Privacy & Security Back to Login

Effective August 9, 2023

Privacy Notice Table of Contents

Our Commitment to Privacy

Your privacy is important to us. Benefit Plan Services LLC, NFP Executive Benefits LLC and their affiliates (collectively "NFP Executive Benefits") are committed to protecting the confidentiality and security of information you provide us on our websites. To better protect your privacy, we provide this Privacy and Security Policy to explain our online information practices and the choices you can make about the ways your information is collected and used. This Policy can be found on our homepage and at any place on our websites where personal information is requested.

If we decide to change our privacy policy, we will post those changes to this privacy statement, the home page, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.


The Scope of This Privacy and Security Policy

This Privacy Statement applies to NFP Executive Benefits' service platform residing at and owned and operated by Benefit Plan Services LLC. This Privacy Statement describes how NFP Executive Benefits collects and uses the personal information you provide for and on our services. It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal information. The use of information collected through our service shall be limited to the purpose of providing the service for which the client (the data controller) has engaged NFP Executive Benefits.

Please note that other websites or third parties, referenced on our website, may adhere to their own customs and policies. We are not affiliated with the creation or management of the content or privacy policies of such websites or third parties. We are neither responsible nor liable for privacy or other information collection issues related to such other websites or third parties.

Data collected We only collect the information you provide to us or that we are directed to collect by our clients. In this regard, we do not control what end user data we may receive and host, nor what steps our clients (as data controller) have taken to ensure that the data is reliable for its intended use, accurate, complete, and current. We also collect client information on our portal and corporate website.

Client Information is personal information about people in our client's organization, such as account managers and users, who interact with our portal. Client information is usually limited to name, work e-mail address, work phone number, and job title, and we collect it through the portal or other means provided to us. We use this information to support your account, maintain our business relationship with you and our client, respond to your inquiries, and perform recordkeeping functions.

The categories of information that we may collect directly from you or receive from a data controller include:
- access your personal information;
- request proof of the authorization or previous consent given to us to perform the collection and processing of the personal information;
- personal details (e.g., name, date of birth);
- contact details (e.g., phone number, email address, postal address or mobile number);
- government issued identification details (e.g., social security and national insurance numbers, passport details);
- health and medical details (e.g., health certificates);
- policy details (e.g., policy numbers and types);
- bank details (e.g., payment details, account numbers and sort codes);
- driving license details;
- online log-in information (e.g., username, password, answers to security questions); and
- other information we receive from you on applications or required questionnaires of our clients.

Notice We operate under the assumption that it is generally our client's obligation as data controller to notify individuals about the purposes for which we collect and use information about them, how individuals can contact us with any inquiries or complaints, the types of third parties to which they disclose your information, and the choices and means offered for limiting our use and disclosure. As your data processor, we make available to you this privacy policy so that you can better understand our data practices and whether they are consistent with privacy notices made available to you.

Transfer We may transfer personal information to companies that help us provide our services. Transfers to subsequent third parties are covered by the service agreements with our clients. Such transfers are made in accordance with applicable law. We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your personal information is adequately protected. In addition, we use an approved certification mechanism for legitimate transfers of information (see EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework section below).

Where you are based in the European Union you should be aware that your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law. Where you are based outside of the European Union, you should be aware that your personal information may be transferred to, stored, and processed in a jurisdiction that is not your home jurisdiction. You consent to the transfer, disclosure, storage and/or processing of your personal information outside the jurisdiction in which the information was originally collected.

Access NFP Executive Benefits acknowledges that you have the right to access your personal information, as described further below. NFP Executive Benefits has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to NFP Executive Benefits' client (the data controller). If requested to remove data we will respond within a reasonable timeframe. We will retain personal data we process on behalf of our clients for as long as needed to provide services to our clients. NFP Executive Benefits will retain and use this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

You may have certain rights regarding your personal information with the client of NFP Executive Benefits (the data controller) that, subject to local law, could include the following rights:

- access your personal information;
- request proof of the authorization or previous consent given to us to perform the collection and processing of the personal information;
- rectify the information we hold about you;
- erase your personal information;
- restrict our use or disclosure of your personal information;
- object to our use or disclosure of your personal information;
- request information about the use and processing of your personal information by data controllers and their data processors;
- receive your personal information in a usable electronic format and transmit it to a third party (right to data portability);
- revoke the consent given by you for the processing of your personal information; or
- lodge a complaint with your local data protection authority.

If you would like to discuss or exercise such rights, as applicable under local law, please contact the applicable data controller of your information. You may also contact us at the details below.

Choice Benefit Plan Services LLC will not share, sell, rent, or trade with third parties for their marketing purposes any client or end user data collected by us, unless you direct us to do so and have the appropriate authorization to do so.

Benefit Plan Services LLC or Client offers individuals the opportunity to opt out of uses and disclosures of their data that are incompatible with the purposes for which that data was originally collected or subsequently authorized. We operate under the assumption that it is generally our client's obligation as data controller to obtain from data subjects the appropriate consent to transfer their data to us and to process data using our products for defined purposes.


EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework

Benefit Plan Services, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Benefit Plan Services, LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Benefit Plan Services, LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit

Benefit Plan Services, LLC is responsible for the processing of personal data it receives, under the DPF, and subsequently transfers to a third party acting as an agent on its behalf. Benefit Plan Services, LLC complies with the DPF Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission [OR U.S. Department of Transportation] has jurisdiction over Benefit Plan Services, LLC's compliance with the EU-U.S. DPF and Swiss-U.S. DPF. In certain situations, Benefit Plan Services, LLC may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, Benefit Plan Services, LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit for more information or to file a complaint. These dispute resolution services are provided at no cost to you.

For complaints regarding DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website.


The Information We Collect and The Ways We Use It

This notice applies to all information collected or submitted on our website. On some pages, you can log into your account, initiate account transfers, make changes to account information, and request additional information.

Once you log onto any of our websites, you provide us with the identity of your current Internet address and the type of operating system and browser software you are using.

While you are visiting our website, we may ask you for other personal information. The types of personal information that we may request from you, upon you visiting our website, are your name, address, e-mail address, phone number, etc. Please note that providing such information is optional. However, in order to access the personal information we collect about you, you may be required to provide identifying information.

During your visit to our website, we may also keep track of the sections of our website that you visit the most. We do this so we can continually provide our users with better visiting experiences. For instance, we may use such user tracking information to modify the most frequently visited sections of our website, so that they can be accessed more efficiently by a broader range of operating systems. Additionally, we may aggregate your tracking information with that of our other website users in order to tell us that X number of users visited a certain area on our website, or that Y number of users filled out a form. We will not, however, disclose any information that could be used to identify you or any of the other website users.

Any personal information you provide us on our websites is only used on your behalf to complete a transaction or provide other assistance you request. We do not share this information with outside parties except to the extent necessary to complete that transaction or request. When such disclosure is necessary, third parties are authorized to use your personal information only as much as necessary to provide specific services to us. We use return email addresses only to answer the emails we receive. Such addresses are not used for any other purpose and are not shared with outside parties. Moreover, we never use, share or sell the personal information provided to us online in ways unrelated to the ways described above, without first providing you with an opportunity to opt-out or otherwise prohibit such unrelated uses.

NFP Executive Benefits does not automatically process personal information to make decisions or conduct 'profiling' about you.


Our Commitment to Data Security

The security of your personal information is important to us. When you enter sensitive information such as log in credentials on our portals, we encrypt that information using transport layer security (TLS).

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

Technologies such as cookies, tags and scripts are used by NFP Executive Benefits and our service providers for content delivery, security verification and privacy compliance. These technologies are used to provide website functionality and insure secure and private delivery of our website content. These are neither used to collect nor store information about the users of this website, their activity or their preferences.

Our service platform sites employ the use of a single session cookie to uniquely identify you during your use of the sites. This cookie expires when your browsing session ends and is required to use these sites. Users can control the use of cookies at the individual browser level.


Accessing or Correcting Your Information

Upon request, Benefit Plan Services LLC will provide you with information about whether we hold any of your personal information. You may access, correct, and request deletion of your personal information by contacting us via phone, email or postal mail. Our contact information is at the bottom of this Policy. We will respond to your request within a reasonable timeframe. You may also contact the privacy office of our parent company at the contact information found at the bottom of this Policy.

To protect your privacy and security, if the contact individual is our employee, we will also take reasonable steps to verify your identity before granting access or making any corrections.

We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.


Mobile App

The data we collect through use of our mobile app is generally the same as on our website in that we may track the sections of the app you use. As with our website, we do this so we can better understand how our users interact with the app. This helps us know what areas are used more or less often which allows us to better tailor the app to meet our users' needs.

We may use mobile analytics software to allow us to better understand how our app is used on mobile devices. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. Any such information we may store is not linked to any personally identifiable information you submit within the mobile application.

With respect to mobile app specific data:

Unique Device IDs: Our app does not collect your mobile device's unique identifier.

Device Information: We do collect the type of device and operating system of your mobile device. This helps us better understand the types of devices our app needs to support. This information is not shared with any third parties.

Security: Just like accessing your account via a non-mobile browser on your computer or other device, all communications while using the app are encrypted over a secure TLS connection.

Geolocation Data: Our app neither uses nor collects any location based or geolocation information from your mobile device.

Push Notifications: Neither our systems nor anybody else's systems send push notifications to your mobile device via our app.



This website does not intend to collect any information from, or market any products or services to, children. We do not knowingly gather or solicit data from children under the age of 18 through our website for marketing purposes.


Legal Disclaimer

Applicable federal and state laws may give you additional rights that are not put forth in this online Privacy and Security Policy. We reserve the right to disclose your personal information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on our Web site. If NFP Executive Benefits is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.


How to Contact Us

NFP Executive Benefits
3445 Peachtree Road NE
Suite 200
Atlanta, GA 30326

Email Address:
P: (404) 504-3800
F: (404) 504-3900

The Privacy Office of our parent company, NFP Corp., may be contacted here:

We are committed to working to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to make a complaint to the data protection authority in your country of residence.