Wisely® online privacy statement

Effective Date: January 18, 2023

This Privacy Statement explains how Automatic Data Processing, Inc. (“ADP,” “Company,” “our” or “we”) uses and discloses personal data that we collect from (i) individuals who visit our websites and associated sub-domains located at https://info.mywisely.com/ (the “Site”) and otherwise engage with us in business activities such as by enrolling in our Wisely Direct or Wisely Pay products, (ii) individuals’ use of myWisely, our software application made available by us for use on or through computers and mobile devices (the “App”), (iii) social media pages and apps located at https://www.mywisely.com/, https://twitter.com/wiselybyadp, https://www.instagram.com/wiselybyadp/, https://www.facebook.com/WiselybyADP/, and https://www.linkedin.com/company/wisely-by-adp/ (collectively, our “Social Media Pages”), (iv) HTML-formatted email messages that we send to you that link to this Privacy Statement or other communications with you, or (v) offline business interactions you have with us. Collectively, we refer to the Site, App, Social Media Pages, emails, and offline business interactions as the “Services.”

This Privacy Statement incorporates ADP’s Binding Corporate Rules (“BCR”) Privacy Code for Business Data (the “Business Code”), which includes information about how ADP processes and protects data of our business contacts/professionals and consumers. For more information on our Business Code or Privacy Program, please visit https://www.adp.com/privacy.aspx. If you have additional questions about privacy or this Privacy Statement, please contact our Privacy Team at privacy@adp.com, or follow the instructions below in section 16. How to Contact Us.

  1. Types of Personal Data ADP Collects

Personal data is any information that identifies you as an individual or relates to an identifiable individual. The Services collect personal data, which may include: name, Social Security Number, government issued identification, physical and mailing address, date of birth, telephone numbers, email address, username and password, geographic location, user profile information, employment information including employer, occupation, salary and compensation, payment card data, photographs or images, and social media account ID.

  1. How ADP Collects Personal Data

We and our service providers collect personal data in a variety of ways, including:

Through the Services: We collect personal data through the Services when you interact with us, such as registering on our Site, enrolling in Wisely Direct or Wisely Pay, downloading the App, signing up to receive marketing communications, product or services.

From Other Sources: We may receive personal data from other sources, for example publicly available databases; joint marketing partners, when they share information with us, and your employer.

Cookies and Other Tracking Tools: If you interact with us through the Services, we use cookies or other technological tools to collect information about your device and your use of our Site. We treat this information as personal data when it is associated with your contact information. For more information about cookies and other technologies, please see the section Cookies and Other Data Collection Technologies below.

We need to collect personal data in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services.

  1. How ADP Uses Personal Data

ADP and our service providers use personal data for the following business purposes:

(a) Providing the functionality of the Services and fulfilling your requests, including:

(1) To provide the Services’ functionality to you, such as arranging access to and managing your account, verifying your identity, and providing you with related benefits, special promotions, or customer service, and dispute resolution purposes.

(2) To respond to your inquiries and fulfill your requests, when you contact us, for example, when you send us questions, suggestions, compliments or complaints, or when you request other information about our Services.

(3) For consolidated management and reporting.

(4) To assure quality control and to enforce our standards and policies.

(5) For risk management and mitigation, including for audit and insurance functions, and as needed to license and protect intellectual property and other assets.

(6) For security management, including monitoring individuals with access to the Services, application, systems, or facilities, investigation of threats, and as needed for any data security breach notification.

(b) Providing you with our newsletter and/or other marketing materials and facilitating social sharing. We send you marketing related emails, with information about our services, new products and other news about our company. To facilitate social sharing functionality that you choose to use.

(c) Anonymizing or de-identifying personal data. We may aggregate and/or anonymize personal data so that it will no longer be considered personal data. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.

