PRIVACY POLICY

Last Updated: September 27, 2022

Privacy Policy

Introduction

Welcome. LuxHR, Inc. a Delaware Corporation dba ComplianceHR (“ComplianceHR,” “Company” or “we,” “our” or “us”) understands that privacy is important to you and want you to know that we are committed to safeguarding your Personal Information (defined below). As a result, we want to provide you with a clear picture of how the Personal Information that you provide to us is processed, managed, and protected by us, and what your choices are with respect to that information.

This Privacy Policy governs the Company’s websites (including www.compliancehr.com, https://info.compliancehr.com/ and https://knowledge.compliancehr.com), all subdomains, and all portals, products, services, and any interactive features, applications, or other services that post a link to this Privacy Policy (the “Website”) and our software, including its component applications and dashboard (the “Solutions”) and applies to personally identifiable information from or about an individual (“Personal Information”) that we may collect from you. The Website and Solutions may be referred to collectively as “Services.”

If you voluntarily provide your information in the course of interacting with our Website or otherwise using our Services, we will take that as your agreement to our collection, use, and disclosure of your information as set forth in this Privacy Policy.

This Privacy Policy does not apply to any products, services, websites, or content that are offered by third parties (“Third Party Services”), which are governed by their respective privacy policies.

Although the Services are not directed to residents of the European Union, EU residents may have additional rights. Please see our GDPR Privacy Rights section following the main Privacy Policy.

Users with disabilities who wish to access this Privacy Policy in an alternative format can contact us by calling us at: (646) 402-6225; emailing us at: support@compliancehr.com or sending us U.S. mail to: 60 East 42nd Street Suite 1810 New York, NY, US 10165

PLEASE READ CAREFULLY PRIOR TO CONTINUING TO VIEW OUR SITE OR USING OUR SERVICES. BY ACCESSING THE SITE AND/OR USING OUR SERVICES, YOU AFFIRM THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO ABIDE TO THIS PRIVACY POLICY. YOUR ACCESS TO AND USE OF THE SERVICES IS ALSO SUBJECT TO OUR TERMS OF USE (THE “TERMS OF USE”). IF YOU DO NOT AGREE TO ABIDE BY THIS PRIVACY POLICY, YOU MAY NOT ENTER, ACCESS, OR OTHERWISE USE OUR SERVICES. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE, YOU REPRESENT TO US THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL TO ACCEPT THIS PRIVACY POLICY AND YOU DO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S BEHALF.

WE ARE NOT A LAW FIRM. COMPLIANCEHR DOES NOT AND CANNOT GIVE LEGAL ADVICE, OPINIONS OR RECOMMENDATIONS REGARDING YOUR LEGAL RIGHTS, OBLIGATIONS, REMEDIES, DEFENSES OR STRATEGIES. THE INFORMATION AND MATERIALS AVAILABLE ON THE WEBSITE (THE "MATERIALS") ARE FOR INFORMATIONAL PURPOSES ONLY AND ARE NOT INTENDED TO AND DO NOT CONSTITUTE LEGAL ADVICE OR A SOLICITATION FOR THE FORMATION OF AN ATTORNEY-CLIENT RELATIONSHIP. THE INFORMATION PROVIDED ON THIS SITE MAY NOT APPLY TO YOUR PARTICULAR FACTS OR CIRCUMSTANCES; THEREFORE, YOU SHOULD SEEK LEGAL COUNSEL PRIOR TO RELYING ON ANY INFORMATION THAT MAY BE FOUND ON THIS SITE. FURTHERMORE, INFORMATION PROVIDED ON THIS WEBSITE MAY NOT REFLECT THE MOST RECENT DEVELOPMENTS IN THE LAW AND MAY NOT BE APPLICABLE IN YOUR PARTICULAR JURISDICTION. THEREFORE, YOU SHOULD NOT ACT ON ANY OF THE INFORMATION CONTAINED ON THIS SITE UNTIL YOU OBTAIN LEGAL COUNSEL FROM A QUALIFIED LAWYER IN YOUR JURISDICTION.

