Worxbee Privacy Policy

IMPORTANT NOTICE: At Worxbee, Inc. (“WXB” also referred to as “we,” “us,” or “our”), we take data privacy and security seriously and believe in transparency. This privacy policy (“Policy” or “Privacy Policy”) describes the Personal Data that WXB may collect about individuals through their interactions with WXB’s websites, webpages, mobile applications, email or other online/offline interactions with us that link to this Policy, and any other features, subdomains, content, functionality, services, media, applications, or solutions offered by us (collectively, “Services”). Therefore, please review this Policy that will tell you more about the following:

WHAT PERSONAL DATA DO WE COLLECT THROUGH OUR SERVICES?

HOW WE TREAT YOUR PERSONAL DATA?; ANDWHAT CHOICES AND RIGHTS YOU HAVE IN THIS REGARD?

YOUR ACCESS TO AND USE OF THE SERVICES SIGNIFIES THAT YOU HAVE CAREFULLY READ, UNDERSTAND AND AGREE TO ALL TERMS WITHIN THIS POLICY. BY USING THE SERVICES OR ENGAGE IN COMMUNICATIONS WITH US, YOU CONSENT TO THE COLLECTION, USE, AND TRANSFER OF YOUR PERSONAL DATA AS DESCRIBED IN THIS PRIVACY POLICY. ANY MATERIALS SUBMITTED THROUGH THE SERVICES AND YOUR USE OF THE SERVICES MAY BE SUBJECT TO ADDITIONAL TERMS AND CONDITIONS MADE AVAILABLE TO YOU AT THE TIME OF YOUR REGISTRATION OR INTERACTION WITH US.

Our Services is housed on servers in the United States. If you are located outside of the United States, please be aware that information and data we collect will be processed and stored in the United States, a jurisdiction in which the data protection and privacy laws and principles, including your data subject rights, may not offer the same level of protection as those in the country/region where you reside or are a citizen.

  1. Introduction

  2. Information We May Collect

  3. How We May Use the Information We Collect

  4. How Long We Store Your Information

  5. How We Protect Your Information

  6. Your Choices to Control Your Information

  7. Cookies and Similar Technologies

  8. Children’s Privacy

  9. Updates and Changes to this Policy

  10. Contact Us

  11. U.S. State-Specific Privacy Addendum

1. INTRODUCTION

What is “Personal Data”? “Personal Data” means information that can be used to identify you, directly or indirectly, alone or together with other information. This includes things such as your full name, contact information, email address, phone number, government IDs, login IDs and passwords, device IDs, certain cookie and network identifiers, and other categories described below.

We may de-identify, aggregate and/or anonymize your Personal Data by excluding and removing data components (such as your name, email address, or linkable tracking ID) through obfuscation, or through other means so that the resulting dataset is no longer personally identifiable to you (such resulting dataset is known as “Aggregated Data”). Our use of Aggregated Data is not subject to this Policy.

2. INFORMATION WE MAY COLLECT THROUGH OUR SERVICES.

2.1 Who are “You”?

For purposes of this Policy, the term “you” or “your” refer to

(i) individuals (including our employees and contractors) who perform virtual administrative services and/or deliver other products or services on our behalf, or job applicants (“Personnel”),

(ii) individuals who use our Services (“Client”), or

(iii) other individuals who interact with us or our Services, such as visitors who browse our website or webpages, sign up our newsletter or other marketing communication, or attend corporate events, or other business-to-business contacts of our service providers, business partners, and contacts (“Other Individuals”). Personnel, Clients, and Other Individuals are collectively referred as “User” or “Users.”

2.2 Information that We May Collect.

We may collect the following information from you.

  • Contact Data, such as your first and last name, email and mailing addresses, phone number, professional title, and company name, etc.

  • Profile Data and User-generated Content, such as your username and password that you may set to establish an online account with us and any content uploaded to the Services (such as text, images, audio, and video, along with the metadata associated with the information you upload or submit), including the account information relating to our Clients or Personnel’s use of our website or other dedicated web portal(s) under WXB’s control.

  • Communications Data, such as information you provide when you contact us with questions, support requests, feedback, or otherwise correspond with us (including interaction with us on social media website, such as LinkedIn).

  • Registration Data, such as information related to the Services that you request, your account, or an event you register for.

  • Survey Data, such as your questions and responses and provide analysis tools for you to use when we deliver consulting services and run surveys.

  • Demographic and Identity Verification information, age, gender, Government-issued ID, Driver License, proof of address, insurance certificates, etc.

  • Household Information, family members’ names, dates of birth and/or age, and/or gender.

  • Transaction Data, such as information about payments to and from you (or your employer that procure our Services), and other details of Services you have received from us.

  • Location Data, to the extent a Client chooses to share such information with us or designated Assistants to facilitate the provision of Services.

