Collective Health Corporate Website Privacy Policy

Updated: August 25, 2023

Introduction

This Corporate Website Privacy Policy (“Policy”) describes how Collective Health, its subsidiaries and affiliates (“we” or “Collective Health”) collect, use, and disclose Personal Information through www.collectivehealth.com (our “corporate website”).

This Policy does not apply to our member or employer facing digital products, each of which have separate privacy policies; neither does this Policy apply to third-party sites or applications linked to by the corporate website, and we are not responsible for the privacy policies or practices of these third-party sites or applications. 

Before using our corporate website, please carefully read Collective Health’s Health’s Terms of Service and this Policy. By accessing our corporate website, you agree to the Terms of Service and to all provisions of this Policy.

If you do not agree with this Policy, you may not access or use this site.

1. Personal Information We Collect

When you interact with us through our corporate website, we may collect Personal Information, which is information that relates to you, identifies you personally, or could be used to identify you, such as your full name, address, email, or your telephone number. Below are the four categories of Personal Information that we collect and have collected about you in the past 12 months.

1.1 Information you provide to us

When interacting with our corporate website, you may choose to provide us with Personal Information, such as:

  • Contact Information. You may choose to provide us with contact information, such as name, e-mail, and company name to receive more information about our products and services.
  • Job Applicant Information. When applying for a job through our corporate website, you may choose to provide us with Personal Information, such as your name, e-mail, phone, resume, cover letter, and links to personal profiles and websites containing Personal Information.
  • Health Risk Assessment Information. Covid 19 vaccination status may be collected for employees entering a worksite pursuant to Collective Health’s COVID 19 Prevention Program.  Employees who wish to enter a Collective Health worksite will be asked to self-screen for COVID 19 symptoms pursuant to company’s COVID 19 Prevention Program. Additionally, negative COVID 19 test results may be collected for employees entering a worksite pursuant to the COVID 19 Prevention Program.  You are not required to provide this information to use our corporate website; however, you may not be able to use certain features without providing the requested personal information.
  • Emergency Contact information received in connection with employment. 

1.2 Information we receive in the course of business

We may receive or deduce information about you, including Personal Information, in the ordinary course of our business. For example, this includes Personal Information you may provide when attending a conference or event or in other business interactions with Collective Health.

1.3 Information we collect from third parties

To the extent permitted by applicable law, we may receive Personal Information about you from publicly available sources, third-party service providers, and/or partners and combine it with information we have about you to provide a more personalized experience.

1.4 Information automatically collected

When you use our corporate website, we automatically collect information about the services you use and how you use them to provide and improve the functionalities of our corporate website and services, and to comply with legal obligations.

  • Device and Connection Information. We automatically collect certain information when you access or use our corporate website. This information includes your browser type, device information and settings, operating system information, IP address, access dates and times, and any links you clicked to navigate to our corporate website. Collecting this information allows us to customize your experience and content when using our corporate website.
  • Tracking Technologies. We use cookies, web beacons, pixels, and other tracking technologies for remembering your settings and preferences and analyzing your clicks and movements on our sites in order to improve your experience with our corporate website. You can control the use of cookies through your browser.
  • Usage Information. We collect information about your interactions with our corporate website, such as the content you view, the links you click, and the searches you conduct on the site. We may also collect information about how you arrived at our corporate website, including hostnames and keywords searched.
  • Geo-location. When accessing our corporate website, we may collect information about your approximate location through your IP address or your precise location through GPS, if authorized by you, to offer you an improved experience. You may control or disable the availability of GPS location services in your device or browser settings.
  • Do Not Track. In conformity with the California Online Privacy Protection Act (“CalOPPA”) Do Not Track law, our corporate website currently does not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to lack of standardization regarding how that signal should be interpreted. You may use technical means to prevent some tracking. See the section of this Policy called “Your Advertising Choices.”

2. How We Use the Personal Information We Collect

Your Personal Information is used for the following purposes:

2.1 Provide and improve our corporate websites

We may use your Personal Information to deliver and improve your experience with our corporate website, such as:

  • Enable you to sign up to receive information about our products and services;
  • Enable you to apply for jobs through our corporate website;
  • Provide you with website content;
  • Personalize your experience with our website; and
  • Conduct research and analysis to improve our website.

2.2 Provide you with information you requested

We may use information collected through our websites and third-parties to communicate with you about our products and services. You have the option to opt out of these communications.

2.3 Comply with legal requirements and provide a safe environment

We may use certain information collected through your use of our websites for the purposes of protecting your data and our platform, and for complying with legal obligations, such as:

  • Prevent and detect harmful activity including security incidents, spam, fraud, and abuse;
  • Investigate suspected security incidents;
  • Comply with legal obligations;
  • Enforce this Policy, our Terms of Service, and any other terms you have agreed to with us; and
  • Resolve any disputes and enforce our agreements with third parties.

2.4 Provide, measure, and improve our advertising and marketing

We may use your Personal Information for legitimate business purposes, including providing you with information about our products and services that may be of interest to you, such as:

  • Sending promotional messages and marketing communications that may interest you. You will have the option to unsubscribe from these communications.
  • Providing, personalizing, measuring, and improving our advertising, including advertising through external websites and social media platforms.