Table of Contents


What Information We Collect

What Information We Collect

 

Information You Provide to Us

The type of information you provide to us depends on the nature of your interaction with our Services. We refer to those who use our Services as “Users”.

CONTACT INFORMATION

 

We may ask you to provide us with certain basic information, including

      1. First and Last Name,
      2. Email Address,
      3. Mailing or business address,
      4. Telephone Number or Mobile Number, and
      5. Other data relevant to the particular task.
USAGE INFORMATION

 

In addition to information that you choose to submit to us, we and/or our service providers may automatically collect and/or store certain information when you visit or interact with the Website (“Usage Information”).

This Usage Information may be stored and/or accessed from your personal computer, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with our Website. Usage Information may include:

      • Your IP address, IDFA, Android/Google Advertising ID, IMEI, or another unique identifier.
      • Your Device functionality (including browser, browser language, time zone, operating system, hardware, mobile network information).
      • Referring and exit web pages and URLs;
      • The areas within our Website that you visit and your activities there, including remembering you and your preferences;
      • Your Device location or other geolocation information, including the zip code, state or country from which you accessed the Services;
      • Your Device characteristics; and
      • Certain other Device data, including the time of day you visit our Website.

Information from Cookies and other Tracking Technologies

We may use various methods and technologies to store or collect Usage Information ( “Tracking Technologies”). A few of the Tracking Technologies used on the Website, include, but are not limited to, the following (as well as future-developed tracking technology or methods that are not listed here):

      • Cookies. A cookie is a file placed on a Device to uniquely identify your browser or to store information on your Device. Our Website may use HTTP cookies, HTML5 cookies, Flash cookies and other types of cookie technology to store information on local storage. We do not use cookies for tracking purposes.
      • Web Beacons. A Web Beacon is a small tag (which may be invisible to you) that may be placed on our Website’s pages and messages. We may use web beacons for tracking purposes.
      • Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Website, such as the links you click on.
      • ETag, or entity tag. An Etag or entity tag is a feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL.
      • Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
      • Recognition Technologies. Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user).

 

We may use Tracking Technologies for a variety of purposes, including:

      • To allow you to use and access the Website, including for the prevention of fraudulent activity and improved security functionality;
      • To assess the performance of the Website, including as part of our analytic practices or otherwise to improve the content, products or services offered through the Website;
      • To offer you enhanced functionality when accessing the Website, including identifying you when you sign into our Website or keeping track of your specified preferences or to track your online activities over time and across third-party sites; and
      • To deliver content relevant to your interests on our Website and third party sites based on how you interact with our content.

Users can opt-out of certain Google®-related tracking technology and customize the Google® Display Network ads that they receive, by visiting the Google® Ads Settings at: http://www.google.com/settings/ads. Google® also recommends installing the Google® Analytics Opt-out Browser Add-on for your web browser, which is available here: https://tools.google.com/dlpage/gaoptout. To the greatest extent permissible under applicable law, we are not responsible for the tracking practices of third-parties in connection with the Website.

Google® is a registered trademark of Alphabet, Inc. ("Google"). Please be advised that we are not in any way affiliated with Google, nor are the Services endorsed, administered or sponsored by Google.

To learn more about how to opt out of the Google Marketing Platform’s use of cookies, visit the opt-out page, here [https://support.google.com/ads/answer/2662922?hl=e].

If you would like more information about behavioral advertising practices, go to the Digital Advertising Alliance’s WebChoices tool at www.aboutads.info. To learn about your choices in connection with these practices on the particular device on which you are accessing this Privacy Policy, please visit http://www.networkadvertising.org/choices and http://www.aboutads.info/choices.

You may also click on the informational icon contained within each interest-based ad. We do not control these opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.

Please note that even if you exercise the opt-out choices above, you may continue to receive advertisements, for example, ads based on the particular website you are viewing (e.g., contextually based ads). Also, if your browser (like some Safari browsers) is configured to reject opt-out cookies when you opt out on the DAA or NAI websites, your opt-out may not be effective.

