Terms of Service

Welcome to Resilient Returns. This Agreement is between Harford Yost Consulting, LLC (“HYC”) and the individual or entity (“Business Client” or “User”) accessing the Services. By accessing or using our website, platform, dashboards, courses, or related services (“Services”), you agree to these Terms of Service (“Terms”). Please review them carefully. If you do not agree to these Terms, you may not use the Services.

These Terms apply to individual users, as well as to businesses and administrators who purchase or manage accounts for their employees.

1. Eligibility

You must be at least 18 years old to use the Services. By using the Services, you represent that you meet this requirement. If you use the Services on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

2. Description of Services

Resilient Returns provides strategic frameworks, digital courses, educational materials, planning tools, forms, managerial guidance, dashboards, and related resources designed to support parental leave and return-to-work experiences for working parents and the organizations that employ them. We may introduce new features, update existing ones, or discontinue aspects of the Services at any time.

The Business Client acknowledges that HYC does not provide legal, HR, or medical counsel. All final decisions regarding employment actions, policy compliance, or medical accommodations remain the sole responsibility and discretion of the Business Client and their authorized representatives.

3. Account Registration and Security

Some features require account creation. You agree to provide accurate, current information and to keep your login credentials secure. You are responsible for all activity that occurs under your account. Businesses are responsible for managing and monitoring the accounts of their users. You must notify us promptly of any unauthorized access or security concerns.

4. Payments and Subscriptions

Certain Services require payment. Fees and renewal terms are displayed at checkout or in a written quote. Payments are processed through third-party providers such as Stripe.

Unless specified otherwise in writing:

• All fees are non-refundable.
• Subscriptions renew automatically unless canceled according to the instructions provided during purchase or with a 30-day notice.
• We may adjust subscription pricing with at least 30 days’ notice.
• Required taxes may apply.

Business clients purchasing multiple licenses or partner packages may be issued custom pricing, timelines, or terms through signed Service Quotations or service agreements, which take precedence over general rates.

5. Acceptable Use

You agree to use the Services responsibly and lawfully. You may not upload harmful, offensive, or unlawful material; interfere with system operations; attempt to reverse engineer the platform; misrepresent your identity; or engage in activities that violate applicable law. Automated data collection (scraping/crawling) and the use of our proprietary platform content to train artificial intelligence (AI) models are strictly prohibited. Violation of this section may result in suspension or termination of access.

6. Intellectual Property and Content Rights

6.1 Platform Ownership

All platform features, software, tools, workflows, designs, graphics, videos, written content, and underlying intellectual property are owned by Harford Yost Consulting, LLC (“HYC”). No ownership rights are transferred to you by using the Services.

6.2 Your Content

Users and business partners may upload or submit materials such as text responses, forms, documents, or resources. You retain all ownership rights to the data, forms, and materials you submit (“User Content”).

You grant us a limited license to store, process, transmit, and display User Content solely for the purpose of operating, maintaining, and providing the Services. We do not claim ownership of User Content and will not publish, reuse, or distribute it outside the platform without your consent.

6.3 Industry Topic Overlap

Because parental leave, return-to-work processes, workplace preparation, and manager support are broad and widely addressed topics, each party may independently develop resources or materials on similar themes. The creation of similar or overlapping content by either party does not constitute infringement or copying, provided that neither party uses the other’s proprietary or confidential materials.

6.4 Resource Ownership

All Resilient Returns course materials, checklists, templates, and learning resources are protected intellectual property and may not be reproduced or used beyond the scope of these Terms.

7. Privacy and Data Use

Our Privacy Policy outlines how we collect, use, and store personal information. By using the Services, you consent to the practices described there. Businesses using the Services represent that they have obtained all required permissions to submit user information to the platform. We do not sell or share any customer, employee, or business data to third parties for any purpose. The processing of any Personal Data is strictly governed by the Data Processing Agreement (DPA) outlined in Section 21 of these Terms.

8. Platform Availability, Hosting, and Security

We work to maintain a secure, reliable platform and take reasonable administrative, technical, and physical measures to protect data, utilizing SOC 2 compliant infrastructure. Data protection is managed through a Shared Responsibility Model as outlined in Section 20. However, uninterrupted service cannot be guaranteed. Maintenance periods, outages, and issues involving third-party infrastructure may occur. We are not responsible for delays or failures caused by factors outside our control.

9. Third-Party Services

The Services may integrate with third-party tools. We are not responsible for the actions, policies, or performance of third-party providers. Your use of these tools is subject to their separate terms and policies.

10. Disclaimer of Warranties

Standard of Care: HYC warrants that it will provide the Services in a professional manner consistent with industry standards.

Disclaimer: Except as provided above, the Services are provided “as is” and “as available.” We make no warranties of any kind, express or implied, regarding the Services, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not guarantee that the Services will meet your expectations or operate without interruption or error. The Business Client accepts all responsibility for evaluating the accuracy and suitability of the educational content for their specific internal requirements.

11. Limitation of Liability

To the fullest extent permitted by law, HYC and its owners, employees, affiliates, and service providers shall not be liable for any indirect, incidental, special, consequential, punitive, or exemplary damages, including loss of profits, goodwill, data, or business opportunities.

Our total cumulative liability for all claims arising from or related to the Services will not exceed the amount paid for the Services in the twelve (12) months preceding the event giving rise to the claim.

12. Indemnification

The Business Client agrees to indemnify and hold harmless HYC and its affiliates, officers, employees, and agents from any claims, losses, damages, or expenses (including reasonable legal fees) arising out of your use of the Services, your violation of these Terms, violation of applicable laws, or the unauthorized use of the Services by the Business Client's authorized users.

