Privacy Policy

1. SCOPE AND IMPORTANT DEFINITIONS

1.1 Scope. This Privacy Policy covers information we collect from (a) visitors to the Site, (b) business clients and prospective clients, and (c) end-users who interact with us or the Services. We do not market or intentionally provide the Site or Services outside the United States.

1.2 Personal Information. “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.

1.3 Sensitive Personal Information. We do not seek to collect sensitive personal information such as government identification numbers, full payment card data, or credentials that enable financial transactions. If you believe you provided such information, please contact us at privacy@fullstaff.com so we can address it.

2. INFORMATION WE COLLECT

2.1 Information you provide to us. We collect information you voluntarily provide, including:

1. (a) Contact and business information: name, email address, phone number, and general business information you provide through onboarding forms, web forms, or communications.
2. (b) Sales and support communications: information contained in sales call notes, emails, messages, and other communications with us.
3. (c) Candidate and personnel-related information (limited): for Philippine-based affiliate staff engagements, we may process limited information about individuals (e.g., name, contact information, and basic resume information). In many cases, additional details are provided directly by leads and clients outside the Site.

2.2 Information collected automatically. When you visit our Site, we may automatically collect:

1. (a) Device and usage data: IP address, browser type, device identifiers, operating system, pages viewed, links clicked, time spent, and referring/exit pages.
2. (b) Cookie and pixel data: information collected via cookies, pixels, and similar technologies.

2.3 Information from third parties. We may receive information from:

1. (a) Clients: where a client provides information about its authorized representatives or end-users.
2. (b) Service providers: including analytics and advertising partners.
3. (c) Payment processors: limited information necessary to reconcile payments (we do not store full payment card data).

3. HOW WE USE INFORMATION

3.1 Provide and operate the Site and Services. We use Personal Information to: (a) respond to inquiries and provide requested information; (b) onboard clients and administer client relationships; (c) provide staffing and related services, including coordinating personnel resources; and (d) provide customer support and service communications.

3.2 Business communications and marketing. We use Personal Information to communicate with you about our services, including by email, telephone, and SMS where permitted by law. You can opt out of marketing emails using the unsubscribe mechanism in the email, and you can opt out of marketing texts by replying STOP. Transactional or service-related messages (e.g., security codes, billing notices) may still be sent.

3.3 Analytics and improvement. We use information to analyze Site usage, improve the Site and Services, and develop new features.

3.4 Security and fraud prevention. We use information to protect the Site, Services, our business, and users, including detecting and preventing fraud, abuse, and security incidents.

3.5 Legal and compliance. We use information to comply with applicable laws, respond to lawful requests, and enforce our agreements, including our Terms of Service.

4. COOKIES, ANALYTICS, AND ADVERTISING

4.1 Cookies and similar technologies. We use cookies, pixels, and similar technologies to operate and personalize the Site, understand usage, and support advertising.

4.2 Google Analytics. We use Google Analytics to help us understand how visitors engage with the Site.

4.3 Advertising partners. We use the Meta Pixel, Google Ads and similar partners to measure advertising performance and show ads. These partners may use cookies and similar technologies to collect information about your visits to our Site and other websites.

4.4 Your choices. You can control cookies through your browser settings. We may provide a basic cookie disclosure notice on the Site; we do not currently offer an on-site cookie preference center. You may be able to opt out of certain interest-based advertising through industry opt-out tools provided by third parties.

5. COMMUNICATIONS, SMS, AND CALL RECORDING

5.1 Email and marketing platforms. We send communications through Google Workspace, Salesmate and similar platforms (including manual and automated campaigns).

5.2 SMS and phone communications. We use Twilio, DialPad, AWS and similar services to send security codes and, where permitted, marketing messages. You can opt out of marketing texts by replying STOP. Standard message and data rates may apply.

5.3 Call recording. We may record sales calls and related communications for quality, training, and note-taking purposes using tools such as Granola.ai and other service providers, where permitted by law. If required by applicable law, we will provide additional notice and/or obtain consent.

6. DISCLOSURE OF INFORMATION

6.1 Disclosure Cases. We disclose Personal Information to the following categories of recipients:

1. (a) Affiliates: Our affiliates include PhotoUp Inc. (our parent company) and PhotoUp Philippines Corporation (a wholly owned subsidiary). We may share information within our corporate group for business operations, staffing coordination, support, and administration.
2. (b) Service providers and contractors: We share information with vendors who help us operate our business (e.g., hosting, analytics, communications, CRM, call recording). In rare cases, we may share information with contractors or service providers to assist with specific operational needs.
3. (c) Clients: We may share certain information with clients as needed to provide the Services, such as contact information and basic resume information for personnel supporting the client.
4. (d) Legal and compliance: We may disclose information to comply with law, respond to lawful requests, protect rights and safety, or in connection with audits and compliance obligations.
5. (e) Business transactions: If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of some or all of our assets, information may be disclosed or transferred as part of that transaction.

