Overview

This Privacy Policy describes VensureHR, and our subsidiaries and affiliates collect, use, share, and protect business, financial, and personal information. This Policy applies to all information collected or submitted on this website and mobile applications (“Site”). This policy is available on the homepage of this Site and at every login page where personally identifiable information may be requested.

Purpose

Your privacy, and the privacy of the information provided, is important to us. We responsibly protect your data from loss, misuse, unauthorized access, disclosure, alteration, and untimely destruction. We do not grant access to your personal information except as otherwise set forth herein. We do not share or sell personal information collected on the Site with any third parties for their marketing purposes. At times, we will provide you with links to other websites. We encourage our users to be aware when they leave our Site, and to read the privacy statements of every website that collects personally identifiable information.

Information Collection and Use

What Information Is Collected

We limit the collection of personal information to the information that we need to administer and improve the Site, to provide our products and services (“Services”) to our customers, and to fulfill any legal and regulatory requirements.

The categories of personal information that we collect may include, but are not limited to:

• Contact information to allow us to communicate with you.
• Company name, address, and business information to provide Services.
• If a quotation is requested, employee information, including Social Security number, date of birth, financial, bank account, biometric, geolocation, medical, and beneficiary information, to provide Services.
• Credit, debit, or cash/payment card information if used, such as for billing.
• Credit or debt history regarding your creditworthiness or credit history.
• Employment history and application information can be used to determine eligibility for a job opening via our recruiting page.

How Personal Information Is Collected

We do not require you to provide any personal information in order to have general access to the Site. However, to access or use certain information, features, or services at the site, you may be required to provide personal information.

Personal information is primarily collected:

• When you utilize the services, we obtain the information we need to provide the services.
• From applications, forms, and other information you provide us on the site.
• When you establish an account or an account is established for you at the direction of your employer, to receive services.
• From survey information and/or Site registration.
• If you provide us with comments or suggestions, request information about our services, or contact our Customer Service Department via phone, email, or other forms of communication.
• From consumer and business reporting agencies regarding your creditworthiness or credit history.
• From third parties to verify information given to us.
• From information you may provide via social media.

SMS Terms And Conditions

By providing your mobile number and opting in to receive SMS (Short Message Service) messages from VensureHR, you consent to receive event-based text messages related to your account, services, customer support, alerts, and other information relevant to your relationship with VensureHR.

• Message Type: Event-based (messages are only sent in response to specific actions, triggers, or events).
• Message Frequency: Varies depending on your interaction with our services. You will only receive messages relevant to events such as account changes, service updates, appointment reminders, or transactional notices.
• Message & Data Rates: Standard message and data rates may apply.
• Opt-Out Instructions: You can opt out of SMS messages at any time by replying STOP to any message you receive. For help, reply HELP or contact us using the methods below.
• Help: Reply HELP for more information. You may also contact Vensure at 800.941.8731 or privacy@vensure.com.
• Use of Phone Numbers: Your mobile number will be used solely for the purposes described in this policy. We will not sell your number or use it for unrelated marketing without additional consent.

Your consent to receive SMS messages is not a condition of purchasing any goods or services. See additional information on SMS messaging below. Carriers are not liable for delayed or undelivered messages.

How Personal Information Is Used

We use the information provided on the site to perform the services you request.

We limit the collection of personal customer information used to:

• Facilitate customer requested services, transactions, investments, distributions, and benefits.
• Provide superior service to our customers.
• Comply with legal, reporting, and regulatory requirements.
• Administer and improve our sites.
• Detect fraud or theft to protect our business and client information.
• Contact you with information on services, new services or products, or upcoming events.
• Facilitate applicant tracking and recruitment.

How Aggregated, Non-Personal Information Is Used

We may collect general, non-personal, statistical information about the users of the site and our services in order to determine information regarding the use of our site and general information about our customers. We may also group this information to provide general aggregated data. The aggregated data will not personally identify any customers or visitors to the site.

How Cookies Are Used

A “cookie” is a piece of data that our site may provide to your browser while you are at our site. The information stored in a cookie is used for user convenience purposes, such as reducing repetitive messages, tracking helper tool versions, and retaining user display preferences. If a user rejects the cookie, they will be able to browse the site but will be unable to use our online application.

VensureHR may use third-party service providers to use cookies, web beacons, and similar technologies to collect or receive information from our site and elsewhere on the Internet and use that information to provide measurement services and target ads. You can opt-out of this information tracking using a web browser that supports a “Do Not Track” functionality.

