Privacy Policy

Privacy Policy Overview

When you use and interact with our websites, services, or communicate with us, we may collect, use and process information relating to you and your company (“your data”). This Privacy Policy summarizes our practices and your related rights with respect to your data. The term “our company” in this document refers to OrgChart, LLC (formally known as OfficeWork Software, LLC).We may transfer your data if we are acquired by or merged with another company. In this event, we will notify you before information about you is transferred and becomes subject to a different privacy policy.

  1. Web sites and applications covered Our applications and web sites may contain links to other web sites. The information practices or the content of such other web sites is governed by the privacy statements or policy of such other web sites. Our company encourages you to review the privacy statements/policy of other web sites to understand their information practices.
  2. Information collected When expressing an interest in obtaining additional information about our services or registering to use our services, we may require you to provide contact information, such as your name, your company name, a phone number, or email address. When purchasing our services, we may require you to provide our company with billing information, such as a billing address, credit card number, or the number of employees within your organization (“Billing Information”). We may also ask you to provide additional information to help us determine which product or service is appropriate for your use case.As you navigate our company’s web sites and applications, we may also collect information through the use of commonly used information-gathering tools, such as cookies and web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on our company’s web sites (such as the web pages viewed and the links clicked).
  3. Use of information collected Our company uses your data to provide you with requested services. For example, if you fill out a “Contact Me” web form, our company will use the information provided to contact you about your interest in our services.Our company may also use your data for marketing purposes. For example, our company may your data to inform you about available products and services.We use credit card information solely to collect payment from prospective customers. We use Web Site Navigational Information to operate and improve our company’s web sites.
  4. Web Site Navigational Information Cookies, Web Beacons and IP AddressesWe use commonly used information-gathering tools, such as cookies and web beacons, to collect information as you navigate our company’s web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on our company’s web sites and how this information may be used.CookiesWe use cookies to make interactions with our company’s web sites easy and meaningful. Unless you choose to identify yourself to us, either by responding to a promotional offer, opening an account, or filling out a web form (such as a “Contact Me” or a “Free Trial” web form), you remain anonymous to our company. Our accounts use persistent cookies (cookies that remain on your computer after you close your browser or turn off your computer) to store some user preferences. Persistent cookies do not personally identify you.Web BeaconsWe use web beacons alone or in conjunction with cookies to compile information about customers and visitors’ usage of our company’s web sites and interaction with emails from our company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular web site tied to the web beacon, and a description of a web site tied to the web beacon. For example, we may place web beacons in marketing emails that notify our company when you click on a link in the email that directs you to one of our company’s web sites. We use web beacons to operate and improve our company’s web sites and email communications.IP AddressesWhen you visit our web sites or applications, our company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, we use IP addresses to monitor the regions from which customers and visitors navigate our company’s web sites.
  5. Public forums, refer a friend, and customer testimonials We may provide bulletin boards, blogs, or chat rooms on our company’s web sites. Any personal or corporate information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. We are not responsible for the personal information you choose to submit in these forums.Customers and visitors may elect to use our company’s referral program to inform friends about our company’s web sites. When using the referral program, our company requests the friend’s name and email address. We may send the friend a one-time email inviting them to visit our company’s web sites.We may post a list of customers and testimonials on our company’s web sites that contain information such as customer names and titles. We will obtain the consent of each customer prior to posting any information on such a list or posting testimonials.
  6. Sharing of information collected Service ProvidersWe may share data about customers with our company’s contracted service providers so that these service providers can provide services on our behalf. We may also share data about customers with our company’s service providers to ensure the quality of information provided. Unless described in this Privacy Policy, we do not share, sell, rent, or trade any information with third parties for their promotional purposes. All service providers privacy policies must meet or exceed our stated privacy requirements.BillingWe may use a third-party service providers to manage credit card processing. These service providers are not permitted to store, retain, or use billing information except for the sole purpose of credit card processing on our company’s behalf.Compelled DisclosureWe reserve the right to use or disclose information provided if required by law or if our company reasonably believes that use or disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