Information We Collect When You Interact with Third-Party Websites
The Services may include functionality that allows certain kinds of interactions between the Website and your account on a third-party website or application. The use of this functionality may involve the third-party site providing information to us. For example, we may provide links on the Website to facilitate sending a communication from the Website. These third parties may retain any information used or provided in any such communications or activities and these third parties’ practices are not subject to our Privacy Policy. We may not control or have access to your communications through these third parties. Further, when you use third-party sites or services, you are using their services and not our services and they, not we, are responsible for their practices. You should read the applicable third-party privacy policies before using such third-party tools on our Website.

Information from Third Parties.
In addition, we may collect information about you from other sources as described more fully below. We may also obtain information about you from marketers and market research firms. We may combine the information we collect from third parties with information that we have collected from you or through your use of the Services.

Location data
We may obtain information about your location to provide customized Services, content, and other information that may be of interest to you. If you no longer wish for us or our service providers to collect and use location information, you may disable the location features on your Device. Consult your Device manufacturer settings for instructions. Please note that if you disable such features, your ability to access certain features, Services, content or products may be limited or disabled.

Inferences.
Using the other pieces of personal information collected about you, we may draw inferences about you, reflecting what we believe to be your preferences, characteristics, predispositions, and attitudes.


Why We Collect Personal Information

Why We Collect Personal Information

We may use your Personal Information for various purposes, including:

      • Responding to requests for information,
      • Providing, developing, customizing and improving your services,
      • Fulfilling your requests for services,
      • Verifying your identity and for fraud prevention,
      • Creating accounts,
      • Providing you with updates and information about services we provide,
      • Creating user preferences regarding emails and other correspondence,
      • Sending you marketing information about ComplianceHR and our affiliated entities,
      • Sending you email and text communications such as electronic newsletters about our Services which may be of interest to you,
      • Improving the effectiveness of our Website, our marketing endeavors, and our product and service offerings,
      • Helping us address problems with and improve our Website and our products and services, including testing and creating new products, features, and services,
      • Protecting the security and integrity of the Website, including understanding and resolving any technical and security issues reported on our Website,
      • Resolving disputes,
      • Engaging in analysis, research, and reports regarding the use of our Website and Services,
      • For internal business purposes and our legitimate interests.
      • Complying with the law and protecting the safety, rights, property or security of ComplianceHR, the Services, and the general public, and
      • For purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy.

When We Disclose Personal Information

When We Disclose Information

We may disclose your Personal Information in the following circumstances:

To Third Parties Providing Services to ComplianceHR. We may use Third-Party Service Providers to perform certain services on behalf of us or the Website or Services, such as: (i) creating and updating Website functionality; (ii) billing or processing credit cards, and/or electronic or manual payments; (iii) assisting us in Website operations; (iv) managing a database of customer and consumer information; (v) hosting the Website and improving performance of the Websites; (vi) designing and/or operating the Website’s features; (vii) tracking the Website’s activities and analytics, including marketing and market research; (viii) data enhancement (to learn more about our customers); (ix) enabling us and/or third parties to send you special offers or perform other administrative services, such as customer service, security, tech, operational support, email and legal services; (x) data managers or list managers to send third party email and/or SMS text messages; and (xi) other services designed to assist us in maximizing our business potential.

Without limiting the foregoing, with your permission, we may share your Personal Information with those Third-Party Service Providers by whom you request to be contacted. These Third-Party Service Providers may use your Personal Information to offer you products and/or services, and for any other lawful purposes, subject to any restrictions contained herein. The information that you supply directly to any Third-Party Service Provider shall be governed by the applicable Third-Party Service Provider's privacy policy.

We may provide these vendors with access to user information to carry out the services they are performing for you or for us. Those vendors may have additional or different privacy policies and/or privacy notices. You should be sure that you read and agree to those policies and Terms.
We currently use the following third-party service providers:

      • AWS for web hosting services
      • Quickbooks for invoicing and billing
      • HubSpot for email tracking
      • Thrive for marketing activities
      • Neota for the platform for the Solutions and management of hosting and other services

Additional service providers may be added from time to time and are available on request from ComplianceHR.

