Employee Privacy Notice at Collection

Last modified: July 28, 2025                                                                                                                                                                                                                                                                                 

Overview

This Notice explains your rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CPRA”) (Cal. Civ. Code § 1798.100 et seq.) and helps you understand how Veteran Benefits Guide  collects, uses, and retains your Personal Information in compliance with California law.  In this Notice, the terms “Company,” ”us,” “we,” “VBG,” and “our” refer to VBG and its affiliates.

Who This Notice Applies To

The CPRA provides a right to notice at the collection for certain California residents, including current and former employees, and management (“Workforce” or “you”); emergency contacts provided by Workforce; and individuals/dependents of Workforce whose Personal Information is provided to administer benefits.

This notice does not cover:

  • Your interactions with VBG outside the employment context, such as browsing VBG’s website or using VBG’s services as a client.  To learn more about how we collect and use information related to those types of interactions, please see our VBG Privacy Policy.
  • Job applicants. To learn more about how we collect and use information when you apply for a job with us or our recruiting purposes, please see our VBG Applicant Privacy Policy.

What We Collect

As further described below, VBG collects your Personal Information in connection with your employment with the Company.  Your “Personal Information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.  Personal Information does not include publicly available information from government records, de-identified information, or aggregated data.

As described in greater detail below, we collect Personal Information in the following ways:

  • Directly from You. We may collect Personal Information directly from you, such as during the job application or onboarding process, during your employment, and/or when you experience a change in your employment status with us.
  • From Third Parties. We may collect certain Personal Information about you from third parties. For example, this includes vendors that run background checks, vendors that administer VBG’s leave of absence and employee benefits, healthcare providers whom you direct to communicate with us, your spouse and/or dependents, and references and referrals you provide to us.
  • From Employees and Clients. Other VBG employees may provide us with information about you, such as performance or evaluation information from a manager or supervisor. From time to time, we also obtain information about you from VBG’s clients, such as when they provide feedback or reviews of their interactions with you.
  • When You Visit Our Offices. We collect identifiers and audio/visual data when you visit our offices.
  • Automatically. When you access our networks, we collect system log data such as your IP address, browser type and language, device information, access times, and referring website addresses.  

Please note that Personal Information does not include information based on activities performed on VBG assets. You do not own or have an expectation of privacy or rights under the CPRA regarding the following:

  1. Company information created, collected, or maintained on any technology assets owned, leased, or operated in whole or in part by the Company. The Company’s technology assets consist of all electronic devices, software, and means of electronic communication, including, but not limited to, Point of Sale systems, computers, and workstations, laptop computers, computer hardware, as well as computer software applications, associated files, and data that grant access to services like the internet, email, phone, voicemail, and instant messages. All information created, collected, or maintained by the Company’s technology assets is company property and provided to you solely for your use in conducting Company business.
  2. Company information VBG collects when monitoring premises, equipment, devices, computers, networks, applications, software, or similar company assets and resources to protect its worksites, employees, and computer systems.

Categories of Personal Information

The following discusses the categories of Personal Information we collected in the last twelve (12) months. We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different purposes without first providing you notice.

  • Personal Identifiers. We collect your name; online identifiers, such as your account username and password associated with our systems; telephone number, email address, address, signature, and emergency contact information (such as your family members). We also collect your internet protocol (“IP”) address if you use a personal electronic device to access our network. Additionally, we collect your Social Security number or tax identification number, driver’s license or state identification card number, passport number, military credentials or other I-9 documentation to show your identity and authorization to work.
  • Characteristics of Protected Classifications Under California or Federal Law.  We may collect your date of birth, age, gender identity, sex, race, ethnic or national origin, citizenship and immigration status, veteran or military status, disability information, marital status, or pregnancy and related information, if you provide this information.
  • Audio/Visual Data or Similar Information. We collect your employee photograph and CCTV security camera recordings of you. We also collect messages (whether in electronic, text, or audio/voice form) that you send to us. If you participate in any external or internal marketing campaigns, we collect photographs and/or video recordings of you in furtherance of those marketing efforts.
  • Biometric Information. If you leave a voicemail message with us, we collect your voice recording to establish your identity and determine the nature of your request or message.  
  • Professional or Employment-Related Information. We collect information related to your employment history, including your resume. Additionally, we collect information relating to your dates of employment, your work attendance, and your work performance.
  • Education Information. We collect your education history from you as part of your application and background check process or if you update your information with us.    
  • Financial Information. We collect financial information, including your bank account information to process payroll, and payment information relating to employee benefits received by you or your spouse and dependents.
  • Health Insurance Information. We collect health insurance information, such as enrollment details and premium payments concerning you, your dependent or spouse, in furtherance of processing your health insurance enrollment and manage your benefits.
  • Medical Information. To the extent provided to us and to the extent permitted and required by applicable laws, as part of our benefits administration and disability accommodation obligations, we may collect information regarding your health, medical and treatment history, diagnoses, dates of service, provider name, spouse and dependent information, benefits payment information.
  • Internet or Other Electronic Network Activity & Analytics or Monitoring Data. If you use a device to access our network, we collect system log data like IP address, browser type and language, device information, access times, and referring website addresses as part of our system management and investigations into irregular, unauthorized, or unusual activity on our systems.

