GET IN TOUCH

Data Privacy & Protection Policy

Last updated: 2 October 2024 | Version: 1.4

POLICY

This Data Privacy & Protection Policy applies to McG Partners’ applications, platforms, mobile tools, and customer interactions (e.g., service inquiries, consultations, events). It governs how we collect, use, and protect information shared with us in the United States.

This policy does not apply to third-party applications, integrations, or services that connect to McG Partners' systems (“Third-Party Services”), or other businesses we do not control. Use of our Services is also subject to a separate agreement—the “Software as a Service Agreement”—which outlines terms related to data access, storage, and security.

Customers (e.g., your employer) who contract with McG Partners control their instance of the Services and determine how Customer Data is used. If you are an end user, contact your administrator for privacy settings and access requests.

By using our Services, you acknowledge this policy and consent to the collection and use of data as described.

 

INFORMATION WE COLLECT AND RECEIVE

We may collect personal and non-personal information via two main sources:

Customer Data

Customers may upload personal data for:

  • Authorised Users;
  • Employees;
  • Contractors;
  • Job Candidates;
  • Business contacts;

Information types may include:

  • Contact details (name, address, email, phone, etc.);
  • Employment information (job title, department, pay, performance, etc.);
  • Government-issued IDs and tax-related details (SSN, EIN, etc.);
  • Emergency contacts and family info;
  • Biographical and educational history;
  • Payroll, benefits, time tracking, and compensation data;

 

Other Information

Collected or generated by our systems, this may include:

    • Usage Metadata: Logs of features used, user activity, and interactions.
    • Log data: IP address, browser type, timestamps, error messages.
    • Device info: OS, device type, settings, crash reports.
    • Location info: Approximate location via IP address or organization details.
  2. Cookies and tracking: Used for functionality, analytics, and service optimization.
  3. Third Party Data: Aggregated demographic or marketing data used for improving service experience.
  4. Additional Info: Provided during job applications, events, support, or surveys.

Some data is collected automatically; others are submitted voluntarily. Without certain information, full access to services may not be possible.

 

HOW WE USE INFORMATION

Customer Data: We process Customer Data strictly according to their instructions and under the terms of the Software as a Service Agreement. McG Partners acts as the processor; the customer is the data controller.

Other Information: Used for legitimate business purposes, including:

  • Operating and improving services
  • Maintaining system security and availability
  • Responding to inquiries and support needs
  • Enhancing user experience and feature development
  • Communicating changes, updates, or alerts
  • Managing billing and account information
  • Investigating and preventing fraud
  • Aggregated data may be used for benchmarking or analytics

Marketing communications are optional and may be managed by your preferences.

 

DATA RETENTION

Customer Data is retained as directed by the customer. Other Information may be kept as long as necessary to support legal compliance, auditing, security, or business purposes.

 

HOW WE SHARE AND DISCLOSE INFORMATION

Information may be shared under the following conditions:

  • At customer direction.
  • Internal access by administrators or authorized users.
  • Third Party Service Providers: Only for essential services, bound by strict data agreements.
  • Business transitions: Mergers, acquisitions, or restructures.
  • Compliance with U.S. law: Government/legal requests.
  • Protection of rights:For fraud prevention, legal defense, or system integrity.
  • With consent: For optional third-party services or outreach

We never sell your personal data.

 

SECURITY

McG Partners takes data security seriously. We follow industry standards (including SOC 2) and use modern controls such as:

  • Access controls
  • Encryption
  • Network security measures
  • Continuous monitoring and vulnerability management

Contact us for more details on our Information Security Program.

 

CHANGES TO THIS POLICY

We may update this policy periodically to reflect regulatory, operational, or technology changes. Updates will be posted here. If changes significantly affect your rights, we’ll notify you through appropriate channels.

 

DATA PROTECTION CONTACT

If you have questions, concerns, or requests related to this policy or your personal data please contact us using the contact form on our website.

We aim to respond promptly. If you're unsatisfied with our response, you may contact a U.S.-based data protection authority, such as the Federal Trade Commission (FTC).

 

ACCESSING AND CORRECTING YOUR INFORMATION

You may have the right under U.S. law (e.g., CCPA or state privacy laws) to:

  • Access personal data
  • Request corrections or deletions
  • Object to or restrict processing
  • Withdraw marketing consent

If you’re an end user under a customer’s account, please contact your employer for access. For direct requests, email our Data Protection Officer with identifying details for processing.

We verify all requests to protect your information.

 

SUBPROCESSORS

McG Partners uses select subprocessors to support service delivery. All subprocessors are contractually obligated to follow the same strict data protection and confidentiality standards we uphold.

A full list of approved subprocessors is available upon request.