HaystackID US Privacy Notice

Information for US Residents

We collect Personal Data from US residents and comply with the consumer privacy laws of California, Colorado, Connecticut, Utah, and Virginia (“US Privacy Laws”). In addition to our general Privacy Notice available at https://haystackid.com/privacy/, this US Privacy Notice applies to certain US residents (“you” or “your”).

For the purposes of this US Privacy Notice, “Personal Data” means information that is linked or reasonably linkable to a particular individual or household. However, the following categories of information are not Personal Data:

  • Publicly available information;
  • Deidentified or aggregated data; or
  • Information otherwise excluded from the scope of US Privacy Laws.

This Privacy Notice provides the following information to US residents:

  • Categories of Personal Data we collect;
  • Purposes for which we use Personal Data;
  • Categories of Personal Data we disclose to third parties;
  • Categories of third parties to which we disclose Personal Data; and
  • How US residents can exercise their rights under US Privacy Laws:
    • The rights to access, correct, or delete Personal Data;
    • The right to obtain a portable copy of Personal Data;
    • The right to limit the use of sensitive personal data in certain circumstances; and
    • The rights to opt out of targeted advertising, sales of personal data, or profiling.

Categories of Non-Sensitive Personal Data

The table below outlines the non-sensitive categories of Personal Data HaystackID collects about US residents and whether and how they are disclosed to third parties.

We collect Non-Sensitive Personal Data directly from our users and from our business partners.

Category of Personal Data:
Identifiers
Examples
Identifiers may contain the following: Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
Purpose(s)
Service Changes, Support, Resolution of Technical Issues, Offers and Updates
Targeted Advertising
We may share this data with advertising partners for targeted advertising purposes
Sale
This data is not sold to third parties
Sharing
This data may be shared with Processors and Business Partners
Retention Period
HaystackID will retain your Personal Data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. HaystackID will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Category of Personal Data:
Internet/Electronic Activity
Examples
Internet/Electronic Activity may contain the following: Cookie IDs, hashed email addresses, and mobile advertising IDs, real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
Purpose(s)
Service Maintenance, Interactive Features, Support, Service Improvement, Usage Monitoring, Resolution of Technical Issues
Targeted Advertising
We may share this data with advertising partners for targeted advertising purposes
Sale
This data is not sold to third parties
Sharing
This data may be shared with Processors and Business Partners
Retention Period
HaystackID will retain your Personal Data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. HaystackID will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Category of Personal Data:
Imprecise Geolocational Data
Examples
Imprecise Geolocational Data may contain the following: Imprecise physical location or movements.
Purpose(s)
Service Maintenance, Interactive Features, Support, Service Improvement, Usage Monitoring, Resolution of Technical Issues
Targeted Advertising
We may share this data with advertising partners for targeted advertising purposes
Sale
This data is not sold to third parties
Sharing
This data may be shared with Processors
Retention Period
HaystackID will retain your Personal Data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. HaystackID will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Category of Personal Data:
Professional Information
Examples
Professional Information may contain the following: employment history, practical experience, and other professional qualifications, licenses or certifications.
Purpose(s)
If you apply for a job with HaystackID, you may provide us with your resume, name, contact details, and any other relevant information. HaystackID may collect Professional Information in order to assist with selection and hiring of employment candidates. If you become an employee, we collect additional information, such as your family information, beneficiary selections, banking information, and other relevant information for employment, payroll, and benefit purposes, and we may collect certain sensitive Personal Data such as trade union membership data or biometric data for identity verification.
Targeted Advertising
We do not engage in targeted advertising using this data or share this data for targeted advertising purposes
Sale
This data is not sold to third parties
Sharing
This data is not shared with third parties
Retention Period
HaystackID will retain your Personal Data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. HaystackID will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Category of Personal Data:
Educational Information
Examples
Educational Information may contain the following: educational background, institutions attended, degrees or certifications sought or awarded.
Purpose(s)
If you apply for a job with HaystackID, you may provide us with your resume, name, contact details, and any other relevant information. HaystackID may collect Educational Information in order to assist with selection and hiring of employment candidates. If you become an employee, we collect additional information, such as your family information, beneficiary selections, banking information, and other relevant information for employment, payroll, and benefit purposes, and we may collect certain sensitive Personal Data such as trade union membership data or biometric data for identity verification.
Targeted Advertising
We do not engage in targeted advertising using this data or share this data for targeted advertising purposes
Sale
This data is not sold to third parties
Sharing
This data is not shared with third parties
Retention Period
HaystackID will retain your Personal Data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. HaystackID will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Categories of Sensitive Personal Data