  • Other information that a Client voluntarily shares with us directly to facilitate a more personalized Services, which is not specifically listed here, including Client’s social media login information, vehicle registration information. We will use such data in accordance with this Privacy Policy, as otherwise disclosed at the time of collection, in accordance with our agreement, or to the extent necessary for performing the Services.

  • HR-related Data from Personnel, such as your contact data, resume, previous work experience, education, transcripts, driver’s license information, social security number or national identification number and information relating to references, and other Personal Data related to benefit-enrollment (to the extent you are benefit-eligible) and enforcement of our personnel policies, employment contracts and contractor agreements.

  • Device Information, referring to information that is automatically assigned to your devices used to access our website and/or Services, and our computers identify your Device by its Device Identifier, including IP address, unique device identifier (UDID), or other unique identifier.

  • Usage Data, such as information (including inference based on such information) about how you use the Services and interact with us, including information associated with any content you upload to the websites or otherwise submit to us, and information you provide when you use any interactive features of the Services, the URL that referred you to our website, the areas within our Services that you visit, and your activities there.

  • Social Media Information, such as name, username, email address, or other profile information in connection with your social media account(s) that we may collect if you connect with us through a third-party social network or other websites, such as Facebook, Instagram, Twitter, or LinkedIn etc. (each, a “Social Media Site”).

    • Our Services offers features that allow you to share information between our Services and the Social Media Sites.

    • You may also interact with contents on our social media profiles. For example, if you “like” or share a post from one of our accounts on Social Media Sites. those social media sites may share information about you with us, including your public profile, e-mail address and friend list. If you choose to “like” or share content, information about you may be publicly displayed on the social network, depending on your privacy settings.

    • If you post information on a social media or another third-party service that references us, we may publish your posts on our social media accounts or websites.

    • If you decide to use such features, you should check the privacy policy of each Social Media Sites and your privacy setting(s) on these sites before using such features.

    • Marketing Data, such as your preferences for receiving communications about our activities, events, and publications, and details about how you engage with our communications.

2.3 Information We Collect from Other Sources.

We may receive information about you from your friends and others that use the Services. Additionally, we may, from time to time, supplement the information we collect directly from you on our Services with outside records from third parties for various purposes, including to enhance our ability to serve you, to tailor our content to you and to offer you opportunities that may be of interest to you. Such data from other sources may include information or data from or in connection with:

  • Referrals

  • Claims and disputes

  • Our business partners through which you create or access your accounts (i.e., Google login or Apple ID login to set up a User account), to the extent we make this feature available to you.

  • Our vendors who help verify your identities, credentials or qualifications

  • Insurance or our other vendors or service providers

  • Publicly available sources

  • Marketing service providers and/or data resellers

  • Government, regulatory, authorities or law enforcement agencies

2.4 Information You Provide about a Third Party.

If you send someone else a communication through our Services, such as an invitation or a gift to a friend, the information you provide (e.g., names, email addresses, mobile number, etc.) will be used to facilitate the communication. You need to ensure that you have the recipient's permission to use his or her information for this purpose. When you use any send-to-a-friend functionality of our Services to connect your family and friends with our Services, some of your Personal Data that you inputted in the invitation or gift request may be included in the communication sent to your addressee(s) unless you expressly ask us not to disclose.

2.5 Miscellaneous.

  • Is entry of Personal Data required? Our collection of your Personal Data may be required to access certain portions of the Services. You may choose not to provide us with any Personal Data and may still access certain portions of the Services. However, you may not be able to fully utilize all functionalities and features of our Services if we need certain categories of Personal Data in order to deliver that functionalities. For example, providing your email to sign up for our whitepaper and newsletter is voluntary, but if you choose not to provide your email, then we are not able to deliver this content to you via email.

  • Links to Other Websites. Please note that this Policy does not apply to the practices of companies that we do not own or control, or to people that we do not employ or manage. Our Services may provide a link or otherwise provide access to website controlled by others. We provide these links merely for your convenience. We have no control over, do not endorse or review, and are not responsible for, these websites, their content, or any goods or services available through these third-party sites. Our Policy does not apply to these sites. We encourage you to investigate and ask questions before disclosing Your Personal Data to these third-party websites.

3. HOW WE MAY USE THE INFORMATION WE COLLECT.

3.1 How do we use your Personal Data:

We may use the information we collect and derive for the following purposes:

  • Service Delivery. We use your Personal Data to provide and maintain our Services, and to process and fulfill your requests in connection with the Services, such as:

    • Verify your identity and maintain your account, settings, and preferences;

    • Connect Client(s) with our Personnel tasked with providing Services, and track workflow and progresses;

    • Provide various Services to you, such as virtual admin support, survey, and other features and other service offerings in accordance with your requirements or our mutual agreements;

    • Allow you to connect with us regarding your needs for a more personalized Services;

    • Communicate with you about your use of the Services and experience;

    • Collect feedback regarding your experience; and

    • Facilitate additional services and programs delivered by our service providers on our behalf.

