PRIVACY POLICY

HealthNEXT and its affiliates (collectively, “Company”, “we”, “our”, or “us”) recognize the importance of protecting your personal and financial information when you visit our website, located at www.healthnext.com (our “Website”). The following information is designed to help you understand the information collection practices at this Website.

By visiting this Website, you are accepting the practices described in this Privacy Policy. If you do not agree to this Policy, please do not use this Website. Please review the Terms and Conditions of Use to learn of other terms and conditions applicable to your use of this Website.

CHANGES TO THIS PRIVACY POLICY

Company reserves the right to change, modify, add, or remove portions of this Privacy Policy at any time for any reason. If we make changes that materially affect your privacy rights we will notify you with a prominent post on this Website. Such changes shall be effective immediately upon posting. We suggest that you review this Policy periodically for changes. The current version of this Privacy Policy can be accessed from a link on our homepage, or at the bottom of our other website pages. You acknowledge that, by accessing our Website after we have posted changes to this Privacy Policy, you are agreeing to the terms of the Privacy Policy as modified.

INFORMATION COLLECTION AND USE

Personally Identifiable Information:

The personally identifiable information you submit to our Website is used only to service your account and/or to provide you with information on Company products and services. The types of personal information that may be collected at our Website include: name, address, email address and telephone number. We will not sell, share or rent your personally identifiable information to others in contravention of this Privacy Policy. Please contact us by email or telephone as specified below to update your account information whenever such information ceases to be complete or accurate.

Additionally, if you are accessing parts of this Website that are password protected, then (a) once you submit your password and enter, this Website will recognize who you are and collect all information that you submit, including all electronic information (including all transaction information), and (b) any information collected about you from this Website may be associated with other identifying information that we have about you.

Aggregate Information:

We generally record certain usage information, such as the number and frequency of visitors to our Website. This information may include the websites that you access immediately before and after your visit to our Website, the Internet browser you are using and your Internet Protocol (IP) address. If we use such data at all, it will be on an aggregate basis.

INFORMATION WE COLLECT FROM YOU

In the course of your use of the Website, we may obtain the following information about you as described below. We collect this information for the purposes described under “How We Use Your Information”.

Signing Up For Services; User Information:

Information that you provide prior to any registration process, such as your email when you provide it to us;

Information that you provide during any registration process, including in connection with a co-branded offer (including your name, company name, email address, phone number, billing address or credit card information, geographic location and industry), when you call or email us (for support or otherwise), or when you use our products or services; and

Payment information that you provide to us (by way of our Website or otherwise) when you purchase some of our products and services, including credit card data.

Use Of Services, Website Visits And Support:

Data relating to your online activity on our Website, including the following:

  • IP address
  • browser type and version
  • geographic location
  • pages you view
  • how you got to our Website and any links you click on to leave our Website
  • when you update your information or communicate with us
  • metadata about your use and your contacts’ use of our Website and your emails you send (including clicks and opens)
  • your interactions with any videos we offer
  • issues you encounter requiring our support or assistance
  • any device or other method of communication you use to interact with the Website
  • Your telephone conversations or texts with us (which we may monitor or record).

We store the data that we collect in a variety of places within our infrastructure, including system log files, back end databases and analytics systems.

Social Media:

Information from third party social networking sites, including information that social networking sites provide to us if you use your credentials at such social networking sites to log into our Website (such as your name and email address to pre-populate our sign-up form).

The information you allow us to access varies by social networking site, and depends on the level of privacy settings you have in place at the social networking site. You can control and find out more about these privacy settings at the applicable social networking site.

Other Sources:

  • Information you provide to us at seminars or to our partners;
  • Information you provide to us in surveys;
  • Information that is publicly available; and
  • Information you consent to us receiving from third parties.