No


Use of Personal Data

We use Personal Data for the purposes described in our general Privacy Notice (see https://haystackid.com/privacy/). Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.


Disclosing Personal Data

We share Personal Data with the following categories of third parties:

  • Processors: We use processors to securely handle Personal Data on our behalf and only on our instructions. These companies may not use your Personal Data for their own purposes.

See the table above for more details about how different categories of Personal Data are shared.

We do not sell Personal Data to anyone.


Exercising Your Personal Data Rights

US residents have the following rights under US Privacy Laws:

  • The rights to access, correct, or delete Personal Data;
  • The right to obtain a portable copy of Personal Data; 
  • The right to limit the use of Sensitive Personal Data in certain circumstances; and
  • The rights to opt out of targeted advertising, sales of personal data, or profiling.

If you are a US resident, you can submit a request to exercise your personal data rights under US Privacy Laws by If you wish to exercise your personal data rights under US privacy laws, please contact us for assistance.  You can contact us by calling our toll-free number at 1-877-942-9782, by emailing privacy@haystackid.com, or by visiting our online portal here. Please be ready to provide your name and email address, and if you have authorized an agent to make a request on your behalf, we will need you to provide the agent’s name and email address, as well as your written authorization appointing the agent to make a request on your behalf.

Please note that we may ask you to verify your identity before responding to such requests. To submit an opt-out request, you may We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any or all of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us at privacy@haystackid.com, with the subject line “Opt-Out Request.”

To protect your privacy, we may need to authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request. Please be aware that we do not accept or process rights requests through other means (e.g., via fax or social media).

After submitting your request online, you will receive a follow-up email, which may include a link you must click on in order to verify your identity. If you do not click on that link, we may be unable to complete your request due to lack of verification. It is important that you provide a valid email address in order for us to be able to process your request.

We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay acting on your request until we can appropriately verify your identity and the request as authentic. Also note that each of the rights are subject to certain exceptions. If you believe our response to your rights request is insufficient, you can appeal our decision by contacting Data Protection Officer at privacy@haystackid.com and we will inform you of our final decision within 45 days.

We reserve the right to decline to process, or charge a reasonable fee for, requests from a US resident that are manifestly unfounded, excessive, or repetitive.


Targeted Advertising

“Targeted advertising” as used in this Privacy Notice means the disclosure of Personal Data to a third party for behavioral advertising. An example of this is displaying advertisements to a US resident where the advertisement is selected based on Personal Data obtained from that person’s activities over time and across nonaffiliated websites or online applications to predict such person’s preferences or interests. We share some Personal Data for behavioral advertising. You can opt out of the sharing of your Personal Data for targeted advertising by submitting a rights request as described above.


Limiting the Use of Sensitive Personal Data

You have the right to limit some uses of Sensitive Personal Data. In particular, you may direct companies not to use Sensitive Personal Data except as necessary to provide goods or services you have requested.  However, HaystackID does not Process any Sensitive Data.


Authorized Agent Requests

You may designate an authorized agent to make a rights request on your behalf. Your authorized agent may submit such a request by following the same method described above. We may require verification of your authorized agent in addition to the information for verification above for US residents and households.


Contact Us

If you have any questions or concerns regarding this US Privacy Notice, contact us at privacy@haystackid.com.

Last updated: January 17, 2023