The following forms of data listed above constitute “Sensitive Personal Information”: Your Social Security, driver’s license, state identification card, and passport number; your bank account information; your racial, ethnic or national origin; your biometric information; your citizenship and/or immigration status, and your health information, if provided to us.  We do not use or disclose Sensitive Personal Information, as defined by California law, for inferring characteristics or for purposes other than those permitted by law.

How We Use the Information We Collect

We use the Personal Information we collect for the following purposes:

  • Onboarding. We use Personal Information to conduct background checks as necessary, complete new hire paperwork, enroll you in our HR system, and set up your personnel file.
  • Benefits. We use Personal Information to create and facilitate benefits packages and, if eligible, provide your employee benefits through us and/or through third-party benefits administrators.
  • Payroll. We use Personal Information to manage reimbursements and pay you for services provided.
  • Leave and Accommodation Requests. We use Personal Information to evaluate and process time off, sick leave, leaves of absence, or accommodation requests if you make such requests.
  • Training, Performance Reviews, and Goals Monitoring. We use Personal Information to provide you with relevant training and feedback and to support your career development.
  • Marketing. We use Personal Information to engage in internal and external marketing efforts, but such use for external marketing efforts is only done with your affirmative consent.
  • Business Operations. We use Personal Information to guide our recruiting and hiring process, maintain files, and/or support our business operations and the operations of our parent(s), subsidiaries, and affiliates.
  • Security and Crime Prevention. We use Personal Information to secure our facilities and networks, such as by monitoring access to our network, conducting periodic security checks, investigating workplace incidents, and limiting access to our facilities and assets.
  • Legal Compliance and Protection. We use Personal Information to comply with applicable laws, our legal obligations and in defense of our company, property, and others through legal proceedings.

Please note that some of the internally provided applications and services we make available to you also include integrations, references, or links to services provided by providers whose privacy practices differ from ours. If you provide Personal Information via these integrations, references, or links or allow us to disclose It to them, that information is governed by their privacy statements.  Finally, we may share de-identified information in accordance with applicable law.

Additional Rights Under California Law

You may have certain rights under California law. This may include a right to access, correct, or delete employee data, subject to applicable exceptions. For example, we may retain your employee data to comply with legal obligations. To exercise your rights, contact us as described at the end of this notice to submit a request.

Under California law, we are required to tell Californians if we “sell” or “share” Personal Information as that term is defined by applicable law. Sell is defined under the law as disclosing personal information to a third party for monetary or other valuable consideration. Share is specifically defined under the law as well.  Sharing means sharing Personal Information with a third party for cross-context behavioral advertising.

We do not “sell” or “share” employee data (including Personal Information and Sensitive Personal Information) based on our understanding of those terms. You may have different rights if you interact with the Company in other ways. For example, if you use our website, visit our privacy policy for information collection and rights for website users. If you are also an VBG customer or consumer, the privacy policy on our website applies to our interactions with you as a customer or consumer.

How We Retain Your Personal Information

To the extent permitted by applicable law, VBG will retain your Personal Information for as long as reasonably necessary to fulfill the purposes for which it was collected, including to meet any legal, accounting, or other reporting requirements or obligations.  For example, we retain Personal Information in accordance with our obligations under applicable labor and employment laws and as necessary to administer and carry out the employment relationship and our post-employment obligations.  We use the following criteria to determine retention periods:

  • How long the information is needed to provide our services and operate our business;
  • Whether there are contractual or legal obligations that exist that require us to retain the information for a period of time;
  • Whether any law, statute, or regulation allows for a specific retention period;
  • Whether an individual has agreed to a longer retention period;
  • Whether the data is considered to be sensitive data; and
  • What the expectation for retention was at the time the data was provided to us

How You Are Protected Against Discrimination

VBG will not unlawfully discriminate against you for exercising your rights under the CPRA.  This commitment applies to all persons involved in our operations and prohibits unlawful discrimination by any Company employee, including supervisors and coworkers.

How Other VBG Policies & Disclosures Apply

This Notice is in addition to the policies and disclosures in the Employee Handbook and other written policies promulgated by VBG. If you are unsure whether this Notice applies to you, please get in touch with Human Resources at peopleops@vbg.com or by phone at (866) 412-8135.  This Notice does not form any part of any contract of employment.

Disclaimer

Nothing in this Notice restricts the Company’s ability to:

  • Comply with federal, state, or local laws;
  • Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities;
  • Cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith believes may violate federal, state, or local law;
  • Exercise or defend legal claims;
  • Detect security incidents and protect against fraudulent or illegal activity and prosecute those responsible for such activity; or
  • Transfer Personal Information as part of a merger or acquisition, dissolution, bankruptcy, or any other transaction in which a third party assumes control of all or part of the Company.

Updates to This Notice

This Notice is reviewed and updated annually to ensure it accurately captures our practices and procedures.  In addition, from time to time, we may update this Notice to reflect changes required by law or our privacy practices or procedures.  The effective date for this version is posted in the footer below.  When we make material changes to this Notice, we will let you know by updating this Notice and the date at the footer of this Notice.

Changes to this Notice

See our privacy policy for employees.

Contact Us

If you have questions about this Notice, please email us at compliance@vbg.com, or call us at (866) 412-8135.