Privacy Policy Last Updated: January 31, 2021

Welcome to the web site (the "Site") of Human Capital dba Clio ("Clio", "we", "us" and/or "our"). Clio provides an integrated platform of personnel management tools and services, mobile applications and related services (together with the Site, the "Services") to our Service visitors ("you" or "your").

This Privacy Policy describes and is intended to help you understand our privacy principles, what information we collect (including Personal Data), how we use that information, how we share that information, your choices concerning our data practices, and other important information. We consider “Personal Data” to be any information that alone or in combination with other information in our possession could be used to identify you. This Privacy Policy does not apply to any third party applications or software that integrate with the Services through the Clio platform (“Third Party Services”), which are governed by their own respective privacy policies. When you access our Services through your employer or another entity (our “Customer”), please note that our Customers maintain control over the Services accounts for their organization, including the data associated with their account. If you have any questions about the specific settings and privacy practices of a Customer account, please contact the Customer whose account you use for more information.

Before using the Service or submitting any information to us, please review this Privacy Policy carefully and contact us if you have any questions. If you do not agree with the terms, please do not access or use the Services, Site, or any other aspect of Clio’s business.


We recognize that you must entrust us with information about you to receive our Services. Maintaining your trust is extremely important to us. We share our privacy principles to enable you to understand the key hallmarks of Clio’s approach to data privacy.

  • We only use your Personal Data in connection with our Services. We act as a “data processor” or “service provider” (where applicable) with respect to data transmitted to us by our customers and their employees and contractors. We will process your Personal Data only in accordance with our Terms of Service, and this Privacy Policy.
  • We safeguard the security of your Personal Data as if it were our own. We believe that security certifications are good, but that security by design is better. We bake security into our product features and protect your data with the same security safeguards used to protect our own data.
  • We do not sell your Personal Data. We recognize that receiving your Personal Data is vital to provide our Services to you. Selling Personal Data would be a grave violation of trust. We want to make clear that we are not in the business of selling Personal Data and we do not intend to be.


When you interact with us through the Services, we may receive Personal Data as well as other information and data (“Other Information”), as explained in more detail below.

  • Information You Provide Us. We collect your Personal Data when you, your employer, or your employer’s vendors register to use the Service, provide information when using the Site or Service, update your account information, add additional services, submit information to verify your identity, contact customer support, contact us with questions or feedback, or otherwise communicate with us. This Personal Data may vary depending on what you choose to share with us and the Services you use, and may include identification information, professional or employment-related information, benefits enrollment information, financial information, demographic information, commercial information, photographs, online activity information, geolocation data, background screening information, and preference information. If you or your employer manages or obtains health insurance benefits through our Services, we may also receive health information about you and your dependents to assist you with eligibility and enrollment in insurance coverage, which we may obtain directly from you, from the primary policyholder on your benefits plan if you are a spouse or dependent of the primary policy holder, from your employer, from insurance carriers, from third-party administrators, or from other service providers used to provide Clio’s benefits administration and broker services.
  • Information Third Parties Provide Us. We may collect and receive information about you, including Personal Data, from third parties, such as your employer, your employer’s service providers, financial institutions, and our own service providers, including for identity verification, fraud protection, providing the Service, and other purposes. We may also receive demographic and business industry information about you from third parties to help us better understand our users and to improve and market our Service. If you use us to manage integrated Third Party Services, we may also have access to your Personal Data from such Third Party Services. For example, if you use an integrated Third Party Service to conduct employee and contractor background checks, we may receive the background reports from that integrated Third Party Service in order to display the background check results to you.
  • Other Information: We may also collect, generate, and/or receive Other Information as follows:
    • Services Metadata. When you interact with the Services, metadata is generated that provides additional context about the way our authorized users utilize the Services. For example, we may log what Third Party Services are used (if any).
    • Log Data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Site or Services and record it in log files. Such log files may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time Services were used, information about browser configuration and plugins, language preferences and cookie data.
    • Device Information. We collect information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the type of device used and its settings.
    • Location Information. We receive information from you, your Customer and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location. We may also collect location information from devices in accordance with the consent process provided by your device.
    • Cookie Information: We use cookies and similar technologies to operate and administer our Services, gather and analyze usage, and improve your experience. We may also allow third party service providers to use cookies or similar technologies to collect information about your browsing activities over time and across different websites following your use of the Services. For example, we use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Service. For more information on how Google uses this data, go to Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it), and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). For more details on cookies please visit All About Cookies.
    • Additional Information Provided to Us. We also may receive Other Information when submitted to our Site or in other ways, such as if you participate in a focus group, contest, activity or event, apply for a job, enroll in a certification program or other educational program hosted by Clio or a vendor, request support, interact with our social media accounts or otherwise communicate with us.


