Privacy Policy

This Privacy Policy describes how Rural Staffing, LLC (“Rural Staffing,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects personal information in connection with our website (www.ruralstaffingllc.com), staffing services, digital tools (including the Connecteam platform), communications, and other interactions (collectively, “Services”). This Policy also describes your rights and choices regarding your information. By using our Services or providing us information, you agree to the terms of this Policy.

1. Scope and Applicability

• This Policy applies to personal information we collect about: (a)  facilities, employers, or business contacts who use our staffing  services; (b) healthcare professionals, contractors, and applicants; and  (c) visitors to our website. It does not apply to information that is  de-identified or aggregated.
• Where applicable, references herein to “you” include both individual  consumers and business contacts. If you are an employer or organization  providing personal data of third parties, you represent you have the  right to provide that data to us.

1. Categories of Information We Collect We collect personal information necessary to operate our business and provide Services, including:

a. Information You Provide Directly

• Identity and contact: facility name, facility address, facility license numbers, contact name, email address, phone number.
• Employment/shift data: shift requests, schedules, staffing needs,  certifications, credentials, background-check related information where  required.
• Financial: billing and payment information (processed by third-party payment processors).
• Communications: messages, emails, support inquiries, and other correspondence.
• Recruitment: resumes, employment history, professional references.

b. Information Collected Automatically

• Technical and usage data: IP address, device and browser type,  operating system, pages visited, time on site, referring/exit pages,  clickstream data, and cookies/analytics identifiers.

c. Information from Third Parties

• Data received from third-party platforms and vendors (e.g.,  Connecteam, payment processors, background check and credential  verification services), referrals, and public sources.

d. Sensitive Information

• Healthcare-related data (which may be PHI) may be received or  created in the course of supplying staffing services. We treat PHI  consistent with HIPAA requirements (see Section 8). We do not  intentionally collect other sensitive personal data (e.g., racial/ethnic  origin, sexual orientation) except where necessary and lawful; when we  do, we will only process it consistent with applicable law.

1. How We Use Personal Information We use personal information for the following purposes:

• To provide, operate, maintain, and improve our Services (e.g.,  process shift purchases, coordinate assignments, manage schedules).
• To communicate with you about your account, shifts, schedule changes, billing, and customer support.
• To authenticate users, verify credentials and licenses, and perform background checks when required.
• To process payments and prevent fraud.
• To comply with legal, regulatory, auditing, or contractual obligations.
• To analyze usage, monitor performance, and improve security and user experience.
• For safety, security, dispute resolution, and enforcement of our terms.
• For other purposes disclosed at the time of collection or with your consent.

1. Legal Bases for Processing (EU/EEA/UK Residents) If you are located in the EU/EEA/UK, our legal bases for processing your personal data include:

• Performance of a contract to which you are a party (e.g., staffing agreements).
• Compliance with legal obligations (e.g., regulatory, tax, employment laws).
• Legitimate interests pursued by Rural Staffing (e.g., fraud prevention, service improvement), balanced against your rights.
• Consent where required (e.g., marketing communications).

1. Sharing and Disclosure of Personal Information We may disclose personal information:

• To service providers and vendors who perform services on our behalf  (e.g., Connecteam, payment processors, background-check providers,  credential verification services, IT hosting and analytics providers).  These parties are contractually bound to protect data and may only use  it to provide the contracted services.
• To contracted staffing providers, clinicians, or agencies when necessary to fulfill shift requests.
• To regulatory authorities, law enforcement, or other third parties  when required by law, legal process, or to respond to valid requests.
• To our affiliates, subsidiaries, and professional advisors (e.g., attorneys, accountants).
• In connection with a corporate transaction (e.g., asset sale,  merger, financing, change of control), subject to appropriate  confidentiality protections.
• With your consent or at your direction. We do not sell or rent personal information to third parties.

1. International Transfers Rural Staffing is based in the United States. Personal information may be transferred to, processed, and stored on servers in the U.S. or other countries where our processors operate. When we transfer data internationally, we use appropriate safeguards required by law (e.g., standard contractual clauses, binding corporate rules, or other lawful mechanisms).
    
2. Data Retention We retain personal information as long as necessary to fulfill the purposes described in this Policy, to comply with legal obligations (including IRS, employment and credential retention rules), to resolve disputes, and enforce agreements. Typical retention periods:
    

• Financial records: retained per IRS and state requirements (generally 3–7 years).
• Employment and credential records: retained consistent with  applicable employment and healthcare regulations (varies by  jurisdiction).
• Marketing and general account information: retained until you  request deletion or withdraw consent, subject to legal obligations. We will securely delete or de-identify personal information when no  longer needed.