(d) Business-necessary processing activities. ADP may also process personal data as needed (i) to protect the privacy and security of the personal data it maintains, such as in connection with advanced security initiatives and threat detection; (ii) for treasury operations and money movement activities; (iii) for compliance functions, including screening Individuals against sanction lists in connection with anti-money laundering programs; (iv) for business structuring activities, including mergers, acquisitions, and divestitures; and (v) business activities, management reporting, and analysis.

(e) Development and improvement of products and/or services. ADP may process personal data to develop and improve ADP’s products and/or services, and for research, development, analytics, and business intelligence.

ADP uses your personal data for secondary purposes such as:

  • Disaster recovery and business continuity, including transferring the information to an archive;
  • Internal audits or investigations;
  • Implementation or verification of business controls;
  • Statistical, historical, or scientific research;
  • Dispute resolution;
  • Legal or business counseling;
  • Compliance with laws and company policies; and
  • Insurance purposes.
  1. Why and How ADP Discloses Personal Data

ADP does not provide your personal data to third parties outside of ADP Group Companies for their own marketing purposes. We limit sharing of your personal data:

  • To your employer if the Services are provided by your employer.
  • To ADP Group Companies, which use your personal data for the purposes listed in this Privacy Statement.
  • To our issuing banks and service providers, who are bound by law or contract to protect your personal data and only use your personal data in accordance with our instructions to facilitate services they provide to us.
  • By using the Services, you may elect to disclose personal data.
  • To enforce our terms and conditions, protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of ADP’s business, assets, stock (including in connection with any bankruptcy or similar proceedings); or as needed to support external auditing, compliance and corporate governance functions. We will also disclose personal data when required to do so by applicable law, such as in response to a subpoena, including to law enforcement agencies and courts in the United States and other countries where we operate, or for other legal reasons.
  • As instructed, permitted or needed to provide the Services.

Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports that contain aggregated, anonymized, and/or statistical data about our consumers. These reports do not contain personal data that would enable the recipient to contact, locate, or identify you.

  1. Cookies and Other Data Collection Technologies

When you visit our Site, use our App, or receive digital communications from us, we collect certain information by automated means, using technologies such as cookies, pixel tags, browser analysis tools, server logs, and web beacons. For example, when you visit our Site, we place cookies on your device. Cookies are small text files that websites send to your computer or other internet-connected devices to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. They also help us provide a customized experience and enable us to detect certain kinds of fraud. In many cases, you can manage cookie preferences and opt-out of having cookies and other data collection technologies used by adjusting your browser settings. All browsers are different, so visit the “help” section of your browser to learn about cookie preferences and other privacy settings that may be available. Pixel tags and web beacons are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, the pixel tags and/or web beacons generate a notice of that action. These tools allow us to measure response to our communications and improve our web pages and promotions.

We collect many different types of information from cookies and other technologies. For example, we collect information from the device you use to access our Site, your operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. Our server logs also record the Internet Protocol (“IP”) address assigned to the device you use to connect to the Internet. An IP address is a unique number that devices use to identify and communicate with each other on the internet. We may also collect information about the website you were visiting before you came to the Site and the website you visit after you leave our Site.

In many cases, the information we collect using cookies and other tools is only used in a non-identifiable way, without reference to personal data. For example, we use information we collect about website users to optimize our Site and to understand website traffic patterns. In some cases, we do associate the information we collect using cookies and other technology with your personal data. This Privacy Statement applies to the information when we associate it with your personal data.

Although we do not currently respond to Do Not Track signals, we do offer individuals choices to manage their preferences that are provided in the previous sections above. The Site does not collect personal data about an individual consumer’s online activities over time and across different websites when a consumer uses the Site. To learn more about browser tracking signals and Do Not Track please visit https://www.allaboutdnt.org/.

ADP uses Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. For information on how Google Analytics uses data, please visit “How Google uses data when you use our partners sites or apps”, located at https://policies.google.com/technologies/partner-sites, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

  1. Communication Preferences

You may limit the information you provide to ADP. You may also limit the communications that ADP sends to you. To opt-out of commercial emails, simply click the link labeled “unsubscribe” at the bottom of the commercial email we send you.