  • Improvement of Products and Services. We use your Personal Data to understand and analyze our User base and how you use the Services, to improve and enhance our Services, to create Aggregated Data, and to develop new products, services, features and functionalities;

  • Personalization. We use your Personal Data to:

    • Communicate with you about events, promotions, and campaigns, including promotion of our Services via direct marketing and advertisement, or through our partners, including email marketing vendors;

    • Personalize your experience on the Services, including suggesting and offering you relevant content and recommendations;

  • Analytics and Performance. We may use your Personal Data to measure performance and analyze key metrics relevant to our business, including the effectiveness of our marketing and advertising campaign, trend and business analysis;

  • Service Communication and Customer Care. We use your Personal Data to communicate with you, including sending you service information such as confirmations, invoices, notices, updates, security alerts, user surveys, and support and administrative messages; and to respond to your comments and questions and provide customer service;

  • Protect ourselves, our Users and Others. We use your Personal Data to enforce our terms and conditions, or protect our business, partners or Users, and to comply with our contractual and legal obligations;

  • Security and Fraud Prevention. We use your Personal Data to protect, investigate, and deter against fraudulent, unauthorized, infringing or illegal activity, including click fraud.

  • Corporate Activities: We may use your Personal Data in connection with evaluating, conducting or implementing a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us is among the assets transferred.

  • Other Processing Activities. We may process Personal Data identified in this Policy when necessary for:

    • De-identification and aggregation of Personal Data to become Aggregated Data for purposes of analytics, innovation, research and to provide enhanced services to our customers and end-users;

    • Obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice; and

    • Purposes that are consistent with, related to and/or ancillary to the purposes and uses described in this Policy for which your Personal Data was provided to us.

3.2 How and When we disclose your Personal Data.

This section explains how and when we may disclose your Personal Data to another party.

  • Service Providers: We may share your Personal Data with service providers, to the extent necessary, so that we or they can provide you with customer service, information technology, cloud service, web hosting, and marketing and advertising, among other service relating to our products and services, and perform billing and payment functions.

  • Corporate Affiliates: We may share your Personal Data with our subsidiaries or affiliates, so that they may provide and improve Services, send you information about special offers or products and services that may be of interest to you based on your purchase history, activities on our website and other information that you have given us.

  • Acquisition and Similar Transaction: If we sell, transfer or otherwise share some or all of our assets in connection with a merger, reorganization, liquidation, dissolution, bankruptcy, or sale of assets, we may transfer your Personal Data as a part of the assets transferred as a result of the transaction without your consent.

  • Legal Obligations: We may disclose your Personal Data at the request of law enforcement or government agencies; in response to subpoenas, court orders, or other legal process; to establish, protect, or exercise our rights; to defend against a legal claim; to detect, investigate, prevent, or take action against illegal activities or potential threats to the rights, property, or safety of any other person; or as otherwise required by law.

  • Professional Advisors: We may share your Personal Data with our insurers, and other professional advisors, including attorneys, accountants, that need access to your information to provide operational or other support on our behalf.

  • With Your Consent or at Your Direction: We may ask, from time to time, if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this Policy. We may disclose your Personal Data in this context with your permission or upon your direction.

4. HOW LONG WE STORE YOUR INFORMATION.

We retain and use your Personal Data for an appropriate period of time as is necessary to fulfill the purposes, for which it was collected, to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to provide our Services, to pursue legitimate business purposes, to enforce our agreements, and other business or commercial purposes to the extent provided in this Privacy Policy.

We take reasonable steps to delete the Personal Data we collect when (1) we have a legal obligation to do so, (2) we no longer have a purpose for retaining the information, or (3) if you ask us to delete your Personal Data, unless we determine that doing so would violate our existing, legitimate legal, regulatory, dispute resolution, contractual, or similar obligations. We may also decide to delete your Personal Data if we believe it is incomplete, inaccurate, or that our continued storage of your Personal Data is contrary to our legal obligations or business objectives. When we delete your Personal Data, it will be removed from our active servers and databases; but it may remain in our archives when it is not practical or possible to delete it.

5. HOW WE PROTECT YOUR INFORMATION.

We make our best efforts and are committed to protect the Personal Data that you share with us from being accidentally lost, used, altered, or disclosed or accessed in any unauthorized manner. From time to time, we review our security procedures to consider appropriate new technologies and methods. We use reasonable security measures when transmitting Personal Data to consumers in responding to requests under applicable data protection or privacy laws. We have also implemented reasonable security measures or protocols to detect fraudulent identity-verification activity and to mitigate risks relating to the unauthorized access to, disclosure or loss of Personal Data.