To Protect the Rights of ComplianceHR and Others. To the fullest extent permitted by applicable law, we may also disclose your information when required to by law or if we believe in good faith that doing so is necessary or appropriate to: (i) protect or defend the rights, safety or property of ComplianceHR, its affiliates, third parties or the general public; (ii) comply with legal and regulatory obligations (e.g., pursuant to law enforcement inquiries, subpoenas or court orders); or (iii) to respond to claims that any content violates the rights of a third party. This includes exchanging information with other companies and organizations for fraud prevention, spam/malware protection, and other similar purposes. To the fullest extent permitted by applicable law, we have complete discretion in electing to make or not make such disclosures, and to contest or not contest any requests for such disclosures, all without notice to you.

We reserve the right to release current or past personal information: (i) in the event that we believe that the Services are being or have been used to commit unlawful acts; (ii) if the information is subpoenaed or requested pursuant to any court order or legal proceeding; provided, however, that, where permitted by applicable law, we shall provide you with e-mail notice, and opportunity to challenge the subpoena/court order, prior to disclosure of any personal information pursuant to a subpoena; or (iii) if we are sold, merge with a third-party, are acquired or are the subject of bankruptcy proceedings; provided, however, that if we are involved in a bankruptcy proceeding, merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on the Website of any change in ownership or uses of your personal information, as well as any choices that you may have regarding your personal information.

You hereby consent to the disclosure of any record or communication to any third-party when we, in our sole discretion, determine the disclosure to be appropriate including, without limitation, sharing your e-mail address with third parties for suppression purposes in compliance with applicable law, including the CAN-SPAM Act of 2003, as amended from time to time. You should also be aware that courts of equity, such as U.S. Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third parties without permission.

In connection with a Business Transfer. We also reserve the right to disclose and transfer all information: (i) to a subsequent owner, co-owner or operator of the Website and/or our Services; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including during any due diligence process.

To Affiliates of ComplianceHR. We may provide information to affiliates and nonaffiliated third parties who perform services or functions for us in conjunction with our services to you, but only if we have a contractual agreement with the other party which prohibits them from disclosing or using the information other than for the purposes for which it was disclosed. (Examples of such disclosures include using an outside service bureau to process tax returns or engaging a records-retention agency to store prior year records.)

On the Basis of Consent. Where you provide consent, we share your information as described at the time of consent, such as when authorizing a third-party application or website to access your ComplianceHR account or participating in promotional activities by ComplianceHR partners or third parties.
Marketing. Finally, we also may share your information, including your Personal Information, with our affiliates and other third parties, such as companies with whom we have marketing or other relationships, for direct marketing purposes.) In addition, we may share the information we have collected about you, including Personal Information, as disclosed at the time you provide your information and as described in this Privacy Policy

For Internal Business Processes and Promotion. Where permissible under applicable law, we may use certain information about you, such as your email address, de-identify it, and share it with social media platforms, to generate leads, drive traffic to ComplianceHR, or otherwise promote our products and services.


Aggregated Information

Aggregated information

We may aggregate, de-identify, and/or anonymize any information collected through the Website or Services such that such information is no longer linked to your personally identifiable information. We may use and share this aggregated and anonymized information (non-Personal Information) for any purpose, including without limitation, for research and marketing purposes, and may also share such data with our affiliates and third parties, including advertisers, promotional partners and others.


Integrating Social Networking Services

Integrating Social Networking Services

One of our unique features allows you to enable or access the Services via various social networking services like Facebook, Google, Twitter or LinkedIn (“Social Networking Service(s)”). By directly integrating these services, we make your online experiences richer and more personalized. To take advantage of this feature, we will ask you to log into or grant us permission via the relevant Social Networking Service. When you add a Social Networking Services account to the Services or log into the Services using your Social Networking Services account, we will collect relevant information necessary to enable the Service to access that Social Networking Service and your data contained within that Social Networking Service. As part of such integration, the Social Networking Service will provide us with access to certain information that you have provided to the Social Networking Service, and we will use, store and disclose such information in accordance with this Privacy Policy.