Global Privacy Control (GPC)

We recognize, and honor opt-out preference signals sent via the Global Privacy Control (GPC). If your browser or extension supports GPC and it is enabled, we will treat it as a valid request to opt out of the sharing of your personal information. We process GPC signals in a frictionless manner, meaning you do not need to take any additional steps for your opt-out to be honored.

Children Under 13 Years of Age

This site is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13 years of age. All dependent data needed for benefits enrollment is customarily provided by the employee/guardian and kept secure as indicated in this policy.

Privacy Notice For California Consumers Only

This Privacy Notice for California Consumers supplements the information contained in the Privacy Statement of the VensureHR family of companies (collectively, “we,” “us,” or “our”) and applies solely to California consumers (“consumers” or “you”), effective January 1, 2020. We adopt this notice to comply with the California Consumer Privacy Act of 2018, as amended (“CCPA”) and other applicable California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice. For purposes of this notice, a “third party” is an entity that is not a wholly owned or majority-owned and controlled subsidiary of the VensureHR family of companies.

California Privacy Rights

Under California Civil Code 1798, California residents with an established business relationship can request information about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like more information, please contact your service provider.

Parties With Whom Information May Be Shared

Information is shared to facilitate the Services needed in order to properly and efficiently handle duties related to your account.

We may share information with:

• Government agencies to fulfill legal, reporting, and regulatory requirements.
• Attorneys, accountants, and auditors.
• Credit reporting agencies to supply vendor references on client’s behalf.
• Our employees, affiliated companies, subsidiaries, agents, and third-party service vendors to perform Services related to your account, to offer additional Services, perform analysis to determine qualification to receive future services, or collect amounts due.
• Banking and brokerage firms to complete payroll processing and securities transactions.
• Credit bureaus and similar organizations, law enforcement, or government officials. We reserve the right to release information if we are required to do so by law or if, in our business judgment, such disclosure is reasonably necessary to comply with legal process, in a fraud investigation, an audit, or examination.
• Affiliated companies that you select on our site for the purposes of obtaining more information or a proposal for services.

How to Access and Correct Your Information

Keeping your information accurate and up to date is very important. You can review or correct your account information by contacting a customer service representative. If you have an account at the site, you can make changes to your account information after you log in to the Site from your PC or wireless device and use the online tools. Note that some information changes may be made by or have to be done through your employer.

Changes to This Privacy Statement

This policy statement may be revised from time to time due to legislative changes, changes in technology or our privacy practices, or new uses of customer information not previously disclosed in this policy. Revisions are effective upon posting and your continued use of this site will indicate your acceptance of those changes. Please refer to this policy regularly.

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“personal information”).

We collect the following categories of personal information:

• Category A: Identifiers
  • Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
  • Collected? YES
• Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
  • Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Collected? YES
• Category C: Protected classification characteristics under California or federal law
  • Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, and genetic information (including familial genetic information).
  • Collected? YES
• Category D: Commercial information
  • Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Collected? YES
• Category E: Biometric information
  • Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints.
  • Collected? YES
• Category F: Internet or other similar network activity
  • Examples: Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
  • Collected? YES
• Category G: Geolocation data
  • Examples: Physical location or movements.
  • Collected? YES
• Category H: Sensory data
  • Examples: Audio, electronic, visual, thermal, olfactory, or similar information.
  • Collected? YES
• Category I: Professional or employment-related information
  • Examples: Current or past job history or performance evaluations.
  • Collected? YES
• Category J: Non-public education information (per the Family Educational Rights and Privacy Act)
  • Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
  • Collected? YES
• Category K: Inferences drawn from other personal information
  • Examples: Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Collected? YES

Personal Information does not include:

• Publicly available information from government records.
• De-identified or aggregated consumer information.
• Information excluded from the CCPA’s scope, like health or medical information covered by HIPAA/CMIA, or personal information covered by sector-specific privacy laws (FCRA, GLBA, FIPA, Driver’s Privacy Protection Act).

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from our clients, prospects, or employees.
• Indirectly from our clients, prospects, or their employees.
• Directly and indirectly from activity on our website (www.vensure.com) or other portals.
• From third parties that interact with us in connection with the services we provide.

