Last Updated: 9/14/20
Benefit Resource (“BRI”, “us”, “we”, or “our”) operates http://www.benefitresource.com (the “Site”) and the related services (together with the Site, the “Services”). This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Services. By using the Services, you agree to the collection and use of information in accordance with this policy.
1. Personal Information We Collect
We collect your personal information in the course of providing the Services to you. More specifically, when you use our Services, we may collect the following:
- Information You Provide to Us: We collect any information you provide in relation to the Services. This may include:
- User Account and Profiles. Our Services may give you the ability to register for an account or to create and update a user profile. To create an account, we will collect your information as provided to use in the course of registering for an account or creating or updating a user profile. This information may include, for example, name, postal address and zip code, telephone number, e-mail address, information about your health, and related demographic information. We may indicate that some of your information is required for you to register for the account or to create the profile, while some may be optional. Failure to provide any required information may affect your ability to use or enjoy all functionalities of the Services.
- Banking or Payment Information. You may provide banking or payment information to us. If you choose to do so, you will be transferred to a third-party payment card processor. We do not store your payment card information.
- Correspondence. If you contact us by e-mail, using a contact form on the Services, or by mail, fax, or other means, we collect your information as contained within, and associated with, your correspondence.
- Automatic Information: When you visit our Services, some information is collected automatically. This includes:
- Your browser type and operating system;
- Your device type (for example, if you are on a computer or cell phone);
- Your Internet Protocol (IP) address, which can sometimes be used to derive your general geographic location;
- Server logs and other communication data;
- Actions you take on our Services, and the content, features, and activities that you access and participate in on our Services;
- Information collected through cookies, Web beacons, and other similar Internet technologies; and
- Information regarding your interaction with e-mail messages, such as whether you opened, clicked on, or forwarded a message.
- Information from Other Sources: We may receive information about you from third parties, including from service providers, and may combine this information with your personal information that we maintain about you.
2. How We Use Personal Information
We use your personal information in the following ways:
- To provide Services and information that you request;
- To enhance, improve, operate, and maintain our Services, our programs, and other systems;
- To display personalized content and reminders;
- To prevent fraudulent use of our Services and other systems;
- To prevent or take action against activities that are, or may be, in violation of our Terms or applicable law;
- To tailor content and other aspects of your experience on and in connection with the Service;
- To maintain a record of our interactions with you;
- For other administrative and/or marketing purposes, including sending you direct email regarding our Services;
- For any other purposes that we may disclose to you at the point in which we request your information; and
- Pursuant to your authorization or consent.
- Recognizing you when you sign in to use our Services;
- Keeping track of your specified preferences;
- Conducting research and diagnostics to improve our Services;
- Preventing fraudulent activity and improving security;
- Delivering content;
- Measuring and analyzing the performance of our Services.
4. How We Share Personal Information
We do not rent or sell your personal information. Except as described in this Policy, we will not disclose your personal information without your authorization. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
- Trusted Third-Party Service Providers. To the extent legally permissible, we may disclose and/or exchange your personal information to third-party service providers (e.g., administrative services companies, marketing partners, application developers, data hosting, and processing providers) that assist us in our operations. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions and we require them to agree to maintain the confidentiality of such information.
- Business Decisions. To the extent legally permissible, we may disclose your personal information to third parties if we are involved in a merger, acquisition, or sale of any or all of our business and/or our assets to a third party.
- Legal Compliance. To the extent legally permissible, we may disclose your personal information if we have a good faith belief that disclosure is necessary to:
- comply with applicable laws, regulations, legal process (such as a subpoena), or enforceable government request;
- enforce applicable Terms, including investigation of potential violations of such Terms, or to detect, prevent, or otherwise address fraud, security or technical issues; and
- protect against harms to the rights, property, or safety of BRI, our users, or the public as required or permitted by law.
Your personal information as provided to us through the Services will be stored in a secure manner. We have implemented a variety of commercially standard encryption and security technologies and procedures to protect your information stored in our computer systems from unauthorized access. Please be aware, however, that no data security measures can be guaranteed to be completely effective. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.
6. Links to Third Party Websites
The Services may contain hyperlinks to third party websites. Once you have used these links to leave the Site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide while visiting such sites and such sites are not governed by this Policy.
You should exercise caution and look at the privacy statement applicable to the website in question. Moreover, we are not responsible nor liable for the content of third party websites or platforms.
7. Access and Choice
You can view, update, and delete certain information about your account and your interactions with the Services by visiting your account page or contacting us at the below information.
You have choices about the collection and use of your personal information. If you receive e-mail from us, you may unsubscribe at any time by following instructions contained within the e-mail. Additionally, if we offer user account functionality on the Services, we may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us.
8. Children’s Personal Information
Our Services are designed and intended for those who are at least 18 years old. By using the Services, you affirm that you are at least 18 years of age or older. We are not responsible for any damages that may result from a user’s misrepresentation of age.
9. European Union Privacy Rights
For our European external contacts, we abide by the General Data Protection Regulation (GDPR). The GDPR provides a framework for organizations to ensure protection of the personal information of European citizens and gives European citizens certain rights.
Legal Basis for Processing
If you are an individual located in the European Economic Area (EEA) or Switzerland, our legal basis for processing your personal information will depend on the personal information concerned and the specific context in which it is collected. However, we will normally collect or process personal information from you only where:
- We have your consent to do so;
- Where we need the personal information to perform a contract with you (e.g. to deliver services); or
- Where the party is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms).
In some cases, we may also have a legal obligation to process personal information from you, or may need the personal information to protect your vital interest or those of another person.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
Our Services may contain links to other websites and the information practices and the content of such other websites are governed by the privacy statements of such other websites. We encourage you to review the privacy statements of any such other websites to understand their information practices.
Rights to Access and Control Your Personal Data
Individuals residing in the EEA and Switzerland have certain rights to access and control their personal data. These rights include:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- rights in relation to automated decision making and profiling.
10. California Privacy Rights
If you are a California resident, please review the California Privacy Notice, below.
11. Retention of Personal Information
12. Updates to this Policy
We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Services after such changes will be subject to the then-current policy. If we change this Policy in a manner that is materially less restrictive of our use or disclosure of your personal information, we will use reasonable efforts to notify you of the change and to obtain your consent prior to applying the change to any of your information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Policy to stay informed about how we collect, use, and disclose your personal information.
13. Updates to this Policy
If you have any questions or concerns regarding the way we collect or handle your information, please contact us at privacy@BenefitResource.com. Our physical mailing address is:
ATTN: Data Privacy Officer
245 Kenneth Drive
Rochester, NY 14623
We will take every privacy concern seriously and will assess it in a reasonably timely manner.