Clio uses information that we collect in accordance with Customer instructions, including our Terms of Service and related agreements, if applicable, Customer’s use of Services functionality, and as required by law. Clio acts the “data processor” or “service provider,” where applicable, of Personal Data, and Customer acts as the “controller” or “business,” where applicable. A Customer may, for example, use the Services to assign roles and configure settings, access, modify, export, share and remove Personal Data and otherwise apply its policies to the Services.

More specifically, we may use and share the information we collect as follows:

  • To provide our Services. We use the information we collect to provide, update, maintain, and protect the Services. For example, if you participate in our benefits administration or broker services, we may use health information to confirm insurance enrollments and carry out insurance payments, health care, and other benefits-related services and operations.
  • To improve and customize the Service. As we seek to improve your experience with the Service, we may analyze data we collect about your use of the Service to inform how we can improve our Services, including our software, infrastructure, user interfaces, and integrations with our partners.
  • To respond to inquiries, comments, feedback, or questions.If you contact us, we may use the information that you provide to respond.
  • To communicate with you. We may send you service, technical and other administrative emails, messages, and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services and you may not opt out of them.
  • To advertise and market to you. We may contact you to tell you about new product features, promotional communications or other news we believe may be of interest to you. Additionally, as noted above, we may also utilize cookies, beacons, and mobile SDKs, to recognize your browser or mobile device in order to serve you advertisements, and analyze the effectiveness of our advertising and marketing campaigns. We may also use third party services, data, and software tools to provide advertising to you, help us identify and reach potential customers, and perform analysis on the performance of our site and advertising. Our advertising vendors do not have any independent right to use Clio data or that of its customers. Please note that you can control whether you receive marketing communications and advertisements by following the instructions under “Your Choices” below.
  • To investigate and help prevent security issues and abuse of our Services. We may use your Personal Data and Other Information to protect the rights, property, and safety of Clio, our employees, Customers, our users, and third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
  • To comply with applicable law, regulation, or legal process. We may use your Personal Data and Other Information as permitted by law or reasonably necessary to comply with applicable law (e.g. civil or criminal subpoenas, court orders, and other compulsory orders), and to enforce this Privacy Policy, our Terms of Service, and other related agreements.
  • With consent. We may use Personal Data and Other Information with third parties when we have consent to do so.


Clio is not in the business of selling your information. We consider maintaining your trust over your information to be a vital part of our relationship with you. In certain circumstances, however, Clio may share the information we collect with third parties, including our service providers and sub-processors, for the legitimate business purposes set forth below.

  • To comply with Customer’s instructions. We may share and disclose Personal Data in accordance with a Customer’s instructions, including any applicable terms in the Terms of Service or related agreements, Customer’s use of Services functionality, and in compliance with applicable law and legal process. In addition, Customer administrators and other personnel may be able to access, modify, or restrict access to Personal Data and Other Information. This may include, for example, your employer using Service features to export logs of Services activity.
  • To integrate with Third Party Services. To provide an integrated platform of HR and IT solutions, Customers may enable integrated Third Party Services, including 401(k) providers, applicant tracking platforms, performance management services, corporate card providers, enterprise communication tools, among others. When enabled, Clio may share Personal Data and Other Information with Third Party Services. Third Party Services are not owned or controlled by Clio and third parties that have been granted access to Personal Data and Other Information may have their own policies and practices for its collection, use, and sharing. Please check the permissions, privacy settings, and notices for these Third Party Services or contact the provider for any questions. Any permissions you have granted to that Third Party Service will govern their use of your data.
  • To work with our vendors and service providers. We may engage third party companies or individuals as service providers, vendors, or business partners to process Personal Data and Other Information and support our business. These third parties may, for example, provide cloud computing and storage services, work as a contractor to support some development initiatives, or we may share business information to develop strategic partnerships with Third Party Service providers to support our common customers. Additional information about the sub-processors we use to support delivery of our Services is set forth.
  • To facilitate a change in Clio’s business. As our business develops, we may be involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, and the information we collect may be shared or transferred in the diligence or conclusion of any such corporate event.
  • To investigate and help prevent security issues and abuse of our Services. We may share your Personal Data and Other Information to protect the rights, property, and safety of Clio, our employees, Customers, our users, and third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
  • To comply with applicable law, regulation, or legal process. We may disclose your Personal Data and Other Information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend the rights or property of Clio, prevent fraud, act in urgent circumstances to protect the personal safety of users of the Services or the public, or protect against legal liability.
  • With corporate affiliates. We may share information we collect with our corporate affiliates, parents and/or subsidiaries, provided that our affiliates, parents and/or subsidiaries use Personal Data and Other Information in a manner consistent with this Privacy Policy.
  • With consent. We may share Personal Data and Other Information with third parties when we have consent to do so.


