Last modified IN April 2023
Aspen HR PEO, LLC and its affiliates (the “Company”, “we”, “our”, or “us”) respects your privacy and are committed to protecting it through this Privacy Notice (“Privacy Notice”). This Privacy Notice describes the type of information we may collect from you or that you may provide to us when you visit www.aspenhr.com and the affiliated subdomains (the “Site”), use our Solutions (listed on the Site under the “Solutions” tab) that we provide to you or which are available through our Solutions and our policies and practices regarding how we collect, use, and disclose that information. If you engage in Solutions offered by us, then you may be subject to other terms and conditions and disclosures relevant to the Solutions that are not included in this Privacy Notice.
BY ACCESSING OR BROWSING THE SITE OR USING THE SOLUTIONS, YOU CONSENT TO THE COLLECTION AND USE OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY NOTICE, AS MODIFIED FROM TIME TO TIME BY US.
This Privacy Notice applies to information we collect:
- From companies who employ Company to coordinate their human resources (“HR”) services, including, but not limited to, benefits, compliance, tax, and payroll solutions, in addition to other similar services (“Client Users”).
- From employees of Client Users (“Worksite Employees).
- From visitors to the Site (collectively, with Client Users and Worksite Employees, “you”).
- In email, text, and other electronic messages between us.
- When you engage with us to use our Solutions or request information about our Solutions
We reserve the right, at any time and without notice to you, to add to, change, update, or modify this Privacy Notice. If we decide to change our Privacy Notice, we will post a new notice on our Site and change the date at the top of the Privacy Notice. Any change, update or modification will be effective immediately upon posting on our Site and will apply to any Personal Information (as defined below) provided to us on and after that date. Your continued use of the Site or Solutions after we make changes is deemed to be acceptance of those changes, so please check the Privacy Notice periodically for updates.
If we make a material change to our Privacy Notice that affects how we collect or use your Personal Information, we will notify you via email, SMS text message, or other notification. If you have any questions about this Privacy Notice or our use of your information, you can email us at [email protected].
- THE TYPES OF INFORMATION WE COLLECT.
- Personal Information
We collect “Personal Information,” which is information that can be used to identify you individually. For example, we collect an Internet Protocol (“IP”) Address from all visitors to our site, and, if the visitors choose to engage with us by submitting a form or requesting further information, we may also collect their names and e-mail addresses.
We collect the following Personal Information from Client Users: full name, email address, phone number, IP Address, and other information that permits us to contact Client Users at a physical location, online, or by electronic communication, including telephone, email, or text messages. We may also collect payment and billing information from Client Users, such as credit or debit card information, checking or ACH information, or other similar financial or banking information related to any transactions they enter into with us.
We collect the following Personal Information from Worksite Employees including, but not necessarily limited to: full name, mailing address, complete date of birth, email address, age, sex, and marital status, social security number, phone number, IP Address, and other information that permits us to contact Worksite Employees at a physical location, online, or by electronic communication, including telephone number, email, or text messages and/or to activate and provide our Solutions.
- Registration and Transactional Data
If you are using our Site or Solutions through iSolved, an HRIS software platform, you are required to submit an email address, password, and additional Personal Information. We may collect and store access information related to your account.
When you have an account with us or through iSolved, the combination of your username and your password is the key to your account with our Solutions. We recommend that you use a unique combination of letters, numbers, and special characters to create your password. You are responsible for all actions taken in the name of your account. You should not disclose your password to anyone. You may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us at [email protected] and, if available, login to your account at the Site and change your password.
We may also track and retain the details of all transactions and communications between Customers, target audiences, and other visitors on our Site and Solutions such as emails, feedback, ratings, sale and purchase of Solutions, and any other forms of communications. We may use and display your name when you send an email or other communication through our Site or Solutions.
- Payment Information
If you use our Solutions, iSolved accounts, and any other cloud-based HR platforms in conjunction with our Solutions, we collect information related to your transaction. This information includes your payment method (credit card or debit card number, account, and authentication information), billing information, and shipping and delivery details. This information is processed through a third-party payment processor. You should look to the third-party payment processors’ terms regarding payments and contact them directly if you have any inquiries.
