Explore the Platform
Try our new survey tool to find best fit solutions for your organization
Privacy Policy

 

Effective Date: September 23, 2019
PlanSource Benefits Administration, Inc. (“PlanSource”) operates the https://plansource.com/ website and the PlanSource Mobile App mobile application (hereinafter collectively referred to as the “Services”). This Privacy Policy, without waiving or otherwise releasing any right or obligation under any prior privacy policy or similar document or agreement of PlanSource, hereby amends and restates any such prior privacy policy as of the Effective Date above.

This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Services and the choices you have associated with that data.

DEFINITIONS

“Cookies” means small files of data sent from a website and stored on your device (computer or mobile device).

 “Data Controller” means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.

“Data Processor” or “Services Provider” means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Services Providers in order to process your data more effectively.

“Data Subject” or “User” means any individual who is using our Services and is the subject of Personal Data.

 “Location Data” means information associated with an electronic device that can be used to identify its physical location.

 “Personal Data” means personally identifiable information about an individual who can be identified from such information (or from those and other information either in our possession or likely to come into our possession).

“Usage Data” means data collected automatically either generated by the use of the Services or from the Services infrastructure itself (for example, the duration of a page visit).

INFORMATION COLLECTION AND USE
We collect several different types of information for various purposes to provide and improve our Services to you.

Personal Data

While using our Services, we may ask you to provide us with Personal Data. Such Personal Data may include, but is not limited to:

Email address
First name and last name
Phone number
Address, State, Province, ZIP/Postal code, City
Cookies and Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.

Usage Data

We may also collect Usage Data whenever you visit our Services or when you access the Services by or through a mobile device. This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Services with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Location Data

We may use and store Location Data if you give us permission to do so. We use this data to provide features of our Services, to improve and customize our Services.

You can enable or disable location services when you use our Services at any time by way of your device settings.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Services and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Services.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Services.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.

USE OF DATA
PlanSource uses the collected data for various purposes:

  • To provide and maintain our Services
  • To notify you about changes to our Services
  • To allow you to participate in interactive features of our Services when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Services
  • To monitor the usage of our Services
  • To detect, prevent and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

RESIDENTS OF THE EUROPEAN ECONOMIC AREA
If you are a resident of the EEA, you have certain rights and protections under the law regarding the processing of your personal data.  Please see the sections below for more details.

PlanSource is a voluntary processor of the data collected about you.

If you are a resident of the EEA, when we process your personal data we will only do so in the following situations:

If we need to use your personal data to perform our responsibilities under our contract with you (e.g., processing payments for and providing our services you have requested).

If we have a legitimate interest in processing your personal data. For example, we process the personal data we collect from you to send you marketing communications, to communicate with you about changes to our Services, and to provide, secure, and improve our Services.

If we request your consent to a specific processing activity, and you provide your consent in the manner indicated.

In some cases, processing will be necessary for compliance with a legal obligation, such as response to legal process requests.

We store the information we collect about residents of the EEA for as long as is necessary for the purposes for which we originally collected it. We may retain certain information for legitimate business purposes or as required by law.

If you are a resident of the EEA, you have the right to access personal data we store about you and to ask that your personal data be corrected.  In certain cases, you may also have the right to request that we erase data we are processing or to restrict or object to certain of our processing activities.  You may also have the right to request that we provide the personal data you have provided us in a portable form for transmission to another controller’s service.  If you would like to exercise any of these rights, you may contact us as indicated in the “Contact Us” section below or contact your data controller directly.

If you are a resident of the EEA and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside. For contact details of your local Data Protection Authority, please see: https://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.

Please direct any inquiries or complaints regarding our compliance with the Data Protection Principles (the “Principles”) to the point of contact listed in the “Contact Us” section below.  Under certain conditions specified by the Principles, you may also be able to invoke binding arbitration to resolve your complaint.  PlanSource is subject to the investigatory and enforcement powers of the Federal Trade Commission.  If PlanSource shares EU Data with a third-party service provider that processes the data solely on PlanSource’s behalf, then PlanSource may be held liable for that third party’s processing of EU Data in violation of the Principles, unless PlanSource can prove that it is not responsible for the event giving rise to the damage.

Information for California & Virginia Residents

We collect Personal Data from US residents and comply with the consumer privacy laws of California, and Virginia (“US Privacy Laws”).  This California and Virginia Residents Privacy Disclosure (“Disclosure”) applies to California and Virginia residents (“you” or “your”).