Use Of Personal Information

We may use or disclose the personal information we collect for one or more of the following business purposes:

• To fulfill or meet the reason for which the information is provided.
• To provide you with information, products, or services that you request from us.
• To provide you with email alerts, event registrations, and other notices concerning our products or services.
• To operate, manage, and maintain our business.
• To communicate with you and carry out our obligations/enforce rights.
• To improve our website and present its contents to you.
• For testing, research, analysis, and service offering development.
• For vendor management purposes.
• As necessary or appropriate to protect the rights, property, or safety of us, our clients, or others.
• To respond to law enforcement requests and as required by applicable law.
• To evaluate or conduct a merger, divestiture, restructuring, or other sale/transfer of assets.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We do not, and will not, sell your personal information.
We may share your personal information within the VensureHR family of companies to provide services to you or in an effort to assess your needs and how we can help fulfill those needs.

In the preceding twelve (12) months, we have not disclosed the following categories of personal information for a business purpose:

• Category A through G, I, and K.

We disclose your personal information for a business purpose to our affiliates and/or to one or more of the following categories of third parties:

• Third-party service providers.
• Administrators authorized by your organization.
• Licensors or third-party applications.
• Other parties where required by law or to protect our rights.
• Third parties to whom you or your agents authorize us to disclose your personal information.

In the preceding twelve (12) months, we have not sold any personal information to third parties within the scope of the application of the CCPA.

Your Rights And Choices

The CCPA provides California consumers with specific rights regarding their personal information.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or sharing that personal information.
• The affiliates with whom we shared your personal information.
• The categories of third parties with whom we share that personal information.
• The specific pieces of personal information we collected about you.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

• Complete the transaction for which we collected the personal information.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity.
• Exercise free speech or another right provided for by law.
• Comply with the California Electronic Communications Privacy Act.
• Enable solely internal uses that are reasonably aligned with consumer expectations.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information.

California Privacy Addendum – Third-Party Integrations

This Addendum supplements our Privacy Policy and applies to visitors from California, in compliance with the California Invasion of Privacy Act (Cal. Penal Code §§ 630–638.53) and related laws.

1. Third-Party Features

Our Services may include social media integrations and advertising tools (e.g., Facebook, LinkedIn, Twitter, Instagram; pixels, cookies, analytics, Google, Bing). These features may collect information such as:

• IP address
• Device and browser details
• Pages visited and interaction data

Your interactions with these features are governed by the privacy policies of the respective third-party providers.

2. Purpose of Data Sharing

We use these technologies to:

• Enable social sharing functionality
• Improve user experience
• Deliver targeted advertising and analytics

3. Consent Requirement

We do not activate tracking or share data with third parties until you provide explicit consent via our cookie banner by not taking steps to opt-out. Our cookie banner that is displayed when you first visit our site allows you to opt-out by checking the “Do Not Sell or Share My Personal Information” checkbox and clicking on the “Save My Preferences” button. You may withdraw consent at any time and opt-in by clicking on the cookie icon at the bottom of your current screen to open the cookie settings and then unchecking “Do Not Sell or Share My Personal Information” and clicking the “Save My Preferences” button.

4. Your Rights

California residents have the right to:

• Know what personal information we collect and share
• Opt-out of the sale or sharing of personal information
• Request deletion or correction of personal information

To exercise these rights, please see “Exercising Access, Data Portability, And Deletion Rights” below.

Exercising Access, Data Portability, And Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

• Calling us at 833-463-6068
• Emailing us at privacy@vensure.com
• Visiting vensure.com

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a twelve (12) – month period.

Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing.

Nondiscrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you products or services, charge different prices or rates, or provide a different level or quality of goods.

Data Retention

We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us:

• Toll Free Phone Number: 833-463-6068
• Email: privacy@vensure.com
• Website: www.vensure.com
• Mail: VensureHR, ATTN: HR Compliance Team, 1475 S Price Rd, Chandler, AZ 85286

General Data Protection Regulations (GDPR)

Legal Basis for Processing

• We process your personal data only when we have a legal basis, including providing the services or information that you have requested.
• Consent: When you have given us permission to process your personal data for a specific purpose.
• Contract: When processing is necessary to perform a contract with you.
• Legal Obligation: When we are required by law to process your personal data.
• Legitimate Interests: When we process your data to pursue our legitimate business interests.

Rights Under the GDPR

European Economic Area (EEA) residents have the right to:

• Access their personal data
• Rectify inaccurate data
• Erase their data (“right to be forgotten”)
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

Rights Under the New York SHIELD Act

New York residents are entitled to reasonable administrative, technical, and physical safeguards to protect their private information.

Data Security

We implement reasonable organizational, technical, and physical security measures designed to protect your information in accordance with the SHIELD Act, GDPR, and CCPA. However, no electronic transmission or storage of information can be entirely secure, so we cannot guarantee absolute security.

