Privacy Policy

The following statement describes the privacy practices for ORR Payroll, including its divisions, wholly-owned subsidiaries and contracted providers, hereto referred to as the ‘site owner’. This statement is divided into four sections: (1) this introduction, (2) site owner’s Online Privacy Policy, which addresses the privacy practices applicable to usage of this website, (3) site owner’s SaaS Privacy Policy, which addresses the privacy practices applicable to information processed by site owner in its role as a Software As a Service (SaaS€) provider and (4) site owner€’s General Privacy Provisions, which apply to both the site owner’s website and site owner’s role as a SaaS provider.

Site owner respects individual privacy and strives to collect and use personal information in a manner consistent with the laws of the countries in which it does business. Site owner abides by the Safe Harbor Principles developed by the U.S. Department of Commerce and the European Commission. More information about the U.S. Department of Commerce’s Safe Harbor program can be found at Site owner also abides by the principles established in Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA€).

Site owner’s Privacy Policy

This Online Privacy Policy covers use of this site. All information disclosed by visitors is subject to this Privacy Policy. With respect to data received through its websites, site owner will comply with the following:

Types and Uses of Information

Site owner gathers personal information from site visitors from time to time in order to enhance existing offerings or provide additional services. The company gathers only the information essential for understanding visitors in such a way as to provide better payroll products and services. This may include contact information such as name, email address, telephone number, and company name, and perhaps other data.

Site owner also may monitor customer traffic patterns and site usage to help refine and improve the design and layout of the website as well as the user experience. As a result, site owner automatically tracks certain information about site visitors. This information includes the users browser type, most recent URL and the next URL that the user visits, regardless of whether these URLs are on the site owner’s website or not. site owner also will track visitors€’ IP addresses. site owner uses this information to, among other things, identify broad demographic trends that may be used to provide information tailored to users€’ interests.

Any personal information given to us through our website is used exclusively by site owner unless otherwise noted on the site. site owner does not make this information available to third parties who trade or rent information for direct marketing purposes.

Site owner does not collect e-mail addresses without the site visitor voluntarily providing us with this information (typically via our online information or demo request form, whitepaper request form, and other website forms and surveys). Site owner will periodically use that contact information to send visitors e-mail or other communications for sales, service, support and marketing purposes. Visitors who do not wish to receive marketing e-mail from site owner in the future may opt out of receiving these communications by following the instructions included in each communication.


Site owner may use both per-session and persistent cookies to enhance the user experience while visiting the site owner’s website. Cookies are small bits of data stored locally by a browser that saves information and helps the hosting website identify the user upon subsequent visits. Cookies are uniquely assigned to the users€’ computer and may only be read by a web server located within the domain that originally issued the cookie. Cookies generally assist users by performing certain functions such as saving passwords and personal preferences regarding the sites.

Persistent cookies are stored for a set length of time determined by the web server when it passes the cookie on to the browser. Persistent cookies are used to store information between visits to a site.

Per-session cookies are used to store information only within a session. These cookies are cached only while a user is visiting the web server that issues the per-session cookie. Per-session cookies are deleted from the cache when the user closes the session.

Users may have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but users can typically modify browser settings to decline all cookies. Alternatively, users may modify browser settings to provide notification each time a cookie is tendered, permitting the user to accept or decline cookies on an individual basis. If a user chooses to decline cookies, however, it may hinder performance and negatively impact the user experience on site owner’s website, and ultimately, the use of any hosted compensation and talent management software.

Disclosure to site owner partners

Site owner does not provide detailed information about individual site visits, nor the information users provide, to outside companies without users’ permission. site owner may share aggregated information about the use of this site to companies with which site owner has business relationships. This usage information, such as numbers and frequency of visits, is used with the goal of providing the best possible web experience.

Site owner’s SaaS Privacy Policy

Site owner is a provider of Software As a Service (SaaS). As a SaaS provider, site owner provides its customers with a suite of payroll and Human Resource solutions that provide organizations with more efficient and effective means to process payroll.

Site owner serves as a data processor for the clients who use site owner’s products. Customers of site owner’s hosted payroll solutions fill the role of data controller. site owner maintains only that information which its customers have asked it to process and processes it only upon, and in accordance with, the customer’s direction and instructions. This SaaS Privacy Policy does not reflect the privacy practices of site owners’ customers, and site owner is not responsible for its customers’ privacy policies or practices. site owner does not review, comment upon or monitor its customers’ compliance with their respective privacy policies, nor does site owner review its customer instructions to determine whether they are in compliance with or conflict with the terms of a customer’s published privacy policy.

This SaaS Privacy Policy applies only to the transfer of personally identifiable information (Personal Information) received by site owner in any format through its hosted solutions, whether supplied directly by site owner customers or by employees or users of the hosted solutions anywhere in the world, including transfers from the European Union and Canada to the United States. With respect to data received through its hosted solutions, site owner will comply with the following:

Notice/Use of Personal Information

site owner supports a hosted system, where it collects Personal Information including but not limited to customers€’ organizational data (salary and compensation figures job codes, reporting relationships), employee data (specific identifying information such as name, email/physical address, current/previous base salary,, gender, ethnicity,, picture, and other demographical information), and other data required to provide payroll and HR services for customers and their employees. site owner operates as a data processor for its customers. site owner maintains only the Personal Information which its customers have asked site owner to process and processes it only upon, and in accordance with, the customer€’s direction and instructions. It is the responsibility of the customer to ensure that the data the customer collects and later gives to site owner NC; LLC can be legally collected and disclosed in the country of origin. The site owner customer is responsible for giving its employees and users the appropriate level of notification that Personal Information is being collected and maintained. The site owner customer also is responsible for ensuring the security of any method used by the customer to provide Personal Information to site owner if through means other than the hosted solution.

