Aquaduct Cascade — Privacy & Terms Annex
Aquaduct Data Strategies LLC — DBA: Aquaduct Cascade Version: 1.0-draft Effective Date: March 21, 2026 Last Updated: 2026-03-21
This annex supplements the Aquaduct Data Strategies LLC master Terms of Service and Privacy Policy. It describes data practices specific to the Aquaduct Cascade benefits data platform. In the event of conflict between this annex and the master documents, this annex controls for Aquaduct Cascade.
Note for existing Cascade users: This annex supersedes and supplements any previous privacy policy or terms of service displayed at Cascade’s
/privacyand/termsroutes. Where the previous policies are silent or inconsistent, this annex and the master documents control.
1. About Aquaduct Cascade
Aquaduct Cascade is a benefits data and services platform operated as a DBA of Aquaduct Data Strategies LLC. The platform serves both employers (administrators) and employees, providing benefits data monitoring, vendor discovery, and compliance intelligence via a web application. Cascade is hosted on Amazon Web Services (AWS) infrastructure.
2. Data We Collect
Cascade collects personal information from two categories of users: employer administrators and employees/members. The data collected differs by user type.
2.1 Identity and Account Data (All Users)
| Data Type | How Collected | Purpose |
|---|---|---|
| Email address | Registration / Auth0 identity provider | Account creation, authentication, communications |
| Full name | Registration / Auth0 profile | Account display, employer records |
| Profile image | User-uploaded or Auth0 profile | In-platform display |
| User ID (Auth0 subject ID) | Auth0 | Unique account identifier across sessions |
| Authentication tokens | Auth0 | Session management and API authorization |
2.2 Employer and Organizational Data (Employer Admins)
| Data Type | How Collected | Purpose |
|---|---|---|
| Tenant / organization ID | Platform provisioning | Multi-tenant isolation; all employer data is scoped to a tenant |
| Organization name and settings | Admin-provided | Platform configuration |
| Vendor selections and configurations | Admin-provided | Benefits plan administration |
| Billing and subscription data | Stripe payment processing | Subscription management |
2.3 Employee / Member Data
| Data Type | How Collected | Purpose |
|---|---|---|
| Role and employment status | Admin-provisioned or employee-provided | Benefits eligibility determination |
| Tenant / organization membership | Platform assignment | Connect employee to correct employer tenant |
| Benefits elections and enrollment data | Employee-provided in-platform | Benefits administration, vendor integration |
| Preferences and settings | User-provided | Personalization |
| Feedback and support submissions | User-provided | Product improvement, issue resolution |
2.4 Link-Click Telemetry (Link-Beacon)
Cascade uses link-beacon telemetry to track interactions with vendor links and benefit resources within the platform. This is disclosed explicitly here because it was not fully described in earlier versions of Cascade’s privacy policy.
| What is tracked | Why | Retention |
|---|---|---|
| Which vendor links are clicked within the platform | To understand benefit resource engagement, improve vendor recommendations, and measure feature usage | 12 months rolling |
| Timestamp of the click event | To enable time-based analytics and identify usage patterns | 12 months rolling |
| User ID (pseudonymous — not name or email) | To associate engagement with a session for analytics purposes | 12 months rolling |
| Tenant/organization ID | To aggregate engagement at the employer level | 12 months rolling |
What link-beacon does NOT track:
- The content of pages visited after clicking a link (we track the click event only, not downstream browsing)
- Precise geographic location
- Any data outside the Cascade platform (no cross-site tracking)
Link-beacon data is used for internal analytics and product improvement only. It is not shared with advertisers or third-party marketing platforms.
2.5 Vendor Tracking and Search Data
| Data Type | How Collected | Purpose |
|---|---|---|
| Vendor search queries | User-entered in search interface | Return relevant benefits vendor results |
| Vendor interaction history | Platform-logged | Improve recommendation relevance via Tinker inference |
| DOL/SEC public data used | API queries | Inform vendor profiles with public regulatory data (no user data transmitted) |
2.6 Technical and Security Data
| Data Type | How Collected | Purpose | Retention |
|---|---|---|---|
| IP address | Server logs | Security, fraud prevention, rate limiting | 30 days |
| Browser type and OS | HTTP headers | Compatibility and support | 30 days |
| Session tokens | Auth0 | Maintain authenticated sessions | Session duration |
| Application error logs | Automatically captured | Bug diagnosis and service improvement | 12 months |
3. Third-Party Service Providers
Aquaduct Cascade uses the following third-party services. Each provider processes data only as necessary for the described function.
