1. Introduction & Scope

HR Data Labs LLC (“HR Data Labs,” “we,” “our,” or “us”) is committed to protecting the privacy of every person who visits our website at hrdatalabs.com (the “Site”) or otherwise interacts with our services. This Privacy Policy explains what personal information we collect, how we use and protect it, and what rights you have with respect to your information.

This Policy applies to information collected through our Site, marketing communications, and related online activities. It does not apply to information we process as a data processor on behalf of our business clients under a separate Data Processing Agreement.

By using our Site, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Site.

2. Information We Collect

A. Information You Provide Directly

When you interact with our Site, you may voluntarily provide us with:

• Contact information — name, email address, phone number, job title, and company name submitted through contact forms, demo requests, or newsletter sign-ups.
• Communication content — messages, questions, or feedback you send us directly.
• Account credentials — if you register for a portal or client account, your username and password (stored in hashed form).

B. Information Collected Automatically

When you visit our Site, we and our service providers automatically collect certain technical information, including:

• Log data — IP address, browser type and version, operating system, referring URL, pages viewed, time and date of visit, and time spent on pages.
• Device identifiers — hardware model, unique device identifiers, and mobile network information.
• Cookie and tracking data — see Section 6 (Cookies and Tracking Technologies) for full detail.
• Analytics data — aggregated usage statistics collected via third-party analytics platforms.

C. Information from Third Parties

We may receive information about you from:

• Business partners and data enrichment providers that supplement contact records with professional profile data.
• Advertising platforms that provide campaign engagement signals.
• Publicly available professional directories (e.g., LinkedIn).

D. Sensitive Personal Information

We do not intentionally collect sensitive categories of personal information (such as race, ethnicity, religion, health data, or financial account numbers) through the Site. If we need to collect sensitive information in connection with a specific service engagement, we will provide a separate, specific notice and obtain your explicit consent where required by law.

3. How We Use Your Information

We do not sell your personal information to third parties for monetary consideration, and we do not use it for automated decision-making that produces legal or similarly significant effects without human review.

4. Legal Basis for Processing GDPR

For individuals in the European Economic Area (EEA) or United Kingdom, we rely on the following lawful bases under Article 6 of the GDPR:

• Legitimate interests (Art. 6(1)(f)) — Site analytics, security monitoring, fraud prevention, and direct B2B marketing communications, where our interests are not overridden by your rights.
• Contractual necessity (Art. 6(1)(b)) — Processing required to fulfill a service agreement or respond to your pre-contractual inquiries.
• Legal obligation (Art. 6(1)(c)) — Processing required by applicable law or a regulatory authority.
• Consent (Art. 6(1)(a)) — Where we rely on consent (e.g., optional marketing emails or non-essential cookies), you may withdraw it at any time without affecting the lawfulness of prior processing.

Where we process special categories of personal data, we rely on Art. 9(2) of the GDPR and will identify the specific basis at the time of collection.

5. Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share it only in the following circumstances:

Service Providers

We engage trusted third-party vendors who process data on our behalf under written data processing agreements that restrict their use of your information to providing services to us. Categories of service providers include: cloud hosting, website analytics, email delivery, CRM platforms, and cybersecurity.

Business Transfers

If HR Data Labs LLC is acquired, merges with another company, or undergoes a similar transaction, personal information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

Legal Requirements

We may disclose information if required by law, court order, or government authority, or where we believe disclosure is necessary to protect the rights, property, or safety of HR Data Labs LLC, our users, or the public.

With Your Consent

We may share information for any other purpose with your prior, explicit consent.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (web beacons, pixels, local storage) to operate and improve our Site.

You can manage cookie preferences through our on-site Cookie Preference Center (displayed on first visit) or through your browser settings. Note that disabling certain cookies may affect Site functionality. Most browsers allow you to refuse new cookies, delete existing cookies, or receive a warning before a cookie is set.

