Privacy Statement

Download a copy of this Privacy Statement


We take seriously our responsibility to protect the confidentiality and privacy of information you share with us. This Privacy Statement outlines how we collect, use, share, and store information, including personal information.

Age Restriction

You must be at least eighteen (18) years of age to use our website. We do not knowingly collect information from anyone under the age of 18, nor do we intentionally market our services to them.


Geographic Restriction

You must represent that you are within the jurisdiction of and consent to the laws of the United States to use our website. We do not knowingly collect information from anyone located in foreign nations, nor do we intentionally market our services to them.


Sources of Information We May Receive

We may receive personal and sensitive personal data:

  • Directly from you, such as when you fill out an online form, or communicate directly with us.
  • Indirectly from you, when you browse our website.
  • From our customers and staff, when they may provide us information about employees, associates, family members, and other third parties, as required to provide services.
  • From vendors that support our operations and administration, such as website and management support vendors, payment services vendors, background screening services, payroll and benefits administrators, or from publicly available databases.

When We Collect Personal Information

We may receive personal information about you when you visit our website, request or receive services from us, apply for a job with us or come to work for us, participate in our marketing or other events, or when you or others provide it to us.

We do not sell personal information. We collect, use, and share personal information solely to support the provision and marketing of our services, and as necessary for us to perform our operational and administrative responsibilities.

You have rights, where applicable, under certain data protection laws, including in New York State, the California Privacy Rights Act (CPRA), and the laws of other states and the U.S.

Information We May Collect

We want you to better understand the information we collect.

  • When you visit our website, we collect information from your browser about the pages you visit.
  • When you fill out a form via our website, we collect personal information about you that you voluntarily provide to us in order to receive information and services from us, such as your email address and zip code.
  • When you seek to become a customer, we collect more detailed personal information about you that can be of a more sensitive nature, including information provided by you and from third-party sources.
  • When you are a customer, we continue to collect detailed personal and sensitive information about you, including financial information, to provide you with the services you request.
  • When you email us, we collect your email contact information, which may be stored in our customer relationship system, which keeps track of the personnel with whom you are communicating, and the services in which you have expressed interest. This may be combined with publicly available information.
  • When you visit us in-person or attend any of our offsite events, we may collect personal information about you, including asking you to sign in to our visitor logs for security purposes, and we may ask you for information about your health, symptoms, vaccination status, recent travel and exposure to sick individuals, or related health information for screening purposes.
  • When you apply for a job with us, we collect contact information and information about your background and work experience, including information that is personal and may be sensitive.
  • When you are offered a job with us, we collect a wide range of personal and sensitive information directly from you and from third-party sources, in order to perform necessary employment responsibilities, background screening, and security checks.
  • When you work with us, we collect additional personal and sensitive information directly from you and from third-party sources, in order to administer payroll, benefit programs, expenses, training, certifications and other employer administrative and operational responsibilities.


Automated Decision Making

We do not collect sensitive personal information for artificial intelligence or machine learning methods nor do we make automated decisions or profile individuals, nor use personal information to infer personal characteristics.


How We Use Personal Information

We may use and disclose your personal information in the course of our business do the following:

To provide you services, communicate with you, answer your questions, or give you information that may interest you or apply to you, or that you request.

To conduct our business, operations, marketing, and administrative functions, including accounting and expenses, communication, alerts and management of our business.

To operate our website, identify users, bill for services, collect and process payments, troubleshoot technical issues and improve our digital services.

To recruit, screen, hire and evaluate our employees, administer payroll and benefits.

To identify and pursue remedies and limit liabilities, fulfill other purposes as permitted or required.

When We Share Personal Information

We share your personal information when required by our business operations, when we have your consent, and when required by law.

We first request and seek to obtain your Cookie and Data Sharing Preferences.

In addition, we also request written assurances from vendors that their privacy and security practices are in accord with applicable legal requirements, before we share information with them.

  • We may share information with third party vendors, such as website and platform providers, transaction service providers, other contractors supporting us in the operation of our business, when necessary to manage our business, provide our services, and for marketing purposes. For example, information from all visitors to our website passes through these third party vendors to manage usage, user experience, and our services. The payment, ordering, scheduling and other client service functions of this website are supported by third party vendors with whom data is shared and through whom data is processed as necessary functions of this website.
  • We may share your personal information with our affiliates and subsidiaries for business purposes.
  • We may share your personal information when we are legally required to do so, such as in the event we sell or merge our business with another, we may disclose your personal information.
  • We may share your personal information through our website service vendors, with analytics such as Google Analytics, when our website collects online identifiers such as cookie identifiers, IP addresses, and other device identifiers. Google Analytics collects information and reports website usage statistics. To opt out of being tracked by Google Analytics, visit the Google Analytics Opt-Out Browser Add-on.