For the purposes of this Disclosure, “Personal Data” means information that is linked or reasonably linkable to a particular individual or household. However, the following categories of information are not Personal Data:

  • Publicly available information;
  • Deidentified or aggregated data; or
  • Information otherwise excluded from the scope of US Privacy Laws.

This Disclosure provides the following information to you:

  • Categories of Personal Data we collect;
  • Purposes for which we use Personal Data;
  • Categories of Personal Data we disclose to third parties;
  • Categories of third parties to which we disclose Personal Data; and
  • How you can exercise your rights under US Privacy Laws:
  • The rights to access, correct, or delete Personal Data;
  • The right to obtain a portable copy of Personal Data;
  • The right to limit the use of sensitive personal data in certain circumstances; and
    • The rights to opt out of targeted advertising, sales of personal data, or profiling.

Categories of Non-Sensitive Personal Data

The table below outlines the non-sensitive categories of Personal Data PlanSource collects about you and whether and how they are disclosed to third parties.

We collect Non-Sensitive Personal Data from the following sources:

  • You
  • Business Partners

    Category of Personal Data:

    Identifiers

    Examples

    Identifiers may contain the following: Name, Address, Date of Birth, Phone Number, Employment Status

    Purpose(s)

    Processing of employee benefits, employee payroll, and business to business transactions

    Targeted Advertising

    We do not engage in targeted advertising or share this data for targeted advertising purposes

    Sale

    This data is not sold to third parties

    Sharing

    This data may be shared with Business Partners

    Retention Period

    PlanSource will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

    Category of Personal Data:

    Personal Characteristics

    Examples

    Personal Characteristics may contain the following: Gender

    Purpose(s)

    Processing of employee benefits and employee payroll

    Targeted Advertising

    We do not engage in targeted advertising or share this data for targeted advertising purposes

    Sale

    This data is not sold to third parties

    Sharing

    This data may be shared with Business Partners

    Retention Period

    PlanSource will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

    Category of Personal Data:

    Internet/Electronic Activity

    Examples

    Internet/Electronic Activity may contain the following: Cookie IDs, your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

    Purpose(s)

    To provide, maintain, improve, and enhance our Services. To understand and analyze how you use our Services and develop new products, services, features, and functionality.

    Targeted Advertising

    We do not engage in targeted advertising or share this data for targeted advertising purposes

    Sale

    This data is not sold to third parties

    Sharing

    This data is not shared with third parties

    Retention Period

    PlanSource will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

    Category of Personal Data:

    Professional Information

    Examples

    Professional Information may contain the following: Employment history

    Purpose(s)

    Processing of employee benefits and employee payroll

    Targeted Advertising

    We do not engage in targeted advertising or share this data for targeted advertising purposes

    Sale

    This data is not sold to third parties

    Sharing

    This data may be shared with Business Partners

    Retention Period

    PlanSource will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

    Categories of Sensitive Personal Information

    The table below outlines the categories of Sensitive Personal Data PlanSource collects about you and whether they are shared with third parties. PlanSource obtains affirmative consent from you to process Sensitive Personal Data to the extent required by US Privacy Laws.

    We collect Sensitive Personal Data from the following sources:

      • You
      • Business Partners

         

         

        Category of Sensitive Personal Data:

        Government ID Data

        Examples

        Government ID Data may contain the following: Social Security number, Name, Address, DOB, and phone number

        Purpose(s)

        Processing of employee benefits and employee payroll

        Targeted Advertising

        We do not engage in targeted advertising or share this data for targeted advertising purposes

        Sale

        This data is not sold to third parties

        Sharing

        This data may be shared with Business Partners

        Retention Period

        PlanSource will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies

         

        Use of Personal Data

        We use Personal Data for the purposes described in our general Privacy Notice (see https://plansource.com/privacy-policy/). Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.

        Disclosing Personal Data

        We share Personal Data with the following categories of third parties:

         

        Business Partners

        See the tables above for more details about how different categories of Personal Data are shared.

        We do not sell Personal Data to anyone.

        Exercising Your Personal Data Rights

        You have the following rights under US Privacy Laws:

      •  The rights to access, correct, or delete Personal Data;

      • The right to obtain a portable copy of Personal Data;

      • The right to limit the use of Sensitive Personal Data in certain circumstances; and

    The rights to opt out of targeted advertising, sales of personal data, or profiling.

    You can submit a request to exercise your personal data rights under US Privacy Laws by https://www.requesteasy.com/6385-5889. To protect your privacy, we may need to authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request. Please be aware that we do not accept or process rights requests through other means (e.g., via fax or social media).

