Privacy Policy

1.1 Purpose
Automate America, Inc. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at automateamerica.com (the "Platform").

1.2 Scope

This Privacy Policy applies to all users of our Platform, including:

• Professionals and contractors seeking work opportunities
• Companies and customers posting contracts and hiring talent
• Visitors browsing our public pages
• Administrators and support staff

1.3 Agreement
By accessing or using the Platform, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Platform.

1.4 Relationship to Other Agreements

This Privacy Policy supplements:

• Our Terms of Service
• Master Service Agreement (MSA) for Customers
• Supplier Service Agreement (SSA) for Professionals
• Cookie Policy

In case of conflict between this Privacy Policy and specific contractual terms, the specific contractual terms shall prevail for that particular matter.

2.1 Information You Provide Directly

When you register, create a profile, or use our services, you may provide:

• Account Information: Name, email address, phone number, mailing address
• Professional Profile: Resume, work history, skills, certifications, hourly rates
• Company Information: Business name, tax ID (EIN), industry, company size
• Financial Information: Bank account details for payment processing (via Stripe)
• Identity Documents: W-9, W-8BEN, certificates of insurance for tax and compliance
• Communications: Messages sent through our platform, support inquiries

2.2 Information Collected Automatically

When you use our Platform, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, features used, time spent on platform, click patterns
• Location Data: General geographic location based on IP address
• Performance Data: Page load times, errors, and technical diagnostics
• Cookies and Tracking: See Section 8 (Cookie Policy) for details

2.3 Information from Third Parties

We may receive information from:

• Social Media: If you link social accounts (LinkedIn), we receive profile information you authorize
• Background Check Providers: Employment verification data (with your explicit consent)
• Payment Processors: Transaction status and verification from Stripe
• Identity Verification: Results from identity verification services (with consent)
• Public Sources: Publicly available professional information

3.1 To Provide Our Services

We use your information to:

• Match professionals with contract opportunities
• Process timesheets, invoices, and facilitate payments
• Enable communication between customers and professionals
• Manage your account and preferences
• Verify your identity and qualifications
• Generate and file required tax documents (1099-NEC)

3.2 To Improve Our Platform

We analyze data to:

• Enhance platform features and user experience
• Train our matching algorithms to improve results (see Section 4 on AI)
• Debug technical issues and ensure platform stability
• Develop new products and services
• Conduct research and analytics

3.3 For Communications

We contact you to:

• Send contract updates, timesheet reminders, and payment notifications
• Provide customer support and respond to inquiries
• Send marketing communications (with opt-out option)
• Share important platform updates and policy changes
• Send legally required notices

3.4 For Legal and Safety Purposes

We process data to:

• Comply with tax reporting requirements (IRS Form 1099)
• Prevent fraud, abuse, and enforce our terms of service
• Respond to legal requests and protect our legal rights
• Ensure platform security and integrity
• Investigate potential violations

IMPORTANT DISCLOSURE: We use artificial intelligence and automated processing to enhance our services. This section explains how AI impacts your data.

4.1 Resume Parsing

When you upload a resume, we use AI (Groq LLaMA models) to automatically extract:

• Work experience and employment history
• Skills and technical competencies
• Certifications and education
• Contact information

This data populates your profile. You can review and edit all AI-extracted information in your profile settings.

4.2 Matching Algorithm

Our platform uses automated algorithms to match professionals with opportunities based on:

• Skill compatibility (keyword and semantic matching)
• Location preferences and geographic proximity
• Rate requirements and budget alignment
• Availability and timeline matching
• Past performance and ratings
• Industry experience relevance

4.3 Search and Discovery

AI powers our search features:

• Natural language job searches ("Python developer in Detroit")
• Skills-based filtering and recommendations
• Suggested contract matches for professionals
• Suggested candidate matches for companies

4.4 Communication Features

AI may assist with:

• Spam and abuse detection in messages
• Suggested reply templates
• Language translation (future feature)

4.5 Your Rights Regarding Automated Decisions

Under applicable laws (including GDPR Article 22), you have the right to:

• Request human review of any automated matching decision
• Understand the logic behind matching recommendations
• Opt out of optional AI-powered *enhancements to your private account experience* (such as suggested replies). Note: opting out of these optional enhancements does not remove your public profile from public view or from third-party indexing — see Section 4.6.
• Contest automated decisions that significantly affect you
• Request manual processing instead of automated processing

To exercise these rights, contact us at privacy@automateamerica.com or through Platform settings.