Please note that if you are currently receiving services from ADP and you have decided to opt-out of emails, this will not impact the messages we send to you for purposes of delivering such services or as permitted by applicable law.

If you have questions about your choices or if you need assistance with opting-out, please contact us via email to privacy@adp.com. You may also write us by following the instructions in section 16. How to Contact Us. If you send us a letter, please provide your name, address, email address, and information about the communications that you do not want to receive.

  1. Access, Correction, Erasure, and Other Individual Rights

ADP respects your right to access, correct, and delete your personal data, or object to the processing of your personal data. If you have an online account, you may log into your account to access, update, or delete the information you have provided to us subject to applicable law. You may also write to us by following the instructions below in section 16. How to Contact Us. If you send us a letter, please provide your name, address, email address, and detailed information about the changes you would like to make. ADP will respond to requests as soon as possible and in accordance with applicable data protection laws.

  1. Automated Decision Making/Profiling

In some instances, our use of your personal data may result in automated decisions being made about you. Automated decisions are decisions concerning you that are made on the basis of a computer determination (using software algorithms), without human review. These actions/automated decisions are necessary to provide you with our Services and related support.

  1. Information Security

ADP is committed to maintaining appropriate organizational, technical, and physical controls to protect personal data entrusted to ADP. These controls protect personal data from anticipated threats and hazards and unauthorized access and use. ADP will strive to provide security that is proportional to the sensitivity of the personal data being protected. Additional information about ADP’s Global Security Organization may be found at https://www.adp.com/about-adp/data-security.aspx.

You should also take steps to protect yourself, especially online. When you register for the Services, choose a strong password, and do not use the same password that you use on other websites. Do not share your password with anyone else. ADP will not ask you for your password in an unsolicited phone call or in an unsolicited email. Also, remember to sign out of the Services and close out of your browser window or the App when you have finished what you are doing. This is to ensure that others cannot access your personal data and correspondence if they have access to your device(s).

  1. Data Retention

ADP will retain your personal data for as long as necessary for the purposes for which the personal data is processed or until you request that the personal data be deleted. ADP follows a Global Records Information Management (“RIM”) Policy and has established records retention schedules for all types of personal data that ADP processes. Personal data is retained in accordance with the records retention schedules to ensure that records containing personal data are retained as needed to fulfill the applicable business purposes, to comply with applicable laws, or as advisable in light of applicable statutes of limitations.

When the retention period has expired, records containing personal data will be securely deleted or destroyed, de-identified, or transferred to archive, in accordance with ADP’s RIM Policy.

  1. International Data Transfers

ADP is headquartered in the United States of America. Your personal data may be accessed by or transferred to the United States or elsewhere in the world in accordance with the ADP Privacy Code for Business Data.

  1. Privacy Statements of Third Parties

This Privacy Statement only addresses the use and disclosure of information by ADP. Our Suppliers, Business Partners, and other third-party websites that may be accessible through the Services have their own privacy statements and data collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy statements provided by third parties prior to providing them with information or taking advantage of an offer or promotion.

  1. Changes to this Privacy Statement

The “Last Updated” legend at the top of this Privacy Statement indicates when this Privacy Statement was last revised. We may update this Privacy Statement to reflect new or different privacy practices. We will place a notice online when we make material changes to this Privacy Statement. Any changes will become effective when we post the revised Privacy Statement on the Services.

  1. Use of the Services by Minors

The Services are not directed to individuals under the age of thirteen (13), and we do not knowingly collect Personal Information from individuals under 13.

  1. How to Contact Us

Please contact us if you have questions, or comments. You may reach us via email at privacy@adp.com, or via mail at the address below. If you send us a letter, please provide your name, address, email address, and detailed information about your question, comment, or complaint.

ADP
Global Data Privacy and Governance Team
MS 325

One ADP Boulevard
Roseland, NJ 07068-1728 USA