Collective Health Corporate Website Privacy Policy
Updated: August 25, 2023
Introduction
This Corporate Website Privacy Policy (“Policy”) describes how Collective Health, its subsidiaries and affiliates (“we” or “Collective Health”) collect, use, and disclose Personal Information through www.collectivehealth.com (our “corporate website”).
This Policy does not apply to our member or employer facing digital products, each of which have separate privacy policies; neither does this Policy apply to third-party sites or applications linked to by the corporate website, and we are not responsible for the privacy policies or practices of these third-party sites or applications.
Before using our corporate website, please carefully read Collective Health’s Health’s Terms of Service and this Policy. By accessing our corporate website, you agree to the Terms of Service and to all provisions of this Policy.
If you do not agree with this Policy, you may not access or use this site.
1. Personal Information We Collect
When you interact with us through our corporate website, we may collect Personal Information, which is information that relates to you, identifies you personally, or could be used to identify you, such as your full name, address, email, or your telephone number. Below are the four categories of Personal Information that we collect and have collected about you in the past 12 months.
1.1 Information you provide to us
When interacting with our corporate website, you may choose to provide us with Personal Information, such as:
- Contact Information. You may choose to provide us with contact information, such as name, e-mail, and company name to receive more information about our products and services.
- Job Applicant Information. When applying for a job through our corporate website, you may choose to provide us with Personal Information, such as your name, e-mail, phone, resume, cover letter, and links to personal profiles and websites containing Personal Information.
- Health Risk Assessment Information. Covid 19 vaccination status may be collected for employees entering a worksite pursuant to Collective Health’s COVID 19 Prevention Program. Employees who wish to enter a Collective Health worksite will be asked to self-screen for COVID 19 symptoms pursuant to company’s COVID 19 Prevention Program. Additionally, negative COVID 19 test results may be collected for employees entering a worksite pursuant to the COVID 19 Prevention Program. You are not required to provide this information to use our corporate website; however, you may not be able to use certain features without providing the requested personal information.
- Emergency Contact information received in connection with employment.
1.2 Information we receive in the course of business
We may receive or deduce information about you, including Personal Information, in the ordinary course of our business. For example, this includes Personal Information you may provide when attending a conference or event or in other business interactions with Collective Health.
1.3 Information we collect from third parties
To the extent permitted by applicable law, we may receive Personal Information about you from publicly available sources, third-party service providers, and/or partners and combine it with information we have about you to provide a more personalized experience.
1.4 Information automatically collected
When you use our corporate website, we automatically collect information about the services you use and how you use them to provide and improve the functionalities of our corporate website and services, and to comply with legal obligations.
- Device and Connection Information. We automatically collect certain information when you access or use our corporate website. This information includes your browser type, device information and settings, operating system information, IP address, access dates and times, and any links you clicked to navigate to our corporate website. Collecting this information allows us to customize your experience and content when using our corporate website.
- Tracking Technologies. We use cookies, web beacons, pixels, and other tracking technologies for remembering your settings and preferences and analyzing your clicks and movements on our sites in order to improve your experience with our corporate website. You can control the use of cookies through your browser.
- Usage Information. We collect information about your interactions with our corporate website, such as the content you view, the links you click, and the searches you conduct on the site. We may also collect information about how you arrived at our corporate website, including hostnames and keywords searched.
- Geo-location. When accessing our corporate website, we may collect information about your approximate location through your IP address or your precise location through GPS, if authorized by you, to offer you an improved experience. You may control or disable the availability of GPS location services in your device or browser settings.
- Do Not Track. In conformity with the California Online Privacy Protection Act (“CalOPPA”) Do Not Track law, our corporate website currently does not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to lack of standardization regarding how that signal should be interpreted. You may use technical means to prevent some tracking. See the section of this Policy called “Your Advertising Choices.”
2. How We Use the Personal Information We Collect
Your Personal Information is used for the following purposes:
2.1 Provide and improve our corporate websites
We may use your Personal Information to deliver and improve your experience with our corporate website, such as:
- Enable you to sign up to receive information about our products and services;
- Enable you to apply for jobs through our corporate website;
- Provide you with website content;
- Personalize your experience with our website; and
- Conduct research and analysis to improve our website.
2.2 Provide you with information you requested
We may use information collected through our websites and third-parties to communicate with you about our products and services. You have the option to opt out of these communications.
2.3 Comply with legal requirements and provide a safe environment
We may use certain information collected through your use of our websites for the purposes of protecting your data and our platform, and for complying with legal obligations, such as:
- Prevent and detect harmful activity including security incidents, spam, fraud, and abuse;
- Investigate suspected security incidents;
- Comply with legal obligations;
- Enforce this Policy, our Terms of Service, and any other terms you have agreed to with us; and
- Resolve any disputes and enforce our agreements with third parties.
2.4 Provide, measure, and improve our advertising and marketing
We may use your Personal Information for legitimate business purposes, including providing you with information about our products and services that may be of interest to you, such as:
- Sending promotional messages and marketing communications that may interest you. You will have the option to unsubscribe from these communications.