Professional profiles on Automate America are public. Your professional profile — including your name, occupation, skills, certifications, work history summary, location (city and state), and availability — is published on automateamerica.com and is viewable by anyone, including visitors who are not logged in. We design these public pages to be discoverable, which means they may be accessed, indexed, cached, summarized, and reproduced by third parties, including:

• Internet search engines (such as Google and Bing);
• AI and machine-learning systems, including generative AI assistants, large language models, and AI-powered search and answer engines, which may crawl, ingest, summarize, and use public profile content to generate answers and train or improve their models.

By creating and maintaining a public Professional profile, you consent to this public display and to third-party access and ingestion as described above. This consent is part of your acceptance of our Terms of Service and Site User Agreement and is a condition of using the public marketplace. We do not control how independent third parties (including AI operators) use content once it is publicly accessible.

Your controls. Information NOT shown on your public profile (such as your last name, email address, phone number, street address, and banking details) is not published publicly and is shared only as described elsewhere in this Policy. You can edit the content of your public profile at any time in your profile settings, and you can deactivate your account to remove your public profile from automateamerica.com going forward; however, we cannot recall or delete copies that third parties may already have cached, indexed, or ingested.

5.1 With Other Platform Users

Information shared with other users:

• Professionals: Your public profile, skills, certifications, location (city/state), and availability are published publicly and are viewable by anyone, including logged-out visitors and third-party search engines and AI systems (see Section 4.6).
• Companies: Your company profile and job postings are visible to professionals
• Contract Parties: Contact information and relevant details shared when entering a contract
• Profile Visibility: You control the *content* of your public profile, but profiles are public by design; fields such as last name, email, phone, and street address are not shown publicly until you connect with another party.

5.2 With Service Providers

We share data with vendors who help us operate:

• Stripe: Payment processing and financial services
• SendGrid: Email delivery and notifications
• AWS: Cloud hosting, storage, and computing
• Groq: AI processing for resume parsing and search
• Cloudflare: Content delivery and security
• Vercel: Frontend hosting and deployment
• Pusher: Real-time messaging infrastructure

All service providers are contractually bound to protect your data and only use it for specified purposes.

5.3 For Legal Requirements

We may disclose information when required:

• IRS: 1099-NEC tax forms for applicable payments over $600
• Law Enforcement: When compelled by valid legal process
• Courts: To protect our legal rights or defend against claims
• Regulators: To comply with regulatory requirements

5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, user data may be transferred to the acquiring entity. You will be notified of any such change.

5.5 We Do NOT Sell Your Data
Automate America does not sell, rent, or trade your personal information to third parties for their marketing purposes. We do not participate in data broker transactions.

6.1 Retention Periods

We retain your personal data for as long as necessary to provide our services and fulfill legal obligations:

• Active Account Data: Until you delete your account, plus 30 days for processing
• Contract Records: 7 years (legal and tax requirements per IRS guidelines)
• Payment Records: 7 years (financial regulatory requirements)
• Tax Documents (1099): 7 years minimum (IRS requirement)
• Communications: 3 years after last interaction
• Usage Logs: 90 days for security and debugging purposes
• Marketing Data: Until you opt out or request deletion

6.2 Account Deletion

When you delete your account:

• Profile data is removed within 30 days
• Contract and payment records are retained per legal requirements
• Anonymized analytics data may be retained indefinitely
• Backup copies are deleted within 90 days

6.3 Legal Holds
Data may be retained longer if subject to legal hold, investigation, or regulatory requirement.

7.1 All Users

Regardless of location, you have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data (subject to legal retention requirements)
• Portability: Export your data in a machine-readable format (JSON/CSV)
• Opt-Out: Unsubscribe from marketing communications
• Withdraw Consent: Where processing is based on consent

7.2 European Users (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, you have additional rights:

• Right to restrict processing
• Right to object to processing based on legitimate interests
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

Legal Basis for Processing (GDPR Article 6):

• Contract Performance: Providing our staffing services
• Legitimate Interests: Improving our platform, preventing fraud
• Legal Obligations: Tax reporting, compliance requirements
• Consent: Marketing communications, AI profile enhancements

7.3 California Residents (CCPA/CPRA)

California residents have the right to:

• Know what personal information is collected
• Know whether personal information is sold or disclosed (we do not sell)
• Say no to the sale of personal information (we do not sell)
• Access their personal information
• Request deletion of their personal information
• Non-discrimination for exercising these rights
• Correct inaccurate personal information
• Limit use of sensitive personal information

Categories of Information Collected (last 12 months):

• Identifiers (name, email, phone, address)
• Professional information (resume, skills, work history)
• Financial information (bank account for payments)
• Internet activity (usage logs, device information)
• Geolocation (general location from IP)
• Employment information (contracts, timesheets)

To make a request, email privacy@automateamerica.com or call 586-770-8083.

