About
Why Aspen?

See why Aspen HR is the white-glove PEO of choice

Our Team

Meet our leaders who bring over 100 years of combined PEO experience

Contact Us

Start a conversation with us today!

Careers

We pride ourselves in investing in our team members
Solutions
White Glove PEO

Rapid response service model + deep PEO expertise

Employee Benefits

Potentially save thousands of $ and offer high-quality benefits

Payroll & HRIS

Never worry about payroll again + automate HR workflows

PEO Health Insurance

From preventative care to recovery

HR & Benefits Due Diligence

Identify any HR compliance gaps and improvements in employee benefits

Retirement Plans

Offer a low-cost robust 401k plan to your employees

HR Compliance

Helping our clients effectively mitigate employer liability

HR Technology

HR tech to automate the entire employee lifecycle

Predictive Index Consulting

Enabling companies to more accurately predict workplace behaviors & motivations

Fractional CHRO Solutions

Strategic HR guidance & expert support to help you sclae

Expanding to the U.S.

Aspen HR Employment Solutions can help

ESG

See how investment funds can comply
Client Types
Case Studies

See how Aspen HR has directly benefited our clients

PEO for Private Equity & Venture Capital Firms

Our team understands the nuances of VC and PE funds

PEO for PE-Backed Companies

Helping you generate value faster with less risk

PEO for Startups

Focus on growth & boost retention with better benefits

PEO for Search Funds

Empowering Search Funds with turnkey HR and fortune 500-level benefits

PEO for Technology

Scalable PEO solution to support your growth

PEO for Life Sciences

From startup to scaling to maturity, we support you every step of the way

PEO for Remote Teams

We have years of experience and a profound understanding of remote work dynamics

PEO for Labor-Intensive Companies

Rely on our expertise to reduce costs, improve efficiency, and mitigate risk
Locations
Brokers
Insight
Blog & News

The latest HR & PEO trends

Webinar Replays

Learn from industry experts about a wide variety of relevant topics
Resources
Client Login

Client & manager HR portal login

Marketplace

Access a curated list of partners

Benefits Resources

Important resources for clients

Longevity Program

Empowering employees to take charge of their health and well-being

Referral Program

Join our referral program & get rewarded
Contact

Privacy Notice

Name: Professional Employer Organization
Brand: Aspen HR
Rating: 4.8 (17 reviews)

Last modified IN April 2023

Aspen HR PEO, LLC and its affiliates (the “Company”, “we”, “our”, or “us”) respects your privacy and are committed to protecting it through this Privacy Notice (“Privacy Notice”). This Privacy Notice describes the type of information we may collect from you or that you may provide to us when you visit www.aspenhr.com and the affiliated subdomains (the “Site”), use our Solutions (listed on the Site under the “Solutions” tab) that we provide to you or which are available through our Solutions and our policies and practices regarding how we collect, use, and disclose that information. If you engage in Solutions offered by us, then you may be subject to other terms and conditions and disclosures relevant to the Solutions that are not included in this Privacy Notice.

BY ACCESSING OR BROWSING THE SITE OR USING THE SOLUTIONS, YOU CONSENT TO THE COLLECTION AND USE OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY NOTICE, AS MODIFIED FROM TIME TO TIME BY US.

This Privacy Notice applies to information we collect:

From companies who employ Company to coordinate their human resources (“HR”) services, including, but not limited to, benefits, compliance, tax, and payroll solutions, in addition to other similar services (“Client Users”).
From employees of Client Users (“Worksite Employees).
From visitors to the Site (collectively, with Client Users and Worksite Employees, “you”).
In email, text, and other electronic messages between us.
When you engage with us to use our Solutions or request information about our Solutions

We reserve the right, at any time and without notice to you, to add to, change, update, or modify this Privacy Notice. If we decide to change our Privacy Notice, we will post a new notice on our Site and change the date at the top of the Privacy Notice. Any change, update or modification will be effective immediately upon posting on our Site and will apply to any Personal Information (as defined below) provided to us on and after that date. Your continued use of the Site or Solutions after we make changes is deemed to be acceptance of those changes, so please check the Privacy Notice periodically for updates.

If we make a material change to our Privacy Notice that affects how we collect or use your Personal Information, we will notify you via email, SMS text message, or other notification. If you have any questions about this Privacy Notice or our use of your information, you can email us at [email protected].

THE TYPES OF INFORMATION WE COLLECT.

- Personal Information
  
  We collect “Personal Information,” which is information that can be used to identify you individually. For example, we collect an Internet Protocol (“IP”) Address from all visitors to our site, and, if the visitors choose to engage with us by submitting a form or requesting further information, we may also collect their names and e-mail addresses.
  
  We collect the following Personal Information from Client Users: full name, email address, phone number, IP Address, and other information that permits us to contact Client Users at a physical location, online, or by electronic communication, including telephone, email, or text messages. We may also collect payment and billing information from Client Users, such as credit or debit card information, checking or ACH information, or other similar financial or banking information related to any transactions they enter into with us.
  
  We collect the following Personal Information from Worksite Employees including, but not necessarily limited to: full name, mailing address, complete date of birth, email address, age, sex, and marital status, social security number, phone number, IP Address, and other information that permits us to contact Worksite Employees at a physical location, online, or by electronic communication, including telephone number, email, or text messages and/or to activate and provide our Solutions.
- Registration and Transactional Data
  
  If you are using our Site or Solutions through iSolved, an HRIS software platform, you are required to submit an email address, password, and additional Personal Information. We may collect and store access information related to your account.
  
  When you have an account with us or through iSolved, the combination of your username and your password is the key to your account with our Solutions. We recommend that you use a unique combination of letters, numbers, and special characters to create your password. You are responsible for all actions taken in the name of your account. You should not disclose your password to anyone. You may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us at [email protected] and, if available, login to your account at the Site and change your password.
  
  We may also track and retain the details of all transactions and communications between Customers, target audiences, and other visitors on our Site and Solutions such as emails, feedback, ratings, sale and purchase of Solutions, and any other forms of communications. We may use and display your name when you send an email or other communication through our Site or Solutions.
- Payment Information
  
  If you use our Solutions, iSolved accounts, and any other cloud-based HR platforms in conjunction with our Solutions, we collect information related to your transaction. This information includes your payment method (credit card or debit card number, account, and authentication information), billing information, and shipping and delivery details. This information is processed through a third-party payment processor. You should look to the third-party payment processors’ terms regarding payments and contact them directly if you have any inquiries.
  
  Your payment for purchased Solutions may be charged directly by us through our third party payment processor, iSolved. Please review the following link to review the iSolved terms: https://www.isolvedhcm.com/legal/terms-of-use. To the extent the Solutions or any portion thereof is made available for any fee or through a subscription, your access will be granted following payment of the applicable fees to Company. Your account and access to the Solutions may be suspended in the event of non-payment of applicable fees.
  
  You agree to provide accurate and complete billing information, including valid credit card information, your name, mailing address, and email address, and to provide iSolved or other third party processor with any changes in such information.
- Contact Us Information and Feedback
  
  We may collect information that identifies you personally when you submit comments, questions, or suggestions to us or to the Solutions using the Contact Sales form or by email, including attached files in an email sent to us. Any comments and any emails we receive from you are subject to the terms of this Privacy Notice.
- Computer and Device Information
  
  We use a variety of data collection platforms to obtain information from or about the computers and devices that you use to access the Solutions, as determined and allowed by the personal settings you have for those computers and devices. These platforms include but are not limited to: Google Analytics, Mouseflow, and Rank Math. This list of platforms is subject to change by Company.
  