For opt-out of analytics tracking, you may also use the Google Analytics Opt-out Browser Add-on or equivalent tools provided by other analytics vendors we use.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer period is required or permitted by law. Our general retention practices are:

• Contact form submissions: Up to 3 years from last interaction, or until you request deletion.
• Marketing email lists: Until you unsubscribe or request removal.
• Web analytics logs: 26 months from collection (consistent with standard analytics platform settings), then aggregated or deleted.
• Legal and compliance records: As required by applicable law, typically 7 years.
• Account data: For the duration of the account and up to 2 years following closure.

When retention periods expire, we securely delete or anonymize the data so it can no longer be associated with you.

8. Security

We implement industry-standard administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These include:

• TLS encryption for data in transit
• Encryption at rest for sensitive data stores
• Role-based access controls and least-privilege principles
• Regular vulnerability assessments and penetration testing
• Employee privacy and security training

No method of electronic transmission or storage is 100% secure. While we strive to use commercially reasonable means to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights or freedoms, we will notify you and applicable regulators as required by law.

9. International Data Transfers GDPR

HR Data Labs LLC is based in the United States. If you access our Site from outside the United States, your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your country.

For transfers of personal data from the EEA or the United Kingdom to the United States, we rely on appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission and/or UK Information Commissioner’s Office, incorporated into our data processing agreements with vendors.
• EU-U.S. Data Privacy Framework certification, where applicable.
• UK International Data Transfer Agreements (IDTAs) where UK GDPR applies.

You may request a copy of the relevant safeguards by contacting us at the address below.

10. Children’s Privacy

Our Site is directed to business professionals and is not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will take steps to delete it promptly.

11. Health Information Notice HIPAA

HR Data Labs LLC provides data analytics and consulting services to employers and HR professionals. In certain client engagements, we may act as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act with respect to Protected Health Information (PHI) shared by covered entity clients.

Where we act as a Business Associate:

• We process PHI only as specified in a written Business Associate Agreement (BAA) with the applicable covered entity client.
• We implement the administrative, physical, and technical safeguards required by the HIPAA Security Rule.
• We do not use or disclose PHI for purposes other than those permitted by the BAA and applicable law.
• We will notify covered entity clients of any breach of unsecured PHI in accordance with the HIPAA Breach Notification Rule.

This Policy governs information collected through our Site and does not serve as a HIPAA Notice of Privacy Practices. Individuals whose PHI is processed on behalf of a covered entity client should direct privacy inquiries to that covered entity.

12. Your Rights — EU / UK Residents GDPR

If you are located in the EEA or the United Kingdom, you have the following rights under the GDPR or UK GDPR:

• Right of Access (Art. 15) — Request a copy of the personal data we hold about you.
• Right to Rectification (Art. 16) — Ask us to correct inaccurate or incomplete data.
• Right to Erasure / “Right to be Forgotten” (Art. 17) — Request deletion of your data where it is no longer necessary or where you withdraw consent.
• Right to Restriction of Processing (Art. 18) — Ask us to limit how we use your data in certain circumstances.
• Right to Data Portability (Art. 20) — Receive your data in a structured, machine-readable format and transmit it to another controller.
• Right to Object (Art. 21) — Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent — Where processing is based on consent, withdraw it at any time without affecting prior processing.
• Right to Lodge a Complaint — File a complaint with your local supervisory authority. In the EU, find your authority at edpb.europa.eu. In the UK, contact the Information Commissioner’s Office (ICO).

To exercise any of these rights, please contact us using the details in Section 16. We will respond within 30 days (extendable to 90 days for complex requests with notice). We may need to verify your identity before processing your request.

13. Your Rights — California Residents CCPA / CPRA

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you the following rights:

• Right to Know — Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, our business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete — Request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Correct — Request correction of inaccurate personal information.
• Right to Opt-Out of Sale or Sharing — Direct us not to sell or share your personal information for cross-context behavioral advertising. To opt out, click “Do Not Sell or Share My Personal Information” in the footer of our Site, or contact us directly.
• Right to Limit Use of Sensitive Personal Information — Restrict our use of sensitive personal information to purposes necessary for providing services.
• Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights. We will not deny goods or services, charge different prices, or provide a different level of service because you exercised your privacy rights.

Categories of Personal Information Collected (past 12 months)

To submit a verifiable consumer request, contact us as described in Section 16. You may also designate an authorized agent to make requests on your behalf (we will require written authorization and may verify your identity directly).

14. Your Rights — Other U.S. State Residents US State Laws

Residents of the following states have privacy rights substantially similar to those described above:

• Virginia — Consumer Data Protection Act (VCDPA)
• Colorado — Colorado Privacy Act (CPA)
• Connecticut — Data Privacy Act (CTDPA)
• Utah — Consumer Privacy Act (UCPA)
• Texas — Data Privacy and Security Act (TDPSA)
• Oregon, Montana, New Hampshire, New Jersey, and other states with enacted comprehensive privacy laws

Rights typically available under these laws include the right to access, correct, delete, obtain a portable copy of, and opt out of processing of your personal data for purposes of targeted advertising, sale, or certain profiling activities. We will process requests from residents of these states consistent with applicable law. To submit a request, contact us as described in Section 16.

If we deny your request, you may appeal by responding to our denial notice with a written explanation. If you remain unsatisfied, you may lodge a complaint with your state’s attorney general or applicable supervisory authority.

15. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will post the updated policy on this page with a new “Last Updated” date and, where appropriate, provide additional notice (such as a prominent banner on our Site or an email notification).

We encourage you to review this Policy periodically. Your continued use of the Site after any changes constitutes your acceptance of the updated Policy.

16. Contact Us

For questions, concerns, or to exercise any privacy right described in this Policy, please contact our Privacy Team:

Note: This Privacy Policy is provided for informational and transparency purposes. It does not constitute legal advice. HR Data Labs LLC recommends consulting qualified legal counsel to ensure ongoing compliance with applicable privacy laws.

17. Acceptance of Terms

These Terms of Use (“Terms”) govern your access to and use of the website located at hrdatalabs.com and any related subdomains, pages, content, and services (collectively, the “Site”) operated by HR Data Labs LLC (“HR Data Labs,” “we,” “our,” or “us”).

By accessing or using the Site in any manner — including browsing, submitting forms, or downloading content — you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy (set forth above), which is incorporated herein by reference. If you do not agree to these Terms, you must immediately discontinue all use of the Site.

These Terms constitute a legally binding agreement between you and HR Data Labs LLC. If you are using the Site on behalf of an organization, you represent that you have the authority to bind that organization to these Terms, and references to “you” include that organization.

18. Eligibility

The Site is intended for use by individuals who are at least 18 years of age and who are legally capable of forming a binding contract. By using the Site, you represent and warrant that you meet this requirement. If you are under 18, you may not use the Site.

Use of the Site may be further restricted based on applicable laws in your jurisdiction. It is your responsibility to ensure that your use of the Site complies with all laws, rules, and regulations that apply to you.

19. Permitted Use of the Site

Subject to your compliance with these Terms, HR Data Labs LLC grants you a limited, non-exclusive, non-transferable, revocable license to access and use the Site for your personal and internal business purposes — specifically, to learn about our services, contact us, and access publicly available resources we provide.

You agree to use the Site only for lawful purposes and in a manner that does not infringe the rights of others or restrict or inhibit anyone else’s use and enjoyment of the Site.

All other use of the Site requires our prior written consent. Nothing in these Terms grants you any rights in the Site beyond the limited license described above.

20. Prohibited Conduct

You agree that you will not, and will not permit any third party to:

• Use the Site for any unlawful, fraudulent, or malicious purpose, or in violation of any applicable local, state, federal, or international law or regulation.
• Attempt to gain unauthorized access to any part of the Site, its servers, or any system or network connected to the Site.
• Introduce viruses, malware, ransomware, spyware, or any other harmful code to the Site or its infrastructure.
• Use automated tools (bots, scrapers, crawlers, spiders) to access, harvest, or index Site content without our express written permission.
• Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of any software used to operate the Site.
• Impersonate any person or entity, or misrepresent your affiliation with any person or entity.
• Transmit unsolicited commercial communications (spam) through or in connection with the Site.
• Interfere with or disrupt the integrity or performance of the Site or related systems.
• Circumvent, disable, or otherwise interfere with security-related features of the Site.
• Reproduce, duplicate, copy, sell, resell, or exploit any portion of the Site or its content for any commercial purpose without our express written consent.
• Use the Site to collect or harvest personal information about other users without their consent.
• Post or transmit any content that is defamatory, obscene, harassing, threatening, discriminatory, or otherwise objectionable.

We reserve the right to investigate suspected violations and to cooperate with law enforcement authorities in prosecuting users who violate these Terms.

21. Intellectual Property

Our Content

The Site and all of its content — including but not limited to text, graphics, logos, icons, images, audio clips, data compilations, software, and the selection and arrangement thereof — are the exclusive property of HR Data Labs LLC or its licensors and are protected by United States and international copyright, trademark, trade dress, patent, and other intellectual property laws.

The HR Data Labs LLC name, logo, and all related product and service names, design marks, and slogans are trademarks or service marks of HR Data Labs LLC. You may not use any of our trademarks without our prior written consent. All other trademarks appearing on the Site are the property of their respective owners.

Limited License to Download

You may download or print a single copy of individual pages or materials from the Site for your personal, non-commercial reference, provided you retain all copyright and proprietary notices. This license does not include the right to compile or create derivative works based on Site content, or to distribute, publicly display, or commercially exploit such content.

Feedback

If you provide HR Data Labs LLC with any feedback, suggestions, or ideas regarding the Site or our services (“Feedback”), you grant us a royalty-free, worldwide, irrevocable, perpetual license to use and incorporate that Feedback in any way without obligation or compensation to you.

22. User Submissions

When you submit information through contact forms, inquiry fields, or other interactive features on the Site (e.g., your name, email, questions, or comments), you grant HR Data Labs LLC a non-exclusive, worldwide, royalty-free license to use, reproduce, and process such submissions for the purpose of responding to your inquiry and operating the Site, consistent with our Privacy Policy.

You represent and warrant that any content you submit: (a) is accurate and not misleading; (b) does not violate any applicable law; (c) does not infringe any third-party intellectual property, privacy, or other rights; and (d) is free of malicious code.

HR Data Labs LLC does not verify or endorse user submissions and is not responsible for any content submitted by users.

23. Third-Party Links & Services

The Site may contain links to third-party websites, tools, or services that are not owned or controlled by HR Data Labs LLC. Such links are provided for your convenience only. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites.

We encourage you to review the privacy policy and terms of use of any third-party site you visit. The inclusion of any link does not constitute or imply our endorsement, sponsorship, or recommendation of the third-party site or its content.

24. Disclaimer of Warranties

To the fullest extent permitted by applicable law, HR Data Labs LLC expressly disclaims all warranties, whether express, implied, statutory, or otherwise, including but not limited to:

• Implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement.
• Warranties that the Site will be uninterrupted, error-free, virus-free, or secure.
• Warranties regarding the accuracy, completeness, timeliness, or reliability of any content on the Site.
• Warranties that defects will be corrected or that the Site or its servers are free of harmful components.

Information on the Site is provided for general informational purposes only and does not constitute professional legal, financial, HR, tax, or other advice. You should not act or refrain from acting based on information obtained from the Site without first seeking guidance from a qualified professional.

25. Limitation of Liability

In jurisdictions that do not allow the exclusion or limitation of certain damages, our liability shall be limited to the greatest extent permitted by law.

In no event shall HR Data Labs LLC’s total cumulative liability to you for all claims arising out of or relating to these Terms or your use of the Site exceed the greater of (a) the total amount paid by you to HR Data Labs LLC in the twelve (12) months preceding the claim, or (b) one hundred U.S. dollars ($100).

Some jurisdictions do not allow the exclusion of implied warranties or limitation of liability for incidental or consequential damages, so some of the above limitations may not apply to you.

