Web Portal and Mobile Application - Privacy Policy

EFFECTIVE DATE: OCTOBER 1, 2020

In this Privacy Policy (this “Policy”), we describe how WithMe Health, LLC (“Company,” “we,” “our,” or “us”) collects, uses, and discloses information that we obtain about users of our web portal (the “Web Portal”) and mobile application (the “App”) and the services available through our Web Portal and App (collectively, the “Services”).

By using the Web Portal, using or downloading the App, or using any of our Services, you agree that your personal information will be handled as described in this Policy, except for Protected Health Information (as defined in the section immediately below) submitted by you in the course of using the Services, which is covered by our Notice of HIPAA Privacy Practices (the “HIPAA Policy”). Your use of our Web Portal, App, or Services, and any dispute over privacy, is subject to this Policy, the HIPAA Policy and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Company Terms of Use are incorporated by reference into this Policy.

Through our Services offered via our Web Portal and App, you may be able to view your health conditions, procedures, lab results, and allergies; monitor your health dashboard; view and manage medication fills and refills; review medication costs and benefits; set medication reminders; receive personalized medication guidance; chat live with a medication guide; set health goals and reminders to help achieve such goals; receive automated alerts and reminders about drug interactions, refills, and physician visits; and authorize trusted caregivers to manage your account.

Protected Health Information

In certain circumstances, we may collect or use your information through our Web Portal, App and Services while acting as a “business associate” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), which may constitute “Protected Health Information.” A “business associate” includes an entity that provides services to a HIPAA covered entity that involves the use or disclosure of Protected Health Information. If we provide Services through the Web Portal or App on behalf of a HIPAA covered entity such as your employer sponsored health insurance plan or health care provider, we may qualify as their business associate. “Protected Health Information” as defined under HIPAA, generally means information about you that identifies you and that relates to your physical or mental health or condition, the provision of health care to you, or payment for health care provided to you. To the extent we are acting as a business associate, we will only use and disclose your information as permitted by HIPAA and the HIPAA Policy, which may include, but not be limited to, fulfilling our service obligations, our internal management and administration, to carry out our legal responsibilities, de-identify or aggregate data, or as otherwise required by law.

The Information We Collect About You

We collect information about you directly from you and from third parties, and automatically through your use of our Web Portal, App, or Services.

Our Public Website. To learn more about the information we collect through our public website, please refer to our Website Privacy Policy.

Our Web Portal and App. In order to use our Services offered via our Web Portal and App, you will need to create an account with us. To create an account, you must provide your WithMe Health Member ID, first and last name, date of birth, and phone number. Via your account, we may collect additional information that you choose to provide to us through the Web Portal and App, including:

• information about medication(s) that you take, health conditions, biometric measurements (such as weight, BMI), doctor visits, demographic information, such as race, ethnicity, gender and age, sex-life data, and self-assessments about how you are feeling
• information about caregivers or authorized representatives during the HIPAA authorization process, such as a spouse
• health insurance information, customer feedback, and photos that you upload
• if you make a purchase, your payment information, such as your credit or debit card information and your billing and shipping address
• any information you provide to us via the chat feature that we offer

In addition, the App may access your photos, microphone, and calendar, and we may collect information related to these features to provide the Services, but only if you have enabled/permitted this functionality on your mobile device.

We automatically collect information about your use of our Web Portal and App through cookies, web beacons, and other technologies, including technologies designed for mobile apps. This includes IP address, web browser type; domain name; website access time; mobile device ID; MAC address; domain name; device name and model; operating system type, name, and version; language information; referring URL; cursor movement and/or text box entries; and activities within the App and the length of time that you are logged into the App. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.

In addition, we may collect location information from your mobile device to help you conduct location-based searches and to identify other relevant services nearby, but only if you have enabled/permitted this functionality on your mobile device. You may turn off this feature through the location settings on your mobile device.

To the extent permitted by applicable law, we combine the information described above with other information we collect about you, including your personal information. We may share information that we collect automatically with non-affiliated entities, such as a user’s employer-sponsored health plan.

Information We Collect From Other Entities. We may collect information about you from your employer, your health plan(s), clinical laboratory service providers, third party partners, public records, and data aggregators, such as your name, contact information, lab results, current and historical health plan information, and other information.