  We collect the Internet Protocol (IP) address, domain name, browser type, operating system, device settings, location, web log files, and other code tracking devices from any device you use to access our Solutions and any pages at our Site. You can turn-off and adjust settings on your computers and devices that will not allow us to collect information. For example, in many cellular devices, you can turn off location settings by selecting the “Settings” feature, choosing “Privacy” and turning-off “Location.”
- Transactions & Communications with Third Parties
  
  The Site contains applications, including the Insight blog, that enable you to connect to and from social networking sites and we may collect information about you from such social networking sites in order to provide you with a more personalized experience.
  
  Some content, email, or text message marketing campaigns from our Site and Solutions may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Solutions. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
  
  We may enable third parties to serve advertisements available through our Solutions, Site, or on third-party websites or other media (e.g., social networking platforms) that enable us and third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors, or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third-party’s specific privacy statement, not this one. We may provide these third-party advertisers with Personal Information.

HOW WE USE AND SHARE INFORMATION

- Provide our Solutions
  We use Personal Information to provide you with the features available through the Site and Solutions, to respond to requests that you initiate through the Site or Solutions, to process requests and required actions pursuant to our Solutions that you may initiate through the Site or Solutions, and to communicate with you. When we have location information, we may use it to tailor our services for you.
  
  Additionally, we share Personal Information with health insurance and workers compensation providers, brokers, underwriters, taxation agencies, and state-level regulatory agencies, as needed to conduct business. Personal Information is shared pursuant to your electronic consent when enrolling in specific Solutions.
- Contact By Mobile Phone
  By providing us with your mobile phone number, you hereby expressly consent to receive automated text messages (including SMS and MMS) from us at the mobile phone number you provided. You represent that you are 18 years of age or older and you have the consent of the wireless account holder associated with the mobile phone number you provided.
  
  You are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.
  
  Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive automated text messages is not required as a condition of purchasing, or utilizing, any of our Solution services. If you have opted in (this decision and others detailed further below), we may provide updates via text messages through your wireless provider to the mobile number you provided. Message frequency varies.
  
  When you opt in to receive SMS communications from us:
  - Your consent applies only to messages from Aspen HR
  - We do not share your SMS consent or phone number with third parties or affiliates
  - Messaging frequency may vary.
  - Message and data rates may apply.
  - To opt out at any time, text STOP.
  - For assistance, text HELP or visit our website at https://www.aspenhr.com.
  - Visit https://aspenhr.com/privacy-policy/ for privacy policy and https://aspenhr.com/privacy-policy/ for Terms of Service.
    
    SMS Terms & Conditions
    
    SMS Consent Communication:
    
    The information (Phone Numbers) obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.
    
    Types of SMS Communications:
    
    If you have consented to receive text messages from Aspen HR, you may receive messages related to the following:
    - Follow-up messages
    Example: “This is a message from Aspen HR. We have received your benefits selection for this calendar year. For additional assistance, please contact us directly at 844-408-3054. Reply STOP to opt-out of SMS messaging.“
    
    Message Frequency:
    
    Message frequency may vary depending on the type of communication.
    
    Potential Fees for SMS Messaging:
    
    Please note that standard message and data rates may apply, depending on your carrier’s pricing plan. These fees may vary if the message is sent domestically or internationally.
    
    Opt-In Method:
    
    You may opt-in to receive SMS messages from Aspen HR in the following ways:
    - Verbally, during a conversation
    - By submitting an online form
    Opt-Out Method:
    
    You can opt-out of receiving SMS messages at any time. To do so, simply reply “STOP” to any SMS message you receive. Alternatively, you can contact us directly to request removal from our messaging list.
    
    Help:
    
    If you are experiencing any issues, you can reply with the keyword HELP. Or, you can get help directly from us at https://aspenhr.com.
    
    Additional Options:
    - If you do not wish to receive SMS messages, you can choose not to check the SMS consent box on our forms.
    Standard Messaging Disclosures:
    - Message and data rates may apply.
    - You can opt out at any time by texting “STOP.”
    - For assistance, text “HELP” or visit our [Privacy Policy] page.
    - Message frequency may vary.
- Internal Analysis and Promotions
  We may use Personal Information, non-personal, and aggregate information to evaluate and improve our services, and for our own internal statistical, design, or operational purposes, or, for example, to estimate our audience size, measure aggregate traffic patterns, and understand demographic and other trends among our Client Users and Worksite Employees. We transfer information to certain vendors and service providers who provide technical infrastructure services and other content, analyze our services, and measure the effectiveness of our services.
  
  We may outsource all (or some) of the tasks described in this Privacy Notice to third parties on a confidential basis, and would only share your Personal Information as needed for performance of those tasks, and only pursuant to appropriate confidentiality agreements. You agree that we may use your Personal Information, including your email address, to improve our Site and Solutions, and to customize the Solutions content and layout. These uses improve our Site and Solutions and better tailor it to meet your needs, so as to provide you with a smooth, efficient, and safe experience while using the Solutions.
- Marketing Purposes
  If you provide us with feedback, we will collect that information and we may use it in our marketing materials, use it on our Site or to improve or enhance our Solutions, or disclose it for any purpose we choose. Your Personal Information will not be disclosed or associated with any feedback that we use or disclose unless you have given us permission to use your Personal Information for this purpose. We may use computer and device information for marketing purposes, to examine traffic to the Site and Solutions and improve the Site and Solutions to provide you a better experience.
- Legal Requirement
  We may disclose Personal Information, non-personal information, and aggregate information:
  - to comply with the law, cooperate and respond to requests and claims or comply with legal process served on us (e.g., a lawful subpoena, warrant, or court order);
  - to enforce or apply policies, or agreements (including to initiate, render, bill, and collect for amounts owed to us);
  - to protect and defend us or our user’s rights or property, the Site, Solutions, our employees, visitors, or the public, (including protecting and defending from fraudulent, abusive, or unlawful use of, the Site or Solutions); or
  - if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.
- Company Sale
  Information collected through our Site or Solutions is considered our trade secret or proprietary information. As the owner of such information, we may disclose or sell such information as an asset of the company in conjunction with the sale to a third-party of our company or a portion of our assets.

HOW YOU CAN MANAGE YOUR INFORMATION

- Account Settings
  
  Client Users and Worksite Employees who set up an account with us may elect to receive or stop receiving general and/or informational emails from us or any third-party as described by this Privacy Notice. If you receive email communications from our Solutions, you may use the unsubscribe link contained in the email. Please note that if you are currently receiving services from us and you have decided to opt-out of such general/informational emails, this will not impact the messages we send to you for purposes of delivering such services. Further, if you are a Worksite Employee, you also may not be able to unsubscribe from certain informational e-mails sent by your employer during the course of your employment. Please contact us at [email protected] if you need assistance, or if you have any questions about the different types of emails.
- Request Changes
  
  You may also review and request changes to your Personal Information and obtain removal of content or information you have publicly posted at our Site by sending an email with a detailed description of the specific content or information to [email protected]. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
  
  Please be aware that we cannot always delete records of past interactions and transactions. For example, we are required to retain records relating to record retention laws, for financial reconciliations and reporting and other legal compliance reasons.
- Manage Your Security Settings
  
  You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt
  -out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.
  
  You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
  
  Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and your choices regarding having information used by NAI members. The NAI’s main webpage is located at www.networkadvertising.org.
  
  Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through the Solutions. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website.
  
  We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- Links to Other Websites
  
  Please be aware that we may provide links to third-party websites as a service to our visitors, and that we are not responsible for the content or information collection practices of those pages. Please note that these websites’ privacy policies may differ from our Privacy Notice. We encourage you to review and understand the privacy practices at third-party websites before providing them with information.
- Opt Out
  
  You may opt out of receiving emails or text messages from us at any time either by texting the word “STOP” to any text message using the mobile device that is receiving the messages, by using the unsubscribe link contained in the email, or by contacting the sender. If you are unable to resolve this through these means, contact us at [email protected]. Despite your election to opt-out, if you are still receiving services from us or using our Solutions, we may send you emails or contact you by other means regarding your account, transactions, and your activities with the Solutions.
- Changes to the Service
  
  We may change any short code or telephone number we use to operate the texting services at any time and will notify you of these changes. You acknowledge that any messages, including any STOP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages. Please contact us at [email protected] if you need assistance.