While our security measures seek to protect the Personal Data in our possession, no security system is perfect, and no data transmission is 100% secure. As a result, while we strive to protect your information, we cannot guarantee or warrant the security of any information you transmit to or from the Services. Your use of the Services is at your own risk.

The safety and security of your Personal Data also depends upon you. Where you use a password for access to restricted parts of the Services or other aspect of our business operations, you are responsible for keeping your password confidential. Do not share your password with anyone.

6. YOUR CHOICES TO CONTROL YOUR INFORMATION.

You may adjust the settings of your devices, or your account, or use the “Contact Us” details at the end of this Policy to exercise certain rights and choices under this Policy, to the extent required by applicable data privacy laws. If you would like to manage, change, limit, or delete your Personal Data, or if you no longer want to receive any push notification, or email outreach from us in the future, such requests may be submitted via the “Contact Us” details at the end of this Policy.

Communication Preferences. If you no longer wish to receive communications from us via email, you may opt-out of certain types of communications (as described below) by clicking the “unsubscribe” link at the bottom of our emails or by contacting us at the “Contact Us” details provided at the end of this Policy and providing your name and email address so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly take action.

  • Communications Regarding Our Services. We will send you email notifications and free newsletters from time to time with offers, suggestions and other information. You may “opt-out” from receiving such communications by following the “Unsubscribe” instructions provided in the email.

  • Legal or Security Communications. We also send out notices that are required for legal or security purposes. For example, certain notifications are sent for your own protection. In other cases, these notifications involve changes to various legal agreements, such as this Policy or the Terms of Services. Generally, you may not opt out of such emails.

  • Account Communications. If you subscribe to our Services, we may send you communications regarding such Services. We may also send communications providing customer support or responses to questions regarding the operation of the Services. Generally, you may not opt out of such emails.

Online Tracking Signals. We adhere to the standards set out in this Policy and do not currently respond to “Do Not Track” signals on the Services or on third-party websites or online services where we may collect information.

Accuracy and Updating Your Personal Data. If any of the Personal Data you have provided to us changes, please update it in your user/account profile, or let us know via the “Contact Us” details at the end of this Policy. For instance, if your email address changes, you may wish to let us know so that we can continue to communicate with you. If you become aware of inaccurate Personal Data about you, you may want to update your information. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient, or incomplete Personal Data that you provide to us.

Complaints. If you believe that your rights relating to your Personal Data have been violated, you may lodge a complaint with us by contacting us via the “Contact Us” details at the end of this Policy.

7. COOKIES AND SIMILAR TECHNOLOGIES.

7.1 First and Third-Party Cookies.

A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” or “permanent” cookie). “Session” cookies are temporarily stored on your hard drive and only last until they expire at the end of your browsing session. “Persistent” or “permanent” cookies remain stored on your hard drive until they expire or are deleted by you. Local stored objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you’re visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website. You can block and control cookies using the information noted below. If you block all cookies, certain functionalities on our Services may not work.

7.2 Other Third Party Technologies.

In addition to cookies, there are other automatic data collection technologies, such as Internet tags, web beacons (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.), HTML Local Storage, Social Widgets, or UTM Codes, that can be used to collect data as users navigate through and interact with a website.

7.3 What Cookies and Similar Technologies Are in Use and Why Do We Use Them?

Privacy Policy Cookies

Google Analytics. Where you have consented, or have not disabled third party performance/analytics cookies (depending on your location), we may use Google Analytics to collect and process statistical data about the number of people using the Services, to better understand how they find and use the Services, and measure the success of our campaigns and referrals through advertising partners. The data collected includes data related to your device/browser, your IP address, and on-site activities to measure and report statistics about user interactions on the Services. Any data collected is used in accordance with this Policy and Google’s privacy policy. You may learn more about Google Analytics by visiting:

https://policies.google.com/technologies/partner-sites and;

https://support.google.com/analytics/answer/6004245.

You can learn more about Google’s restrictions on data use by visiting the Google privacy policy at: https://policies.google.com/privacy. To opt-out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout and install the opt-out browser add-on feature. For more details, visit the “Google Analytics opt-out browser add-on” page (located at https://support.google.com/analytics/answer/181881?hl=en).

7.4 Choices About Cookies.

Most web browsers are set by default to accept cookies. If you do not wish to receive cookies, you may set your browser to refuse all or some types of cookies or to alert you when cookies are being sent by website tracking technologies and advertising. You may adjust your browser settings to opt out of accepting a “persistent” cookie and to only accept “session” cookies, but you will need to log in each time you want to enjoy the full functionality of the Services.

If you opt out of the use of non-essential cookies, you may not have access to the full benefits of the Services. Further, your opt-out only applies to the web browser you use, so you must opt out of each web browser on each computer you use. Once you opt out, if you delete your browser’s saved cookies, you will need to opt out again. In addition, adjusting the cookie settings on the Services may not fully delete all of the cookies that have already been created. To delete them, visit your web browser settings after you have changed your cookie settings on the Services.

