Benefit Administration Services LLC (“BAS”) is strongly committed to protecting your privacy online when visiting our web site. BAS knows that you care how information about you is used and shared and we appreciate your trust that we will do so carefully and sensibly. This Privacy Notice outlines the information BAS will collect on the BAS web site and how we will use that information. By visiting https://www.baslimited.com/, you are accepting the practices described in this Privacy Notice.
Last updated: October 09, 2020
While using Our Website, We may ask You to provide Us with certain Personal Data that can be used to contact or identify You.
Usage Data is collected automatically when using the Website. When You access the Website by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Website or when You access the Website by or through a mobile device.
Cookies can be "Persistent" or "Session"Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies: Cookies: What Do They Do? We use both Session and Persistent Cookies for the purposes set out below:
The Company may use Personal Data for the following purpose:
We may share Your Personal Data in the following situations:
·Law enforcement: Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements: The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data,We cannot guarantee its absolute security.
Website Providers have access to Your Personal Data only to perform their tasks on Our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Website providers to monitor and analyze the use of our Website.
We may use Your Personal Data to contact You with newsletters,marketing, or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us. We may use Email Marketing Website Providers to manage and send emails to You.
Some States have specific laws regarding privacy and the rights of consumers in an on-line environment. While not purporting to be a comprehensive list of all that may be in effect, the following State laws may affect you:
Your California Privacy Rights (California's Shine the Light law): Under California Civil Code Section 1798(California's Shine the Light law), California residents with an established business relationship with us can request information once a year about sharing their Personal Data with third parties for the third parties' direct marketing purposes. If you'd like to request more information under the California Shine the Light law, and if You are a California resident, You can contact Us using the contact information provided below.
California Privacy Rights for Minor Users (California Business and Professions Code Section 22581): California Business and Professions Code section 22581 allow California residents under the age of 18 who are registered users of online sites, services, or applications to request and obtain removal of content or information they have publicly posted. To request removal of such data, and if You are a California resident, You can contact Us using the contact information provided below, and include the email address associated with Your account. Be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
Cal. Civ. Code §§ 1798.100 et seq., The California Consumer Privacy Act of 2018 (CCPA): Allows consumers the right to request a business to disclose the categories and specific pieces of personal information that the business has collected about the consumers as well as the source of that information and business purpose for collecting the information. Provides that consumers may request that a business delete personal information that the business collected from the consumers. Provides that consumers have the right to opt out of a business’s sale of their personal information, and a business may not discriminate against consumers who opt out.Applies to California residents. (Effective Jan. 1, 2020.)
Conn. Gen. Stat. § 42-471: Requires any person who collects Social Security numbers in the course of business to create a privacy protection policy. The policy must be"publicly displayed" by posting on a web page and the policy must (1)protect the confidentiality of Social Security numbers, (2) prohibit unlawful disclosure of Social Security numbers, and (3) limit access to Social Security numbers.
Del. Code § 1204C: Prohibits operators of websites, online or cloud computing services, online applications,or mobile applications directed at children from marketing or advertising on its Internet service specified products or services inappropriate for children’s viewing, such as alcohol, tobacco, firearms, or pornography. When the marketing or advertising on an Internet service directed to children is provided by an advertising service, the operator of the Internet service is required to provide notice to the advertising service, after which time the prohibition on marketing and advertising the specified products or services applies to the advertising service directly. The law also prohibits an operator of an Internet service who has actual knowledge that a child is using the Internet service from using the child’s personally identifiable information to market or advertise the products or services to the child, and also prohibits disclosing a child’s personally identifiable information if it is known that the child’s personally identifiable information will be used for the purpose of marketing or advertising those products or services to the child.
NRS § 603A.300: Requires an operator to establish a designated request address through which a consumer may submit a verified request directing the operator not to make any sale of covered information collected about the consumer. The term “sale” is defined to mean the exchange of covered information for monetary consideration by the operator to a person for the person to license or sell the covered information to additional persons. The law also prohibits an operator who has received such a request from making any sale of any covered information collected about the consumer. The Attorney General may seek an injunction or a civil penalty for violations.
NRS § 603A.340: Requires operators of Internet websites or online services that collect personally identifiable information to identify the categories of information collected through its Internet website or online service about consumers who use or visit the site or service and the categories of third parties with whom the operator may share such information. Provides a description of the process, if any such process exists, for an individual consumer who uses or visits the Internet website or online service to review and request changes to any of his or her information that is collected through the Internet website or online service.
ORS § 646.607: Makes it an unlawful trade practice if a person publishes on a website related to the person’s business, or in a consumer agreement related to a consumer transaction, a statement or representation of fact in which the person asserts that the person, in a particular manner or for particular purposes, will use, disclose,collect, maintain, delete or dispose of information that the person requests,requires or receives from a consumer and the person uses, discloses, collects,maintains, deletes or disposes of the information in a manner that is materially inconsistent with the person’s statement or representation.
9 V.S.A § 2446-2447 (Protection of PersonalInformation: Data Brokers): Requires data brokers--businesses that knowinglycollect and license the personal information of consumers with whom suchbusinesses do not have a direct relationship—to register annually with theSecretary of State. Data brokers alsomust provide consumers with specified information, including the name, e-mail,and Internet addresses of the data broker; whether the data broker permits aconsumer to opt out of personal information collection or data sales; themethod for requesting an opt-out; activities or sales the opt-out applies to;and whether the data broker permits a consumer to authorize a third party toperform the opt-out on the consumer's behalf. A statement specifying the data collection,databases, or sales activities from which a consumer may not opt out and astatement as to whether the data broker implements a purchaser credentialingprocess must also be disclosed, among other disclosures. Data brokers also must implement and maintaina written information security program containing administrative, technical,and physical safeguards to protect personally identifiable information.