HOW WE USE YOUR INFORMATION

We have a legitimate interest in running a successful and efficient business and in providing you with services and useful content, and we use the that information we collect, both on its own and combined with any other information that we collect about you, for the following purposes:

  • To provide the requested services to you;
  • To provide you with useful content;
  • To ensure the proper functioning of our services;
  • To offer and improve our services;
  • To provide you with requested information or technical support;
  • To facilitate your movement through our Website or your use of our services;
  • To do a better job of advertising and marketing our services (our use of your information to do this is performed with your consent where required by applicable law);
  • To advertise and market third party products and services (such advertisement is only performed with your permission where your consent is required by applicable law);
  • To diagnose problems with our servers or our services;
  • In connection with our security and compliance programs;
  • To administer our Website;
  • To communicate with you;
  • To target prospective customers with our products or services (such targeting is only performed with your permission where your consent is required by applicable law);
  • To assist us in offering you a personalized experience or otherwise tailor our services to you; and
  • As otherwise described in this Privacy Policy.

COOKIES

Cookies are small text files that are stored in your computer’s memory and hard drive when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website.

Cookies help us to provide customized services and information. We use cookies on this Website for the following purposes:

Analytical Purposes:

Analytical cookies allow us to recognize, measure and track visitors to the Website. This helps us to improve and develop the way the Website works, for example, by determining whether site visitors can find information easily, or by identifying the aspects of the site that are of the most interest to them.

Usage Preferences:

Some of the cookies on the Website are activated when visitors to our Website make a choice about their usage of the site. Our Website then ‘remembers’ the settings preferences of the user concerned. This allows us to tailor aspects of the site to the individual user.

Terms and Conditions:

We use cookies on the Website to record when a site visitor has seen a policy, such as this one, or provided consent, such as consent to the Terms and Conditions of Use on our Website. This helps to improve the user’s experience of the site – for example, it avoids a user from repeatedly being asked to consent to the same terms.

Session Management:

The software that runs the Website uses cookies for technical purposes needed by the internal workings of our servers. For instance, we use cookies to distribute requests among multiple servers, authenticate users and determine what features of the site they can access, verify the origin of requests, keep track of information about a user’s session and determine which options or pages to display in order for the site to function.

Functional Purposes:

Functional purpose cookies store information that is needed by our applications to process and operate. For example, where transactions or requests within an application involve multiple workflow stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall transaction or request.

To make full use of the Website, your computer or mobile device will need to accept cookies, as the site will not function properly without them. In addition, cookies are required in order to provide you with personalized features on the Website.

Local Flash Storage:

We may include content on the Website designed for display using Adobe Flash Player, such as animations, videos and tools. Local flash storage (often referred to as “Flash cookies”) can be used to help improve your experience as a user. Flash storage is retained on your device in much the same way as standard cookies, but is managed directly by your Flash software.

If you wish to disable or delete information stored locally in Flash, please see the documentation for your Flash software, located at www.adobe.com. Please note that, if you disable Flash cookies, some functionality on the Website may not work as intended.

Third Party Cookies:

When you visit the Website, you may receive cookies that are set by third parties. These cookies are used for the purposes described in the bullet points above. We do not control the setting of these third party cookies, so we suggest that you might wish to check the third party websites for more information about their use of cookies and how to manage them.

Changing Cookie Preferences:

You can configure your browser to accept all cookies, reject all cookies, notify you when a cookie is set, or delete cookies that have already been set. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences. You are always free to decline our cookies if your browser permits, although in that case you may not be able to use certain features on our Website. In addition, a number of companies offer utilities designed to help you visit websites anonymously.

The site www.allaboutcookies.org includes instructions for managing cookies on many commonly used browsers, or you may consult the vendor documentation for your specific software.

Privacy Preferences:

This Website may contain information, including P3P privacy policies (“Privacy Preference Information”), intended to work with your selected privacy preferences. While we have tried to make such Privacy Preference Information included within this Website conform to this full-text of this Privacy Policy, this Privacy Policy is the definitive statement of the privacy policies and practices for this Website.