Additional information is provided below about how to disable cookies or manage the cookie settings for some of the leading web browsers (PLEASE NOTE: these third party links are provided for your convenience, and we may not actively monitor the content of these links):

Privacy Policy Links

For more information on how to modify your browser settings to block or filter cookies, visit http://www.aboutcookies.org/ or http://www.cookiecentral.com/faq/.

8. CHILDREN’S PRIVACY.

The Children’s Online Privacy Protection Act (“COPPA”), as well as other data privacy regulations, restrict the collection, use, or disclosure of Personal Data from and about children on the Internet. The Services is restricted to the use of adults over the age of majority in their place of residence. No portion of the Services is directed to children under the age of 18 (other than incidental disclosure of information by our Clients relating to their household members and by our benefit-eligible employees relating to their dependents’ benefit enrollment), and no one under the age of 18 may access, browse, or use the Services or provide any information to or on the Services. Consequently, we do not knowingly collect personal identifying information from any person under the age of 18. If we learn that we have collected Personal Data from a child under age 18 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete that information as quickly as possible. If you are a parent or guardian of a child under 18 years of age and you believe your child has provided us with Personal Data, please contact us by following instructions at the “Contact Us” section below.

For more information about COPPA, please visit the Federal Trade Commission's website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

9. UPDATES AND CHANGES TO THIS POLICY.

We reserve the right to add to, change, update, or modify this Policy at any time to reflect any changes to how we treat your information or in response to changes in law. In the event we make changes to this Policy, such revised Policy will be re-posted on this page, with the date such modifications were made indicated on the top of the page. If we make material changes to how we treat your information, we may contact you to inform you about the revisions with a link to the revised Policy or notify you through a notice on the homepage of the Services for a reasonable period of time. All changes are effective on the date listed at the top of this page and will apply to all information that we have about you.

You are expected to, and you acknowledge and agree that it is your responsibility to, carefully review this Policy prior to using the Services, and from time to time, so that you are aware of any changes. Your continued use of our Services after the “Last Updated” date indicates your acceptance of the changes and your continued consent to our processing of your Personal Data according to the terms of the then-current Policy. If at any point you do not agree to any portion of this Policy, then you should immediately stop using the Services and the Services. Because this Policy contains legal obligations, we encourage you to review its carefully.

10. CONTACT US.

For more information, or if you have any questions or concerns regarding this Policy or our information collection, storage and disclosure practices, wish to exercise your rights, or wish to lodge a complaint with us, you may contact us using the information below. Please note, if your communication is sensitive, you may wish to contact us by postal mail or telephone.

In Writing by Email: privacy@worxbee.com

Phone: 1-844-410-0263

ADDENDUM: Section 11. U.S. State-Specific Privacy Addendum.

This U.S. State-Specific Privacy Addendum (“U.S. Privacy Addendum”) provides additional information regarding your privacy rights provided under applicable U.S. state laws and supplements our Privacy Policy. The information below applies if you are a resident of the state(s) specified below, and the relevant rights will be available from the date when the applicable state laws and regulations take effect. For the purposes of this U.S. Privacy Addendum, “Personal Information” shall have the same meaning as the term “personal data”, “personal information”, or “personally identifiable information” as defined in the state privacy laws, as applicable, and is synonymous with the term “Personal Data” used in the Privacy Policy.

We reserve the right to amend this U.S. Privacy Addendum at our discretion and at any time. When we make changes to this U.S. Privacy Addendum, we will post the updated version on our website and update the Effective Date for the applicable section. If you are a resident of the following U.S. state(s), you may rely on the Privacy Policy and the applicable information outlined in this U.S. Privacy Addendum below.

State - Effective Date of the Privacy Laws

  1. California - January 1, 2023

  2. Virginia - January 1, 2023

  3. Colorado - July 1, 2023

  4. Connecticut - July 1, 2023

  5. Utah - December 31, 2023

  6. Nevada - October 1, 2019

CALIFORNIA PRIVACY RIGHTS (For California Residents ONLY)

A. Effective Date: January 1, 2023

Summary: This U.S. Privacy Addendum applies if you are a resident of the State of California and explains how to exercise your data privacy rights as a California resident.

Data privacy and protection laws and regulations in California (“California Privacy Laws”) provide residents of California (“California Consumers”) with specific rights regarding their Personal Information.

B. Personal Information Collected

Consistent with Section 2 (Information We May Collect) of the Privacy Policy, the table below outlines the categories of Personal Information we have and may have collected within the preceding 12 months:

1. Data Category Table

Privacy Policy Data Category

In accordance with the applicable state privacy laws, Personal Information does not include:

  • Publicly available information from government records or lawfully obtained, truthful information that is a matter of public concern; or

  • De-identified, anonymized, or aggregated consumer information that cannot be attributed back to an individual (“Aggregated Data”).

