Bnchmrk
Product
Explore Data
Pricing
API
AboutGuidesContact
Order ReportClient Login

Data & Privacy Policy

How we collect, use, and protect your data

1. Introduction

Welcome to Bnchmrk. This Data & Privacy Policy explains how Bnchmrk, LLC ("Bnchmrk," "we," "us," or "our") collects, uses, protects, and shares information when you use our employee benefits benchmarking platform and services (collectively, the "Services").

By submitting data to Bnchmrk or using our Services, you agree to the terms of this Policy. If you do not agree, please do not submit data or use our Services.

2. What Data We Collect

2.1 Plan Design Data

We collect employee benefit plan information including:

  • Plan designs and coverage details (deductibles, copays, out-of-pocket maximums, etc.)
  • Premium rates and contribution structures
  • Carrier and network information
  • Plan documents (SPDs, SBCs, rate sheets)
  • Employer information (company name, size, industry, location)

2.2 What We Do NOT Collect

Important:

We do NOT collect:

  • Claims data or utilization information
  • Census data or employee demographic details
  • Protected Health Information (PHI) as defined under HIPAA
  • Social Security numbers or other personally identifiable information about individual employees

3. How We Use Your Data

3.1 Primary Uses

We use the data you submit to:

  • Create your custom benchmark reports
  • Analyze and score plan competitiveness
  • Generate market intelligence and benchmarking insights
  • Verify and validate plan information
  • Communicate with you about your reports and Services

3.2 Aggregate Benchmarking Database

With your permission, we add your plan data to our anonymized, aggregated benchmarking database. This data is:

  • De-identified: Your company name and identifying information are removed
  • Aggregated: Combined with data from thousands of other organizations
  • Never sold: We do not sell individual company data to third parties
  • Used to improve benchmarks: Helps us provide more accurate market intelligence to all users

3.3 What We Don't Do

We will never:

  • Share your identifiable company information without your explicit consent
  • Sell your data to third parties
  • Use your data for marketing purposes without permission
  • Disclose your specific plan details to other users

4. Data Security & Protection

4.1 Security Measures

We implement industry-standard security practices including:

  • Encryption: 256-bit SSL encryption for all data transfers
  • Access Controls: Strictly limited access to authorized personnel only
  • Secure Storage: All data stored on secure, encrypted servers
  • Regular Audits: Ongoing security assessments and improvements

4.2 Data Retention

  • Source Documents: Securely deleted after report delivery (or per your retention preference)
  • Anonymized Benchmark Data: Retained indefinitely in de-identified, aggregated form
  • Reports: Stored for your access per your service agreement

5. Your Rights

You have the right to:

  • Request deletion of your source documents after report delivery
  • Correct inaccuracies in your submitted data before report generation

For requests, contact us at privacy@bnchmrk.com

6. Data Sharing & Disclosure

6.1 When We Share Data

We may share data in the following limited circumstances:

  • Service Providers: With trusted vendors who help us deliver Services (subject to confidentiality agreements)
  • Legal Obligations: When required by law, subpoena, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Aggregated Reports: We may publish aggregate industry benchmarks that do not identify specific companies

6.2 Your Reports

You retain the right to share your benchmark reports as you see fit. We do not share your individual reports with other parties without your permission.

7. Intellectual Property

7.1 Ownership

All benchmark reports, methodologies, and derivative works created by Bnchmrk remain the exclusive property of Bnchmrk. You receive a license to use your reports for your internal business purposes.

7.2 Your License

You may:

  • Use your reports internally
  • Share reports with clients or stakeholders as needed
  • Present findings in business contexts

You may not:

  • Reproduce or redistribute our reports commercially
  • Reverse-engineer our methodology
  • Remove our branding or attribution

8. Compliance & Legal

8.1 HIPAA Compliance

Because we do not collect Protected Health Information (PHI), we are not a HIPAA-covered entity or business associate. Our services are designed to avoid the need for HIPAA compliance by collecting only plan design information.

8.2 State Privacy Laws

We comply with applicable state privacy laws including CCPA (California), GDPR (where applicable), and other state-specific regulations.

8.3 Governing Law

This Policy is governed by the laws of the State of New Jersey, without regard to conflict of law provisions.

9. Updates to This Policy

We may update this Policy from time to time. We will notify you of material changes by:

  • Posting the updated Policy on our website
  • Updating the "Last Updated" date
  • Emailing you at the address you provided (for significant changes)

Your continued use of our Services after changes constitutes acceptance of the updated Policy.

10. Contact Us

If you have questions about this Policy or our data practices, contact us:

Bnchmrk, LLC

71 South Orange Ave, Suite 357

South Orange, NJ 07079

Email: privacy@bnchmrk.com

Website: bnchmrk.com

Version 1.0

Last Updated: January 1, 2025