13. Termination

We may suspend or terminate access to the Services at our discretion for violations of these Terms, security risks, or harmful conduct. You may request account termination at any time by contacting us. Upon termination, your right to access the Services ends immediately. Upon termination of a subscription, all Client data is archived for 30 days before permanent deletion from production systems, unless an earlier deletion is requested in writing. Sections relating to ownership, liability, arbitration, and privacy survive termination.

14. Changes to Terms

We may update these Terms periodically. We will provide at least 30 days’ notice of material changes. Continued use of the Services after updates constitutes acceptance of the new Terms.

15. Governing Law and Arbitration

These Terms are governed by the laws of the Commonwealth of Virginia.

Any dispute, claim, or controversy arising out of or relating to this Agreement will be resolved through binding arbitration in Arlington, Virginia, before one arbitrator, except where prohibited by applicable law. Judgment on the Award may be entered in any court having jurisdiction. You waive the right to participate in class actions or representative proceedings.

Before initiating arbitration, the parties agree to make a good-faith effort to resolve the dispute informally.

16. Force Majeure

We are not responsible for delays or failures caused by events beyond our reasonable control, including natural disasters, power outages, labor disputes, or third-party service disruptions.

17. Assignment

You may not assign any rights or obligations under these Terms without our prior written consent. We may assign these Terms as part of a merger, acquisition, or reorganization.

18. Entire Agreement

These Terms, together with our Privacy Policy and any additional written agreements entered into with a business client, constitute the entire agreement between the parties regarding the Services.

19. Contact Us

If you have questions about these Terms, please contact us at info@resilient-returns.com. For technical questions or to report security issues, please contact support@resilient-returns.com.

20. Information Security Policy

Governance & Technical Review
Resilient Returns operates under a Shared Responsibility Model: we manage application-layer logic and logical data isolation, while our industry-leading, audited sub-processors manage physical and network infrastructure.

• Infrastructure & Feasibility: Our infrastructure partners maintain active SOC 2 Type II and ISO 27001 certifications, monitored through periodic vendor risk assessments. All primary and backup data is stored exclusively in secure, United States-based cloud regions. We perform periodic application-layer dependency scanning to identify and remediate security flaws. All system and security updates are verified in a private staging environment before being deployed to production.
• Data Protection & Tenant Isolation: Tenant data is logically isolated. Every application query is verified via secure, industry-standard cryptographic tokens. Server-side verification ensures data is scoped strictly to the authorized tenant, preventing identifier spoofing. Data is encrypted in transit via TLS 1.2+ and at rest using AES-256 bit encryption managed by our sub-processors. All backup copies are similarly encrypted.
• Access Control & Authentication: To protect sensitive manager and employee data, we enforce rigorous password policies requiring an 8-character minimum, including at least one uppercase letter, one number, and one special character to meet industry-standard 'Medium/Strong' security requirements. Multi-Factor Authentication (MFA) is actively supported and heavily recommended, particularly for all administrative accounts. System architecture ensures that access to client data is strictly governed by the principle of least privilege. Furthermore, the platform maintains comprehensive audit logging to track system events and administrative access.
• Incident Management & Response: Critical security incidents receive an initial technical response within 4 business hours. Clients are notified of confirmed personal data breaches without undue delay and no later than 24 hours of discovery. To report a security issue or for technical inquiries, please contact support@resilient-returns.com.
• Technical Operations: Data resiliency is supported through automated platform-managed snapshot backups and point-in-time recovery (PITR) capabilities. We utilize geographically redundant cloud systems with automated failover capabilities to ensure service continuity. Platform availability relies on regional redundancy and the 99.99% uptime SLA commitments of our infrastructure partners.

21. Data Processing Agreement (DPA)

This Data Processing Agreement (“DPA”) forms part of the Terms of Service and applies to the extent that HYC processes Personal Data on behalf of the Business Client in the course of providing the Services.

• Roles of the Parties: For the purposes of applicable data protection laws, the Business Client is the Data Controller, and HYC is the Data Processor. The Business Client is responsible for ensuring it has a lawful basis for collecting and sharing Personal Data (including manager/employee names, emails, and leave context) with HYC.
• Scope of Processing: HYC will process Personal Data solely for the purposes of providing, maintaining, and supporting the Services as documented in these Terms, or as otherwise instructed by the Business Client in writing. We strictly prohibit the sale or sharing of any customer, employee, or business data to third parties for any purpose.
• Security Measures: HYC implements and maintains appropriate technical and organizational measures to protect Personal Data against unauthorized or unlawful processing and against accidental loss, destruction, damage, theft, alteration, or disclosure, as detailed in the Information Security Policy (Section 20).
• Sub-Processors: The Business Client provides general authorization for HYC to engage third-party sub-processors (such as cloud hosting and database providers) to assist in providing the Services. HYC remains liable for the acts and omissions of its sub-processors to the same extent HYC would be liable if performing the services directly.
• Data Subject Rights: HYC will, to the extent legally permitted, promptly notify the Business Client if it receives a request from a Data Subject to exercise their rights under applicable data privacy laws. HYC will provide reasonable assistance to the Business Client to fulfill such requests.
• Security Incident Notification: In the event of a confirmed Personal Data breach or security incident impacting the Business Client’s data, HYC commits to notifying the Business Client without undue delay, and strictly no later than 24 hours after discovery of the incident. HYC will provide reasonable assistance to the Business Client in managing and mitigating the breach.
• Return and Deletion of Data: Upon termination of the Services, HYC will archive all Client data for 30 days. Following this period, all Personal Data will be permanently deleted from production systems, unless an earlier deletion is requested in writing or retention is required by applicable law.

These materials are provided for informational purposes and are part of the Resilient Returns website experience. Questions may be sent to info@resilient-returns.com.