  7. International transfer of information collected All data currently stored on our servers is subject to any applicable laws/regulations within the region where the server is hosted. Please contact [email protected] with any data residency specific requirements. Data loaded into our services will not be transferred to another region without your permission.
  8. Communications preferences You may send a request to opt out of receiving any marketing and/or sales communications to [email protected]. Customers cannot opt out of receiving transactional emails related to subscribed services.
  9. Correcting and updating your information To update billing or other customer Information or to have information deleted, please email [email protected]. To discontinue your account and to have information you maintained in the Services returned to you, please email [email protected]. Requests to access, change, or delete your information will be handled within 30 days of written request.
  10. Customer Data Customers may electronically submit data or information to the services for hosting and processing purposes (“Customer Data”). We will not review, share, distribute, or reference any such customer data except as required by law. We may access customer data only for the purpose of providing the services, preventing or addressing service or technical problems, at a customer’s request in connection with customer support matters, or as may be required by law.
  11. Security We use robust security measures to protect customer data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of customer data. We host our web sites and applications in a secure server environments that uses firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Customers are responsible for maintaining the security and confidentiality of their usernames and passwords. All passwords are encrypted using one way encryption mechanisms and are encrypted both while in transit and at rest.
  12. Data Storage We use certified third hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. Although we own the code, databases, and all rights to our applications, you retain all rights to your data. Our primary hosting partner is AWS (Amazon Web Services). We do an annual audit of AWS to ensure compliance with standards/regulations including GDPR, SOC 2 and ISO 27001. See for additional information. We also geolocate data within AWS to ensure compliance with GDPR (e.g., EU customers are hosted within EU data center facilities).
  13. Google Integration The Google Slides export feature requires permissions to view and manage Google Drive files and folders that you have opened or created using our services. By utilizing this service, you agree to allow our services access to your Google Drive directories to create, manage, and upload files created by our services. We adhere to Google API Services User Data Policy, including the Limited Use requirements.
  14. Changes to this Privacy Policy We reserve the right to change this Privacy Policy. We will provide notification of the material changes to this Privacy Policy through our company’s web sites at least thirty (30) business days prior to the change taking effect.
  15. Your California Privacy Rights If you are a California resident, California Civil Code Section 1798.83 permits you to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you do not want your name and contact information to be shared with any company or organization, you may notify us at any time by emailing us at [email protected].
  16. GDPR The General Data Protection Regulation (GDPR) is a set of laws enacted in the EU in 2018. GDPR has specific requirements regarding data processing and transfer of data out of the EU. Our company has a consistent level of data protection and security across our organization which we have extended to ensure GDPR compliancy. A complete GDPR statement can be obtained by emailing [email protected].
  17. Privacy Shield We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. We have certified to the U.S. Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit commit to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
    • We do not directly source personal data from individuals. Personal data may be fed from your EMPLOYER’s (defined as current or former employer) HR systems. Please contact your EMPLOYER with any privacy related concerns. Your EMPLOYER owns all data on our systems and can purge data as required from our services.
    • We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and will comply with all legal requests.
    • We will comply with any privacy-related rulings against your EMPLOYER (including the results of binding arbitration).
    • We will not transfer data to third parties unless directed by EMPLOYER (owner of the HR data).
    • In the context of an onward transfer, we have responsibility for the processing of personal information we receive under privacy principles including the Privacy Shield, and subsequently transfers to a third party acting as an agent on our behalf. We shall remain liable under the Principles if an agent processes such personal information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.
  18. ADP Marketplace Customers Any customers purchasing our services through the ADP Marketplace are subject to the terms of the applicable ADP privacy policy(s). For these customers, the terms of the applicable ADP privacy policy(s) take precedence over any terms stated within our privacy policy.
  19. Contacting us Questions regarding this Privacy Policy or the information practices of our company’s web sites should be directed to [email protected].

Last Updated May 5, 2023 (Revision 3.0.0)