You may also have the option of posting your activities to Social Networking Services when you access content through the Site (for example, you may post to Facebook that you performed an activity on the Site); you acknowledge that if you choose to use this feature, your friends, followers and subscribers on any Social Networking Services you have enabled will be able to view such activity. Because we use social media plugins, if you visit our Site while logged in to a social networking account, personally identifiable information about your browsing activities on this Site may be transferred to the third party who operates that account. See the third party’s terms of service and privacy policy for more information on what information may be transferred and what you can do to avoid or limit the transfer of information.


Ads and Information About You

Ads and Information About You

You may see certain ads on our Website because we participate in advertising networks administered by third parties. These networks track your online activities over time and across third party websites and online services by collecting information through automated means, including through the use of the Tracking Technologies described above, and they use this information to show you advertisements that are tailored to your individual interests. The information they collect includes information about your visits to our Website(s), such as the pages you have viewed. This collection and ad targeting takes place both on our Website(s) and on third-party websites that participate in the ad network. This process also helps us track the effectiveness of our communications and marketing efforts.


Your Choices About the Personal Information We Collect

Your Choices About the Personal Information We Collect

You may choose to restrict the collection or use of your Personal Information In the following ways:

      • Whenever you are asked to fill in a form on our website or our other Services, consider what information to include and exclude.
      • We may provide you with access to your registration information and the ability to edit this information in your account settings dashboard and profile pages. Please be aware that even after you delete or update information within our Services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems. Similarly, if and to the extent any information is indexable by search engines (including, without limitation, public profile information), it may not be updated by such search engines when we update it, and old versions may be archived by them or by third parties outside our control.
      • Some of our Services may provide you with additional information and choices about your privacy, which you should review.
      • If you have previously agreed to our using your Personal Information for direct marketing purposes, you may change your mind at any time by writing to us at support@compliancehr.com.

We will try to comply with your request(s) as soon as reasonably practicable.

Administrative Correspondence. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Services, and you cannot opt-out from receiving those messages unless or until you remove or cancel your registration.


Retention of Personal Information

Retention of Personal Information

ComplianceHR will retain Your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Generally, Personal information is stored encrypted on AWS servers in the United States.

      • ComplianceHR will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or we are legally obligated to retain this data for longer time periods.

 


Children’s Privacy

Children’s Privacy

Our Service is NOT directed at persons under 18 and we do not knowingly collect personal information from children under 18. If you become aware that your child has provided us with personal information, without your consent, then please contact us using the details below so that we can take steps to remove such information and terminate any account your child has created with us. We encourage you to spend time online with your children and to participate and monitor the online activities of your children.


Your Nevada Privacy Rights

Your Nevada Privacy Rights

If you are a Nevada resident, you have the right to request certain information from us regarding the collection and sale of your personal information (as defined in Nevada Revised Statutes 603A.320) during your visit to our websites or when you otherwise interact with us online. If you have sought or acquired, by purchase or lease, any goods or services for personal, family, or household purposes from the ComplianceHR Website, you may ask us to disclose whether we have sold (for monetary consideration) certain information about you (including your first and last name, physical address, email address, telephone number, an identifier that allows you to be contacted either physically or online, or other contact information that allows us to identify you personally).

As a Nevada resident, you may also request to opt out of us sharing such information about you. To make this inquiry, please submit a request in writing to support@compliancehr.com with “Nevada Privacy Rights” in the subject line. You must include your full name, email address, and attest that you are a Nevada resident by providing a Nevada postal address in your request. Please state whether you are requesting information and/or opting out.

We will process your request within 60 days, or we will let you know if we need additional time. We may require additional information to verify your identity before we can respond.