SERVICE PROVIDERS

We may use internal or external service providers to operate our Website and employ other persons to perform work on our behalf, such as sending postal mail and email. These persons may have access to the personally identifiable information that you submit through the Website, but only for the purpose of performing their duties for Company. These personnel are not permitted to use your personally identifiable information for any other purpose.

COMPLIANCE WITH LAWS

Company does not automatically collect personally identifiable information from visitors to our Website, except to the extent we are required to do so under the USA PATRIOT Act or some other statute or regulation applicable to us. We will not provide any personally identifiable information to any other persons, except (a) if we are required to make disclosures to the government or private parties in connection with a lawsuit, subpoena, investigation, similar proceedings or regulatory examination, (b) to comply with applicable laws or regulations, (c) to enforce these Terms, or (d) to share information with our affiliates or service providers in connection with providing services to you. We can (and you authorize us to) disclose any such information in those circumstances.

EMAIL AND MARKETING

Company will not send you email messages without first receiving your permission, unless it relates to servicing your account or complying with your requests. It is our policy to include instructions for unsubscribing from these permission-based programs. We recommend that you do not send us any individual personal information via nonsecure methods of correspondence, including via public electronic communication channels, such as Internet email, which are generally not secure.

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.

BUSINESS TRANSFERS

If all or some of the business, stock or assets of Company are acquired by or merged with another business entity, we will share all or some of your information with this entity to continue to provide service to you. You will receive notice of such an event and the new entity will inform you of any changes to the practices in this Privacy Policy. If the new entity wishes to make additional use of your information, you may decline such use at such time. We would also share your personal information with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.

CHILDREN’S PRIVACY

Although this Website is not targeted toward children, we are concerned about the safety and privacy of children who use the Internet. Consistent with the Children’s Online Privacy Protection Act of 1998, we will never knowingly request personally identifiable information from anyone under the age of 13 without prior verifiable parental consent. If we become aware that a child under 13 has provided us with personally identifiable information without verifiable parental consent, we will use reasonable efforts to remove that information from our files. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without verifiable parental consent, he or she should contact us.

THIRD PARTY WEBSITES

Company may establish links between this Website and one or more websites operated by third parties. Company has no control over any of these other websites, the contents therein or the products/services offered. Your access to and use of such linked websites is governed by the terms of use and privacy policies of those sites, and will be at your own risk. Company disclaims any responsibility for the privacy policies and customer information practices of third-party internet websites hyperlinked from our Website.

SECURITY

No data transmission over the internet can be 100% secure, so Company cannot ensure or warrant the security of any information that you submit to us on or through this Website. However, Company seeks to protect your personal information when you transact business on our Website by requiring the use of a browser software program that supports industry standard SSL encryption with 128-bit key lengths. The “128-bit” designation refers to the length of the key used to encrypt the data being transmitted, with a longer key representing a higher level of security.

USERS FROM THE EUROPEAN UNION AND SWITZERLAND

This section of the Privacy Policy applies only if you use our Website or services covered by this Privacy Policy from a country that is a Member State of the European Union or Switzerland, and supplements the information in this Privacy Policy.

Controller of Personal Information:

To the extent that Company is subject to the laws of the European Union and Switzerland when processing personal data (“Personal Data”), it shall be the “data controller” under such laws.

Legal Basis for Data Processing:

We process Personal Data for the purposes set out in this Privacy Policy, as described above. Our legal basis to process Personal Data includes processing that is: necessary for the performance of the Services; necessary to comply with legal requirements (for example, to comply with applicable accounting rules or to make mandatory disclosures to law enforcement); necessary for our legitimate interests (for example, to manage our relationship with you and to improve the Website and our services); and, where legally required and we have no other valid legal basis to process Personal Data, we will use consent by our customers (for example, to provide you with marketing information or share information with third parties), which may subsequently be withdrawn at any time (by emailing us at privacy@healthnext.com) without affecting the lawfulness of processing based on consent before its withdrawal.

