and does not identify you personally. Examples of non-personal information may include, but are not limited to, cookies and web beacons.
The types of data we collect directly from you include:
Device/Usage Information. We and our third-party service providers may use cookies, web beacons, and other tracking technologies to collect and store information about your use of the Service. As described further below, we may collect and analyze information including, but not limited to: (1) browser type; (2) ISP; (3) operating system; (4) access time; (5) IP address; (6) unique device identifiers (“Device IDs”) (e.g., IDFA or Android Ad ID); (7) the type of device that you use; (8) the MAC address of your device; (9) information regarding the location (which may include the precise location) of your mobile device or of certain routers through which your device has connected to the Internet; and (10) Access Tokens.
We understand the sensitivity of certain types of personal information, such as health-related data, financial information, racial or ethnic origin, religious beliefs, and other sensitive information. We are committed to treating this information with the utmost care and respect. If our Site collects or processes sensitive personal information, we want to assure you that we take additional measures to ensure its security and confidentiality.
When we refer to sensitive data, we mean information that could potentially lead to specific discrimination or harm if it were to be misused or disclosed. This could include, but is not limited to, information about your health, medical conditions, disabilities, sexual orientation, religious or philosophical beliefs, racial or ethnic origin, political opinions, trade union membership, genetic data, and biometric data.
Our approach to handling sensitive data is guided by the principles of transparency, explicit consent, and purpose limitation. Before collecting or processing sensitive data, we will obtain your explicit consent and clearly explain the purpose for which the data will be used. We want to assure you that we will only use sensitive data for the specific purposes you have consented to, and we will take steps to ensure its confidentiality and security.
We may use the information we collect, alone or in combination, for various business and commercial purposes, including, but not limited to providing the Service as well as the following:
We may combine any information that we collect from you with other information, including information obtained from third parties or derived from any other products or services we provide. For example, we may combine personal information you provide, such as your email address, with information automatically collected about your device. We may use this combined information to, among other things, provide you with personalized recommendations.
We may share your information with various third parties, including service providers and business partners, in the following ways and for the following reasons:
We believe in responsible data management, which includes ensuring that we retain your personal information only for as long as necessary to fulfill the purposes for which it was collected. Our retention policy is designed to balance preserving your data for legitimate purposes while respecting your privacy.
Length of Retention: The duration for which we retain your personal information depends on various factors, including the nature of the information, the purposes for which it was collected, and any legal obligations requiring us to retain the information for a specific period.
Why Retain Data: We retain your personal information to provide you with the best possible experience when using our Site. This includes ensuring the functionality of your account, providing customer support, and maintaining accurate records of transactions and interactions.
Retention Periods: Generally, we will keep your personal information for the duration of our business relationship with you and as long as necessary to achieve the purposes outlined in this Privacy Policy. After the retention period expires, we will securely delete or anonymize your personal information to prevent unauthorized access.
Backup and Archiving: It’s important to note that copies of your personal information may remain in our backup and archival systems for a limited period, even after deletion from our active systems. These measures ensure data integrity, business continuity, and compliance with legal and regulatory requirements.
Your Control: We understand that your personal information is valuable, and we want you to have control over it. If you wish to have your personal information deleted or if you have any questions about our retention practices, please contact us using the contact information provided below.
We take various technical and organizational measures to protect your data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or access. However, no method of transmission over the Internet or electronic storage is completely secure. Therefore, while we strive to protect your information, we cannot guarantee its absolute security.
We may share some or all of your data in connection with or during the negotiation of any merger, financing, acquisition, or dissolution transaction involving the sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of insolvency, bankruptcy, or receivership, your data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the data collected by us and will assume the rights and obligations regarding your data as described in this Privacy Policy.
Regardless of any choices you make regarding your personal information, we may disclose it if we believe in good faith that such disclosure is necessary: (i) in connection with any legal investigation; (ii) to comply with relevant laws or respond to subpoenas or warrants served on the Company; (iii) to protect or defend the rights or property of the Company or users of the Site or Services; and/or (iv) to investigate or assist in preventing any violation or potential violation of the law or this Privacy Policy.
Please be aware that we may transfer and process personal information on servers located in countries other than your own. These countries may have data protection laws that differ from those in your country and, in some cases, may not be as protective. However, we have taken appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.
