This Privacy Policy describes how 808 Talent Source, LLC, a Florida limited liability company operating under Impctrsmgmt Group (collectively, “808 Talent Source,” “we,” “us,” or “our”), collects, uses, discloses, and protects information obtained through the 808 Time Tracker App (the “App”), together with any related web portals, dashboards, and services (collectively, the “Service”).

The App is a workforce time tracking tool used by our Outsourced Team Members (OTMs), our business clients, and our internal administrators to log, review, and manage work hours associated with engagements facilitated by 808 Talent Source.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, you must not access or use the Service.

This Privacy Policy is intended to comply with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), and other applicable U.S. state privacy laws.

1. SCOPE AND APPLICABILITY

This Privacy Policy applies to three distinct categories of users of the Service:

Outsourced Team Members (OTMs): Independent contractors and staffing personnel placed by 808 Talent Source who use the App to log work hours.

Clients: Business owners, nonprofit leaders, and authorized representatives of organizations that engage 808 Talent Source and use the App to review and approve logged hours.

Administrators: Authorized personnel of 808 Talent Source who manage placements, oversee engagements, and administer the Service.

Throughout this Policy, these categories are referred to collectively as “Users” or “you.” Where rights, obligations, or disclosures differ by category, we identify the applicable group expressly.

2. DATA CONTROLLER AND CONTACT INFORMATION

For purposes of applicable data protection laws, 808 Talent Source, LLC is the data controller of Personal Data processed through the Service.

Contact for Privacy Inquiries:

808 Talent Source, LLC

Attn: Privacy Officer

1317 Edgewater Dr. Ste 458

Orlando, Florida 32804

Email: [email protected]

Website: www.808talentsource.com

3. INFORMATION WE COLLECT

We collect only the information necessary to operate the Service, verify work hours, administer engagements, issue payments, and comply with legal obligations. The specific categories of information collected vary by User type.

3.1 Information You Provide Directly

Account Registration Information. When you create an account or are provisioned access by an administrator, we collect identifiers such as your full name, email address, telephone number, username, password, user role, and, where applicable, company or client affiliation.

Time Entry and Work Log Data. The core function of the App is to record work hours. We collect data including: project or client assignment, task category or description entered by the User, start and stop timestamps, total duration, manual time edits, notes or comments, submission status, and approval status.

Communications. If you contact us, submit a support ticket, or communicate with an administrator through the Service, we collect the content of those communications.

3.2 Information Collected Automatically

When you use the Service, we and our service providers automatically collect limited technical information necessary for the Service to function securely, including:

- IP address and general geographic location (derived from IP, at country or city level only)

- Device identifiers, operating system, browser type and version, and device model

- Log and usage data, including access times, pages viewed, features used, and session duration

- Authentication events, including login attempts, failures, and password changes

- Cookies and similar technologies (see Section 9)

Importantly, the 808 Time Tracker App does not capture screenshots, record keystrokes, track GPS location, or monitor application usage outside of the App itself.

3.3 Information From Third Parties

We may receive information about you from authorized third parties, including:

Your employer or engaging client (for Client-provided OTM onboarding information)

Identity verification services, where required

Payment processors, to confirm payment status for Client accounts

3.4 Categories of Personal Data Under GDPR

For Users in the European Economic Area, United Kingdom, or Switzerland, the Personal Data described above generally falls within the GDPR categories of identification data, contact data, professional data, and electronic identification data. We do not knowingly collect special categories of Personal Data (such as data concerning health, race, religion, or political opinions) through the Service.

4. HOW WE USE INFORMATION

We use the information we collect for the following purposes, and only to the extent necessary for each purpose:

- Service Delivery: To provision accounts, authenticate Users, record and display time entries, generate reports, and enable Client review and approval of hours.

- Billing and Compensation: To calculate amounts owed by Clients and amounts payable to OTMs, to prepare invoices, and to maintain financial records.

- Engagement Administration: To match OTMs with Clients, to monitor engagement performance, and to resolve disputes.

- Security and Fraud Prevention: To detect, investigate, and prevent unauthorized access, fraudulent time entries, security incidents, and abuse of the Service.

- Communications: To send operational notices, respond to inquiries, and provide customer support. We do not use Service data for marketing communications without your consent.

- Legal and Regulatory Compliance: To comply with applicable laws, respond to lawful requests, enforce agreements, and establish or defend legal claims.

- Service Improvement: To analyze usage patterns in aggregate or de-identified form to improve functionality, performance, and reliability.

4.1 Legal Bases for Processing (GDPR)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

- Contract Performance: Processing necessary to perform our contractual obligations with Users, OTMs, and Clients.

- Legitimate Interests: Processing necessary for our legitimate business interests in operating, securing, and improving the Service, where those interests are not overridden by your rights.

- Legal Obligation: Processing necessary to comply with tax, labor, accounting, and other legal requirements.

- Consent: Where required by law and where you have provided consent, which you may withdraw at any time.

5. HOW WE SHARE INFORMATION

We do not sell Personal Data. We share information only in the limited circumstances described below.

5.1 Between Users of the Service

The Service is designed to facilitate transparency among OTMs, Clients, and Administrators within an engagement. Accordingly:

- OTM-submitted time entries, task descriptions, and related notes are visible to the assigned Client and to Administrators.

- Client approval and rejection actions are visible to the associated OTM and to Administrators.

- Administrators have access to all time entries, User accounts, and audit data for engagements they oversee.

5.2 Service Providers

We share information with trusted third-party service providers who perform functions on our behalf, including:

- Cloud hosting and infrastructure providers

- Database and storage providers

- Authentication and identity management providers

- Payment processors and payroll service providers

- Analytics and performance monitoring providers

- Customer support and email delivery providers

These service providers are contractually obligated to protect Personal Data, use it only for the purposes we specify, and comply with applicable data protection laws.