3. Sharing Your Information

We may share the Personal Information provided by you or collected by us through the use of our corporate website to service providers for legitimate business purposes. We have not and will not sell your Personal Information collected through the Corporate Website to third parties without your consent, except as provided in Section 3.3. Additionally, consistent with the California Shine the Light Law and other applicable laws, we will not share or sell your data provided by you or collected by us through your use of our corporate website to third parties for such third parties’ direct marketing purposes without your consent.

3.1 Sharing with Third-Party Service Providers

Collective Health uses third-party service providers to help us provide and improve our corporate websites and services. We may share the Personal Information you provide to us or that we collect from you through our corporate website with these third-party service providers. When we do so, we will only provide the information necessary for the third-party to perform its agreed upon services and require that they use such information for no other purpose than to provide the services to us.

3.2 Sharing with Company Affiliates

We may share the Personal Information you provided to us or that was collected by us with our affiliated companies or subsidiaries for purposes of providing services to you. Consistent with the California Shine the Light Law and other applicable laws, we will never share or sell your Personal Information provided by you or collected by us through your use of our corporate website to affiliated companies or subsidiaries for direct marketing purposes without your explicit consent.

3.3 Sharing for Business Transactions

If Collective Health is involved in any merger, acquisition, sale of our assets, bankruptcy, or insolvency event, we may sell or transfer some or all of our assets, including some or all of your Personal Information in connection with such transaction. We will notify you before your Personal Information becomes subject to a different privacy policy.

3.4 Sharing for Legal and Compliance Purposes

We may share Personal Information collected through the use of our corporate website to respond to valid legal processes (e.g., a court order or subpoena). We may also share your information to comply with applicable laws, to protect the safety of any person, to address fraud, security, or technical issues, or to enforce this Policy, Terms of Service, and any other terms or conditions you have agreed to with us.

4. Your California Privacy Rights

This section applies only to California residents and provides additional details about the Personal Information we collect about California consumers through the corporate website and the rights afforded to them under the California Consumer Privacy Act of 2018 (the “CCPA”).

For more details about the Personal Information we have collected through the corporate website over the last 12 months, including the categories of sources, please see Section 1 – ‘Personal Information We Collect’ above. We collect this information for the business and commercial purposes described in Section 2 – ‘How We Use the Personal Information’ above. We share this information with the categories of third parties described in Section 3 – ‘How We Share Your Personal Information’ above. We do not sell the Personal Information we collect and we will not sell your Personal Information without your consent. Information you provide on our site may may be collected by automated technology, such as a bot, cookie, or pixel tag, and used by us consistent with this Policy. Your behavior patterns and interactions with our corporate website may be used by us or by third-party advertisers to provide services or to surface relevant content to you as described in Sections 3 and 5 of this Policy.

4.1 Your Rights Under the CCPA

If you are a California resident, you have rights in relation to your Personal Information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of Personal Information or the security of our systems. Additionally, we will only be able to act on your requests if we can verify your identity against the Personal Information we have collected about you. Below are the specific rights provided to you by the CCPA:

  • Right to Know. You have the right to request, in writing, (a) the categories of Personal Information we have collected about you, (b) the business or commercial purposes for the collection, (c) the categories of third parties with which we have shared your Personal Information, and (d) the specific pieces of Personal Information we have collected about you.
  • Right to Delete. You have the right to request that we delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions.
  • The Right to Correct. You can ask us to correct inaccurate Personal Information we have about you. 
  • The Right to Limit the Use and Disclosure of Sensitive Personal Information. 
  • Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising any of the rights described in this section.
  • Notice at Collection. At or before the time of collection, California residents may have a right to receive notice of our practices, including the categories of personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. 

Categories of Personal Information We Collect and How We Use and Share that Information. During the past twelve (12) months, we have collected, used, and shared the following categories of personal information:

Category of Personal InformationCategory of SourceBusiness or commercial purpose(s) for collectionCategories of third parties with whom we share
Personal identifiersDirectly from you or your agents

From your Organization

From your Vendors or Customers

From other third parties you choose to interact with

From our service providers

From public sources
To provide our Service to you

To communicate with you

To verify your identity

To protect your account

To prevent fraud or illegal activity

Our marketing activities
Our service providers

Your authorized service providers

Other third parties that you authorize

Our business and marketing partners

Third parties as required by law
Financial information, including bank account number, credit card numberDirectly from you or your agents

From your Organization

From your Vendors or Customers

From other third parties you choose to interact with

From our service providers

From public sources
To provide our Service to you

To verify your identity

To protect your account

To prevent fraud or illegal activity
Commercial information, including products/services purchasedDirectly from you or your agents

From your Vendors or Customers
Provide our Service to you

Prevent fraud or illegal activity
Internet or other electronic network activity informationDirectly from you

