What does this cover?
In this Policy, “we” and “our” mean Devoted Health, and “you” means any person who visits our website or uses our products and services.
By “personal information”, we mean information that directly identifies you, such as your name, address, phone number (including mobile phone number), or email address. There are two types of personal information:
- Personally Identifiable Information (PII)
- Protected Health Information (PHI)
This portion of the Policy deals with how Devoted Health collects, uses, shares, and protects PII. View our Notice of Privacy Practices to learn how we collect, use, share, and protect PHI.
Your Personal Information
Personally Identifiable Information (PII), as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
How we protect your personal information
We take protecting data and your information very seriously. And we leverage industry best practices to make commercially reasonable efforts to ensure the security of your personal information. We maintain organizational, technical and administrative measures designed to protect personal information within our organization against unauthorized access, destruction, loss, alteration or misuse. This includes measures designed to ensure that personal information is only accessible to a limited number of personnel who need access to the information to perform their duties, and those personnel are required to keep the information confidential.
The safety and security of your PII also depends on you. We encourage you to take steps to protect the confidentiality of your account and personal information, including by doing the following:
- Reviewing your personal accounts, including social media accounts, periodically and immediately reporting any unexpected activity or unrecognized information;
- Installing the latest security updates and anti-virus software on your devices to help prevent malware and viruses;
- Using complex passwords;
- Not using the same password on more than one website;
- Using two factor authentication where applicable
- Not sharing your password with others;
- Password protecting your computer and mobile devices; and
- Sign out / Log off of website sessions so that your session is closed, especially when using a public computer.
SMS (text) messaging is not an encrypted (secure) channel. If you text Protected Health Information (PHI) there is a risk that PHI could be intercepted or viewed by third parties, including others who access your device.
Our use and disclosure of PHI in SMS (text) messaging may be governed by additional privacy protections. Please see our HIPAA Notice of Privacy Practices for more information.
In general, information transmitted through the Internet may not be perfectly secure. As a result, we are unable to guarantee the security of your personal information and we are not responsible for the circumvention of any privacy or security measures on our website unless otherwise required by law. In the event of a data breach by us or from third party services we will notify you as required under applicable law and will follow up with respective remediation and resolutions.
How we use your information
We use the information that we collect to conduct our business and to improve your experience with our products and services. In order to do so, we also may combine any or all of the information that we collect or obtain. Examples of how we use information include:
- To provide you with products and services, such as to: share services that are relevant to your needs; deliver content that you may find interesting or helpful; and process, maintain, and service your account;
- To respond to you, such as when you send us an inquiry via SMS (text) message; fill out a form to be contacted; make a request or an inquiry; wish you set up an appointment with a sales representative; request materials in the mail, or share a comment or concern;
- To personalize your experience with us, including to: remember your interests and preferences; customize the product, services, and content we share with you; facilitate your interactions with our sales and customer service representatives; track and categorize your activity and interests on our website, including by identifying the different devices you use; and to enrich your experience with our products, services, and website;
- For marketing and advertising, such as to: send you marketing and advertising communications; to customize the marketing and advertising that we show you; and to identify others like you who may be interested in similar products and services;
- For analytics, such as to: understand how you use our website; understand how you shop for and interact with our products and services; determine the methods and devices used to access our website; and improve our website;
- For business purposes, such as: to operate and improve upon our business and lawful business activities; to maintain our programs, accounts, and records; for research; to provide you with notices about changes to our website and our products and services; to determine your satisfaction with our products and services; to detect and prevent fraud or misuse of our services;
- For legal and safety purposes, such as to: defend our members, from harm or in legal proceedings; protect the security of our customers, employees, property, and our rights; protect our security; respond to court orders, lawsuits, subpoenas, and government requests; address legal and regulatory compliance; and notify you of any critical issues; and
- To fulfill any other purpose for which you provide it and any other purpose with your consent, for which we will inform you of the purpose for which we collect it or seek your consent as necessary.
What information we collect
In order to improve your experience when using our website, plan, services, or products, we collect a variety of types of information. Examples include:
- Contact information, such as your name, address, phone number, or email address. Examples include when you subscribe to a newsletter, fill out a form, or enter information on our website;
- Preference information, such as your contact and marketing preferences, and plan or product interests;
- Profile and account information, which may include Contact and Preference information;
- Demographic information, which may include age or birth date, gender, ZIP code, and other information about you;
- Call recordings including information about your call and that you share when you call us on the phone;
- Location information of your device that you use when interacting with our website or calling us, if your device settings allow us to collect location information; and
- Device and browsing information, including information about your phone, tablet, computer, or device, and online browsing activity (collectively, “automatically collected information”).