| Provider | Service | Data Shared | Provider Privacy Policy |
|---|---|---|---|
| Auth0 (Okta) | Identity and authentication | Email, name, profile image, role, tenant ID, authentication tokens | Auth0 Privacy Policy |
| Stripe, Inc. | Payment processing | Billing contact, payment information (card data processed by Stripe; we do not store raw payment card numbers) | Stripe Privacy Policy |
| Amazon Web Services (AWS) | Cloud infrastructure hosting | All platform data (hosted on AWS; data remains within AWS infrastructure under our account) | AWS Privacy Notice |
| Tinker | AI/inference services | Usage patterns and preferences (pseudonymous) for vendor recommendation improvement | Internal service — no external-facing privacy policy (Tinker is operated by Aquaduct Data Strategies LLC) |
| Brave Search API / SerpAPI / Google Custom Search Engine | Search services | Search queries submitted to vendor search interface | Google Privacy Policy / SerpAPI Privacy Policy |
| U.S. Department of Labor (DOL) API | Public labor and benefits data | No personal data transmitted; public data retrieved | Public government API |
| U.S. Securities and Exchange Commission (SEC) API | Public financial data | No personal data transmitted; public data retrieved | Public government API |
4. Employer / Employee Relationship Data
Cascade serves multi-tenant environments where employers provision access for their employees. This creates a layered data relationship:
- Tenant isolation: All employer data is scoped to a unique tenant ID. Employees can only access data within their employer’s tenant.
- Admin access: Employer administrators may view aggregated benefits enrollment data and employee-level data within their organization, as permitted by the platform.
- Employee data rights: Employees may access and request correction of their own benefits elections and profile data. Requests should be directed to strategies@aquaductdata.com.
- Employer as data controller: For employee data entered or generated within an employer’s tenant, the employer may function as a co-data controller or data processor relationship depending on applicable law. Aquaduct Data Strategies LLC acts as a service provider processing data on the employer’s behalf for benefits administration purposes.
5. Cookie and Tracking Technologies
Cascade uses browser cookies and local storage for the following purposes:
| Category | Purpose | Opt-Out |
|---|---|---|
| Functional / Session cookies | Maintain authenticated sessions, remember user preferences | Required for platform functionality; cannot be disabled without logging out |
| Auth0 authentication cookies | Auth0 identity management and token storage | Managed by Auth0; required for login |
| Analytics / telemetry | Link-beacon telemetry (see Section 2.4) | See Section 7 (CCPA Opt-Out) for California residents; contact us to opt out |
For full cookie details, see the Cookie Policy.
6. DMCA and Intellectual Property
Aquaduct Cascade’s DMCA policy, designated agent for copyright takedown notices, and repeat infringer procedures are described in the Company’s DMCA Policy at:
DMCA Policy on the published legal policy site.
Cascade users who submit content (feedback, vendor reviews) are responsible for ensuring they have the rights to submit that content.
7. California Residents — CCPA Opt-Out and Additional Rights
California residents using Aquaduct Cascade have the following rights in addition to those described in the master Privacy Policy Section 10:
7.1 Opt-Out of Sale or Sharing
Cascade does not sell personal information. Cascade does not share personal information for cross-context behavioral advertising. If our practices change, we will update this section and provide an opt-out mechanism before any such sharing begins.
7.2 Limit Use of Sensitive Personal Information
We do not use sensitive personal information (as defined by the CPRA) beyond what is necessary to provide the Cascade service. Employees’ benefits election data may constitute sensitive personal information under California law; it is used only for benefits administration and is not used for inferencing beyond the purposes described in this annex.
7.3 How to Submit a CCPA Request
To submit a CCPA rights request for Cascade data:
- Email: strategies@aquaductdata.com, subject: “CCPA Rights Request — Cascade”
- We respond to verifiable requests within 45 days
8. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and identity data (active users) | Duration of account |
| Benefits elections and enrollment data | Duration of account + 7 years (tax/regulatory record-keeping) |
| Billing and transaction records | 7 years (tax compliance) |
| Link-beacon telemetry | 12 months rolling |
| Vendor search queries and interaction data | 12 months rolling |
| Authentication logs (Auth0) | Per Auth0 retention settings (typically 30 days) |
| Application error logs | 12 months rolling |
| IP address and security logs | 30 days |
For account deletion requests, contact strategies@aquaductdata.com with the subject “Account Deletion Request — Cascade.”
9. Governing Documents
This annex is to be read together with:
For general contact or privacy requests, see Master Privacy Policy Section 15.
10. Version and Effective Date
| Attribute | Value |
|---|---|
| Version | 1.0-draft |
| Effective Date | March 21, 2026 |
| Last Updated | 2026-03-21 |
| Status | Draft — technical accuracy review complete; pending final approval |
Document History
| Date | Version | Changes | Author |
|---|---|---|---|
| 2026-03-21 | 1.0-draft | Initial draft; addresses previously undisclosed gaps: link-beacon telemetry, CCPA opt-out, cookie consent, DMCA reference | ADS Legal |
| 2026-03-22 | 1.1-draft | Technical review: corrected “benefits enrollment” → “benefits data monitoring, vendor discovery, and compliance intelligence”; clarified Tinker as internal service (no external privacy policy) | ADS Legal |
This annex was prepared by Aquaduct Data Strategies LLC and has not been reviewed by a licensed attorney. Technical accuracy of all data types, third-party integrations, and the link-beacon telemetry disclosure was confirmed on 2026-03-22. Final review pending before publication.