- Providing, personalizing, measuring, and improving our advertising, including advertising through external websites and social media platforms.
3. Sharing Your Information
We may share the Personal Information provided by you or collected by us through the use of our corporate website to service providers for legitimate business purposes. We have not and will not sell your Personal Information collected through the Corporate Website to third parties without your consent, except as provided in Section 3.3. Additionally, consistent with the California Shine the Light Law and other applicable laws, we will not share or sell your data provided by you or collected by us through your use of our corporate website to third parties for such third parties’ direct marketing purposes without your consent.
3.1 Sharing with Third-Party Service Providers
Collective Health uses third-party service providers to help us provide and improve our corporate websites and services. We may share the Personal Information you provide to us or that we collect from you through our corporate website with these third-party service providers. When we do so, we will only provide the information necessary for the third-party to perform its agreed upon services and require that they use such information for no other purpose than to provide the services to us.
3.2 Sharing with Company Affiliates
We may share the Personal Information you provided to us or that was collected by us with our affiliated companies or subsidiaries for purposes of providing services to you. Consistent with the California Shine the Light Law and other applicable laws, we will never share or sell your Personal Information provided by you or collected by us through your use of our corporate website to affiliated companies or subsidiaries for direct marketing purposes without your explicit consent.
3.3 Sharing for Business Transactions
If Collective Health is involved in any merger, acquisition, sale of our assets, bankruptcy, or insolvency event, we may sell or transfer some or all of our assets, including some or all of your Personal Information in connection with such transaction. We will notify you before your Personal Information becomes subject to a different privacy policy.
3.4 Sharing for Legal and Compliance Purposes
We may share Personal Information collected through the use of our corporate website to respond to valid legal processes (e.g., a court order or subpoena). We may also share your information to comply with applicable laws, to protect the safety of any person, to address fraud, security, or technical issues, or to enforce this Policy, Terms of Service, and any other terms or conditions you have agreed to with us.
4. Your California Privacy Rights
This section applies only to California residents and provides additional details about the Personal Information we collect about California consumers through the corporate website and the rights afforded to them under the California Consumer Privacy Act of 2018 (the “CCPA”).
For more details about the Personal Information we have collected through the corporate website over the last 12 months, including the categories of sources, please see Section 1 – ‘Personal Information We Collect’ above. We collect this information for the business and commercial purposes described in Section 2 – ‘How We Use the Personal Information’ above. We share this information with the categories of third parties described in Section 3 – ‘How We Share Your Personal Information’ above. We do not sell the Personal Information we collect and we will not sell your Personal Information without your consent. Information you provide on our site may may be collected by automated technology, such as a bot, cookie, or pixel tag, and used by us consistent with this Policy. Your behavior patterns and interactions with our corporate website may be used by us or by third-party advertisers to provide services or to surface relevant content to you as described in Sections 3 and 5 of this Policy.
4.1 Your Rights Under the CCPA
If you are a California resident, you have rights in relation to your Personal Information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of Personal Information or the security of our systems. Additionally, we will only be able to act on your requests if we can verify your identity against the Personal Information we have collected about you. Below are the specific rights provided to you by the CCPA:
- Right to Know. You have the right to request, in writing, (a) the categories of Personal Information we have collected about you, (b) the business or commercial purposes for the collection, (c) the categories of third parties with which we have shared your Personal Information, and (d) the specific pieces of Personal Information we have collected about you.
- Right to Delete. You have the right to request that we delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions.
- The Right to Correct. You can ask us to correct inaccurate Personal Information we have about you.
- The Right to Limit the Use and Disclosure of Sensitive Personal Information.
- Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising any of the rights described in this section.
- Notice at Collection. At or before the time of collection, California residents may have a right to receive notice of our practices, including the categories of personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained.
Categories of Personal Information We Collect and How We Use and Share that Information. During the past twelve (12) months, we have collected, used, and shared the following categories of personal information:
Category of Personal Information | Category of Source | Business or commercial purpose(s) for collection | Categories of third parties with whom we share |
Personal identifiers | Directly from you or your agents From your Organization From your Vendors or Customers From other third parties you choose to interact with From our service providers From public sources | To provide our Service to you To communicate with you To verify your identity To protect your account To prevent fraud or illegal activity Our marketing activities | Our service providers Your authorized service providers Other third parties that you authorize Our business and marketing partners Third parties as required by law |
Financial information, including bank account number, credit card number | Directly from you or your agents From your Organization From your Vendors or Customers From other third parties you choose to interact with From our service providers From public sources | To provide our Service to you To verify your identity To protect your account To prevent fraud or illegal activity | |
Commercial information, including products/services purchased | Directly from you or your agents From your Vendors or Customers | Provide our Service to you Prevent fraud or illegal activity | |
Internet or other electronic network activity information | Directly from you From our service providers | Provide our Service to you Protect your account Prevent fraud or illegal activity Debug or repair our Service Maintain reliability, quality or safety of our Service Improve our Service Our marketing activities | |
Geolocation data | Directly from you From your mobile provider or ISP | Provide our Service to you Protect your account Prevent fraud or illegal activity Debug or repair our Service Maintain reliability, quality or safety of our Service | |
Audio, electronic, visual, or similar information | Directly from you | Provide our Service to you Prevent fraud or illegal activity Improve our Service Maintain reliability, quality or safety of our Service | |
Professional or employment-related information | Directly from you From your Organization From your Vendors or Customers | Provide our Service to you Prevent fraud or illegal activity Our marketing activities | |
Inferences drawn to create a profile about a consumer | Collective Health | Provide our Service to you Prevent fraud or illegal activity Maintain reliability, quality or safety of our Service Our marketing activities |
- Sensitive Personal Information. When we collect government identification (such as your driver’s license number or Social Security number) or financial details (such as your bank account or credit card numbers), we are deemed to be collecting data that is “sensitive” under state privacy laws. Where legally required, we will obtain your consent for collecting this information. For our California users, we do not use or disclose sensitive personal information for any purpose other than as permitted by law, such as to provide our Service to you, to detect security incidents, and protect against malicious or fraudulent actions, nor do we use or disclose such information to build a profile about you.
