Skip to main content

Privacy Policy

This document was last updated on September 16, 2025.

Privacy & Security

icon-checkmark

Access only as authorized by our clients

We only provide client and employee data to personnel explicitly granted access by our clients.

icon-checkmark

Secure payroll, HR & benefits data

We use secure portals, encryption, multi-factor authentication, and other safeguards.

icon-checkmark

isolved partner protections

As an isolved partner, we rely on a platform that meets SOC 1 & 2 Type II standards, uses encryption, multi-layered Azure hosting, and strict operational controls.

icon-checkmark

Retention in line with legal requirements

HR and payroll records are retained for required legal periods, then securely destroyed.

icon-checkmark

Cookies & tools

We use HubSpot, Google Analytics, and similar tools to improve your experience. You may opt out.

icon-checkmark

Your rights matter

Clients and employees can request, correct, or remove their data where legally permitted.

Your Trust, Our Priority

At Whirks, we understand that payroll, HR, and benefits information is deeply personal. Protecting your data—and the data of your employees—is central to our mission. This policy explains how we collect, use, and protect your information in plain language.

privacy@whirks.com | (901) 755-5858 | 5570 Murray Avenue, Memphis, TN 38119

 

What We Collect & Why

We collect only the information needed to deliver HR, payroll, and benefits services:

  • Payroll data – wages, tax info, direct deposit details.
  • HR data – employment records, onboarding, performance info.
  • Benefits data – health, retirement, and insurance enrollment records.
  • Contact information – emails, phone numbers, addresses.
  • Website information – form submissions, cookies, usage analytics.

We use this information to:

  • Process payroll accurately and securely.
  • Administer HR and benefits efficiently.
  • Comply with federal, state, and local regulations.
  • Communicate with clients and their employees.
  • Improve our services and the user experience.

How We Protect Your Information

We safeguard sensitive data through multiple layers of security:

  • Client-controlled access – We share data only with personnel whom our clients explicitly authorize.
  • Secure portals – Encrypted, multi-factor authenticated platforms protect all access.
  • Role‑based access controls – Only authorized staff can access specific information.
  • Encryption & technical safeguards – Our infrastructure includes encryption in transit (TLS) and at rest (AES), monitoring, firewalls, and intrusion detection.
  • Regular updates & training – We maintain ongoing staff training, patches, and system monitoring.

isolved Partner Security & Compliance

As a partner of isolved, Whirks benefits from top-tier security and compliance features:

  • isolved's People Cloud is hosted on Microsoft Azure, with multi-layered security designed to NIST, SSAE 18 SOC 1 & SOC 2 Type II standards.
  • Sensitive data is encrypted both in transit (TLS) and at rest (AES), with segmented environments, immutable backups, and disaster recovery plans including point‑in‑time recovery.
  • Multi-factor authentication (MFA) is mandatory—via passkeys or authenticator apps—and SMS/email options for partners have been deprecated for stronger security.
  • Operational security includes firewalls, intrusion detection/prevention, role‑based access, vulnerability assessments, logging, and monitoring across Azure infrastructure.
  • Physical and administrative safeguards for data centers include biometric access, surveillance, background checks, and record destruction protocols.

isolved does not access custom data for any reason outside of service provision and never sells customer data; control remains with the customer.

How We Use & Share Information

We use data solely to deliver contracted services and maintain compliance. We may share data with:

  • Tax agencies (for payroll reporting).
  • Benefits carriers and related administrators.
  • HR platforms (like iSolved) used in delivering services.
  • Regulatory authorities, when legally required.

Every third party must protect data under strict contractual obligations and security standards.

Your Choices & Rights

Clients and employees may:

  • Request a copy of personal data.
  • Ask for corrections or updates.
  • Request deletion, where legally permissible.

Submit requests to privacy@whirks.com or call (901) 755-5858.

Data Retention & Secure Disposal

We keep payroll and HR records for legally required periods. After that, data is securely destroyed via industry-standard methods.

Compliance & Industry Standards

Whirks follows rigorous standards, including:

  • Payroll and employment regulations from IRS, DOL, and relevant state agencies.
  • HIPAA-level protections for benefits-related data.
  • The compliance infrastructure established by iSolved, including audits and SOC certifications.

Website & Cookies

Our site uses cookies and third-party tools to improve your experience:

  • HubSpot – for client communication and service management.
  • Google Analytics – for website performance insights and enhancement.

You may block or opt out of tracking via your browser settings.

Updates to This Policy

We may update this statement to reflect evolving practices. Significant changes will be updated on this page, with the effective date noted.

Contact Us

For privacy or security questions, please reach out:

privacy@whirks.com
(901) 755-5858
5570 Murray Avenue, Memphis, TN 38119