5.3 Legal Disclosures

We may disclose information when we believe in good faith that disclosure is necessary to:

- Comply with a subpoena, court order, regulatory request, or other legal obligation

- Enforce our Terms of Service or other agreements

- Protect the rights, property, or safety of 808 Talent Source, our Users, or the public

- Investigate, prevent, or respond to suspected fraud, security incidents, or illegal activity

5.4 Business Transfers

If 808 Talent Source is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, Personal Data may be transferred as part of that transaction. We will provide notice before Personal Data becomes subject to a different privacy policy.

5.5 With Your Consent

We may share information for any other purpose disclosed to you at the time of collection, or with your consent.

6. INTERNATIONAL DATA TRANSFERS

808 Talent Source is based in the United States. The Service is operated from, and Personal Data is stored and processed in, the United States. We may also engage service providers located in other jurisdictions.

If you access the Service from outside the United States, including from the European Economic Area, United Kingdom, or Switzerland, your information will be transferred to, stored in, and processed in the United States and potentially other jurisdictions whose data protection laws may differ from those of your country.

Where we transfer Personal Data from the EEA, UK, or Switzerland to a country that has not received an adequacy decision, we implement appropriate safeguards, including the European Commission’s Standard Contractual Clauses or equivalent mechanisms. You may request a copy of the relevant safeguards by contacting us using the details in Section 2.

7. DATA RETENTION

We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy, to satisfy legal, accounting, or reporting obligations, and to resolve disputes or enforce agreements. General retention periods include:

- Active account data: Retained for the duration of the account and the associated engagement.

- Time entry and work log data: Retained for a minimum of seven (7) years after the close of the applicable engagement to support tax, payroll, audit, and labor law compliance.

- Communications and support records: Retained for up to three (3) years after the communication.

- Log and security data: Retained for up to twelve (12) months, or longer where required for investigation or legal purposes.

Upon expiration of the applicable retention period, we will securely delete, anonymize, or aggregate the data so it can no longer be associated with you.

8. YOUR PRIVACY RIGHTS

Depending on your jurisdiction, you may have the rights described below. To exercise any right, contact us using the details in Section 2. We will verify your identity before fulfilling your request and will respond within the timeframe required by applicable law.

8.1 Rights Under GDPR and UK GDPR

If you are in the European Economic Area, United Kingdom, or Switzerland, you have the right to:

- Access the Personal Data we hold about you

- Request correction of inaccurate or incomplete data

- Request erasure of your Personal Data, subject to legal retention obligations

- Restrict or object to processing based on our legitimate interests

- Receive your Personal Data in a portable format

- Withdraw consent where processing is based on consent

- Lodge a complaint with your local supervisory authority

8.2 Rights Under CCPA/CPRA

If you are a California resident, you have the right to:

- Know the categories and specific pieces of Personal Information we have collected about you

- Request deletion of your Personal Information, subject to legal retention obligations

- Correct inaccurate Personal Information

- Limit the use and disclosure of sensitive Personal Information

- Opt out of the sale or sharing of Personal Information (note: we do not sell or share Personal Information as those terms are defined under CCPA/CPRA)

- Be free from retaliation for exercising your privacy rights

You may designate an authorized agent to submit a request on your behalf, subject to verification.

8.3 Other U.S. State Rights

Residents of other U.S. states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, and others as applicable) may have similar rights. We honor verified requests from residents of such states in accordance with applicable law.

8.4 Employment-Context Data

For OTMs and Administrators, certain data is processed in an employment or engagement context. Some rights, such as the right to erasure, may be limited by legal obligations governing employment records, tax documentation, and audit trails.

9. COOKIES AND TRACKING TECHNOLOGIES

The Service uses cookies and similar technologies for essential functions such as authentication, session management, security, and preference storage. We do not use cookies for advertising or cross-site behavioral tracking.

You may control cookies through your browser settings. Please note that disabling essential cookies may prevent the Service from functioning properly.

10. DATA SECURITY

We implement reasonable administrative, technical, and physical safeguards designed to protect Personal Data against unauthorized access, disclosure, alteration, and destruction. These measures include:

- Encryption of data in transit using industry-standard TLS protocols

- Encryption of sensitive data at rest

- Role-based access controls limiting data access to authorized personnel

- Multi-factor authentication for administrative access

- Regular security reviews, vulnerability monitoring, and patch management

- Confidentiality obligations applicable to employees, contractors, and service providers

Despite these measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and for notifying us immediately of any suspected unauthorized access.

11. CHILDREN’S PRIVACY

The Service is not directed to, intended for, or designed to be used by individuals under the age of eighteen (18). We do not knowingly collect Personal Data from children. If we become aware that we have collected Personal Data from a child without verified parental consent, we will promptly delete that information.

12. THIRD-PARTY LINKS AND SERVICES

The Service may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party service before providing information to them.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the “Last Updated” date at the top of this Policy and, where appropriate, by email or in-App notice. Your continued use of the Service after the effective date of an updated Policy constitutes acceptance of the changes.

14. GOVERNING LAW

This Privacy Policy is governed by and construed in accordance with the laws of the State of Florida, United States, without regard to its conflict of laws principles, except to the extent that mandatory data protection laws of your jurisdiction apply.

15. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

808 Talent Source, LLC

Attn: Privacy Officer

1317 Edgewater Dr. Ste 458

Orlando, Florida 34741

Email: [email protected]

Website: www.808talentsource.com

We are committed to resolving privacy inquiries promptly and in good faith.

© 2026 808 Talent Source, LLC. All Rights Reserved.

A division of Impctrsmgmt Group