Onward Transfer

Site owner has developed global data practices designed to ensure that Personal Information is appropriately protected. While site owner€’s primary data centers are in the United States, Personal Information may be transferred to our offices in other countries. site owner also may contract with third-party providers to perform certain functions on our behalf or to enhance our existing product and service offerings. Examples include providing financial transaction, product and service support. If site owner discloses Personal Information to a third party or to our employees outside of the United States, site owner will ensure adequate protection of such Personal Information. Third parties will have access to your Personal Information only to the extent necessary to permit them to do their jobs; however, they are bound by confidentiality agreements before any information is provided to them and are restricted from using the information for other purposes.

Site Owner’s General Privacy Provisions

These General Privacy Provisions apply to both site owner’s website and its hosted solutions applications. All information disclosed by site visitors, customers and other individuals or organizations is subject to these provisions. With respect to data received through site owner’s website and its hosted solutions, site owner will comply with the following:

Data Integrity and Access to Data

Site owner will take reasonable steps to ensure that Personal Information is accurate, complete and current to its intended use. site owner will only use Personal Information in ways that are compatible for the purposes for which it was collected or subsequently authorized by the user.

Site owner provides users with reasonable access to Personal Information that they provide to us as well as the ability to review and correct such information. In addition, to protect users€’ privacy and security, site owner takes reasonable steps to verify user identity before granting access to Personal Information. site owner may limit or deny access to Personal Information where providing such access would be unreasonably burdensome or expensive in the circumstances.


To prevent unauthorized access or disclosure, to maintain data accuracy, to allow only the appropriate exercise of users€’ Personal Information while also protecting the confidentiality, integrity and availability of users‒ Personal Information, site owner employs a variety of industry standard security technologies. Security is provided on the data, application and hosting level. The security infrastructure includes a physically secure data center, proven firewall protection, intrusion prevention measures, SSL encryption of all data in transit, role based authorization and additional proprietary security measures. Communication to site owner servers from a client computer is achieved through an SSL connection. This ensures data, including Personal Information, is encrypted when transferred over the Internet. site owner provides further user-based security configured specifically for the individual client’s needs. For example, as a site user subscriber, the client will be able to specify levels of user security, including: domain-limited access (access only from the client’s proxy server), password configuration (length, letters, numbers, etc.) and automatic password expiration.

Site owner limits access to users€’ Personal Information and data to those persons who have a specific business purpose for maintaining and processing such information. Site owner’s employees who have access to users’ Personal Information will be made aware of their responsibilities to protect the confidentiality, integrity and availability of that information and have been provided training and instruction on how to do so.


Site owner has a Privacy Officer who is responsible for site owner’s compliance with and enforcement of this Policy. Site owners Privacy Officer is available to any of its employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security policies. site owner’s Privacy Officer may be contacted by email at info@ PMTWorks dot com or by mail at address listed on contact page of this website. If users have questions or concerns regarding this policy, they should contact site owner’s Privacy Officer before filing any formal complaints with the Better Business Bureau or any other applicable organizations.

Safe Harbor

Site owner adheres to the Safe Harbor privacy framework developed by the U.S. Department of Commerce in consultation with the European Commissions Directive on Data Protection on the transfer of Personal Information from European Union member countries to the United States. The Safe Harbor privacy principles are notice, choice, onward transfer, access, security, data integrity and enforcement. More information about the U.S. Department of Commerce’s Safe Harbor program can be found at

Canada Privacy Principles

Site owner abides by the principles established in Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA€). The PIPEDA principles are:

  • accountability/compliance with the principles
  • identification of the purposes/reasons for collecting the personal information
  • consent to the collection of the personal information
  • limiting the collection to only what is necessary in order to achieve the desired tasks
  • limiting the use, disclosure and retention of the personal information
  • maintaining accurate data
  • safeguarding data with appropriate security policies
  • making policies easily available to employees and customers
  • Notification of Privacy Policy Changes/Choice

Site owner reserves the right to change, modify, add, or remove portions of this Policy at any time. All changes will be posted on this page to inform our users what information we collect, how we use it, and under what circumstances, if any, we may disclose it. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check this website frequently to see recent changes. Unless stated otherwise, our current privacy notice applies to all information that we have about you and your account. We will not materially change our policies and practices to make them less protective of personal information collected in the past without the consent of affected users.

Legal Disclaimer

Site owner may disclose Personal Information when required by law or in the good faith belief that such action is necessary in order to conform to the edicts of the law, comply with legal mandates, enforce the terms of use of site owner’s website, enforce agreement between site owner and its customers or to protect the rights, property, or personal safety of site owner, its users and the public.

Contacting site owner

If you have any questions about this privacy policy, the practices of this site, or your dealings with this site, please send correspondence to the address listed on our Contact page.


Update effective September 28, 2014