Information excluded from the scope of California Privacy Laws including, but not limited to:

  • An activity involving the collection, maintenance, disclosure, sale, communication, or use of any personal information bearing on a consumer’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living by a consumer reporting agency, a furnisher of information who provides information for use in a consumer report, and by a user of a consumer report provided that the agency, furnisher, or user is subject to regulation under the Fair Credit Reporting Act (FCRA).

    1. Medical information governed by the Confidentiality of Medical Information Act or protected health information as governed by the U.S. Department of Health and Human Services pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

For additional details, please refer to Section 2 (Information We May Collect) of our Privacy Policy.

2. Sources.

We collect Personal Information directly and indirectly:

  • From you directly, and/or from your agent(s) or representative(s) authorized to share information on your behalf, where necessary to perform our Services to you as our Clients;

  • From you to the extent you voluntarily provide such Personal Data (including Sensitive Personal Information) to us in connection with using our Services (including personalized virtual admin services; surveys, consulting services, and assessments, among others);

  • From your activities on your devices, our website, platform and/or Services;

  • From your activities on the customer portal made available to our Client;

  • From other third parties, such as our service providers or business partners, 3rd party social media, advertising, and analytics partners, your current or former employer, and point of contact (for employment verification and/or reference with your permission), financial institutions, public databases, and other third parties that we interface with;

  • From you directly where you are our Personnel for HR-related operations (to the extent HR-related Personal Information is in scope under the applicable state privacy laws);

  • From you directly, where you are a business contact we interface with at trade and social events that we sponsor or participate in, or through other marketing communications and interactions;

  • From you, where you are participants in our surveys, questionnaires, and/or event registration, etc.

3. Recipients of Personal Information to which we transfer.

We may disclose or transfer your Personal Information to other parties. In the preceding 12 months above and for business purposes, we have disclosed Categories A-L in the Table above to our (i) affiliates, (ii) service providers such as payment processing, web hosting, information technology, customer services, cloud service, data analytics, social networks, and marketing and advertising, (iii) third parties, to the extent you have authorized us to disclose your Personal Information in connection with Services. Additionally, within the past 12 months, we may have disclosed to our social media, advertising, and analytics partners certain identifiers, information about the use of our website, application, account logins and/or Services as described in Category F (Internet or other similar activity) collected automatically from your interface with our Services. These disclosures may qualify as a “sales” of Personal Information for consideration, or “sharing” of Personal Information for cross-context behavioral advertising, as broadly defined under California Privacy Laws. Therefore, we provide additional information on how to exercise California Consumer’s Right to Opt-Out below.

4. Data Retention.

We keep your Personal Information only as long as necessary to fulfill the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

5. Purposes for which we collect, use or disclose Personal Information.

We use the categories of Personal Information listed above to provide our Services to you, to operate, manage, and maintain our business as disclosed in Section 3 (How We May Use the Information We Collect) of our Privacy Policy, and to accomplish other business and commercial purposes, including the following:

a.) Business Purposes:

Privacy Policy Business Purposes

b) Other operational purposes that qualify as Business Purposes, including:

  • Fulfilling or meeting the reason for which you voluntarily provide your Personal Information;

  • Providing, supporting and developing our Services;

  • Creating, maintaining, customizing, and securing your user accounts;

  • Processing your purchases, transactions, payments and other related activities relating to provide you our Services;

  • Providing customer support services and responding to your inquiries, including to investigate and address your concerns and monitor and improve your responses.

  • Evaluating, conducting or implementing a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us is among the assets transferred.

  • As permitted by applicable laws, we may use all of the Personal Information made available to us in order to: comply with laws (including federal, state, or local); to response to a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities, to cooperate with law enforcement agencies concerning conduct or activity that we, a service provider, or a third party reasonably and in good faith believe may violated federal, state, or local law; to exercise or defend legal claims; and to create, use, retain, disclose or commercialize Aggregated Data.

C. Your California Privacy Rights

1. Right to Access/Know

As a California resident, you have the right to request that we disclose certain information to you regarding our collection and use of your Personal Information over the past 12 months.

Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • Categories of Personal Information we have collected about you;

  • Categories of sources from which the Personal Information was collected;

  • Our business or commercial purpose for collecting, selling or sharing your Personal Information;

  • Categories of third-parties with whom we disclose Personal Information for a business purpose; and

  • Specific pieces of Personal Information we collected about you in a portable format (also called a data portability request).

In addition, to the extent a business sells or shares Personal Information, a California Consumer shall have the right to request the business to identify, during the past 12 months:

  • Categories of Personal Information that the business sold or shared, and the categories of third party recipients; and

  • Categories of Personal Information disclosed for a business purpose, and the category of recipients.