Policy On Compliance With Telephone Consumer Protection Act (TCPA)

Introduction

The Telephone Consumer Protection Act (TCPA), codified at 47 U.S.C. § 227, is a significant federal statute enacted to safeguard consumer privacy against unwanted telemarketing calls, faxes, and SMS text messages. This policy outlines VensureHR procedures and standards for compliance.

Consent Requirements

To comply with TCPA regulations, our organization must obtain prior express written consent from consumers before sending any SMS text messages for marketing purposes. This consent should be:

• Explicit: Clearly stating that the consumer agrees to receive marketing messages via SMS.
• Written: Documented in written form, which can be electronic or physical.
• Voluntary: Given freely by the consumer without any coercion.

Opt-Out Mechanism

Every SMS text message must include an opt-out mechanism, allowing consumers to easily and promptly unsubscribe from receiving future messages (e.g., replying with “STOP”).

Data Sharing

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Privacy Notice For Colorado, Connecticut, Nevada, Utah, & Virginia

This Notice provides supplemental information for residents of Colorado, Connecticut, Nevada, Utah, and Virginia regarding their rights under applicable state privacy laws.

Categories of Personal Data

We collect the following categories of personal information:

1. Identifiers: Name, alias, postal address, IP address, email, SSN, etc.
2. Personal Information: Contact, employment, financial, and educational information.
3. Protected Classifications: Race, religion, origin, disability, marital status, sex, gender, age, veteran status.
4. Commercial Information: Records of personal property, products or services purchased.
5. Biometric Information (Colorado): Fingerprint, Voiceprint, Scan or record of an eye retina or iris, facial map, etc. (Note: This section does not apply to Connecticut, Utah, or Virginia).
6. Internet or other similar network activity: Mobile device and online identifiers, cookie IDs, browser activity.
7. Geolocation data: Physical location or movements.
8. Demographic Information: Age, gender, race, citizenship, ethnicity, date of birth, family status, income.
9. Profile information: Automated processing to evaluate personal aspects.
10. Sensitive Data: Racial origin, religious beliefs, health conditions, sexual orientation, genetic/biometric data, or precise geolocation.

Your Rights Under The CPA, CTDPA, UCPA, and VCDPA

Residents of Colorado, Connecticut, Utah, and Virginia have certain personal data rights:

• Opt-out of the processing of your personal data for targeted advertising, sale of personal data, or profiling.
• Access your data and confirm processing.
• Request deletion or correction of your data.
• Receive your requested data in a usable/transferable form.
• Non-discrimination for exercising rights.
• Appeal if your request is denied.

To exercise these rights, call us at 833-463-6068 or email privacy@vensure.com.

Nevada Privacy Rights

Privacy rights for residents of Nevada are governed by NRS Chapter 603A and Senate Bill 220. If you wish to submit an inquiry concerning the sale of your Covered Information as defined by Nevada law, please contact us via email at privacy@vensure.com.

VensureHR Biometric Data Privacy Policy

1. Introduction

VensureHR (“Company,” “we,” or “us”) has established this Biometric Data Privacy Policy for users of the Company’s biometric system. This Policy describes how the Company treats biometric identifiers and information collected through its operation of the Biometric System.

2. Collection and Processing

Biometric systems are computer-based systems that scan an individual’s physical feature for recognition/verification. The Company’s Biometric System operates by scanning and analyzing Biometric Data to recognize/verify identities. Any Biometric Data collected or processed by the Company will be used solely for purposes of identity verification, fraud prevention, security, and access control, and to comply with legal obligations. VensureHR will not sell or trade any Biometric Data that we receive from our clients and client employees.

3. Disclosures

We may disclose Biometric Data with our third-party service providers that assist with our operation of the Biometric System. We may also disclose Biometric Data when required by law, to protect rights, investigate fraud, or in the context of a merger/acquisition.

4. Retention and Destruction

Any Biometric Data collected will be permanently deleted if the Company receives a verifiable deletion request. Biometric Data may also be deleted due to the termination of a client’s contractual relationship, executed in accordance with VensureHR’s client services agreement or the Company’s record retention schedule.

5. Security

We use a commercially reasonable standard of care to store, transmit, and protect Biometric Data, consistent with our industry standards for confidential and sensitive information.

6. Contact Us

For more information about this Biometric Data Privacy Policy, you may contact us:

• Phone: 833-463-6068
• Email: privacy@vensure.com
• Website: vensure.com

Last updated January 28, 2026