26. Indemnification

You agree to defend, indemnify, and hold harmless HR Data Labs LLC and its officers, directors, employees, agents, licensors, and service providers from and against any claims, liabilities, damages, judgments, awards, losses, costs, expenses, or fees (including reasonable attorneys’ fees) arising out of or relating to:

• Your use of or access to the Site;
• Your violation of these Terms;
• Your violation of any third-party rights, including intellectual property, privacy, or publicity rights;
• Any content or information you submit through the Site; or
• Your violation of any applicable law or regulation.

HR Data Labs LLC reserves the right to assume the exclusive defense and control of any matter subject to indemnification by you, in which case you agree to cooperate with our defense of that claim.

27. Governing Law & Jurisdiction

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law principles. To the extent that any lawsuit or court proceeding is permitted under these Terms, you and HR Data Labs LLC agree to submit to the exclusive personal jurisdiction of the state and federal courts located in Delaware.

If you are accessing the Site from outside the United States, you do so on your own initiative and are responsible for compliance with local laws. These Terms do not limit any consumer protection rights you may have under the mandatory laws of your country of residence.

28. Dispute Resolution

Informal Resolution

Before initiating any formal dispute, you agree to first contact HR Data Labs LLC at legal@hrdatalabs.com and attempt to resolve the dispute informally. We will make reasonable efforts to resolve the dispute within 30 days.

Binding Arbitration

If informal resolution is unsuccessful, any dispute, claim, or controversy arising out of or relating to these Terms or the Site that cannot be resolved informally shall be resolved by binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. The arbitration shall be conducted in English, and the arbitral decision shall be final and binding. Judgment on the award may be entered in any court of competent jurisdiction.

Class Action Waiver

YOU AND HR DATA LABS LLC AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN YOUR OR ITS INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, COLLECTIVE, OR REPRESENTATIVE ACTION. The arbitrator may not consolidate more than one person’s claims and may not preside over any form of a representative or class proceeding.

Exceptions

Notwithstanding the above, either party may seek injunctive or other equitable relief in a court of competent jurisdiction to prevent actual or threatened infringement, misappropriation, or violation of intellectual property rights or confidential information.

29. Termination

HR Data Labs LLC reserves the right, in its sole discretion, to terminate or suspend your access to all or any part of the Site at any time, with or without notice, for any reason — including if we believe you have violated these Terms. Upon termination, your right to use the Site will immediately cease.

Sections 21 (Intellectual Property), 24 (Disclaimer of Warranties), 25 (Limitation of Liability), 26 (Indemnification), 27 (Governing Law), 28 (Dispute Resolution), and 30 (General Provisions) shall survive any termination of these Terms.

30. General Provisions

Entire Agreement

These Terms, together with the Privacy Policy and any additional terms applicable to specific features or services, constitute the entire agreement between you and HR Data Labs LLC regarding your use of the Site and supersede all prior agreements, understandings, or representations, whether written or oral.

Severability

If any provision of these Terms is held to be invalid, illegal, or unenforceable by a court of competent jurisdiction, that provision shall be modified to the minimum extent necessary to make it enforceable, or severed if modification is not possible, without affecting the validity and enforceability of the remaining provisions.

No Waiver

Our failure to enforce any right or provision of these Terms shall not be deemed a waiver of such right or provision. Any waiver of any provision will be effective only if in writing and signed by an authorized representative of HR Data Labs LLC.

Assignment

You may not assign or transfer any rights or obligations under these Terms without our prior written consent. HR Data Labs LLC may freely assign these Terms in connection with a merger, acquisition, sale of assets, or by operation of law.

Force Majeure

HR Data Labs LLC shall not be liable for any failure or delay in performance resulting from causes beyond our reasonable control, including acts of God, war, terrorism, natural disasters, labor disputes, power outages, or Internet disruptions.

Contact for Legal Notices

Notices to HR Data Labs LLC under these Terms should be sent to:

Note: These Terms of Use are provided for informational and operational purposes. They do not constitute legal advice. HR Data Labs LLC recommends consulting qualified legal counsel before publishing these Terms.