We respect your choices over your Personal Data. When visiting our Site or using our Services, you have the following choices with respect to your Personal Data.

  • Accessing the Site. You can visit our Site without providing any Personal Data.
  • Reviewing, Updating, and Correcting Your Information. You can review, update, or correct your Personal Data through your account. If you have questions, please contact us.
  • Marketing and Promotional Communications. You may unsubscribe from marketing emails that we send to you by following the instructions contained in each promotional email we send you. If you unsubscribe, you will no longer receive marketing emails, but we will continue to contact you regarding management of your account, other administrative matters, and to respond to your requests. You may also opt-out of online behavioral advertising on the Internet by visiting the Network Advertising Initiative, or the Digital Advertising Alliance opt-out pages. You may also opt out of online behavioral advertising on your mobile device by some mobile advertising companies and other similar entities by downloading the App Choices App. Depending on your mobile device, you may also control marketing and other tracking technologies through your settings by resetting your advertising ID.
  • Do Not Track. Some web browsers may transmit “Do Not Track” signals. There is no current standard that governs what, if anything, websites should do when they receive these signals. We do not currently respond to “Do Not Track” signals. If and when a standard is established, we may revise our policy on “Do Not Track” signals.

If you would like to take additional steps to correct, amend, object to the processing or profiling of, or to delete your Personal Data not currently available through the Clio platform, please coordinate your request with the Customer whose account you use (e.g. your employer or former employer). Because Clio acts as a service provider to our Customers, in some situations, we must hear from your employer before taking additional steps. Please note that your employer may or may not be able to honor such requests in order to maintain a legally compliant HR and IT record-keeping system. For example, employers in the United States are legally required to maintain records of various work eligibility, tax, and other employment documentation.


a. Our Policy Toward Children

Clio does not knowingly collect Personal Data from children under the age of 13, except to the extent necessary to provide our benefits administration and broker services. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Clio through the Services, please contact us, and we will endeavor to delete that information from our databases.

b. Links to Other Websites

This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by Clio (the "Third Party Sites"). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of those Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these Third Party Sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

c. Security

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction and to comply with applicable state and federal privacy and security laws. We also apply the same standards to your data that we apply to our own data. However, despite these efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed to prevent interception or misuse. As a result, we must also depend on you to protect your information. You should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to us via the Internet. If you become aware of any breach of security or privacy, please notify us immediately.

d. Data Retention

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy while we have a business need to do so, or if retention is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce this Privacy Policy, our Terms of Service, or related Customer agreements. We may also retain Personal Data, for a limited period of time, if requested by law enforcement.

e. Aggregated or Pseudonymized Data.

In an ongoing effort to better understand and serve the users of our Services, we conduct research on our Customer demographics, interests and behavior based on the Personal Data and Other Information provided to us. Such research may be compiled and analyzed on an aggregated or pseudonymized basis. This aggregated or pseudonymized information does not identify you. We may share aggregated or pseudonymized data with affiliates and partners for business or research purposes. We may also disclose aggregated or pseudonymized user statistics in order to describe our services to current and prospective business partners, and to third parties for other lawful purposes.

f. International Users

By using our Service, you understand and acknowledge that your Personal Data may be transferred from your location to our facilities and servers in the United States.

g. Changes to Clio's Privacy Policy

The Services and our business may change from time to time. As a result, it may be necessary for Clio to make changes to this Privacy Policy. Clio reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated to be effective as of the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy indicate your agreement with the terms of such revised Privacy Policy.


If you have any questions about our Privacy Policy or information practices, please feel free to contact us at [email protected]