California/Delaware Do Not Track Disclosures

California / Delaware Do Not Track Disclosures

Do Not Track ( “DNT” ) is a web browser setting that requests that a web application disable its tracking of an individual user. When you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity. Various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browser do not track signals), but there is no universally-agreed upon standard for what a company should do when it detects a DNT signal. Currently, we do not monitor or take any action with respect to these signals or other mechanisms. You can learn more about Do Not Track at https://allaboutdnt.com]


Visitors to the Website Outside of the United States

Visitors to the Website Outside of the United States

If you are visiting the Website from a location outside of the U.S., your connection will be through and to servers located in the U.S. All information you receive from the Website will be created on servers located in the U.S., and all information you provide will be maintained on web servers and systems located within the U.S. The data protection laws in the United States may differ from those of the country in which you are located, and your information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States. By using the Website or providing us with any information, you consent to the transfer to, and processing, usage, sharing and storage of your information in the United States as set forth in this Privacy Policy.


Updating Personal Information

Updating Personal Information

We prefer to keep your Personal Information accurate and up to date. If you would like to change your contact information, please contact us at support@compliancehr.com.

If so, we will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable (but we may retain prior information as business records). Please note that it is not always possible to completely remove or delete all your information from our databases and that residual data may remain on backup media or for other reasons, such as a legitimate business reason.

In addition, please note that if you implement a deletion request but later sign up for information or Services, your most recent request will control our information relationship with you.


Links

Links

For your convenience, the Website(s) and this Privacy Policy may contain links to other websites. ComplianceHR is not responsible for the privacy practices, advertising, products, services, or the content of such other websites. None of the links on the Website(s) should be deemed to imply that ComplianceHR endorses or has any affiliation with the links.


Security

Security

We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission, or electronic storage of information can be guaranteed 100% secure. As a result, we cannot guarantee or warrant the security of any information you transmit to or from our Website, and you provide us with your information at your own risk.


International Data Transfers

International Data Transfers

Because ComplianceHR works with global companies and technologies, we may transfer your Personal Information outside of the country in which it was originally provided. This may include transfers to third parties, such as developers, service providers or affiliated entities who are location outside the United States or the European Union, where data protection laws may not offer the same level of protection as those in the U.S., E.U. or European Economic Area (“EEA”). When we transfer personal data outside of these areas, we take steps to make sure that appropriate safeguards are in place to protect your Personal Information.


Questions/Changes in Privacy Policy

Questions / Changes in Privacy Policy

If you have questions or concerns with respect to our Privacy Policy, you may contact us at support@compliancehr.com. We may elect to change or amend our Privacy Policy; in such event, we will post the policy changes in our Privacy Policy on the Website and send you an email indicating that the terms have changed. Changes will be effective on the date posted. If you are concerned about how your Personal Information is used, please visit our Website often for this and other important announcements and updates.


Filing a Complaint with the Federal Trade Commission

Although we hope that you would contact us first to resolve any issues, to file a complaint regarding our privacy practices, please Click Here.


Contact us

Contact Us

You may contact us in any of the following manners:
By telephone: (646) 402-6225
By email: support@compliancehr.com

GDPR Privacy Rights

GDPR Privacy Rights

If you are a resident of or located within the EU or European Economic Area (“EEA”), you have certain additional data protection rights under the General Data Protection Regulation (“GDPR”). These rights include:

  • The right to access, update or delete the information we have on you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Information.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine- readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

Legal Basis for Processing Personal Information under GDPR

ComplianceHR’s legal basis for collecting and using the Personal Information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect it.

ComplianceHR may process your Personal Information because:

  • We need to perform a contract with you;
  • You have given us permission to do so;
  • The processing is in our legitimate interests, and it is not overridden by your rights; or
  • To comply with the law.

Disclosure of Personal Information under GDPR-Legal Requirements

ComplianceHR may disclose your Personal Information in the good faith belief that such action is necessary to:

  • To comply with a legal obligation;
  • To protect and defend the rights or property of ComplianceHR;
  • To prevent or investigate possible wrongdoing in connection with the Service;
  • To protect the personal safety of users of the Service or the public; or
  • To protect against legal liability.