From our service providers
Provide our Service to you

Protect your account

Prevent fraud or illegal activity

Debug or repair our Service

Maintain reliability, quality or safety of our Service

Improve our Service

Our marketing activities
Geolocation dataDirectly from you

From your mobile provider or ISP
Provide our Service to you

Protect your account

Prevent fraud or illegal activity

Debug or repair our Service

Maintain reliability, quality or safety of our Service
Audio, electronic, visual, or similar informationDirectly from youProvide our Service to you

Prevent fraud or illegal activity

Improve our Service

Maintain reliability, quality or safety of our Service
Professional or employment-related informationDirectly from you

From your Organization

From your Vendors or Customers
Provide our Service to you

Prevent fraud or illegal activity

Our marketing activities
Inferences drawn to create a profile about a consumerCollective HealthProvide our Service to you

Prevent fraud or illegal activity

Maintain reliability, quality or safety of our Service

Our marketing activities
  • Sensitive Personal Information. When we collect government identification (such as your driver’s license number or Social Security number) or financial details (such as your bank account or credit card numbers), we are deemed to be collecting data that is “sensitive” under state privacy laws. Where legally required, we will obtain your consent for collecting this information. For our California users, we do not use or disclose sensitive personal information for any purpose other than as permitted by law, such as to provide our Service to you, to detect security incidents, and protect against malicious or fraudulent actions, nor do we use or disclose such information to build a profile about you.  
  • Retention. We retain your personal information as long as it is necessary to provide you our Service and to comply with our data retention requirements.  Even after you stop using our Service, we may be required to keep your information for as long as necessary to comply with our legal and regulatory obligations, to make or defend legal claims, and to protect against fraudulent activity of others.

4.2 Exercising Your Rights

You may exercise your rights described in this section by sending an e-mail to privacy@collectivehealth.com. We may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.

5. Your Advertising Choices

Your behavior patterns and interactions with our corporate website may be used by us or by third-party advertisers to surface relevant content to you. To do so, our advertising service providers either place or recognize a unique cookie on your browser. They may also use other techniques such as pixel tags to determine the content you view and surface relevant advertisements on their websites. If you would like more information about these practices and to learn about your choices, please visit the Digital Advertising Alliance or the Network Advertising Initiative. Your behavior patterns and interactions with any of our health risk assessment websites will not be used by Collective Health or by third-party advertisers to surface relevant content to you.

You may control interest-based advertising as explained below. Please note that opting out of receiving interest-based advertising does not result in blocking all advertisements served to you. You will continue receiving advertisements; these advertisements will be generic or based on the content of a webpage that you are visiting, instead of being targeted to your specific interests.

  • To Control Advertising on Websites. If you want to limit the amount of interest-based advertising you receive through websites, you may opt-out of certain forms of tracking. Please note that you will continue receiving advertising on third-party sites, but this advertising will not be based on your activities on our site. You can opt-out of certain forms of tracking by visiting Digital Advertising Alliance WebChoices or the Network Advertising Initiative Opt Out.
  • To Control Advertising on Mobile Applications. If you want to limit the amount of interest-based advertising you receive through mobile applications, you may opt-out of certain forms of tracking. You can learn more about ad choices for mobile devices by visiting the Digital Advertising Alliance AppChoices Digital Advertising Alliance AppChoices and downloading the AppChoices mobile application.
    To immediately end all targeting on a mobile device, you can also limit ad tracking in the device settings. For instructions on how to limit ad tracking on your mobile device, please visit Apple Support or Android Support.
  • To Control Information Collected and Used by Google Analytics. We use Google Analytics to analyze our corporate website traffic and interactions. For more information on how Google uses this information, please refer to How Google Uses Data When You Use Our Partners’ Sites or Apps. Information collected by the Google Analytics cookie is transmitted to and stored by Google in accordance with its privacy practices. To opt out of Google Analytics, please visit Google Analytics Opt Out.

6. Information Security

Although we are serious about protecting the security of your Personal Information and have taken steps to protect your Personal Information from loss, misuse, unauthorized access, disclosure, or destruction, no security measures are completely secure and we do not and cannot guarantee the security of your Personal Information. If you have reason to believe that your information has been lost, stolen, or otherwise compromised from our sites, please contact us immediately via privacy@collectivehealth.com.

7. Changes to this Corporate Website Privacy Policy

Collective Health may change this Policy as needed to accurately reflect our information collection, use, and sharing practices. If we make changes to this Policy, the revised policy will be posted on this site with the last effective date. The effective date of the Policy is the date indicated at the top of the Policy. Your continued use of the corporate website after the effective date signifies your acceptance of the revised Policy. We therefore encourage you review this Policy regularly.

8. Children

Our corporate website is directed toward adults and is not designed for, intended to attract, or directed toward children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before using or accessing our corporate website. If we become aware that we have collected any Personal Information from children under 16, we will promptly remove such information from our databases. If you learn that your child has used our corporate website to provide us with their personal information without your consent, please email us at privacy@collectivehealth.com.

9. Contact Us

If you have any questions or comments about this Policy, please email us at privacy@collectivehealth.com or send us a letter at:

Collective Health
ATTN: Privacy and Compliance
45 Fremont Street, Suite 1200
San Francisco, CA 94105