Our website uses cookies, which are small files placed on the hard drive of your device when you direct your browser to our website. Cookies communicate usage information to us. By using our website, you consent to the placement of cookies on your device. You can adjust your browser settings to refuse some or all cookies, including ours. Blocking or deleting cookies will not make our website unusable.

We use cookies to:

  • Improve how our website operates and allow it to function properly.
  • Assist in navigating pages and accessing our services.
  • Collect information about how users interact with our website, to improve the browsing experience, such as by showing us pages that are visited most, and telling us when users get error messages.

Links To Third Party Vendors and Other Third Party Service Providers

OUR WEBSITE AND COMMUNICATIONS FROM US MAY LINK TO THIRD-PARTY VENDORS THAT WE DO NOT CONTROL. These vendors may provide website platform services, web hosting, customer membership service provision, payment processing, scheduling, viewing of videos, linking to social media, and other content provided by third parties.

Our Privacy Statement does not apply to the privacy, security or other practices of third party vendors or third party service providers, including their collection policies, retention practices, or their processing of data requests.

We encourage you to review the privacy and security practices of third-party vendors, third party service providers and their site before providing personal information in this website.

How Long We Keep Personal Information

We pay attention to the life cycle of the personal information we can control, and do not keep it for longer than 12 months after we conclude our business purposes, unless continuing to retain it is required, for example, for us to continue to provide services to you, to keep accurate business records, to fulfill our business obligations to you such as warranties or contract rewards, or as required by law such as accounting, tax, employment, or other compliance purposes.


Data Collection Details

The list below provides more detailed information about the information we, or the third party vendors supporting this website may collect, the reason why it may be collected, the business purpose for collecting it, and retaining it, and/or with whom it may be shared.

We do not sell personal information we collect.

We do not use or disclose personal information for cross-context behavioral advertising.

We do not use collected personal information to make characteristic inference determinations.

Common Identifiers may include your name, any aliases you may use, unique personal identifier, online identifier, IP address (Internet Protocol), account name, social security number, driver’s license plate or number, passport number, or other similar identifiers.

Personal information categories as listed in certain state laws including the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) include name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Protected classification characteristics under certain state law including California, or federal law, that can include age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Commercial information may include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Biometric information may include genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, er physical patterns, and sleep, health, or exercise data.

Internet or other similar network activity can include browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

Geolocation data can include physical location or movements.

Sensory data can include audio, electronic, visual, thermal, olfactory, or similar information.

Employment-related information can include current or past job history or performance evaluations.

Non-public education information as listed in the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) include educational records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Inferences drawn from other personal information can include profiles reflecting a person’s preferences, characteristics, psychological trends, predispositions, etc.

Government Identifiers can include social security, driver’s license, state identification card, or passport numbers.

Complete account access credentials may include user names, account numbers, or card numbers combined with required access/security code or password) for financial accounts.

Other information may include precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, mail, email, or text messages contents not directed to us, unique identifying biometric information, health sex life or sexual orientation information.


Our Retention of Personal Data

Our document management, retention and destruction policies vary based on legal requirements, services, compliance laws, and the types and formats of the data. Appropriate retention periods for personal information are determined by considering, among other things, the nature of the information, the purposes for which it is retained, relevant technical constraints, and legal and contractual requirements.


Choices About Personal Data

You can ask us to stop sending you certain communications, including marketing communications.

All marketing communications you receive from us contain an opt-out mechanism that will allow you to register or update your marketing preferences. If you no longer wish to receive marketing communications, you may also send an email to us. Please visit our Contact Us page on this website for all your options for how to reach us.

Website visitors can take steps to limit the amount of personal information collected about them. As noted above, website visitors can use various tools to limit the amount of information shared with the firm and the third-party vendors it uses to support its website.


How to Make a Data Request

You may make a data request by sending us your name, address, email address, telephone number and other contact information; letting us know your relationship to us (customer, employee, job applicant, etc.), the nature of your request: either to get the categories of data, details of data, disclosures of data, correction of data, or other; and your authority to make such a request if not made on behalf of yourself but made on behalf of another.