Disclosure for Law Enforcement

Under certain circumstances, ComplianceHR may be required to disclose your Personal Information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

If you are a resident of the EU or EEA, you may initiate a request to access, reject, correct, restrict, or erase your Personal Information, or where you may initiate a request for transfer of your Personal Information or initiate a request that we refrain from sending you marketing information by sending us a request at support@compliancehr.com and write “GDPR Request” in the subject line.

Please note that the above individual rights are not absolute, and we may be entitled to refuse requests where certain exceptions apply. Please note that where our processing of your Personal Information relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of those services. Should you wish to raise a concern about our use of information (without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority.


PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

ComplianceHR collects certain types of Personal Information about you during your relationship with ComplianceHR as a user or visitor to the Website.

CATEGORIES OF PERSONAL INFORMATION WE COLLECT:

Under California law, if you are a resident of California, you have the right to request certain information that we collect about you, including:

  • The categories of Personal Information we have collected from you;
  • The categories of sources from which we collected the Personal Information;
  • The business purpose we have for collecting or sharing that Personal Information;
  • The categories of third parties with whom we share such Personal Information; and
  • The specific pieces of Personal Information we have collected about you.

Please note that Personal Information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA's scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994

In particular, we may collect the following categories of Personal Information from consumers:

USE OF THE PERSONAL INFORMATION
We may use or disclose the Personal Information we collect for one or more of the following purposes:

  • To fulfill or meet the reason for which the information is provided.
  • To provide you with information, products or services that you request from us.
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
  • To improve our website and present its contents to you.
  • For testing, research, analysis and product development.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

Please note that if we collected information about you for a single one-time transaction and do not keep that information in the ordinary course of business, that information will not be retained for purposes of a request under this section. In addition, if we have de-identified or anonymized data about you, we are not required to re-identify or otherwise link your identity to that data if it is not otherwise maintained that way in our records.YOUR RIGHTS AND CHOICESNon- DiscriminationWe will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.Right to Know InformationIf you are a California resident and would like to request information about the Personal Information we have collected about you in the prior 12 months, please contact us at this email address support@compliancehr.com with “California CCPA Rights” in the subject line and provide your email address and state the nature of your request.We will provide the requested information free of charge once in a 12-month period, but please note that where we receive unfounded, excessive, or repetitive requests, we may elect to decline the request. Note also that we will not be able to provide information we do not ordinarily retain in the course of our regular business practices.In order to verify your identity, we will request that you provide a signed declaration under penalty of perjury that you are a California resident and the consumer whose Personal Information is the subject of the request.Right to Data PortabilityIn connection with the right to know the data that has been collected, you may also have the right to obtain your data in a portable format that, if technically feasible, will enable you to transmit the information to another entity due to its readily useable format.Right to Delete InformationThe CCPA also gives you the right to request that we delete personal information we have collected about you and for us to direct service providers to do the same, with certain exceptions as set forth in the CCPA. Note that you may also delete certain Personal Information you have provided to us through your online account.When processing a request to delete, we may erase some information and we may de-identify some information (when we de-identify information, we implement technical safeguards and business processes that prohibit re-identification, business processes to prevent inadvertent release of de-identified information and will make no attempt to re-identify the information).If you are a California resident and would like to request that we delete your information, please contact us at this email address support@compliancehr.com include “California CCPA Rights” in the subject line and provide your email address and state the nature of your request.In order to verify your identity, we will request that you provide a signed declaration under penalty of perjury that you are a California resident and the consumer whose Personal Information is the subject of the request.Right to Opt-Out of the Sale of Personal InformationThe CCPA also provides a right to California residents to request to opt-out of the sale of Personal Information.
As indicated above, we may allow third-party advertising companies to collect data from visitors to our Services, including to better serve you more relevant advertisements. These online advertising practices (and certain analytics or similar activities), may potentially be considered “sales” under the CCPA under certain circumstances. You can limit this type of tracking through industry opt-outs (http://networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/choices/) and by limiting ad tracking on your mobile device.
You may also be able to limit the access these third-party advertising companies have to information about you when you use our Website by installing a browser or browser extension that can enable you to block the functionality of some tracking technologies.
If you use different computers or browsers, you may need to indicate your opt-out choices across those computers and browsers.Exercising Access, Data Portability, and Deletion RightsTo exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at support@compliancehr.com.Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.Response Timing and FormatWe endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.Questions / Changes in Privacy NoticeIf you have questions or concerns with respect to this Privacy Notice, you may contact us at support@compliancehr.com. We may elect to change or amend our Privacy Notice; in such event, we will post the policy changes in our Privacy Notice on the Website and send you an email indicating that the terms have changed. Changes will be effective on the date posted.