How we collect your information
As general practice we always collect the minimal data necessary to provide our services. We collect information on our website, applications, automated chat "bots," during calls with you, and through our in-person interactions. We also obtain information from you and from third parties. For example, we collect and obtain information:
- You provide, such as when you submit an online form, interact with a sales representative or customer service agent, send us an inquiry via SMS (text) message, visit or contact us, respond to a survey, register to attend an event or appointment, or sign up for emails or marketing;
- At events you attend, such as: the types of information noted above that you provide, and video recordings and photographs that we collect for security, fraud, loss prevention, incident reporting, and operational purposes;
- From wi-fi and mobile devices, such information about your device when you use our website; and information about your device and location that you have consented to share through use of your device or browser, even if you are not currently on our website or on the phone with us;
- From third parties, such as service providers that we use, analytics companies, advertising networks and cooperatives, demographic companies, third parties that provide us with information about you and the different devices you use online, and other third parties that we choose to collaborate or work with;
- From social media platforms and networks that you use in connection with our website, or that share or allow you to share information with us, such as Facebook, Twitter, Pinterest, and Instagram. For example, if you use functionalities, plugins, widgets, or tools from social media platforms or networks in connection with our website (e.g., to log into an account, or to share content with your friends and followers on social media), we will collect the information that you share with us, or that those social media platforms or networks share with us; and
- Using cookies and automatic collection methods. For example, we and third parties we work with may collect information from the computer, tablet, phone, or other device: that you use to access our website; or that you use to open an email or click on an advertisement from us. This collection includes automatically collected information, and generally does not include personal information unless you provide it through our website or you choose to share it with us.
How we share information
We will never share personal information about you with third parties for their marketing or advertising purposes without your explicit consent. We do, however, share personal information with third parties for other operational purposes. For example, we share personal information with:
- Third parties and service providers that provide products or services to our members and us, as well as those that help us market or advertise to you on our behalf. When possible, these organizations are under contractual obligations to use personal information about you only for providing the services to us and to maintain this information as strictly confidential;
- To a buyer or other successor in interest in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website’s and products’ users are among the assets transferred;
- To fulfill the purpose for which you provide it. For example, when you sign up for one of our Medicare Advantage plans, we may share your information with Medicare to verify your eligibility and for them to cover all or part of the premiums for our plans; and
- Additional third parties such as law enforcement, government entities, courts, or other third parties as required or allowed by applicable law, such as for the legal and safety purposes described under the “How We Use Information” Section above, or otherwise to help prevent harm or fraud to you, our customers, other third parties, or to Devoted Health. We also may share personal information with third parties upon your request or with your approval, though we may not be able to accommodate all requests.
Notices and Disclosures
- California Privacy Rights. California law entitles residents to ask us for a notice describing what categories of personal information we share with third parties for third parties’ direct marketing purposes. Unless you request us to or consent to us doing so, Devoted Health does not share any personal information with third parties for their own direct marketing purposes. If you have questions about these practices, please contact us at firstname.lastname@example.org.
- Children's Privacy. Devoted Health does not knowingly request or collect personal information from any person under 13 years of age without prior verifiable parental consent. If you believe that your child under the age of 13 has submitted personal information to Devoted Health in connection with our website, and without prior verifiable parental consent, please contact us at email@example.com so that we can take steps to delete the personal information that she or he provided.
Your rights and choices regarding personal information
We strive to offer you with choices about how personal information is used and shared. Your choices include:
- Direct Mail Choices. You may opt out of receiving marketing or advertising by direct mail by contacting us through one of the methods specified in the “How to Contact Us” section below, and sharing the name and mailing address that you would like to opt out. Please note that these requests may take up to 8-10 weeks to become effective.
- Online Advertising. You can manage third party advertising preferences for some of the third parties we work with to serve advertising across the Internet by clicking here and by utilizing the choices available at http://www.networkadvertising.org/managing/opt_out.asp and www.aboutads.info/choices. We do not guarantee that all of the third parties we work with will honor the elections you make using those options, but we strive to work with third parties that do.
- Social Media Platforms and Networks. We encourage you to review your privacy options and settings with the social media platforms and networks you use to understand what choices you have about sharing information from those platforms and networks with us.
- Email Choices. You can opt out of marketing or advertising emails by utilizing the “unsubscribe” link or mechanism noted in marketing or advertising emails you receive from Devoted Health. You may also request to opt out of marketing or advertising emails by contacting us through one of the methods specified in the “How to Contact Us” Section below, and sharing the email address at which you are receiving marketing or advertising emails.
- Mobile Location Choices. You may choose not to provide your location to us by customizing your mobile device settings to prevent sharing of location information.
- SMS (text). You may opt out of receiving SMS (text) messages from us anytime by replying “STOP” or “Unsubscribe” to text messages received from Devoted Health. You can also opt -out by contacting us through one of the methods specified in the “How to Contact Us” section below, and identify the number you’d like to stop receiving SMS (text) messages from us.
Accessing and Correcting Your Information
You can review and change your personal information by logging into the website and visiting your account profile page. You may also contact us through one of the method specified in the “How to Contact Us” section below, and informing us of any changes or errors in any personal information we have about you to ensure that it is complete, accurate, and as current as possible. We may ask you for additional information to verify your identity before we provide you with any personal information about you or permit you to change it. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause your personal information to become incorrect.
Please notify us immediately if your mobile number changes. We are not liable for any communication or transmission of information by SMS (text) messaging which happens because you did not report that your mobile number changed. Password-protecting mobile device(s) and enabling encryption, if available, is recommended.
Do Not Track Signals
We may use automated data collection technologies to collect information about your online activities over time and across third-party websites or other online services (this is often referred to as behavioral tracking). Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your activities online. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such a signal is broadcast or received.
How to Contact Us
ATTN: Paul Jernigan, Privacy Officer
PO Box 211037
Eagan, MN 55121
Updates to This Policy
Changes to this Notice
We may make changes to this Policy, and may apply any changes to information previously collected, as permitted by law. When we make material changes to this Policy, we will notify you by posting the updated Policy on our website, and we will update the effective date at the end of this Policy.
This Policy is effective December 10, 2020.