WHAT ELSE SHOULD YOU KNOW ABOUT OUR PRIVACY PRACTICES

- Security
  
  We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Solutions.
  
  The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Solutions, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
- Children
  
  We will not generally collect information from children under age 18. Our Solutions are for general audiences and are not designed nor intended to collect Personal Information from children under the age of 18. We require that registrants affirm that they are 18 years or older, prior to creating an account on the Site or using our Solutions. If we learn that a person under the age of 18 has submitted personally identifiable information to us, we will delete that information from our Solutions. If you believe that a person under the age of 18 has directly provided us with their personal information, please contact us immediately at [email protected].
  
  Notwithstanding anything to the contrary in the foregoing, if you are a Worksite Employee with dependent minors utilizing our Solutions or services, we may collect personally identifiable information from your dependent minors directly from you. We do so only as needed to facilitate providing such information to medical insurance plans as set forth in the Solutions, and only with the appropriate consents received directly from you.

CALIFORNIA CONSUMER PRIVACY ACT/CALIFORNIA PRIVACY RIGHTS ACT (“CCPA”/”CPRA”), COLORADO PRIVACY ACT (“CPA”), NEVADA PRIVACY OF INFORMATION COLLECTED ON THE INTERNET FROM CONSUMERS ACT (“NPICICA”), VIRGINIA CONSUMER DATA PROTECTION ACT (“VCDPA”), AND CONNECTICUT DATA PRIVACY ACT (“CTDPA”) DISCLOSURES

- Categories of Personal Information Collected
  
  Under the CCPA, as amended by the CPRA, you have the right to know what personal information we have collected about you, including the categories of Personal Information, the categories of sources from which the personal information is collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of Personal Information we have collected about you.
  
  We collect the following categories of information: identifiers (such as your name and email address), Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected Personal Information. This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information) or automatically as you navigate through the Solutions. We use this information for one or more legitimate business purposes, including to improve our Solutions, offer information about our Solutions to you, and allow you as the Client User to purchase our Solutions, and you as the Worksite Employee to use our Solutions. We disclose the Personal Information to third parties who are providing services to you, such as the benefits providers, tax providers, and healthcare providers. The specific pieces of information we have collected about you vary, depending on whether you are browsing the website, a Client User, or a Worksite Employee, but we have defined these different types of Personal Information in Section 1.A of this Privacy Notice.
  
  We do not sell Personal Information as defined by the CCPA, and we do not share Personal Information as defined by the CCPA. Further, we have not sold or shared any of your Personal Information with third parties in the past 12 months.
- Rights of California, Colorado, Nevada, Virginia, and Connecticut Residents
  
  If you are a resident of California, Colorado, Nevada, Virginia, or Connecticut you have other rights under your respective states’ consumer privacy statutes:
  - Right of Access: You can access your collected Personal Information by contacting us at [email protected].
  - Right to correct, update, or delete: You can correct, update or request deletion of your Personal Information by contacting us at [email protected]. We can’t make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
  - Right to Request Disclosure of Information Collected: Please contact us at [email protected] to request further information about the categories of Personal Information we have collected about you, where we collected your Personal Information, and for what purpose we use your Personal Information.
  - Right to Disclosure of Information Sold or Shared and Right to Opt-Out of the Sale or Sharing of your Personal Information: You have the right to know what information of yours we have sold, the categories of Personal Information shared, and you have the right to opt-out of any sale or sharing of your information. We do not sell or share any of your information. If you have any questions about these rights, please contact us at [email protected].
  - Rights to Disclosure of Sensitive Information (California): If you are a resident of California, you have a right to know how we collect, process, and disclose “Sensitive Personal Information” (SPI). SPI includes highly sensitive data such as: social security number; driver’s license; passport number; financial account information and log-in credentials; precise geolocation data; genetic data; and ethnic origin. We collect and process the following types of SPI: social security number, financial account information and log-in credentials, and precise geolocation data through IP Address. We use the SPI to provide the Solutions to Worksite Employees and to be able to process payment from Client Users. If you have any questions about the disclosure of SPI, please contact us at [email protected].
  - Right to Retention Details (California): If you are a resident of California, you have a right to know the length of time we to retain each category of Personal Information or if that is not feasible, the criteria we will use to determine that retention period. If you have any questions about this right or our data retention protocol, please contact us at [email protected].
  - Right to Disclosure of Targeted Advertising and Right to Opt-Out (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for targeted advertising. We do not engage in targeted advertising. If you have any questions about these rights, please contact us at [email protected].
  - Right to Disclosure of Profiling (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. If you have any questions about these rights or wish to opt-out of any processing of your Personal Information as it relates to profiling, please contact us at [email protected].
  - Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA, CPA, NPICICA, VCDPA, and CTDPA.
  When you contact us regarding any of your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA we will verify your identity before we provide any information. If you have any questions or comments about your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA please contact us at [email protected].
  
  Contact Us. “Company” means Aspen HR PEO, LLC. To learn more about our privacy practices or this Privacy Notice, you may contact us at [email protected].

1. PRIVACY AND DATA SECURITY

2.1) General Compliance Each Party shall comply with all Data Protection Laws applicable to its Processing of Personal Data hereunder. Where both parties are Controllers with respect to Processing undertaken under the Agreement, the Parties shall collaborate as necessary to ensure compliance with Data Protection Laws and the Parties’ obligations in connection with any Data Subject’s exercise of rights under Data Protection Law. Notwithstanding the foregoing: (a) to the extent Client provides Aspen with any Personal Data, Client shall be solely liable for the accuracy of such Personal Data and comply with all Data Protection Laws relating to the collection and transfer of Personal Data to Aspen, including without limitation obtaining any consents which may be required for Aspen to Process Personal Data for the purposes set forth in the Agreement or agreed between the Parties; (b) Client shall be solely responsible (subject to Aspen’s compliance with Sections 2.5 and 5 of this Exhibit B) for establishing the legal basis for, and the scope, limitations, extent, purpose, and means of conducting any criminal, credit, or other personal background check, credit report, consumer credit report, or similar reports requested by Client; and (c) the Parties agree that the Client shall be a Controller to the extent Client’s performance of its obligations under the Agreement (e.g. under Sections 5-9) involves the Processing of Personal Data. Each Party shall promptly notify the other if it becomes aware of any change or circumstance which will, may, or is alleged to impact the lawfulness of any Processing of Personal Data hereunder, together with all known details of the circumstances, and (immediately once available) revised and corrected data, if appropriate.

2.2) Privacy Notices. To the extent required by applicable Data Protection Laws, each Party will publish and maintain a Privacy Notice describing the Personal Data collected by the Party and the Processing to be undertaken by or on behalf of that Party under this Agreement with respect to such Personal For the avoidance of doubt, unless otherwise agreed in writing, Aspen shall have no obligation to provide notice with regard to Client’s Processing of Personal Data for its own purposes and shall not be liable to any Data Subject for any claim, harm, or damages arising from or relating to such Processing.

2.3) Security Procedures. Each Party will maintain reasonable and appropriate administrative, physical, and technical safeguards for protection of the security, confidentiality, and integrity of Personal Data. In particular, each party will implement reasonable and appropriate technical and organizational measures to ensure that only Authorized Persons Process Personal Data, and that Worksite Employee Personal Data is transferred to the other Party in a secure and encrypted manner and otherwise in compliance with Data Protection Laws.

2.4) Security Breach. In the event of any Security Incident affecting any Personal Data Processed by a Party in connection with the performance of its obligations under the Agreement, such Party shall promptly give notice to the other, together with all available material information relating to such Security Incident, and shall immediately commence a thorough investigation of any such Security Incident. Client specifically agrees to report any Security Incident to Aspen within twenty (20) days of Client’s knowledge of such Security Incident. Notifications to Aspen should be sent to [email protected]. If, as a result of such Security Incident, applicable Data Protection Laws require notice to authorities or individuals, or other remedial action, then such Party shall also undertake all such remedial actions (e.g. notice to individuals, credit reporting agencies, public authorities and other entities and credit monitoring) at such Party’s sole cost and expense. Each Party agrees to provide full cooperation to the other to the extent reasonably necessary in connection with any governmental or regulatory authority or agency involved in investigating or remediating any such Security Incident.

2.5) Processor Obligations. Notwithstanding any provision of this Agreement to the contrary, solely to the extent Aspen is acting as a Processor in the performance of its obligations under the Agreement (including, without limitation, in connection with the performance of its obligations under Section 7 of the Agreement, or as an operator of a Licensed Property under Section 5.5 of the Agreement):

2.5.1) Aspen will Process Personal Data only as necessary to perform its obligations under the Agreement, or as permitted under applicable Data Protection Laws, and will not retain, use, or disclose Personal Data for any commercial purpose other than providing the services specified in the Agreement or the direct business relationship between the parties. Aspen will not sell (as defined in CCPA) any Personal Data Processed in its role as a Processor Aspen hereby certifies that it understands and will comply with the restrictions on Processing set forth in this Section 2.5.1.
2.5.2) Upon the termination or expiration of the Agreement, and at Client’s written request, Aspen shall either return or delete all copies of the Personal Data Processed by Aspen in its role as a Processor, except to the extent the Data Protection Laws require or permit further Processing or storage of such Personal Further, at any time during the Term, at Client’s written request, or upon the termination or expiration of the Agreement for any reason, Aspen shall, and shall instruct all Authorized Persons to, promptly return to Client all copies, whether in written, electronic, or other form or media, of Personal Data in its possession or control, or the possession or control of such Authorized Persons, or securely dispose of all such copies, and provide written certification to Client that such Personal Data has been returned to Client or disposed of securely. Aspen shall return any Personal Data in the format reasonably requested by Client.
2.5.3) To the extent legally permitted, Aspen will promptly notify Client if it receives a request from a Data Subject for access to, correction, amendment, or deletion of that individual’s Personal Data, and to the extent Client does not have access to such EU Personal Data through its use of the Licensed Property, Aspen shall provide Client with commercially reasonable cooperation and assistance in relation to a Data Subject’s request for access to that individual’s EU Personal

2.6) Sub-processors. Each Party will perform reasonable due diligence to ensure that any Processors that Process Personal Data on a Party’s behalf or perform the Party’s obligations under the Agreement (“Subprocessor“) are able to, and are obligated by written contract to protect Personal Data in a manner consistent with the Party’s obligations under this Exhibit B. Each Party shall be liable for the acts and omissions of its Subprocessors to the same extent the Party would be liable if performing the services of each Subprocessor directly under the terms of this Exhibit B.

THE TYPES OF INFORMATION WE COLLECT.

- Personal Information
  
  We collect “Personal Information,” which is information that can be used to identify you individually. For example, we collect an Internet Protocol (“IP”) Address from all visitors to our site, and, if the visitors choose to engage with us by submitting a form or requesting further information, we may also collect their names and e-mail addresses.
  
  We collect the following Personal Information from Client Users: full name, email address, phone number, IP Address, and other information that permits us to contact Client Users at a physical location, online, or by electronic communication, including telephone, email, or text messages. We may also collect payment and billing information from Client Users, such as credit or debit card information, checking or ACH information, or other similar financial or banking information related to any transactions they enter into with us.
  
  We collect the following Personal Information from Worksite Employees including, but not necessarily limited to: full name, mailing address, complete date of birth, email address, age, sex, and marital status, social security number, phone number, IP Address, and other information that permits us to contact Worksite Employees at a physical location, online, or by electronic communication, including telephone number, email, or text messages and/or to activate and provide our Solutions.
- Registration and Transactional Data
  
  If you are using our Site or Solutions through iSolved, an HRIS software platform, you are required to submit an email address, password, and additional Personal Information. We may collect and store access information related to your account.
  
  When you have an account with us or through iSolved, the combination of your username and your password is the key to your account with our Solutions. We recommend that you use a unique combination of letters, numbers, and special characters to create your password. You are responsible for all actions taken in the name of your account. You should not disclose your password to anyone. You may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us at [email protected] and, if available, login to your account at the Site and change your password.
  
  We may also track and retain the details of all transactions and communications between Customers, target audiences, and other visitors on our Site and Solutions such as emails, feedback, ratings, sale and purchase of Solutions, and any other forms of communications. We may use and display your name when you send an email or other communication through our Site or Solutions.
- Payment Information
  
  If you use our Solutions, iSolved accounts, and any other cloud-based HR platforms in conjunction with our Solutions, we collect information related to your transaction. This information includes your payment method (credit card or debit card number, account, and authentication information), billing information, and shipping and delivery details. This information is processed through a third-party payment processor. You should look to the third-party payment processors’ terms regarding payments and contact them directly if you have any inquiries.
  
  Your payment for purchased Solutions may be charged directly by us through our third party payment processor, iSolved. Please review the following link to review the iSolved terms: https://www.isolvedhcm.com/legal/terms-of-use. To the extent the Solutions or any portion thereof is made available for any fee or through a subscription, your access will be granted following payment of the applicable fees to Company. Your account and access to the Solutions may be suspended in the event of non-payment of applicable fees.
  
  You agree to provide accurate and complete billing information, including valid credit card information, your name, mailing address, and email address, and to provide iSolved or other third party processor with any changes in such information.
- Contact Us Information and Feedback
  
  We may collect information that identifies you personally when you submit comments, questions, or suggestions to us or to the Solutions using the Contact Sales form or by email, including attached files in an email sent to us. Any comments and any emails we receive from you are subject to the terms of this Privacy Notice.
- Computer and Device Information
  
  We use a variety of data collection platforms to obtain information from or about the computers and devices that you use to access the Solutions, as determined and allowed by the personal settings you have for those computers and devices. These platforms include but are not limited to: Google Analytics, Mouseflow, and Rank Math. This list of platforms is subject to change by Company.
  
  We collect the Internet Protocol (IP) address, domain name, browser type, operating system, device settings, location, web log files, and other code tracking devices from any device you use to access our Solutions and any pages at our Site. You can turn-off and adjust settings on your computers and devices that will not allow us to collect information. For example, in many cellular devices, you can turn off location settings by selecting the “Settings” feature, choosing “Privacy” and turning-off “Location.”
- Transactions & Communications with Third Parties
  
  The Site contains applications, including the Insight blog, that enable you to connect to and from social networking sites and we may collect information about you from such social networking sites in order to provide you with a more personalized experience.
  
  Some content, email, or text message marketing campaigns from our Site and Solutions may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Solutions. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
  
  We may enable third parties to serve advertisements available through our Solutions, Site, or on third-party websites or other media (e.g., social networking platforms) that enable us and third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors, or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third-party’s specific privacy statement, not this one. We may provide these third-party advertisers with Personal Information.

HOW WE USE AND SHARE INFORMATION

- Provide our Solutions
  We use Personal Information to provide you with the features available through the Site and Solutions, to respond to requests that you initiate through the Site or Solutions, to process requests and required actions pursuant to our Solutions that you may initiate through the Site or Solutions, and to communicate with you. When we have location information, we may use it to tailor our services for you.
  
  Additionally, we share Personal Information with health insurance and workers compensation providers, brokers, underwriters, taxation agencies, and state-level regulatory agencies, as needed to conduct business. Personal Information is shared pursuant to your electronic consent when enrolling in specific Solutions.
- Contact By Mobile Phone
  By providing us with your mobile phone number, you hereby expressly consent to receive automated text messages (including SMS and MMS) from us at the mobile phone number you provided. You represent that you are 18 years of age or older and you have the consent of the wireless account holder associated with the mobile phone number you provided.
  
  You are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.
  
  Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive automated text messages is not required as a condition of purchasing, or utilizing, any of our Solution services. If you have opted in (this decision and others detailed further below), we may provide updates via text messages through your wireless provider to the mobile number you provided. Message frequency varies.
  
  When you opt in to receive SMS communications from us:
  - Your consent applies only to messages from Aspen HR
  - We do not share your SMS consent or phone number with third parties or affiliates
  - Messaging frequency may vary.
  - Message and data rates may apply.
  - To opt out at any time, text STOP.
  - For assistance, text HELP or visit our website at https://www.aspenhr.com.
  - Visit https://aspenhr.com/privacy-policy/ for privacy policy and https://aspenhr.com/privacy-policy/ for Terms of Service.
    
    SMS Terms & Conditions
    
    SMS Consent Communication:
    
    The information (Phone Numbers) obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.
    
    Types of SMS Communications:
    
    If you have consented to receive text messages from Aspen HR, you may receive messages related to the following:
    - Follow-up messages
    Example: “This is a message from Aspen HR. We have received your benefits selection for this calendar year. For additional assistance, please contact us directly at 844-408-3054. Reply STOP to opt-out of SMS messaging.“
    
    Message Frequency:
    
    Message frequency may vary depending on the type of communication.
    
    Potential Fees for SMS Messaging:
    
    Please note that standard message and data rates may apply, depending on your carrier’s pricing plan. These fees may vary if the message is sent domestically or internationally.
    
    Opt-In Method:
    
    You may opt-in to receive SMS messages from Aspen HR in the following ways:
    - Verbally, during a conversation
    - By submitting an online form
    Opt-Out Method:
    
    You can opt-out of receiving SMS messages at any time. To do so, simply reply “STOP” to any SMS message you receive. Alternatively, you can contact us directly to request removal from our messaging list.
    
    Help:
    
    If you are experiencing any issues, you can reply with the keyword HELP. Or, you can get help directly from us at https://aspenhr.com.
    
    Additional Options:
    - If you do not wish to receive SMS messages, you can choose not to check the SMS consent box on our forms.
    Standard Messaging Disclosures:
    - Message and data rates may apply.
    - You can opt out at any time by texting “STOP.”
    - For assistance, text “HELP” or visit our [Privacy Policy] page.
    - Message frequency may vary.
- Internal Analysis and Promotions
  We may use Personal Information, non-personal, and aggregate information to evaluate and improve our services, and for our own internal statistical, design, or operational purposes, or, for example, to estimate our audience size, measure aggregate traffic patterns, and understand demographic and other trends among our Client Users and Worksite Employees. We transfer information to certain vendors and service providers who provide technical infrastructure services and other content, analyze our services, and measure the effectiveness of our services.
  
  We may outsource all (or some) of the tasks described in this Privacy Notice to third parties on a confidential basis, and would only share your Personal Information as needed for performance of those tasks, and only pursuant to appropriate confidentiality agreements. You agree that we may use your Personal Information, including your email address, to improve our Site and Solutions, and to customize the Solutions content and layout. These uses improve our Site and Solutions and better tailor it to meet your needs, so as to provide you with a smooth, efficient, and safe experience while using the Solutions.
- Marketing Purposes
  If you provide us with feedback, we will collect that information and we may use it in our marketing materials, use it on our Site or to improve or enhance our Solutions, or disclose it for any purpose we choose. Your Personal Information will not be disclosed or associated with any feedback that we use or disclose unless you have given us permission to use your Personal Information for this purpose. We may use computer and device information for marketing purposes, to examine traffic to the Site and Solutions and improve the Site and Solutions to provide you a better experience.
- Legal Requirement
  We may disclose Personal Information, non-personal information, and aggregate information:
  - to comply with the law, cooperate and respond to requests and claims or comply with legal process served on us (e.g., a lawful subpoena, warrant, or court order);
  - to enforce or apply policies, or agreements (including to initiate, render, bill, and collect for amounts owed to us);
  - to protect and defend us or our user’s rights or property, the Site, Solutions, our employees, visitors, or the public, (including protecting and defending from fraudulent, abusive, or unlawful use of, the Site or Solutions); or
  - if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.
- Company Sale
  Information collected through our Site or Solutions is considered our trade secret or proprietary information. As the owner of such information, we may disclose or sell such information as an asset of the company in conjunction with the sale to a third-party of our company or a portion of our assets.

HOW YOU CAN MANAGE YOUR INFORMATION

- Account Settings
  
  Client Users and Worksite Employees who set up an account with us may elect to receive or stop receiving general and/or informational emails from us or any third-party as described by this Privacy Notice. If you receive email communications from our Solutions, you may use the unsubscribe link contained in the email. Please note that if you are currently receiving services from us and you have decided to opt-out of such general/informational emails, this will not impact the messages we send to you for purposes of delivering such services. Further, if you are a Worksite Employee, you also may not be able to unsubscribe from certain informational e-mails sent by your employer during the course of your employment. Please contact us at [email protected] if you need assistance, or if you have any questions about the different types of emails.
- Request Changes
  
  You may also review and request changes to your Personal Information and obtain removal of content or information you have publicly posted at our Site by sending an email with a detailed description of the specific content or information to [email protected]. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
  
  Please be aware that we cannot always delete records of past interactions and transactions. For example, we are required to retain records relating to record retention laws, for financial reconciliations and reporting and other legal compliance reasons.
- Manage Your Security Settings
  
  You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt
  -out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.
  
  You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
  
  Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and your choices regarding having information used by NAI members. The NAI’s main webpage is located at www.networkadvertising.org.
  
  Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through the Solutions. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website.
  
  We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- Links to Other Websites
  
  Please be aware that we may provide links to third-party websites as a service to our visitors, and that we are not responsible for the content or information collection practices of those pages. Please note that these websites’ privacy policies may differ from our Privacy Notice. We encourage you to review and understand the privacy practices at third-party websites before providing them with information.
- Opt Out
  
  You may opt out of receiving emails or text messages from us at any time either by texting the word “STOP” to any text message using the mobile device that is receiving the messages, by using the unsubscribe link contained in the email, or by contacting the sender. If you are unable to resolve this through these means, contact us at [email protected]. Despite your election to opt-out, if you are still receiving services from us or using our Solutions, we may send you emails or contact you by other means regarding your account, transactions, and your activities with the Solutions.
- Changes to the Service
  
  We may change any short code or telephone number we use to operate the texting services at any time and will notify you of these changes. You acknowledge that any messages, including any STOP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages. Please contact us at [email protected] if you need assistance.

WHAT ELSE SHOULD YOU KNOW ABOUT OUR PRIVACY PRACTICES

- Security
  
  We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Solutions.
  
  The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Solutions, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
- Children
  
  We will not generally collect information from children under age 18. Our Solutions are for general audiences and are not designed nor intended to collect Personal Information from children under the age of 18. We require that registrants affirm that they are 18 years or older, prior to creating an account on the Site or using our Solutions. If we learn that a person under the age of 18 has submitted personally identifiable information to us, we will delete that information from our Solutions. If you believe that a person under the age of 18 has directly provided us with their personal information, please contact us immediately at [email protected].
  
  Notwithstanding anything to the contrary in the foregoing, if you are a Worksite Employee with dependent minors utilizing our Solutions or services, we may collect personally identifiable information from your dependent minors directly from you. We do so only as needed to facilitate providing such information to medical insurance plans as set forth in the Solutions, and only with the appropriate consents received directly from you.

CALIFORNIA CONSUMER PRIVACY ACT/CALIFORNIA PRIVACY RIGHTS ACT (“CCPA”/”CPRA”), COLORADO PRIVACY ACT (“CPA”), NEVADA PRIVACY OF INFORMATION COLLECTED ON THE INTERNET FROM CONSUMERS ACT (“NPICICA”), VIRGINIA CONSUMER DATA PROTECTION ACT (“VCDPA”), AND CONNECTICUT DATA PRIVACY ACT (“CTDPA”) DISCLOSURES

- Categories of Personal Information Collected
  
  Under the CCPA, as amended by the CPRA, you have the right to know what personal information we have collected about you, including the categories of Personal Information, the categories of sources from which the personal information is collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of Personal Information we have collected about you.
  
  We collect the following categories of information: identifiers (such as your name and email address), Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected Personal Information. This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information) or automatically as you navigate through the Solutions. We use this information for one or more legitimate business purposes, including to improve our Solutions, offer information about our Solutions to you, and allow you as the Client User to purchase our Solutions, and you as the Worksite Employee to use our Solutions. We disclose the Personal Information to third parties who are providing services to you, such as the benefits providers, tax providers, and healthcare providers. The specific pieces of information we have collected about you vary, depending on whether you are browsing the website, a Client User, or a Worksite Employee, but we have defined these different types of Personal Information in Section 1.A of this Privacy Notice.
  
  We do not sell Personal Information as defined by the CCPA, and we do not share Personal Information as defined by the CCPA. Further, we have not sold or shared any of your Personal Information with third parties in the past 12 months.
- Rights of California, Colorado, Nevada, Virginia, and Connecticut Residents
  
  If you are a resident of California, Colorado, Nevada, Virginia, or Connecticut you have other rights under your respective states’ consumer privacy statutes:
  - Right of Access: You can access your collected Personal Information by contacting us at [email protected].
  - Right to correct, update, or delete: You can correct, update or request deletion of your Personal Information by contacting us at [email protected]. We can’t make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
  - Right to Request Disclosure of Information Collected: Please contact us at [email protected] to request further information about the categories of Personal Information we have collected about you, where we collected your Personal Information, and for what purpose we use your Personal Information.
  - Right to Disclosure of Information Sold or Shared and Right to Opt-Out of the Sale or Sharing of your Personal Information: You have the right to know what information of yours we have sold, the categories of Personal Information shared, and you have the right to opt-out of any sale or sharing of your information. We do not sell or share any of your information. If you have any questions about these rights, please contact us at [email protected].
  - Rights to Disclosure of Sensitive Information (California): If you are a resident of California, you have a right to know how we collect, process, and disclose “Sensitive Personal Information” (SPI). SPI includes highly sensitive data such as: social security number; driver’s license; passport number; financial account information and log-in credentials; precise geolocation data; genetic data; and ethnic origin. We collect and process the following types of SPI: social security number, financial account information and log-in credentials, and precise geolocation data through IP Address. We use the SPI to provide the Solutions to Worksite Employees and to be able to process payment from Client Users. If you have any questions about the disclosure of SPI, please contact us at [email protected].
  - Right to Retention Details (California): If you are a resident of California, you have a right to know the length of time we to retain each category of Personal Information or if that is not feasible, the criteria we will use to determine that retention period. If you have any questions about this right or our data retention protocol, please contact us at [email protected].
  - Right to Disclosure of Targeted Advertising and Right to Opt-Out (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for targeted advertising. We do not engage in targeted advertising. If you have any questions about these rights, please contact us at [email protected].
  - Right to Disclosure of Profiling (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. If you have any questions about these rights or wish to opt-out of any processing of your Personal Information as it relates to profiling, please contact us at [email protected].
  - Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA, CPA, NPICICA, VCDPA, and CTDPA.
  When you contact us regarding any of your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA we will verify your identity before we provide any information. If you have any questions or comments about your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA please contact us at [email protected].
  
  Contact Us. “Company” means Aspen HR PEO, LLC. To learn more about our privacy practices or this Privacy Notice, you may contact us at [email protected].

1. DEFINITIONS. The following definitions shall apply to this Exhibit B:

“Authorized Persons” means a Party’s employees, contractors, agents, outsourcers, auditors, and approved subcontractors (and Subprocessors) who have a need to know or otherwise access Personal Data to enable the Party to perform its obligations or exercise its rights under the Agreement and who are subject to confidentiality obligations sufficient to protect Personal Data in accordance with the terms and conditions of the Agreement.

“Controller” means a person that, either alone or with another person, determines the purposes and means of Processing Personal Data, and includes a “Business” as defined by the CCPA.

“Data Subject” means any natural person to whom, or household to which, Personal Data relates.

“Data Protection Laws” means all federal, state, local and foreign laws, statutes, executive orders, and final rules or regulations applicable to the Processing of Personal Data under this Agreement in the respective jurisdictions, including (to the extent applicable) Regulation 2016/679 (“GDPR”) and other laws, rules, directives, and regulations applicable to Personal Data in the European Economic Area, United Kingdom, or Switzerland (collectively, “EU Data Protection Laws”), and Cal. Civ. Code §§ 1798.80 et seq., 1798.100 et seq.) (“CCPA”).

“Personal Data” means any data that identifies, relates to, describes, is capable of being associated, or could reasonably be linked, directly or indirectly, with a particular individual or household, and includes without limitation, “nonpublic personal information” as defined under the Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.), “Personal Data” as defined in EU General Data Protection Regulation (Regulation 2016/679), and “personal information” as defined under the Massachusetts Standards for the Protection of Personal Data of Residents of the Commonwealth (201 CMR 17.01 et seq.); “medical information” (as defined under Cal Civ. Code § 56.20; and “personal information” as defined by CCPA.

“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Processor” means a person, to the extent that person Processes Personal Data on behalf of a Controller, and includes for purposes of this Exhibit B any party that meets the definition of a Service Provider or Third Party under the CCPA.

“Security Incident” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data, or any other event affecting Personal Data which may result in data breach or incident notification obligations to Data Subjects or regulatory authorities under applicable Data Protection Laws.

THE TYPES OF INFORMATION WE COLLECT.

- Personal Information
  
  We collect “Personal Information,” which is information that can be used to identify you individually. For example, we collect an Internet Protocol (“IP”) Address from all visitors to our site, and, if the visitors choose to engage with us by submitting a form or requesting further information, we may also collect their names and e-mail addresses.
  
  We collect the following Personal Information from Client Users: full name, email address, phone number, IP Address, and other information that permits us to contact Client Users at a physical location, online, or by electronic communication, including telephone, email, or text messages. We may also collect payment and billing information from Client Users, such as credit or debit card information, checking or ACH information, or other similar financial or banking information related to any transactions they enter into with us.
  
  We collect the following Personal Information from Worksite Employees including, but not necessarily limited to: full name, mailing address, complete date of birth, email address, age, sex, and marital status, social security number, phone number, IP Address, and other information that permits us to contact Worksite Employees at a physical location, online, or by electronic communication, including telephone number, email, or text messages and/or to activate and provide our Solutions.
- Registration and Transactional Data
  
  If you are using our Site or Solutions through iSolved, an HRIS software platform, you are required to submit an email address, password, and additional Personal Information. We may collect and store access information related to your account.
  
  When you have an account with us or through iSolved, the combination of your username and your password is the key to your account with our Solutions. We recommend that you use a unique combination of letters, numbers, and special characters to create your password. You are responsible for all actions taken in the name of your account. You should not disclose your password to anyone. You may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us at [email protected] and, if available, login to your account at the Site and change your password.
  
  We may also track and retain the details of all transactions and communications between Customers, target audiences, and other visitors on our Site and Solutions such as emails, feedback, ratings, sale and purchase of Solutions, and any other forms of communications. We may use and display your name when you send an email or other communication through our Site or Solutions.
- Payment Information
  
  If you use our Solutions, iSolved accounts, and any other cloud-based HR platforms in conjunction with our Solutions, we collect information related to your transaction. This information includes your payment method (credit card or debit card number, account, and authentication information), billing information, and shipping and delivery details. This information is processed through a third-party payment processor. You should look to the third-party payment processors’ terms regarding payments and contact them directly if you have any inquiries.
  
  Your payment for purchased Solutions may be charged directly by us through our third party payment processor, iSolved. Please review the following link to review the iSolved terms: https://www.isolvedhcm.com/legal/terms-of-use. To the extent the Solutions or any portion thereof is made available for any fee or through a subscription, your access will be granted following payment of the applicable fees to Company. Your account and access to the Solutions may be suspended in the event of non-payment of applicable fees.
  
  You agree to provide accurate and complete billing information, including valid credit card information, your name, mailing address, and email address, and to provide iSolved or other third party processor with any changes in such information.
- Contact Us Information and Feedback
  
  We may collect information that identifies you personally when you submit comments, questions, or suggestions to us or to the Solutions using the Contact Sales form or by email, including attached files in an email sent to us. Any comments and any emails we receive from you are subject to the terms of this Privacy Notice.
- Computer and Device Information
  
  We use a variety of data collection platforms to obtain information from or about the computers and devices that you use to access the Solutions, as determined and allowed by the personal settings you have for those computers and devices. These platforms include but are not limited to: Google Analytics, Mouseflow, and Rank Math. This list of platforms is subject to change by Company.
  
  We collect the Internet Protocol (IP) address, domain name, browser type, operating system, device settings, location, web log files, and other code tracking devices from any device you use to access our Solutions and any pages at our Site. You can turn-off and adjust settings on your computers and devices that will not allow us to collect information. For example, in many cellular devices, you can turn off location settings by selecting the “Settings” feature, choosing “Privacy” and turning-off “Location.”
- Transactions & Communications with Third Parties
  
  The Site contains applications, including the Insight blog, that enable you to connect to and from social networking sites and we may collect information about you from such social networking sites in order to provide you with a more personalized experience.
  
  Some content, email, or text message marketing campaigns from our Site and Solutions may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Solutions. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
  
  We may enable third parties to serve advertisements available through our Solutions, Site, or on third-party websites or other media (e.g., social networking platforms) that enable us and third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors, or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third-party’s specific privacy statement, not this one. We may provide these third-party advertisers with Personal Information.

HOW WE USE AND SHARE INFORMATION

- Provide our Solutions
  We use Personal Information to provide you with the features available through the Site and Solutions, to respond to requests that you initiate through the Site or Solutions, to process requests and required actions pursuant to our Solutions that you may initiate through the Site or Solutions, and to communicate with you. When we have location information, we may use it to tailor our services for you.
  
  Additionally, we share Personal Information with health insurance and workers compensation providers, brokers, underwriters, taxation agencies, and state-level regulatory agencies, as needed to conduct business. Personal Information is shared pursuant to your electronic consent when enrolling in specific Solutions.
- Contact By Mobile Phone
  By providing us with your mobile phone number, you hereby expressly consent to receive automated text messages (including SMS and MMS) from us at the mobile phone number you provided. You represent that you are 18 years of age or older and you have the consent of the wireless account holder associated with the mobile phone number you provided.
  
  You are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.
  
  Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive automated text messages is not required as a condition of purchasing, or utilizing, any of our Solution services. If you have opted in (this decision and others detailed further below), we may provide updates via text messages through your wireless provider to the mobile number you provided. Message frequency varies.
  
  When you opt in to receive SMS communications from us:
  - Your consent applies only to messages from Aspen HR
  - We do not share your SMS consent or phone number with third parties or affiliates
  - Messaging frequency may vary.
  - Message and data rates may apply.
  - To opt out at any time, text STOP.
  - For assistance, text HELP or visit our website at https://www.aspenhr.com.
  - Visit https://aspenhr.com/privacy-policy/ for privacy policy and https://aspenhr.com/privacy-policy/ for Terms of Service.
    
    SMS Terms & Conditions
    
    SMS Consent Communication:
    
    The information (Phone Numbers) obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.
    
    Types of SMS Communications:
    
    If you have consented to receive text messages from Aspen HR, you may receive messages related to the following:
    - Follow-up messages
    Example: “This is a message from Aspen HR. We have received your benefits selection for this calendar year. For additional assistance, please contact us directly at 844-408-3054. Reply STOP to opt-out of SMS messaging.“
    
    Message Frequency:
    
    Message frequency may vary depending on the type of communication.
    
    Potential Fees for SMS Messaging:
    
    Please note that standard message and data rates may apply, depending on your carrier’s pricing plan. These fees may vary if the message is sent domestically or internationally.
    
    Opt-In Method:
    
    You may opt-in to receive SMS messages from Aspen HR in the following ways:
    - Verbally, during a conversation
    - By submitting an online form
    Opt-Out Method:
    
    You can opt-out of receiving SMS messages at any time. To do so, simply reply “STOP” to any SMS message you receive. Alternatively, you can contact us directly to request removal from our messaging list.
    
    Help:
    
    If you are experiencing any issues, you can reply with the keyword HELP. Or, you can get help directly from us at https://aspenhr.com.
    
    Additional Options:
    - If you do not wish to receive SMS messages, you can choose not to check the SMS consent box on our forms.
    Standard Messaging Disclosures:
    - Message and data rates may apply.
    - You can opt out at any time by texting “STOP.”
    - For assistance, text “HELP” or visit our [Privacy Policy] page.
    - Message frequency may vary.
- Internal Analysis and Promotions
  We may use Personal Information, non-personal, and aggregate information to evaluate and improve our services, and for our own internal statistical, design, or operational purposes, or, for example, to estimate our audience size, measure aggregate traffic patterns, and understand demographic and other trends among our Client Users and Worksite Employees. We transfer information to certain vendors and service providers who provide technical infrastructure services and other content, analyze our services, and measure the effectiveness of our services.
  
  We may outsource all (or some) of the tasks described in this Privacy Notice to third parties on a confidential basis, and would only share your Personal Information as needed for performance of those tasks, and only pursuant to appropriate confidentiality agreements. You agree that we may use your Personal Information, including your email address, to improve our Site and Solutions, and to customize the Solutions content and layout. These uses improve our Site and Solutions and better tailor it to meet your needs, so as to provide you with a smooth, efficient, and safe experience while using the Solutions.
- Marketing Purposes
  If you provide us with feedback, we will collect that information and we may use it in our marketing materials, use it on our Site or to improve or enhance our Solutions, or disclose it for any purpose we choose. Your Personal Information will not be disclosed or associated with any feedback that we use or disclose unless you have given us permission to use your Personal Information for this purpose. We may use computer and device information for marketing purposes, to examine traffic to the Site and Solutions and improve the Site and Solutions to provide you a better experience.
- Legal Requirement
  We may disclose Personal Information, non-personal information, and aggregate information:
  - to comply with the law, cooperate and respond to requests and claims or comply with legal process served on us (e.g., a lawful subpoena, warrant, or court order);
  - to enforce or apply policies, or agreements (including to initiate, render, bill, and collect for amounts owed to us);
  - to protect and defend us or our user’s rights or property, the Site, Solutions, our employees, visitors, or the public, (including protecting and defending from fraudulent, abusive, or unlawful use of, the Site or Solutions); or
  - if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.
- Company Sale
  Information collected through our Site or Solutions is considered our trade secret or proprietary information. As the owner of such information, we may disclose or sell such information as an asset of the company in conjunction with the sale to a third-party of our company or a portion of our assets.

HOW YOU CAN MANAGE YOUR INFORMATION

- Account Settings
  
  Client Users and Worksite Employees who set up an account with us may elect to receive or stop receiving general and/or informational emails from us or any third-party as described by this Privacy Notice. If you receive email communications from our Solutions, you may use the unsubscribe link contained in the email. Please note that if you are currently receiving services from us and you have decided to opt-out of such general/informational emails, this will not impact the messages we send to you for purposes of delivering such services. Further, if you are a Worksite Employee, you also may not be able to unsubscribe from certain informational e-mails sent by your employer during the course of your employment. Please contact us at [email protected] if you need assistance, or if you have any questions about the different types of emails.
- Request Changes
  
  You may also review and request changes to your Personal Information and obtain removal of content or information you have publicly posted at our Site by sending an email with a detailed description of the specific content or information to [email protected]. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
  
  Please be aware that we cannot always delete records of past interactions and transactions. For example, we are required to retain records relating to record retention laws, for financial reconciliations and reporting and other legal compliance reasons.
- Manage Your Security Settings
  
  You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt
  -out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.
  
  You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
  
  Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and your choices regarding having information used by NAI members. The NAI’s main webpage is located at www.networkadvertising.org.
  
  Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through the Solutions. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website.
  
  We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- Links to Other Websites
  
  Please be aware that we may provide links to third-party websites as a service to our visitors, and that we are not responsible for the content or information collection practices of those pages. Please note that these websites’ privacy policies may differ from our Privacy Notice. We encourage you to review and understand the privacy practices at third-party websites before providing them with information.
- Opt Out
  
  You may opt out of receiving emails or text messages from us at any time either by texting the word “STOP” to any text message using the mobile device that is receiving the messages, by using the unsubscribe link contained in the email, or by contacting the sender. If you are unable to resolve this through these means, contact us at [email protected]. Despite your election to opt-out, if you are still receiving services from us or using our Solutions, we may send you emails or contact you by other means regarding your account, transactions, and your activities with the Solutions.
- Changes to the Service
  
  We may change any short code or telephone number we use to operate the texting services at any time and will notify you of these changes. You acknowledge that any messages, including any STOP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages. Please contact us at [email protected] if you need assistance.

WHAT ELSE SHOULD YOU KNOW ABOUT OUR PRIVACY PRACTICES

- Security
  
  We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Solutions.
  
  The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Solutions, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
- Children
  
  We will not generally collect information from children under age 18. Our Solutions are for general audiences and are not designed nor intended to collect Personal Information from children under the age of 18. We require that registrants affirm that they are 18 years or older, prior to creating an account on the Site or using our Solutions. If we learn that a person under the age of 18 has submitted personally identifiable information to us, we will delete that information from our Solutions. If you believe that a person under the age of 18 has directly provided us with their personal information, please contact us immediately at [email protected].
  
  Notwithstanding anything to the contrary in the foregoing, if you are a Worksite Employee with dependent minors utilizing our Solutions or services, we may collect personally identifiable information from your dependent minors directly from you. We do so only as needed to facilitate providing such information to medical insurance plans as set forth in the Solutions, and only with the appropriate consents received directly from you.

CALIFORNIA CONSUMER PRIVACY ACT/CALIFORNIA PRIVACY RIGHTS ACT (“CCPA”/”CPRA”), COLORADO PRIVACY ACT (“CPA”), NEVADA PRIVACY OF INFORMATION COLLECTED ON THE INTERNET FROM CONSUMERS ACT (“NPICICA”), VIRGINIA CONSUMER DATA PROTECTION ACT (“VCDPA”), AND CONNECTICUT DATA PRIVACY ACT (“CTDPA”) DISCLOSURES

- Categories of Personal Information Collected
  
  Under the CCPA, as amended by the CPRA, you have the right to know what personal information we have collected about you, including the categories of Personal Information, the categories of sources from which the personal information is collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of Personal Information we have collected about you.
  
  We collect the following categories of information: identifiers (such as your name and email address), Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected Personal Information. This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information) or automatically as you navigate through the Solutions. We use this information for one or more legitimate business purposes, including to improve our Solutions, offer information about our Solutions to you, and allow you as the Client User to purchase our Solutions, and you as the Worksite Employee to use our Solutions. We disclose the Personal Information to third parties who are providing services to you, such as the benefits providers, tax providers, and healthcare providers. The specific pieces of information we have collected about you vary, depending on whether you are browsing the website, a Client User, or a Worksite Employee, but we have defined these different types of Personal Information in Section 1.A of this Privacy Notice.
  
  We do not sell Personal Information as defined by the CCPA, and we do not share Personal Information as defined by the CCPA. Further, we have not sold or shared any of your Personal Information with third parties in the past 12 months.
- Rights of California, Colorado, Nevada, Virginia, and Connecticut Residents
  
  If you are a resident of California, Colorado, Nevada, Virginia, or Connecticut you have other rights under your respective states’ consumer privacy statutes:
  - Right of Access: You can access your collected Personal Information by contacting us at [email protected].
  - Right to correct, update, or delete: You can correct, update or request deletion of your Personal Information by contacting us at [email protected]. We can’t make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
  - Right to Request Disclosure of Information Collected: Please contact us at [email protected] to request further information about the categories of Personal Information we have collected about you, where we collected your Personal Information, and for what purpose we use your Personal Information.
  - Right to Disclosure of Information Sold or Shared and Right to Opt-Out of the Sale or Sharing of your Personal Information: You have the right to know what information of yours we have sold, the categories of Personal Information shared, and you have the right to opt-out of any sale or sharing of your information. We do not sell or share any of your information. If you have any questions about these rights, please contact us at [email protected].
  - Rights to Disclosure of Sensitive Information (California): If you are a resident of California, you have a right to know how we collect, process, and disclose “Sensitive Personal Information” (SPI). SPI includes highly sensitive data such as: social security number; driver’s license; passport number; financial account information and log-in credentials; precise geolocation data; genetic data; and ethnic origin. We collect and process the following types of SPI: social security number, financial account information and log-in credentials, and precise geolocation data through IP Address. We use the SPI to provide the Solutions to Worksite Employees and to be able to process payment from Client Users. If you have any questions about the disclosure of SPI, please contact us at [email protected].
  - Right to Retention Details (California): If you are a resident of California, you have a right to know the length of time we to retain each category of Personal Information or if that is not feasible, the criteria we will use to determine that retention period. If you have any questions about this right or our data retention protocol, please contact us at [email protected].
  - Right to Disclosure of Targeted Advertising and Right to Opt-Out (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for targeted advertising. We do not engage in targeted advertising. If you have any questions about these rights, please contact us at [email protected].
  - Right to Disclosure of Profiling (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. If you have any questions about these rights or wish to opt-out of any processing of your Personal Information as it relates to profiling, please contact us at [email protected].
  - Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA, CPA, NPICICA, VCDPA, and CTDPA.
  When you contact us regarding any of your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA we will verify your identity before we provide any information. If you have any questions or comments about your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA please contact us at [email protected].
  
  Contact Us. “Company” means Aspen HR PEO, LLC. To learn more about our privacy practices or this Privacy Notice, you may contact us at [email protected].

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others

Privacy Notice

1. PRIVACY AND DATA SECURITY

1. DEFINITIONS. The following definitions shall apply to this Exhibit B:

Get White-Glove HR

Contact Sales

10 Critical Questions to Ask Your PEO

Why ESG Is Important to Financial Services Companies