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). NO
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. NO
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity. Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. Only information on interaction with our website
G. Geolocation data. Physical location or movements. Only collect IP address
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. NO
I. Professional or employment-related information. Current or past job history or performance evaluations. NO
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part
99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. NO

USE OF THE PERSONAL INFORMATION
We may use or disclose the Personal Information we collect for one or more of the following purposes:

  • To fulfill or meet the reason for which the information is provided.
  • To provide you with information, products or services that you request from us.
  • To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
  • To improve our website and present its contents to you.
  • For testing, research, analysis and product development.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

Please note that if we collected information about you for a single one-time transaction and do not keep that information in the ordinary course of business, that information will not be retained for purposes of a request under this section. In addition, if we have de-identified or anonymized data about you, we are not required to re-identify or otherwise link your identity to that data if it is not otherwise maintained that way in our records.
YOUR RIGHTS AND CHOICES

Non- Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Right to Know Information
If you are a California resident and would like to request information about the Personal Information we have collected about you in the prior 12 months, please contact us at this email address support@compliancehr.com with “California CCPA Rights” in the subject line and provide your email address and state the nature of your request.
We will provide the requested information free of charge once in a 12-month period, but please note that where we receive unfounded, excessive, or repetitive requests, we may elect to decline the request. Note also that we will not be able to provide information we do not ordinarily retain in the course of our regular business practices.
In order to verify your identity, we will request that you provide a signed declaration under penalty of perjury that you are a California resident and the consumer whose Personal Information is the subject of the request.
Right to Data Portability
In connection with the right to know the data that has been collected, you may also have the right to obtain your data in a portable format that, if technically feasible, will enable you to transmit the information to another entity due to its readily useable format.
Right to Delete Information
The CCPA also gives you the right to request that we delete personal information we have collected about you and for us to direct service providers to do the same, with certain exceptions as set forth in the CCPA. Note that you may also delete certain Personal Information you have provided to us through your online account.
When processing a request to delete, we may erase some information and we may de-identify some information (when we de-identify information, we implement technical safeguards and business processes that prohibit re-identification, business processes to prevent inadvertent release of de-identified information and will make no attempt to re-identify the information).
If you are a California resident and would like to request that we delete your information, please contact us at this email address support@compliancehr.com include “California CCPA Rights” in the subject line and provide your email address and state the nature of your request.
In order to verify your identity, we will request that you provide a signed declaration under penalty of perjury that you are a California resident and the consumer whose Personal Information is the subject of the request.
Right to Opt-Out of the Sale of Personal Information
The CCPA also provides a right to California residents to request to opt-out of the sale of Personal Information.
As indicated above, we may allow third-party advertising companies to collect data from visitors to our Services, including to better serve you more relevant advertisements. These online advertising practices (and certain analytics or similar activities), may potentially be considered “sales” under the CCPA under certain circumstances. You can limit this type of tracking through industry opt-outs (http://networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/choices/) and by limiting ad tracking on your mobile device.
You may also be able to limit the access these third-party advertising companies have to information about you when you use our Website by installing a browser or browser extension that can enable you to block the functionality of some tracking technologies.
If you use different computers or browsers, you may need to indicate your opt-out choices across those computers and browsers.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at support@compliancehr.com.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Questions / Changes in Privacy Notice
If you have questions or concerns with respect to this Privacy Notice, you may contact us at support@compliancehr.com. We may elect to change or amend our Privacy Notice; in such event, we will post the policy changes in our Privacy Notice on the Website and send you an email indicating that the terms have changed. Changes will be effective on the date posted.