6.2 No sale of Personal Information. We do not sell Personal Information.

7. INTERNATIONAL DATA TRANSFERS

7.1 Processing in the Philippines. We may process and store information in the Philippines, including through PhotoUp Philippines Corporation and related service providers, to provide the Services.

7.2 Safeguards. Where required, we use commercially reasonable safeguards to protect information transferred internationally, consistent with this Privacy Policy.

8. DATA RETENTION

8.1 General approach. We retain Personal Information for as long as reasonably necessary to (a) provide the Site and Services, (b) maintain business records, (c) comply with legal obligations, (d) resolve disputes, and (e) enforce agreements.

8.2 Sales leads. We may retain sales lead information indefinitely unless you request deletion, subject to applicable law and our legitimate business needs.

8.3 Other categories. For client relationship information and service records, we generally retain data during the relationship and for a reasonable period thereafter, taking into account legal, accounting, and operational requirements.

9. SECURITY

9.1 Safeguards. We use commercially reasonable administrative, technical, and organizational measures designed to protect Personal Information against unauthorized access, disclosure, alteration, and destruction.

9.2 No perfect security. No method of transmission or storage is completely secure. You are responsible for using appropriate safeguards when communicating with us and for securing your own systems.

10. DE-IDENTIFIED DATA AND AI TRAINING

10.1 Non-identifiable data. We may create aggregated, anonymized, and/or de-identified data derived from Personal Information, Client Data, and/or usage of the Services (“Non-Identifiable Data”) for analytics, benchmarking, security, quality assurance, and service improvement.

10.2 AI training and improvement. We may use Non-Identifiable Data to train and improve machine learning and artificial intelligence models used in connection with the Services. We do not intentionally attempt to re-identify Non-Identifiable Data.

10.3 No training on identifiable personal information without permission. We do not use identifiable Personal Information to train generalized AI models without your permission; however, we may use Personal Information to provide and improve the Services for you (for example, to troubleshoot, improve workflows, or provide support).

11. YOUR PRIVACY RIGHTS AND CHOICES (UNITED STATES)

11.1 Marketing preferences. You can opt out of marketing emails and marketing texts as described above.

11.2 Access, correction, and deletion. You may request access to, correction of, or deletion of Personal Information we maintain about you by contacting privacy@fullstaff.com. We may need to verify your identity and may deny or limit requests where permitted by law. Requests may take up to 30 business days to process.

11.3 California notice. If you are a California resident, see Section 12 for additional disclosures.

12. CALIFORNIA PRIVACY NOTICE (CPRA)

This section provides additional disclosures for California residents.

12.1 Categories of Personal Information collected. In the past 12 months, we may have collected the following categories:

1. (a) Identifiers: name, email address, phone number, IP address.
2. (b) Business/professional information: company name, role/title, general business contact details.
3. (c) Internet or network activity information: browsing and usage data on our Site.
4. (d) Audio information: call recordings (e.g., recorded sales calls), where permitted by law.
5. (e) Inferences: limited inferences related to marketing and service improvement.

12.2 Sources. We collect Personal Information from you, automatically via the Site, from clients, and from service providers as described in Section 2.

12.3 Purposes. We use Personal Information for the purposes described in Section 3.

12.4 Disclosures. We disclose Personal Information to the categories of recipients described in Section 6 for business purposes.

12.5 “Sale” and “sharing.” We do not sell Personal Information. We may “share” Personal Information (as defined under California law) for cross-context behavioral advertising through cookies/pixels (e.g., via Meta Pixel and Google Ads). You can limit this by using browser controls and by using industry opt-out tools, and we will honor legally required opt-out signals to the extent applicable.

12.6 Sensitive Personal Information. We do not intentionally collect or use Sensitive Personal Information for purposes other than those permitted by law. We do not intentionally collect government identifiers or full payment card data.

12.7 Your California rights. Subject to verification and legal limitations, California residents may have the right to request: (a) access to categories and specific pieces of Personal Information, (b) deletion, (c) correction, and (d) information about our disclosures. You may exercise these rights by contacting privacy@fullstaff.com. You also may have the right to opt out of “sharing” for cross-context behavioral advertising. We do not discriminate against you for exercising privacy rights.

13. CHILDREN’S PRIVACY

13.1 Age Limit. We do not knowingly collect Personal Information from children under 13 and our Site and Services are not directed to children.

14. UPDATES TO THIS PRIVACY POLICY

14.1 Updates. We may update this Privacy Policy from time to time. We will post the updated version on the Site and update the Effective Date. Your continued use of the Site or Services after an update constitutes acceptance of the updated Privacy Policy, to the extent permitted by law.

15. CONTACT US

15.1 Contact. If you have questions or requests regarding this Privacy Policy, contact us at: privacy@fullstaff.com