2. Right to Deletion

Subject to several exceptions, you have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions and as permitted under the California Privacy Laws. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

3. Right to Opt-Out of “Sale” and Certain “Sharing” Practices

A California Consumer has the right to opt-out of certain data sharing practices with third parties, who may use its Personal Information solely for their own purposes. The right to opt-out is limited to Personal Information sold to or shared with these third parties. “Sell” in this case does not mean providing data in exchange for money – we don’t do that (and we do not knowingly sell or share Personal Information of consumers under the age of 16). “Sell” or “sharing” instead means the disclosure or release of Personal Information, including technical device data that does not identify you directly but can be attributed back to identify you, when a third party might use that data for its own purposes, such as for personalized advertising or cross-context behavioral advertising, whether or not for monetary or other valuable consideration. A California Consumer may opt out by using the “Contact Information” as described below or via our cookie banner.

4. Right to Correct.

You have the right to request that we correct any inaccurate Personal Information that we have collected about you.

5. Right to Limit Use and Disclosure of Sensitive Personal Information.

In certain circumstances, you have a right to limit the use and disclosure of Sensitive Personal Information. Our use of Sensitive Personal Information is reasonably necessary to perform Services or provide goods reasonably expected by an average consumer and not for those purposes for which you may exercise a right to limit the use or disclosure under California Privacy Laws. While this consumer right is not applicable to how we collect or use your Sensitive Personal Information, we provide this information as this is a core part of your rights as a California Consumer.

6. Right to Non-Discrimination

We will not discriminate against you for exercising any of your rights under the California Privacy Laws. In the context of HR operations, this means that you, as an employee, applicant, or independent contractor, will not be retaliated against for exercising your rights under the California Privacy Laws. Unless permitted by California Privacy Laws, we will not:

  • Deny you goods or services;

  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

  • Provide you a different level or quality of goods or services; or

  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

2. Other California Privacy Rights. California's “Shine the Light” law (Civil Code Section § 1798.83) permits California residents who are users of our Services to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. We do not disclose your Personal Information to third parties for their direct marketing purposes.

A. Exercising Your Privacy Rights

Contact Information: To exercise your privacy rights as a California Consumer, please submit a verifiable consumer request to us by either:

Procedure to Address Your Requests: As required or permitted under applicable law, we may need to verify your identity by asking you or your agent to provide your name, physical address, email address, contact information, and information about your account or previous transactions with us. If we believe we need further information to verify your request as required by law, we may ask you to provide additional information to us. Authorized agents can make a request on your behalf if you have given them legal power of attorney or we are provided proof of signed permission, verification of your identity, and, in some cases, confirmation that you had provided the agent permission to submit the request through a written authorization document, signed by the California Consumer, containing the California Consumer’s name, address, telephone number, and valid email address, and expressly authorizing the individual to act on behalf of the California Consumer. We may also require that you directly verify your identity and the authority of your authorized agent. We reserve the right to reject authorized agents who have not fulfilled the above requirements or automated requests under California Privacy Law where we have reason to believe the security of the requestor’s personal information may be at risk.

Verification Procedures. We are required by California Privacy Laws to verify the identity of individuals who submit a consumer request. The verifiable consumer request must provide sufficient information that allows us to reasonably verify your identity and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. The information we may need in order to verify your identity differs depending upon the request made and our relationship with you and might include (as applicable) your name, the email address you regularly use to interact with us, your telephone number, your date of birth, and, if available, your claim or policy number. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. We can only respond to your request or provide you with information if we are able to verify your identity or authority to make the request and confirm the Personal Information relates to you. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.

How Often You may exercise your rights. You may only request to exercise your Right to Access (as described in Section B(1) above) twice within a 12-month period. Your request to exercise privacy rights must provide sufficient information and describe your request(s) with sufficient details so that we can understand, evaluate, and respond to it accordingly.

Response Timing: We strive to respond to a verifiable consumer request within 45 days of its receipt. If we require additional time, we will inform you of the reason and extension period in writing.

VIRGINIA PRIVACY RIGHTS

Effective January 1, 2023

Your Virginia Rights Regarding Your Personal Information. Virginia privacy laws provide some Virginia residents with the rights listed below.

Right to Access. You have the right to know and see what Personal Information we have collected about you and receive a copy of such information in a portable format, purposes for which we collect your Personal Information, recipients of your Personal Information to whom we disclose or share. For more details, please refer to the “Personal Information Collected” section above for more details, or use the contact information below.

Right to Correct. Subject to certain exceptions, you have the right to request that we correct any inaccurate Personal Information that we have collected about you.

Right to Delete. You have the right to request that we delete the Personal Information we have collected about you.

Right to Opt-Out. You have the right to opt out of targeted advertising, profiling, the sale of your Personal Information, to the extent such instances occur (as defined under Virginia privacy laws).

Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of your rights under the state privacy laws.