7.4 Other State Rights
Residents of Virginia, Colorado, Connecticut, and Utah have similar rights under their respective privacy laws. Contact us to exercise these rights.

8.1 What Are Cookies?
Cookies are small text files stored on your device that help us provide and improve our services.

8.2 Types of Cookies We Use

• Essential Cookies: Required for platform functionality (authentication, security, session management). Cannot be disabled.
• Analytics Cookies: Help us understand how the platform is used (page views, feature usage). Can be disabled.
• Preference Cookies: Remember your settings and preferences (language, display options). Can be disabled.
• Marketing Cookies: Used for advertising and retargeting. Can be disabled.

8.3 Cookie Management

You can manage cookie preferences:

• Through our cookie consent banner
• In your browser settings
• Through your account privacy settings

Note that disabling essential cookies will prevent the platform from functioning correctly.

8.4 Third-Party Cookies

Some third-party services may set their own cookies:

• Google Analytics (analytics)
• Stripe (payment processing)
• Cloudflare (security)

8.5 Do Not Track
We respond to browser Do Not Track (DNT) signals by disabling non-essential tracking.

9.1 Security Measures

We implement industry-standard security measures to protect your data:

• Encryption: TLS/SSL encryption for all data in transit; AES-256 encryption for data at rest
• Access Controls: Role-based access, multi-factor authentication for admin accounts
• Network Security: Firewalls, intrusion detection, DDoS protection via Cloudflare
• Application Security: Regular security audits, penetration testing, secure development practices
• Employee Training: All staff receive data protection and security training
• Vendor Security: Service providers must meet our security standards

9.2 Incident Response

In the event of a data breach:

• We will investigate immediately
• Affected users will be notified within 72 hours (as required by GDPR)
• Relevant authorities will be notified as required
• We will take steps to mitigate harm

9.3 Your Security Responsibilities

You can help protect your data by:

• Using strong, unique passwords
• Enabling two-factor authentication when available
• Not sharing your login credentials
• Logging out of shared devices
• Reporting suspicious activity

9.4 Limitations
While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10.1 Data Location
Your data may be transferred to and processed in the United States. Our primary servers are hosted on Amazon Web Services (AWS) in US regions.

10.2 EEA, UK, and Swiss Users

If you are located in the European Economic Area, UK, or Switzerland:

• We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers
• Our service providers maintain appropriate safeguards
• You can request a copy of the applicable data transfer mechanisms

10.3 Data Protection

Regardless of where your data is processed:

• We apply the same data protection standards
• Your rights under this Privacy Policy remain the same
• You can exercise your rights by contacting us

11.1 Age Requirement
Our Platform is intended for users 18 years of age and older. We do not knowingly collect personal information from children under 18.

11.2 Parental Notice
If you believe we have collected information from a child under 18, please contact us immediately at privacy@automateamerica.com. We will promptly delete such information.

11.3 COPPA Compliance
We comply with the Children's Online Privacy Protection Act (COPPA) by not collecting information from children under 13.

12.1 Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business needs.

12.2 Notification

Material changes will be communicated via:

• Email notification to active users
• Prominent notice on our Platform
• Updated "Last Updated" date on this page
• At least 30 days advance notice for material changes

12.3 Acceptance
Your continued use of the Platform after notification constitutes acceptance of the updated policy. If you disagree with changes, you may delete your account.

12.4 Version History
We maintain a record of previous versions of this Privacy Policy. Contact privacy@automateamerica.com to request previous versions.

Questions, Requests, or Complaints?

Automate America, Inc.
Attn: Privacy Officer
PO Box 1638
Greer, SC 29652

Email: privacy@automateamerica.com
Phone: 586-770-8083
Hours: Monday - Friday, 6 AM - 9 PM EST

For Privacy Rights Requests:

• Use our online form at automateamerica.com/privacy-request
• Email privacy@automateamerica.com
• Call 586-770-8083

Response Time:

We will respond to your request within:

• 30 days (standard requests)
• 45 days (complex requests, with notification of extension)
• 72 hours (data breach notifications)

EU Representative:
For EEA users, our representative can be contacted at: eu-privacy@automateamerica.com

Data Protection Officer:
For GDPR-related inquiries: dpo@automateamerica.com