Your payment for purchased Solutions may be charged directly by us through our third party payment processor, iSolved. Please review the following link to review the iSolved terms: https://www.isolvedhcm.com/legal/terms-of-use. To the extent the Solutions or any portion thereof is made available for any fee or through a subscription, your access will be granted following payment of the applicable fees to Company. Your account and access to the Solutions may be suspended in the event of non-payment of applicable fees.
You agree to provide accurate and complete billing information, including valid credit card information, your name, mailing address, and email address, and to provide iSolved or other third party processor with any changes in such information.
- Contact Us Information and Feedback
We may collect information that identifies you personally when you submit comments, questions, or suggestions to us or to the Solutions using the Contact Sales form or by email, including attached files in an email sent to us. Any comments and any emails we receive from you are subject to the terms of this Privacy Notice.
- Computer and Device Information
We use a variety of data collection platforms to obtain information from or about the computers and devices that you use to access the Solutions, as determined and allowed by the personal settings you have for those computers and devices. These platforms include but are not limited to: Google Analytics, Mouseflow, and Rank Math. This list of platforms is subject to change by Company.
We collect the Internet Protocol (IP) address, domain name, browser type, operating system, device settings, location, web log files, and other code tracking devices from any device you use to access our Solutions and any pages at our Site. You can turn-off and adjust settings on your computers and devices that will not allow us to collect information. For example, in many cellular devices, you can turn off location settings by selecting the “Settings” feature, choosing “Privacy” and turning-off “Location.”
- Transactions & Communications with Third Parties
The Site contains applications, including the Insight blog, that enable you to connect to and from social networking sites and we may collect information about you from such social networking sites in order to provide you with a more personalized experience.
- Personal Information
- HOW WE USE AND SHARE INFORMATION
- Provide our Solutions
We use Personal Information to provide you with the features available through the Site and Solutions, to respond to requests that you initiate through the Site or Solutions, to process requests and required actions pursuant to our Solutions that you may initiate through the Site or Solutions, and to communicate with you. When we have location information, we may use it to tailor our services for you.
Additionally, we share Personal Information with health insurance and workers compensation providers, brokers, underwriters, taxation agencies, and state-level regulatory agencies, as needed to conduct business. Personal Information is shared pursuant to your electronic consent when enrolling in specific Solutions.
- Contact By Mobile Phone
By providing us with your mobile phone number, you hereby expressly consent to receive automated text messages (including SMS and MMS) from us at the mobile phone number you provided. You represent that you are 18 years of age or older and you have the consent of the wireless account holder associated with the mobile phone number you provided.
You are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.
Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive automated text messages is not required as a condition of purchasing, or utilizing, any of our Solution services. If you have opted in (this decision and others detailed further below), we may provide updates via text messages through your wireless provider to the mobile number you provided. Message frequency varies.
- Internal Analysis and Promotions
We may use Personal Information, non-personal, and aggregate information to evaluate and improve our services, and for our own internal statistical, design, or operational purposes, or, for example, to estimate our audience size, measure aggregate traffic patterns, and understand demographic and other trends among our Client Users and Worksite Employees. We transfer information to certain vendors and service providers who provide technical infrastructure services and other content, analyze our services, and measure the effectiveness of our services.
We may outsource all (or some) of the tasks described in this Privacy Notice to third parties on a confidential basis, and would only share your Personal Information as needed for performance of those tasks, and only pursuant to appropriate confidentiality agreements. You agree that we may use your Personal Information, including your email address, to improve our Site and Solutions, and to customize the Solutions content and layout. These uses improve our Site and Solutions and better tailor it to meet your needs, so as to provide you with a smooth, efficient, and safe experience while using the Solutions.
- Marketing Purposes
If you provide us with feedback, we will collect that information and we may use it in our marketing materials, use it on our Site or to improve or enhance our Solutions, or disclose it for any purpose we choose. Your Personal Information will not be disclosed or associated with any feedback that we use or disclose unless you have given us permission to use your Personal Information for this purpose. We may use computer and device information for marketing purposes, to examine traffic to the Site and Solutions and improve the Site and Solutions to provide you a better experience.
- Legal Requirement
We may disclose Personal Information, non-personal information, and aggregate information:
- to comply with the law, cooperate and respond to requests and claims or comply with legal process served on us (e.g., a lawful subpoena, warrant, or court order);
- to enforce or apply policies, or agreements (including to initiate, render, bill, and collect for amounts owed to us);
- to protect and defend us or our user’s rights or property, the Site, Solutions, our employees, visitors, or the public, (including protecting and defending from fraudulent, abusive, or unlawful use of, the Site or Solutions); or
- if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.
- Company Sale
Information collected through our Site or Solutions is considered our trade secret or proprietary information. As the owner of such information, we may disclose or sell such information as an asset of the company in conjunction with the sale to a third-party of our company or a portion of our assets.
- Provide our Solutions
- HOW YOU CAN MANAGE YOUR INFORMATION
- Account Settings
Client Users and Worksite Employees who set up an account with us may elect to receive or stop receiving general and/or informational emails from us or any third-party as described by this Privacy Notice. If you receive email communications from our Solutions, you may use the unsubscribe link contained in the email. Please note that if you are currently receiving services from us and you have decided to opt-out of such general/informational emails, this will not impact the messages we send to you for purposes of delivering such services. Further, if you are a Worksite Employee, you also may not be able to unsubscribe from certain informational e-mails sent by your employer during the course of your employment. Please contact us at [email protected] if you need assistance, or if you have any questions about the different types of emails.
- Request Changes
You may also review and request changes to your Personal Information and obtain removal of content or information you have publicly posted at our Site by sending an email with a detailed description of the specific content or information to [email protected]. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
Please be aware that we cannot always delete records of past interactions and transactions. For example, we are required to retain records relating to record retention laws, for financial reconciliations and reporting and other legal compliance reasons.
- Manage Your Security Settings
You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available. You can opt
-out of being targeted by certain third-party advertising companies online at http://www.networkadvertising.org/choices/.
You may manage how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and your choices regarding having information used by NAI members. The NAI’s main webpage is located at www.networkadvertising.org.
Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through the Solutions. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt-out on the DAA or NAI websites, your opt-out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- Links to Other Websites
Please be aware that we may provide links to third-party websites as a service to our visitors, and that we are not responsible for the content or information collection practices of those pages. Please note that these websites’ privacy policies may differ from our Privacy Notice. We encourage you to review and understand the privacy practices at third-party websites before providing them with information.
- Opt Out
You may opt out of receiving emails or text messages from us at any time either by texting the word “STOP” to any text message using the mobile device that is receiving the messages, by using the unsubscribe link contained in the email, or by contacting the sender. If you are unable to resolve this through these means, contact us at [email protected]. Despite your election to opt-out, if you are still receiving services from us or using our Solutions, we may send you emails or contact you by other means regarding your account, transactions, and your activities with the Solutions.
- Changes to the Service
We may change any short code or telephone number we use to operate the texting services at any time and will notify you of these changes. You acknowledge that any messages, including any STOP requests, you send to a short code or telephone number we have changed may not be received and we will not be responsible for honoring requests made in such messages. Please contact us at [email protected] if you need assistance.
- Account Settings
- WHAT ELSE SHOULD YOU KNOW ABOUT OUR PRIVACY PRACTICES
We follow generally accepted industry standards to protect Personal Information, including your email address, submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Solutions.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Solutions, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We will not generally collect information from children under age 18. Our Solutions are for general audiences and are not designed nor intended to collect Personal Information from children under the age of 18. We require that registrants affirm that they are 18 years or older, prior to creating an account on the Site or using our Solutions. If we learn that a person under the age of 18 has submitted personally identifiable information to us, we will delete that information from our Solutions. If you believe that a person under the age of 18 has directly provided us with their personal information, please contact us immediately at [email protected].
Notwithstanding anything to the contrary in the foregoing, if you are a Worksite Employee with dependent minors utilizing our Solutions or services, we may collect personally identifiable information from your dependent minors directly from you. We do so only as needed to facilitate providing such information to medical insurance plans as set forth in the Solutions, and only with the appropriate consents received directly from you.
- CALIFORNIA CONSUMER PRIVACY ACT/CALIFORNIA PRIVACY RIGHTS ACT (“CCPA”/”CPRA”), COLORADO PRIVACY ACT (“CPA”), NEVADA PRIVACY OF INFORMATION COLLECTED ON THE INTERNET FROM CONSUMERS ACT (“NPICICA”), VIRGINIA CONSUMER DATA PROTECTION ACT (“VCDPA”), AND CONNECTICUT DATA PRIVACY ACT (“CTDPA”) DISCLOSURES
- Categories of Personal Information Collected
Under the CCPA, as amended by the CPRA, you have the right to know what personal information we have collected about you, including the categories of Personal Information, the categories of sources from which the personal information is collected, the business or commercial purposes for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of Personal Information we have collected about you.
We collect the following categories of information: identifiers (such as your name and email address), Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected Personal Information. This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information) or automatically as you navigate through the Solutions. We use this information for one or more legitimate business purposes, including to improve our Solutions, offer information about our Solutions to you, and allow you as the Client User to purchase our Solutions, and you as the Worksite Employee to use our Solutions. We disclose the Personal Information to third parties who are providing services to you, such as the benefits providers, tax providers, and healthcare providers. The specific pieces of information we have collected about you vary, depending on whether you are browsing the website, a Client User, or a Worksite Employee, but we have defined these different types of Personal Information in Section 1.A of this Privacy Notice.
We do not sell Personal Information as defined by the CCPA, and we do not share Personal Information as defined by the CCPA. Further, we have not sold or shared any of your Personal Information with third parties in the past 12 months.
- Rights of California, Colorado, Nevada, Virginia, and Connecticut Residents
If you are a resident of California, Colorado, Nevada, Virginia, or Connecticut you have other rights under your respective states’ consumer privacy statutes:
- Right of Access: You can access your collected Personal Information by contacting us at [email protected].
- Right to correct, update, or delete: You can correct, update or request deletion of your Personal Information by contacting us at [email protected]. We can’t make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
- Right to Request Disclosure of Information Collected: Please contact us at [email protected] to request further information about the categories of Personal Information we have collected about you, where we collected your Personal Information, and for what purpose we use your Personal Information.
- Right to Disclosure of Information Sold or Shared and Right to Opt-Out of the Sale or Sharing of your Personal Information: You have the right to know what information of yours we have sold, the categories of Personal Information shared, and you have the right to opt-out of any sale or sharing of your information. We do not sell or share any of your information. If you have any questions about these rights, please contact us at [email protected].
- Rights to Disclosure of Sensitive Information (California): If you are a resident of California, you have a right to know how we collect, process, and disclose “Sensitive Personal Information” (SPI). SPI includes highly sensitive data such as: social security number; driver’s license; passport number; financial account information and log-in credentials; precise geolocation data; genetic data; and ethnic origin. We collect and process the following types of SPI: social security number, financial account information and log-in credentials, and precise geolocation data through IP Address. We use the SPI to provide the Solutions to Worksite Employees and to be able to process payment from Client Users. If you have any questions about the disclosure of SPI, please contact us at [email protected].
- Right to Retention Details (California): If you are a resident of California, you have a right to know the length of time we to retain each category of Personal Information or if that is not feasible, the criteria we will use to determine that retention period. If you have any questions about this right or our data retention protocol, please contact us at [email protected].
- Right to Disclosure of Targeted Advertising and Right to Opt-Out (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for targeted advertising. We do not engage in targeted advertising. If you have any questions about these rights, please contact us at [email protected].
- Right to Disclosure of Profiling (Colorado, Virginia, and Connecticut): If you are a resident of Colorado, Virginia or Connecticut, you have the right to know what information of yours we have processed for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. If you have any questions about these rights or wish to opt-out of any processing of your Personal Information as it relates to profiling, please contact us at [email protected].
- Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA, CPA, NPICICA, VCDPA, and CTDPA.
When you contact us regarding any of your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA we will verify your identity before we provide any information. If you have any questions or comments about your rights under the CCPA, CPRA, CPA, NPICICA, VCDPA, and CTDPA please contact us at [email protected].
Contact Us. “Company” means Aspen HR PEO, LLC. To learn more about our privacy practices or this Privacy Notice, you may contact us at [email protected].
- Categories of Personal Information Collected