Right to Appeal. You have the right to appeal our denial to act on your consumer rights under the Virginia Privacy Laws within a reasonable time. Under the Virginia privacy law, a controller must respond to a consumer request within 45 days of receipt of the request. Where reasonably necessary, the controller may then extend the response deadline by an additional 45 days as long as they notify the consumer within the initial response window.

Exercising Your Virginia Privacy Rights. To request access to or deletion of your Personal Information, or to exercise any other privacy rights under Virginia privacy laws, please contact us using one of the following methods:

COLORADO PRIVACY RIGHTS

Effective July 1, 2023

Your Colorado Rights Regarding Your Personal Information. Colorado privacy laws provide some Colorado residents with the rights listed below.

Right to Access. You have the right to know and see what Personal Information we have collected about you and receive a copy of such information in a portable format, purposes for which we collect your Personal Information, recipients of your Personal Information to whom we disclose or share. For more details, please refer to the “Personal Information Collected” section above for more details, or use the “contact information below.

Right to Correct. Subject to certain exception, you have the right to request that we correct any inaccurate Personal Information that we have collected about you.

Right to Delete. You have the right to request that we delete the Personal Information we have collected about you.

Right to Opt-Out. You have the right to opt out of targeted advertising, profiling, the sale of your Personal Information, to the extent such instances occur (as defined under Colorado privacy laws).

Right to Appeal. You have the right to appeal our denial to act on your consumer rights under the Colorado Privacy Laws within a reasonable time. Under the Colorado privacy law, a controller must respond to a consumer request within 45 days of receipt of the request. Where reasonably necessary, the controller may then extend the response deadline by an additional 45 days as long as they notify the consumer within the initial response window

Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of your rights under the state privacy laws.

Exercising Your Colorado Privacy Rights. To request access to or deletion of your Personal Information, or to exercise any other privacy rights under Colorado privacy laws, please contact us using one of the following methods:

CONNECTICUT PRIVACY RIGHTS

Effective July 1, 2023

Your Connecticut Rights Regarding Your Personal Information. Connecticut privacy laws provide some Connecticut residents with the rights listed below.

Right to Access. You have the right to know and see what Personal Information we have collected about you and receive a copy of such information in a portable format, purposes for which we collect your Personal Information, recipients of your Personal Information to whom we disclose or share. For more details, please refer to the “Personal Information Collected” section above for more details, or use the contact information below.

Right to Correct. You have the right to request that we correct any inaccurate Personal Information that we have collected about you.

Right to Delete. Subject to certain exception, you have the right to request that we delete the Personal Information we have collected about you.

Right to Opt-Out. You have the right to opt out of targeted advertising, profiling, the sale of your Personal Information, to the extent such instances occur (as defined under Connecticut privacy laws).

Right to Appeal. You have the right to appeal our denial to act on your consumer rights under the Connecticut Privacy Laws within a reasonable time. Under the Connecticut Privacy Laws, a controller must respond to a consumer request within 60 days of receipt of the request.

Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of your rights under the state privacy laws.

Exercising Your Connecticut Privacy Rights. To request access to or deletion of your Personal Information, or to exercise any other privacy rights under Connecticut privacy laws, please contact us using one of the following methods:

UTAH PRIVACY RIGHTS

Effective December 31, 2023

Your Utah Rights Regarding Your Personal Information. Utah privacy laws provide some Utah residents with the rights listed below.

Right to Access. You have the right to know and see what Personal Information we have collected about you and receive a copy of such information in a portable format, purposes for which we collect your Personal Information, recipients of your Personal Information to whom we disclose or share. For more details, please refer to the “Personal Information Collected” section above, or use the contact information below.

Right to Delete. Subject to certain exception, you have the right to request that we delete the Personal Information we have collected about you.

Right to Opt-Out. You have the right to opt out of targeted advertising, profiling, the sale of your Personal Information, to the extent such instances occur (as defined under Utah privacy laws).

Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of your rights under the state privacy laws.

Exercising Your Utah Privacy Rights. To request access to or deletion of your Personal Information, or to exercise any other privacy rights under Utah privacy laws, please contact us using one of the following methods:

NEVADA PRIVACY RIGHTS

Effective on the same date as this Privacy Policy (regulation took effect on Oct. 1, 2019)

Your Nevada Rights Regarding Your Personal Information. Nevada laws provide some Nevada residents with the rights listed below:

Right to Opt-Out. Subject to certain exceptions, you have the right to submit a verified request to us to verify that we have not made any sale (as defined under Nevada privacy law) of any covered information (as defined under Nevada privacy law) that we have collected or will collect about you, and opt out of such sale. Please provide your name and contact information in your request, and we will respond to your request in accordance with Nevada privacy laws.

Exercising Your Nevada Privacy Rights. To request access to or deletion of your Personal Information, or to exercise any other privacy rights under Nevada privacy laws, please contact us using one of the following methods: