Terms of Use & Disclosures 

Deloitte 1(also referred to below as "we", "us" and "our") is a privacy conscious organization. This Privacy Notice explains how we process your information collected from (1) BenefitsIQ.ai or web pages of any other website with respect to which this Privacy Notice is posted or linked (such web pages are collectively referred to as the "Website"), (2) downloadable applications accessed from mobile devices with respect to which this Privacy Notice is posted or linked ("Mobile Apps") or (3) any other mode of interacting with you relating to Deloitte communications, such as online or offline newsletters and magazines, that reference this Privacy Notice (“Communications”). By using the Website or Mobile Apps, or continuing to receive Communications, you agree to the use of such information in accordance with this Privacy Notice. This Privacy Notice also applies to your personal information that we may have collected from data brokers in connection with our marketing activities. As used in this Privacy Notice, "Deloitte Network" means DTTL and its member firms and their affiliates and related entities. Information collection We may collect personal information when you interact with the Website or Mobile Apps, such as if you choose to register or create a user profile on the Website or a Mobile App (e.g., to gain access to specific content, attend a hosted event, respond to a survey or request Communications about specific areas of interest), or otherwise provide it to us. Depending on the specific Communication you are receiving, or the web page of the Website or Mobile App you are using, such information may consist of your name, current job title, company address, email address, telephone and fax numbers, correspondence with you, which newsletters you subscribe to, and other information you provide to us. When using a Mobile App, in addition to contact information, we or our service providers (such as mobile operating system and platform providers) may also collect information relating to your device, including your device model, operating system, browser type, unique device identifier, IP address, mobile phone number, mobile network carrier, location, and the way you are using the Mobile App. The information collected will depend on the functionality of the specific Mobile App you are using. If any other information is collected relating to your use of a Mobile App, such information will be specified in the Mobile App. We may also collect personal information if you register for the Website using a third-party social network account (e.g., LinkedIn, Facebook, and X). For example, the Website or a Mobile App may allow you to login using your social network account credentials. We may collect the user name associated with that social media account and any information or content you have permitted the social media network to share with us, such as your profile picture, email address, and birthday. The information we collect may depend on the privacy settings you have with the social network site, so please review the privacy statement or policy of the applicable social network site. When you access the Website through your social network account, you are authorizing us to collect and use your information in accordance with this Privacy Notice. The Website may also collect content that you provide, including postings on blogs, forums, wikis and other social media applications and services that we may provide. We may also collect similar personal information about you from data brokers in connection with our marketing activities. We do not usually seek to collect your sensitive personal information (i.e., data relating to your social security, driver’s license, state identification card, or passport numbers; non-Deloitte account username or number or financial account, debit card, or credit card number in combination with credentials allowing access to such accounts; racial or ethnic origin; national origin; immigration or citizenship status; religious or philosophical beliefs; trade union membership; genetic or biometric data; precise geolocation; political opinions; status as victim of a crime; medical or health conditions/status (including data related to pregnancy, abortion, or reproductive or sexual health); researching, obtaining, or seeking gender affirming health care or reproductive or sexual health services; status as transgender or non-binary; or sex life or sexual orientation. Sensitive personal information also includes the contents of your personal mail, email, or text messages unless we are the intended recipient). We will obtain your explicit consent to collect and use such information where required by law. Log information, cookies and web beacons The Website and Mobile Apps collect standard Internet log information including your IP address, browser type and language, access times and referring website addresses. To ensure that the Website, Mobile Apps and Communications are well managed and to facilitate improved navigation, we or our service provider(s) may also use cookies (small text files stored in a user's browser) or web beacons (electronic images that allow us to count users who have accessed particular content and to access certain cookies) to collect aggregate data. Additional information on how we use cookies and other tracking technologies and how you can control these can be found in our Cookie Notice. Information use We collect and use your personal information with your consent to provide you with access to the Website, Mobile Apps and Communications, or where we have a legitimate business interest in or other legal basis for, such collection and use. The personal information you submit to us may be used to manage our relationship with you, including any of your requests, or to customize or improve the Website or a Mobile App and related services offered to you. We may also use your personal information for marketing purposes, including to deliver cross-contextual behavioral or targeted advertising based on your interactions across nonaffiliated websites or online applications, or to send you promotional materials or communications regarding services provided by us or other members of the Deloitte Network that we believe may be of interest to you. We may also contact you to seek feedback on services provided by members of the Deloitte Network or for market or other research purposes. Your personal information may also be used to protect our rights or property and that of our users. You may at any time request that we discontinue sending you Communications, emails or other correspondence. To the extent that we possess any personal information about you that has been de-identified, we maintain and use such de-identified information without re-identifying such information. Such de-identified information is not subject to the terms of this Privacy Notice. Selling of information We do not sell your personal information that is collected under this Privacy Notice except to the extent we may use it for cross-contextual behavioral or targeted advertising. To the extent we sell other personal information that falls outside the scope of this Privacy Notice, such practices are described in our Data Analytics Privacy Notice. Information retention We retain your personal information for as long as the information is reasonably needed for the purposes described in this Privacy Notice. We also may retain your personal information to comply with our legal or professional obligations, enforce our agreements, or resolve disputes. Disclosure of information to third parties We may provide your personal information to other members of the Deloitte Network in order to provide you with information that could be of interest to you and conduct market or other research. Your personal information may also be disclosed to members of the Deloitte Network and other third parties: in order to respond to your requests or inquiries; as part of a corporate transaction (such as a sale, divestiture, reorganization, merger or acquisition); or where those parties handle information on our behalf. Personal information may also be disclosed to law enforcement, regulatory or other government agencies, or to other third parties, in each case to comply with legal, regulatory, or national security obligations or requests. In relation to Mobile Apps, we may also share your usage and personal information with mobile carriers and platform providers, as well as any other entities described in any particular Mobile App in connection with the operation of the Mobile App. In relation to Communications, we may also share your personal information with service providers in connection with the delivery of such Communications. All of these disclosures may involve the transfer of personal information to countries or regions without data protection rules similar to those in effect in your area of residence. By providing information with respect to a Communication or through the Website or a Mobile App, you are consenting to the disclosures described above. Any personal information that we have referenced above under “Information collection” may be disclosed to the third parties identified in this section for the purposes set forth herein. Your personal information rights You may have choices about how your personal information is collected, used and shared. If you choose to register for a Communication or with the Website or a Mobile App, you may access your user profile, correct and update your details, or unsubscribe at any time. If you decide that you no longer wish to have your third-party social network site account (e.g., LinkedIn, Facebook, or X) linked to your profile on the Website or a Mobile App, you may change your account settings at any time. If you have any problem accessing your profile or would like to request a copy of your profile, please complete our Personal Information Request Form. Depending on the jurisdiction in which you are located, you may have the right to request that we confirm whether we process your personal information or that we correct, delete, or stop processing your personal information. You may also have the right to request that we provide the following information regarding the personal information we hold about you: The categories and/or specific pieces of personal information we collected The categories of sources from which personal information is collected The business or commercial purpose for collecting personal information The categories of third parties with whom we shared personal information To exercise any of your rights under applicable law described above regarding your personal information, complete contact us via our contact form. You may also appeal a denial of your request by contacting us. Applicable laws may also give you the right to lodge a complaint with a local supervisory authority related to this Privacy Notice. We will not discriminate against you for exercising any of your rights with respect to your personal information. Deloitte’s annual personal information request metrics are available here. Verification of personal information requests For certain personal information requests, we must first verify your identity before processing your request. To do so, we may ask you to provide us with your full name, contact information, and relationship to Deloitte. Depending on your request, we may ask you to provide additional information. Once we receive this information, we will then review it and determine whether we are able to match it to the information Deloitte maintains about you to verify your identity. Third party requests If you are submitting a personal information request on behalf of someone other than yourself, please contact us and include proof that you are authorized to make the request. This may be in the form of a written authorization signed by the person whom you are acting on behalf of or a valid power of attorney. Data Privacy Framework notice Deloitte complies with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce (each, a “Data Privacy Framework”) with respect to personal information that is transferred from the European Economic Area, the United Kingdom and Switzerland to the United States within the scope of Deloitte’s Data Privacy Framework certifications. To learn more, see our Data Privacy Framework Notice. Special notices to California residents If you are a California resident, you are entitled to request information concerning any personal information you provide to us as part of an established business relationship for personal, family, or household purposes that we disclose to nonaffiliated third parties for their direct marketing purposes. We do not share such personal information with nonaffiliated third parties for such purposes. Washington State Consumer Health Data Privacy Policy For information about how we use consumer health data that is subject to the Washington State My Health My Data Act, see our Washington State Consumer Health Data Privacy Policy. Opt-out preference signals and Do Not Track To the extent our websites use targeting and advertising cookies and depending on the jurisdiction in which you are located, you may use an opt-out preference signal, such as the Global Privacy Control (GPC), to opt-out of the sale and sharing of your personal information for cross-contextual behavioral or targeted advertising at the browser level. If you choose to use the GPC signal, you will need to turn it on for each supported browser. To download and use a browser supporting the GPC browser signal, click here. Our websites detect and respond to the GPC by automatically disabling targeting and advertising cookies set on such websites. However, if you choose to enable the targeting and advertising cookies on such websites, you will override the opt-out preference signal. To the extent we are engaging in other selling or sharing of your personal information, you may opt-out by submitting a request. "Do Not Track" is a preference you can set in your web browser to let the websites you visit know that you do not want them collecting information about you. However, the Website does not currently respond to a "Do Not Track" signal. Information security We have in place reasonable commercial standards of technology and operational security to protect all personal information provided by users with respect to Communications, or via the Website or Mobile Apps, from unauthorized access, disclosure, alteration or destruction. Children's privacy protection We understand the importance of protecting children's online privacy. Communications, the Website and Mobile Apps are not designed for or intentionally targeted at children under the age of 13. It is not our policy to intentionally collect or maintain information about anyone under the age of 13. If we obtain actual knowledge that we have received such information, we will take steps to delete it. Blogs, forums, wikis and other social media The Website may host various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively “Social Media Applications”). Any personal information or other information that you contribute to any Social Media Application can be read, collected and used by other users of that Social Media Application over whom we have little or no control. Therefore, we are not responsible for any other user's use, misuse or misappropriation of any personal information or other information that you contribute to any Social Media Application. Privacy practices of third parties This Privacy Notice only addresses the use and disclosure of information collected by Deloitte through your interaction with the Website and the Mobile Apps and through other interactions with Deloitte relating to a Communication. Other websites or mobile apps that may be accessible through links from the Communication, Website, or Mobile Apps have their own privacy statements and personal information collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy statements provided by these other parties prior to providing them with information. Changes to our Privacy Notice In addition to describing our current privacy practices, this Privacy Notice also describes the categories of personal information we collected, disclosed, or sold during the preceding 12 months. We may modify or amend this Privacy Notice from time to time at our discretion. When we make changes to this Privacy Notice, we will amend the revision date at the top of this page and such modified or amended Privacy Notice shall be effective as to you and your information as of that revision date. We encourage you to periodically review this Privacy Notice to view any updates.