    After submitting your request online, you will receive a follow-up email, which may include a link you must click on in order to verify your identity. If you do not click on that link, we may be unable to complete your request due to lack of verification. It is important that you provide a valid email address in order for us to be able to process your request.

    We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic. Also note that each of the rights are subject to certain exceptions. If you believe our response to your rights request is insufficient, you can appeal our decision by contacting PlanSource Corporate Compliance at compliance@plansource.com and we will inform you of our final decision within 45 days.

    We reserve the right to decline to process, or charge a reasonable fee for, requests that are manifestly unfounded, excessive, or repetitive.

    Limiting the Use of Sensitive Personal Data

    You have the right to limit some uses of Sensitive Personal Data. In particular, you may direct companies not to use Sensitive Personal Data except as necessary to provide goods or services you have requested.

    You may submit a request to limit the use of your sensitive Personal Data by submitting a rights request as described above.

    Authorized Agent Requests

    You may designate an authorized agent to make a rights request on your behalf. Your authorized agent may submit such a request by following the same method described above. We may require verification of your authorized agent in addition to the information for verification above for US residents and households.

    Contact Us

    If you have any questions or concerns regarding this Disclosure, contact us at compliance@plansource.com.

    Children

    Our Services are not directed to children, and we do not knowingly collect Personal Information from children under the age of 16. If you learn that a child has provided us with Personal Information, then you may contact us as indicated above.

     Do Not Track

    PlanSource does not currently take steps to respond to browsers’ “Do Not Track” signals as no uniform standard to respond to such signals has been developed at this time.

    RETENTION OF DATA

    PlanSource will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.

    PlanSource will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Services, or we are legally obligated to retain this data for longer periods.

    TRANSFER OF DATA

    Your information, including Personal Data, may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. For instance, data transferred from the European Economic Area (“EEA”) to PlanSource in the United States will be processed pursuant to the EU Data Protection Regulation. In other cases, we will use European Commission-approved Standard Contractual Clauses to ensure an adequate level of protection for data originating from the EEA.

    If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

    PlanSource will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

    DISCLOSURE OF DATA

    Business Transaction

    If PlanSource is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

    Disclosure for Law Enforcement

    Under certain circumstances, PlanSource may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

    Legal Requirements

    PlanSource may disclose your Personal Data in the good faith belief that such action is necessary to:

        • To comply with a legal obligation
        • To protect and defend the rights or property of PlanSource Benefits Administration, Inc.
        • To prevent or investigate possible wrongdoing in connection with the Services
        • To protect the personal safety of users of the Services or the public
        • To protect against legal liability

     

    SECURITY OF DATA

    The security of your data is important to PlanSource. We will use commercially acceptable means to protect your Personal Data.

    SERVICE PROVIDERS

    We may employ third party companies and individuals to facilitate our Services (“Services Providers”), provide the Services on our behalf, perform Services-related services, or assist us in analyzing how our Services is used.

    These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

    ANALYTICS

    We may use third-party Services Providers to monitor and analyze the use of our Services, including but not limited to the below:

    Google Analytics

    Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

    For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.

    LINKS TO OTHER SITES

    Our Services may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

    We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.

    CHILDREN’S PRIVACY

    We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

    CHANGES TO THIS PRIVACY POLICY

    We may update our Privacy Policy from time to time. We will notify you of any changes by updating the Effective Date at the top of this Privacy Policy and posting the new Privacy Policy on this page.

    You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. You will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted the changes in any revised Privacy Policy by your continued use of the Site after the date such revised Privacy Policy is posted.

    ACCEPTANCE OF THESE TERMS

    By using this Site, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

    CONTACT US

    If you have any questions about this Privacy Policy, please contact us at compliance@plansource.com.

    Last Reviewed Date: December 23, 2022

Featured Success Story
Dermalogica – Customer Success Story
See how Dermalogica cut hours of tedious admin work out of open enrollment each year and continue to increase employee adoption year over year.
Latest Partner News
PlanSource Unveils New Partner Marketplace

PlanSource Unveils New Partner Marketplace

Recent Resources
Partner of the Week: MetLife Legal Plans
Partner of the Week: MetLife Legal Plans
Wagmo | Weekly Source: Christie Horvath
Wagmo | Weekly Source: Christie Horvath
How can employers manage or reduce employee stress through benefits?
How can employers manage or reduce employee stress through benefits?
Latest News
PlanSource Announces 13 New Partners Joining the Partner Marketplace in Q4

PlanSource Announces 13 New Partners Joining the Partner Marketplace in Q4