- Retention. We retain your personal information as long as it is necessary to provide you our Service and to comply with our data retention requirements. Even after you stop using our Service, we may be required to keep your information for as long as necessary to comply with our legal and regulatory obligations, to make or defend legal claims, and to protect against fraudulent activity of others.
4.2 Exercising Your Rights
You may exercise your rights described in this section by sending an e-mail to privacy@collectivehealth.com. We may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
5. Your Advertising Choices
Your behavior patterns and interactions with our corporate website may be used by us or by third-party advertisers to surface relevant content to you. To do so, our advertising service providers either place or recognize a unique cookie on your browser. They may also use other techniques such as pixel tags to determine the content you view and surface relevant advertisements on their websites. If you would like more information about these practices and to learn about your choices, please visit the Digital Advertising Alliance or the Network Advertising Initiative. Your behavior patterns and interactions with any of our health risk assessment websites will not be used by Collective Health or by third-party advertisers to surface relevant content to you.
You may control interest-based advertising as explained below. Please note that opting out of receiving interest-based advertising does not result in blocking all advertisements served to you. You will continue receiving advertisements; these advertisements will be generic or based on the content of a webpage that you are visiting, instead of being targeted to your specific interests.
- To Control Advertising on Websites. If you want to limit the amount of interest-based advertising you receive through websites, you may opt-out of certain forms of tracking. Please note that you will continue receiving advertising on third-party sites, but this advertising will not be based on your activities on our site. You can opt-out of certain forms of tracking by visiting Digital Advertising Alliance WebChoices or the Network Advertising Initiative Opt Out.
- To Control Advertising on Mobile Applications. If you want to limit the amount of interest-based advertising you receive through mobile applications, you may opt-out of certain forms of tracking. You can learn more about ad choices for mobile devices by visiting the Digital Advertising Alliance AppChoices Digital Advertising Alliance AppChoices and downloading the AppChoices mobile application.
To immediately end all targeting on a mobile device, you can also limit ad tracking in the device settings. For instructions on how to limit ad tracking on your mobile device, please visit Apple Support or Android Support. - To Control Information Collected and Used by Google Analytics. We use Google Analytics to analyze our corporate website traffic and interactions. For more information on how Google uses this information, please refer to How Google Uses Data When You Use Our Partners’ Sites or Apps. Information collected by the Google Analytics cookie is transmitted to and stored by Google in accordance with its privacy practices. To opt out of Google Analytics, please visit Google Analytics Opt Out.
6. Information Security
Although we are serious about protecting the security of your Personal Information and have taken steps to protect your Personal Information from loss, misuse, unauthorized access, disclosure, or destruction, no security measures are completely secure and we do not and cannot guarantee the security of your Personal Information. If you have reason to believe that your information has been lost, stolen, or otherwise compromised from our sites, please contact us immediately via privacy@collectivehealth.com.
7. Changes to this Corporate Website Privacy Policy
Collective Health may change this Policy as needed to accurately reflect our information collection, use, and sharing practices. If we make changes to this Policy, the revised policy will be posted on this site with the last effective date. The effective date of the Policy is the date indicated at the top of the Policy. Your continued use of the corporate website after the effective date signifies your acceptance of the revised Policy. We therefore encourage you review this Policy regularly.
8. Children
Our corporate website is directed toward adults and is not designed for, intended to attract, or directed toward children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before using or accessing our corporate website. If we become aware that we have collected any Personal Information from children under 16, we will promptly remove such information from our databases. If you learn that your child has used our corporate website to provide us with their personal information without your consent, please email us at privacy@collectivehealth.com.
9. Contact Us
If you have any questions or comments about this Policy, please email us at privacy@collectivehealth.com or send us a letter at:
Collective Health
ATTN: Privacy and Compliance
45 Fremont Street, Suite 1200
San Francisco, CA 94105