In some instances, you may be required to provide us with Personal Data for processing as described above, in order for us to be able to provide you all of our Services, and for you to use all the features of our Website.

International Transfers of Personal Data:

The nature of Company’s business means that the Personal Data collected through our services will be transferred to the United States. Also, Company personnel and some of the third parties to whom we disclose Personal Data (as set out above) may be located in the United States and other countries outside of the European Union or Switzerland, including in countries to which you fly and that may not provide the same level of data protection as your home country. We take appropriate steps to ensure that recipients of your Personal Data are bound by duties of confidentiality and we implement measures such as standard data protection contractual clauses to ensure that any transferred Personal Data remains protected and secure.

YOUR RIGHTS:

Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to the personal information we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. To exercise any of your rights, please email us at privacy@healthnext.com. Please note that, for each of the rights below, we may have valid legal reasons to refuse your request. In those instances, we will let you know if that is the case.

Access:

You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.

Portability:

You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format, and a right to request that we transfer that personal information to another party. If you wish for us to transfer your personal information to another party, please ensure that you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.

Correction:

You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that, while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.

Erasure:

You may request that we erase the personal information we hold about you in the following circumstances:

  • where you believe it is no longer necessary for us to hold the personal information;
  • we are processing it on the basis of your consent and you wish to withdraw your consent;
  • we are processing your data on the basis of our legitimate interest and you object to such processing;
  • you no longer wish us to use your data to send you marketing; or
  • you believe we are unlawfully processing your data.

Please provide as much detail as possible on your reasons for your request in order to assist us in determining whether you have a valid basis for erasure.

Restriction of Processing to Storage Only:

You have a right to require us to stop processing the personal information that we hold about you other than for storage purposes in the following circumstances:

  • You believe that the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
  • We wish to erase the personal information as the processing that we are doing is unlawful but you want us to simply restrict the use of that data;
  • We no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or
  • You have objected to us processing personal information that we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.

Objection:

You have the right to object to our processing of data about you. We will consider any such request. Please provide us with all available details as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.

You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes. Upon our receipt of such a request, we will stop processing that data for that purpose.

WITHDRAWAL OF CONSENT

Where you have provided your consent to us to process your personal data, you can withdraw your consent at any time by emailing us at privacy@healthnext.com.

DO NOT TRACK

We do not support Do Not Track (DNT). Do not track is a web browser setting that informs a website that you do not want to be tracked.

INFORMATION SECURITY

We implement and maintain reasonable security measures to protect the personal information we collect and maintain. However, no security measure or modality of data transmission over the Internet is 100% secure and we are unable to guarantee the absolute security of the information we have collected from you.

AGE RESTRICTION

The Website is not intended or designed to attract children under the age of thirteen (13). By using the Website, you affirm that you are more than eighteen (18) years of age, or you are an emancipated minor, and are fully able and competent to enter into the terms, conditions, obligations, affirmations, representations, and warranties set forth in this Privacy Policy, and to abide by and comply with this Privacy Policy. In any case, by using the Website, you affirm that you are over the age of thirteen (13), as THE WEBSITE IS NOT INTENDED FOR CHILDREN UNDER THIRTEEN (13) WHO ARE UNACCOMPANIED BY THEIR PARENT(S) OR LEGAL GUARDIAN(S).

Parents and legal guardians should be aware that this Privacy Policy will govern our use of personal information, but also that information that is voluntarily given by children (or others) in email exchanges, bulletin boards, or the like, may be used by other parties to generate unsolicited communications. We encourage all parents and legal guardians to instruct their children in the safe and responsible use of their personal information while using the internet.

CONTACT

If you have additional questions or comments of any kind, please let us know by sending your comments or requests to us at privacy@healthnext.com.

EFFECTIVE AS OF: November 4, 2021