Email a Data Request to us at:

Call us with a Data Request at: 716.633.1635

Please note that by making a Data Request, we will be required to use personal information about you, and the subject of the request if different from you, to verify your identity and confirm your authority to make this request. An authorized agent may request information on your behalf if they provide evidence of their legal authority to submit such requests.

Verifying your identity is required before we respond to your request.

To verify your identity, we will collect basic personal information about you to match with our records.

We will then contact you using the information we have for you already on file, to confirm that your request was received, and that it is your request.

We will then provide you a description of the additional steps that may be required to confirm your identity and verify your appropriate contact information.

Our disclosure will cover the past 12 months.

Therefore, the frequency of your data requests may be limited at our discretion to no more than once every 6 months if we determine we have already answered your request to the best of our ability.

We will try to respond to verifiable requests within 45 days.

If we require more time, we will let you know why in a written response and state an extension period.

You can choose whether to receive this by mail or by email. reason and extension period in a written response.

We will deliver our written response by mail or electronically, at your option.

If we are not able to comply with your request, our response will also explain the reasons why.

We do not normally charge a fee to process or respond to verifiable consumer requests.

If we decide that a request warrants a fee, before we complete your request, we will tell you why (for example, repetitive, excessive, abusive requests) and provide you with a cost estimate.


Global Security Badges and Opt-Out Signals

This website may or may not have functionality to detect an IP global security badge or opt-out signal. The functionality will depend upon the type and kind of signal, and that of our third-party vendors providing website platform and services. You are encouraged to treat this website as unable to detect the signal unless you receive opt-out confirmation. There is no representation made of automatic detection absent confirmation. For opt-out functionality, please visit our Contact Us page on this website.


State and Federal Data Privacy Rights

This website is intended for residents of the United States, and operates within the jurisdiction of the state of New York.

Rights for Residents of other states, including state of California:

If you are a resident of the State of California or other certain states, you may have the following rights regarding the personal information we collect:

The right to know what personal information we have collected about you, and how we have used and disclosed that personal information (as described above);

The right to request deletion of your personal information;

The right to opt out of the sale of your personal information (as noted above, we do not sell your personal information);

The right to limit use or disclosure of your sensitive personal information (where such use or disclosure is to infer characteristics about a person (as noted above we do not so use personal information);

The right to correct inaccurate personal information collected about you;

The right to be free from discrimination relating to the exercise of any of your privacy rights.

California residents and the residents of certain other states who have provided personal information to we can request:

To know the categories of personal information we have collected about you, the reason(s) we have collected it, the sources of the data, and the categories of third parties with whom we share the information;

To know the specific pieces of information we have collected about you (in addition to the information described above); and

The correction or deletion of personal information it holds about you.

Requests to correct or delete are subject to limitations. We may retain certain data as permitted or required by law.


California “Shine the Light” Disclosures

Pursuant to California Civil Code Section 1798.83(c)(2), California law requires us to inform California residents who have provided us with personal information that they may request information from us about our disclosures to third parties for their direct marketing purposes.


Legal Rights for United Kingdom, European Residents and Others Outside the US

If you are a resident of an Asian Pacific nation, the United Kingdom, the European Union, or other foreign nation with comprehensive data protection laws or participating in a joint-nation reciprocity organization, please note we at we respectfully request that you contact us directly by phone about our services, our standard contractual clauses, derogations available for contracts and consents, and your cross-border data protection rights.

For information on how to contact us directly by phone please visit our Contact Us page.


Data Security is Not Guaranteed

We secure data using technical, physical, and administrative safeguards, and policies and procedures designed to promote commercially reasonable security practices in accordance with the law. But no transmission of information via the Internet is completely secure. We cannot guarantee the security of data sent to us electronically over cellular and wireless networks that we do not control. This website is offered to users at their own risk. Please review important disclaimers in our Terms of Use.


Changes to This Privacy Policy

This Privacy Statement is dated March 1, 2023. It will be periodically reviewed and updated as needed. We encourage you to periodically review this page. If we make any significant changes to this statement, or in the way we collect, use, and/or share personal information, we will post a conspicuous notice on our website.


Contact Us

If you have any questions or comments about this Privacy Statement, or about the ways in which we collect, use and/or share your information, or about your choices and rights, please visit our Contact Us page on this website.