When transferring personal information from the European Economic Area (EEA) to countries not recognized by the European Commission as providing adequate protection, we use appropriate safeguards such as standard contractual clauses approved by the European Commission or other suitable transfer mechanisms.
By using the Service or providing us with any information, you consent to the transfer, processing, and storage of your information outside of your country, including in countries that may not offer the same level of protection for personal information as your country. If you have any questions about our data transfer practices, please contact us using the contact information provided below.
The Service may contain links to third-party websites or services. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be governed by the privacy policies of the third-party websites or services, not this Privacy Policy. We urge you to read the privacy and security policies of these third parties.
If you decide at any time that you no longer wish to accept cookies for any of the purposes described above, you can instruct your browser to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit by changing its settings. Consult your browser's technical information for guidance. However, if you do not accept cookies, you may not be able to use all functionalities of the Site. If you have any questions about how to disable or modify cookies, please let us know using the contact information provided below.
All users may review, update, correct, or delete the data in their user account by contacting us at the address listed below. We will make commercially reasonable efforts to honor your request. However, we may retain an archived copy of your records as required by law or for legitimate business purposes.
We may update this Privacy Policy to reflect changes in the law, our information practices, or the features of the Service. The date of the most recent update will be indicated at the top of our Privacy Policy. If we make a material change to the Policy, you will be provided with appropriate notice in accordance with legal requirements. By continuing to use the Service, you confirm that you have read and understood the latest version of this Privacy Policy.
You may opt out of certain marketing emails or newsletters that you receive from us. If you opt out, we may still send you administrative emails.
You may send requests regarding your personal information to the contact email address listed below. You can request that we limit the collection of certain information.
Your privacy and the security of your personal information are of paramount importance to us. In the unfortunate event of a data breach affecting your personal information, we want to assure you that we will take immediate and appropriate steps to address the situation and mitigate any potential harm.
A data breach refers to the unauthorized access, disclosure, or loss of personal information that could compromise its security and confidentiality. In the unlikely event of a data breach, we will take the following steps:
While we take every precaution to prevent data breaches, it's important to note that no system is entirely immune to risks. We want you to be informed and reassured that we have your best interests at heart and will act promptly and transparently in the event of a breach.
Our Site is not intended for use by individuals under the age of 13 or the relevant age specified by the laws of your jurisdiction ("Child" or "Children"). We do not knowingly collect personal information from Children. If you are a parent or guardian and believe that your Child has provided us with personal information, please contact us using the contact information provided below. If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers.
If you are a Child, please do not use or provide any personal information through the Service. If you believe we might have any information from or about a Child, please contact us using the contact information provided below.
Your privacy and data security are a shared responsibility between us and you. While we are committed to implementing robust measures to protect your personal information, we also want to empower you to take an active role in safeguarding your own data.
Secure Credentials: Use strong and unique passwords for your accounts. Avoid easily guessable passwords and consider using a combination of letters, numbers, and special characters. Do not share your login credentials with anyone.
Caution with Information Sharing: While our Site is designed to provide a safe and secure environment, exercise caution when sharing personal information, especially in public forums or areas accessible by other users. Avoid sharing sensitive information that could be misused.
Privacy Settings: Take advantage of the privacy settings available within our Site. Adjust your preferences to control who can access your information and limit the visibility of your personal details.
Security Updates: Keep your device's operating system, browsers, and security software up to date. Regularly applying security updates helps protect your device from vulnerabilities that could be exploited by malicious actors.
Phishing Awareness: Be cautious of emails, messages, or websites that request your personal information or credentials. Phishing attempts often mimic legitimate communications, so verify the sender's identity and the authenticity of requests before providing any information.
Educate Yourself: Stay informed about best practices for online privacy and security. Educate yourself about potential risks and ways to mitigate them. Familiarize yourself with our Site's privacy features and settings.
We believe in transparency regarding the legal basis for processing your personal information. Under data protection laws, every instance of collecting and using personal information must have a valid legal basis. We want to ensure that you are informed about the reasons behind the processing of your data.
Consent: In many cases, we rely on your explicit and informed consent as the legal basis for processing your personal information. Before collecting your data, we will clearly explain the purposes for which it will be used and seek your consent. You have the right to withdraw your consent at any time.