1. HIPAA, PHI, and Confidentiality

• Where we create, receive, maintain, or transmit protected health  information (PHI) in providing staffing services, we will comply with  the applicable provisions of the Health Insurance Portability and  Accountability Act (HIPAA) and its implementing regulations.
• We enter into Business Associate Agreements (BAAs) with covered entities and other parties as required by HIPAA.
• Our workforce members and contractors are required to maintain  confidentiality and follow appropriate safeguards when handling PHI.

1. Security We implement administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, alteration, disclosure, or destruction. Safeguards include access controls, encryption in transit and at rest where appropriate, secure data hosting, employee training, and incident response protocols. Despite these measures, no security system is impenetrable; we cannot guarantee absolute security.
    
2. Cookies and Tracking Technologies We use cookies, web beacons, and similar technologies to operate the website, analyze trends, administer the site, and deliver relevant content. You can set your browser to refuse cookies or alert you when cookies are being sent. Blocking cookies may affect site functionality. For details about the cookies we use and how to opt out of tracking, see our Cookie Notice (or contact us).
    
3. Children’s Privacy Our Services are intended for businesses and adults 18 or older. We do not knowingly collect personal information from children under 18. If we learn we have collected such information, we will delete it.
    
4. Your Rights and Choices Depending on your jurisdiction, you may have certain rights with respect to your personal information, including:
    

• Access: request a copy of personal information we hold about you.
• Correction: request correction of inaccurate or incomplete data.
• Deletion: request deletion of personal information (subject to legal exceptions).
• Restriction: request restriction of processing.
• Portability: request transfer of your information to another organization, where technically feasible.
• Objection: object to certain processing activities, including marketing or processing based on legitimate interests.
• Withdraw consent: withdraw consent previously given.
• Opt-out of sales: where applicable (we do not sell personal  information). To exercise rights, submit a request to the contact below. We may  request verification and limit requests that are manifestly unfounded or  excessive. We will respond in accordance with applicable law.

1. Marketing Communications We may send promotional emails or other communications where you have opted in or where otherwise permitted by law. You can opt out of marketing communications at any time via the unsubscribe link or by contacting us.
    
2. Data Breach Notification In the event of a security incident involving personal information, we will follow our incident response plan, take steps to contain and remediate the incident, and notify affected individuals and regulators as required by applicable law.
    
3. Third-Party Sites and Services Our website may contain links to other sites. We are not responsible for the privacy practices of third-party sites. When you interact with third-party services (e.g., Connecteam), their privacy policies govern that interaction in addition to this Policy to the extent we access or store information from those services.
    
4. Employee, Contractor, and Applicant Privacy We collect and process personal information of employees, contractors, and applicants as necessary for recruitment, employment, payroll, benefits, background checks, and compliance with employment laws. This processing is based on employment contract performance, legal obligations, or legitimate business purposes.
    
5. California Privacy Rights (CCPA/CPRA) If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), including:
    

• The right to know categories and specific pieces of personal information collected, disclosed, or sold.
• The right to request deletion of personal information.
• The right to opt-out of the sale or sharing for cross-context behavioral advertising (we do not sell personal information).
• The right to non-discrimination for exercising privacy rights. To submit a request, contact us using the information below. We will verify your request as required by law.

1. International Residents (EU/EEA/UK) If you are located in the EU/EEA/UK, you have rights under GDPR, including access, correction, erasure, restriction, portability, objection, and the right to lodge a complaint with a supervisory authority. For EU/EEA/UK residents, our legal bases for processing are described in Section 4. Contact us to exercise these rights.
    
2. Data Protection Officer / Representative If required by applicable law, we will appoint an EU representative or Data Protection Officer. Contact us for details if you are an EU/EEA/UK resident.
    
3. Changes to This Privacy Policy We may update this Policy from time to time. We will post the revised Policy on our website with an updated “Effective Date.” Material changes will be communicated as required by law. Continued use of our Services after the updated effective date constitutes acceptance.
    
4. Contact Information Rural Staffing, LLC Phone: 580.618.3040 Email: hr@ruralstaffingllc.comAddress: (use the address on file; include physical address here if you want it published)
    
5. Miscellaneous
    

• Governing Law: This Policy and any disputes arising from it are  governed by the laws of the State in which Rural Staffing is formed,  except where overridden by applicable consumer protection or data  protection laws.
• Severability: If any provision is held invalid, other provisions remain enforceable.

Notice: This document is a comprehensive privacy policy template designed to align with common U.S. and international privacy requirements (including HIPAA considerations). It is provided for informational purposes and does not constitute legal advice. You should have this Policy reviewed and customized by legal counsel to ensure compliance with all applicable federal, state, and international laws and to reflect your specific operational practices and jurisdictions.