PRIVACY POLICY

Effective: April 25, 2026 · Last Updated: April 25, 2026

1. INTRODUCTION

BizBenchmark ("we," "our," or "us") is a competitive business intelligence platform operated by BizBenchmark, Inc. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our platform at thebizbenchmark.com (the "Service"). By using the Service, you agree to the practices described in this policy.

2. INFORMATION WE COLLECT

2.1 Information You Provide

  • Business information submitted through our benchmark intake form: company name, industry, location, employee count, gross revenue, wage rates, healthcare costs, workers' compensation MOD rate, SUI rate, and 401(k) match data
  • Contact information: name, email address, and phone number (if provided)
  • Broker account credentials: email address and hashed password
  • Voice recordings and audio files submitted via our voice memo import feature
  • Communications you send us (support requests, feedback)

2.2 Information Collected Automatically

  • IP address and approximate geolocation derived from IP
  • Browser type, operating system, and device information
  • Pages visited, features used, and time spent on the Service
  • Session identifiers stored in cookies
  • Access logs retained for security and compliance audit purposes

2.3 Information from Third Parties

  • Business phone numbers retrieved from Google Places API using company name and zip code
  • Publicly available business information from directories, LinkedIn public profiles, and company websites
  • Industry benchmark data from public government and industry sources

3. HOW WE USE YOUR INFORMATION

We use the information we collect to:

  • Generate competitive benchmark reports and business intelligence for your company
  • Provide, maintain, and improve the Service
  • Authenticate users and maintain account security
  • Notify assigned brokers of new leads and benchmark submissions
  • Send transactional emails (benchmark reports, account notifications, renewal reminders)
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with applicable legal obligations
  • Generate anonymized, aggregated industry statistics — no individual company is identifiable in these statistics

We do not sell your personal information to third parties. We do not use your data for advertising targeting.

4. DATA SHARING AND DISCLOSURE

  • Broker Partners: If you submitted a benchmark through a licensed broker's referral link, that broker can view your submission data to provide advisory services. Brokers are bound by confidentiality obligations.
  • Service Providers: We share data with trusted vendors who help us operate the Service (cloud hosting, email delivery, payment processing). These vendors are contractually bound to protect your data and may not use it for their own purposes.
  • HCM API Partners: Anonymized, aggregated benchmark data (with no company names, contact information, or individually identifiable records) may be shared with authorized HCM platform partners. Individual records are suppressed when the cohort size is fewer than 5 companies.
  • Legal Requirements: We may disclose information if required by law, court order, or government authority, or to protect the rights, property, or safety of BizBenchmark, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

5. DATA RETENTION AND DELETION

  • Benchmark submissions: Retained for the duration of your engagement with the platform to support longitudinal benchmarking and renewal tracking. You may request deletion at any time.
  • Voice recordings: Raw audio files are retained for 90 days after processing, then permanently deleted. Transcripts derived from recordings are retained as part of the submission record.
  • Audit logs: Retained for 12 months for security and compliance purposes, then purged.
  • Account data: Retained for the lifetime of your account. Upon account closure, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
  • Anonymized benchmark data: Aggregated, anonymized statistics derived from submissions are retained permanently as they contain no personally identifiable information.

6. YOUR RIGHTS

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Opt-out: Opt out of non-essential communications at any time by clicking "unsubscribe" in any email or contacting us directly

To exercise these rights, you may use our online request form or contact us directly:

SUBMIT A PRIVACY RIGHTS REQUEST

Use our secure online form to request data deletion, export, correction, or to opt out of data sharing. We will respond within 45 days.

Submit Privacy Request →

You may also contact us directly at [email protected]. We will verify your identity before processing your request and respond within 45 days as required by applicable law.

7. SECURITY

We implement industry-standard security measures including:

  • TLS encryption for all data in transit
  • Encrypted storage for sensitive data at rest
  • Password hashing using bcrypt with per-user salts
  • Session-based authentication with signed JWT tokens and session revocation capability
  • Role-based access controls limiting data access to authorized personnel
  • Comprehensive audit logging of all sensitive data access events
  • Rate limiting on all public-facing endpoints to prevent abuse
  • Timing-safe secret comparison to prevent timing-based attacks

No method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. COOKIES

We use session cookies solely to maintain your authenticated session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You may disable cookies in your browser settings, but this will prevent you from logging in to the Service.

9. CHILDREN'S PRIVACY

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately at [email protected].

10. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. CONTACT US

If you have questions about this Privacy Policy or our data practices, please contact us:

BizBenchmark, Inc.

Email: [email protected]

Website: thebizbenchmark.com

🍪Privacy & Cookie NoticeCCPA · SOC 2 P1

BizBenchmark collects business data you enter, usage analytics, and session cookies to operate this service. We do not sell your personal information to third parties. By continuing, you acknowledge our Privacy Policy and Terms of Service. California residents may opt out of data sharing.

Manage Preferences