Contractual Necessity: In some situations, the processing of your personal information is necessary for the performance of a contract between you and us. For example, when you create an account or make a purchase, we need to process certain data to fulfil our contractual obligations.
Legal Obligations: We may process your personal information when required to comply with legal obligations. This includes situations where we need to respond to legal requests, court orders, or other legal processes.
Legitimate Interests: We may also process your personal information based on our legitimate interests, provided that such processing is not overridden by your rights and interests. Our legitimate interests could include improving our services, conducting analytics, ensuring the security of our Site, and preventing fraud.
Protection of Vital Interests: In rare cases, we may process personal information to protect someone's vital interests, such as in medical emergencies.
Public Task: If we are performing tasks in the public interest or exercising official authority, we may process personal information on this legal basis.
It's important to note that we assess the legal basis for each processing activity to ensure it aligns with the principles of fairness, transparency, and accountability. We are committed to respecting your rights and providing you with a clear understanding of how and why we process your personal information.
Under the laws of California and certain other US states (i.e., Virginia), we are required to provide you with the following additional information about: (1) the purpose for which we use each category of “personal information” we collect; and (2) the categories of third parties to which we (a) disclose such personal information for a business purpose, (b) “share” personal information for “cross-context behavioral advertising,” and/or (c) “sell” such personal information.
Under California law, “sharing” is defined as the targeting of advertising to a consumer based on that consumer’s personal information obtained from the consumer’s activity across websites, and “selling” is defined as the disclosure of personal information to third parties in exchange for monetary or other valuable consideration. We do not sell or share your Personal Information, including any Sensitive Personal Information. We also do not sell or share and have no actual knowledge that we have sold or shared any Personal Information of anyone under 16 years of age.
For more information about each category, purpose of use, and the third parties to which we disclose information, please see the “Categories of Personal Information We Collect”, “Purpose of Collection” and “Categories of 3rd Parties to which Fluid discloses this Personal Information for Business Purpose” sections.
| Categories of Personal Information We Collect | Purpose of Collection | Categories of 3rd Parties to which Fluid discloses this Personal Information for Business Purpose |
|---|---|---|
| Identifiers | We collect name, preferred name, maiden name, address, phone number, email address, Social Security Number and images of personal IDs. This data is all used for the purpose of facilitating employee onboarding or the completion of employee onboarding requirements such as the the completion of the employment eligibility form I-9. | This data is shared with the user’s employer to facilitate the employee’s onboarding. |
| 1798.80(e) of the California Civil Code (such as physical characteristics or description, insurance policy number, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information) | When required for the processing of direct deposit we collect the account and routing number of the account where the funds are to be direct deposited. | This data is shared with the user’s employer to facilitate the employee’s onboarding. |
| Characteristics of protected classifications under California or federal law (such as race or gender) | We collect sex race and ethnicity to facilitate the employers filing of an EEO-1 Employer Information Report. | This data is shared with the user’s employer to facilitate the employee’s onboarding. |
| Internet or other electronic network activity information (such as browsing history, search history, interactions with a website, email, application, or advertisement) | We collect a IP address, Date/time and device fingerprint for the purpose of facilitating the user’s electronic signature. | We collect a IP address, Date/time and device fingerprint for the purpose of facilitating the user’s electronic signature. |
| Biometric information (such as call recordings) | A biometric liveness validation is completed to confirm ownership of the photo id shared. This validation is completed on the user’s device. A frame from the liveness validation and pass or fail results of the biometric/ID match are shared with the employer to facilitate their confirmation of the ownership of the photo id. |
his Privacy Policy is drafted to comply with the California Consumer Privacy Act (CCPA). We are committed to handling your personal information in accordance with the CCPA’s requirements and ensuring your rights are respected. You have certain rights under the CCPA regarding the personal information we hold about you. These rights include:
To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request within a reasonable timeframe and may ask you for further information to verify your identity before acting on the request.
Please note that these rights might be subject to specific limitations and exceptions under applicable data protection laws.
You have the right to erase any personal information processed by us at any time, except for the following situations:
Contact Us
If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:
Email: privacy@fluidft.com Mail: 155 N 400 W, Suite 500, Salt Lake City, UT 84101