How We Use Your Information

We use your information, including your personal information, for the following purposes:

• To provide our Services to you, to improve the Services we provide, and to fulfill customer orders.
• To communicate with you about your use of our Services, to respond to your inquiries, and for other customer service purposes.
• To monitor the effectiveness of our Web Portal and App and to improve user experience.
• To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Services.
• To send you informational emails, push notifications, and SMS messages about your benefits and our products and services, and to send you news and newsletters.
• To send you informational emails, push notifications, and SMS messages about products and services of other entities that we think may be of interest to you.
• To better understand how users access and use our Services, both on an aggregated and individualized basis. For example, we will evaluate which features of our Web Portal and App are more (or least) used by users, and we will use this information.
• To administer surveys and questionnaires, such as for market research or member satisfaction purposes.
• To comply with legal obligations, as part of our general business operations, and for other business administration purposes.
• Where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person or violations of our Terms of Use or this Privacy Policy.

How We Share Your Information

We may share your information, including personal information, as follows:

• Service Providers. We disclose the information we collect from you to service providers, contractors or agents who perform functions on our behalf. These service providers include entities that provide outsourced claims processing and adjudication services, prior authorization services, real time benefit check services, electronic prescription services, and prescription fulfillment services.
• Employer-Sponsored Health Plans. We disclose the information that we collect from you to your employer-sponsored health plans.
• Your Representative. We will disclose the information that we collect from you to any specified individuals for which you complete a HIPAA authorization or your personal representative who have provided appropriate documentation, which will enable them to view and access your health data and manage your account with the Company on your behalf.

We also disclose information in the following circumstances:

• Business Transfers. If (i) we or our affiliates are or may be acquired by, merged with, or invested in by another company, or (ii) if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your personal information with lenders, auditors, and third party advisors, including attorneys and consultants.
• In Response to Legal Process. We disclose your information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
• To Protect Us and Others. We disclose your information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Policy, or as evidence in litigation in which we are involved.
• Aggregate and De-Identified Information. We share aggregate, anonymized, or de-identified information about users with third parties for research or similar purposes.

Our Use of Cookies and Other Tracking Mechanisms

We and our third party service providers use cookies and other tracking mechanisms to track information about your use of our Web Portal, App, and Services. We may combine this information with other personal information we collect from you (and our third party service providers may do so on our behalf).

Cookies. Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Web Portal, App, and Services, while others are used to enable a faster log-in process or to allow us to track your activities at Web Portal, App, and Service. There are two types of cookies: session and persistent cookies.

• Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Web Portal, App, and Services. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Web Portal, App, and Services.
• Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.

Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to and users of our Web Portal, App, and Services who disable cookies will be able to browse certain areas of the Web Portal, App, and Services but some features may not function at all or may not function well.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Web Portal, App, and Services to, among other things, track the activities of Web Portal, App, and Services users, help us manage content, and compile statistics about Web Portal, App, and Services usage. We and our third party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.

Third Party Analytics. We use automated devices and applications, such as Google Analytics, to evaluate usage of our Web Portal, and to the extent permitted, our Apps and Services. We also may use other analytic means to evaluate our Web Portal, App, and Services. We use these tools to help us improve our Web Portal’s, App’s, and Services’ performance and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Cross-Device Use. We and our third party service providers, including Google, may use the information that we collect about you (whether directly from our Web Portal App, or Services, or through your device(s), or from a third party) to help us and our third party service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). We, and our third party service providers also may use the cross-device use and other information we learn about you to send you emails, push notifications, and other messages. To opt-out of cross-device advertising, you may follow the instructions set forth in the Third Party Ad Networks section below. Please note: if you opt-out of these targeted advertising cookies, your opt-out will be specific to the web browser, app, or device from which you accessed the opt-out. If you use multiple devices or web browsers, you will need to opt-out each browser or device that you use.

Third-Party Links

Our Web Portal, App, and Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third party websites.

Security of My Personal Information

We have implemented reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee security.

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Access to My Personal Information

You may modify personal information that you have submitted by logging into your account and updating your profile information. Please note that copies of information that you have updated, modified or deleted may remain viewable in cached and archived pages of the Web Portal, App, or Services for a period of time.

What Choices Do I Have Regarding Use of My Personal Information?

We may send periodic promotional emails to you. You may opt-out of promotional emails by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional emails, we may still send you emails about your account or any services you have requested or received from us.

Children Under 13

Our Services are not designed for children under 13. If we discover that a child under 13 has provided us with personal information, we will take steps to delete such information from our systems.

Contact Us

If you have questions about the privacy aspects of our Web Portal, App, or Services or would like to make a complaint, please contact us at Legal@withmehealth.com.

Changes to this Policy

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Web Portal, App, and Services. If we make any changes to this Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Web Portal, App, and Services, or by contacting you at the email address we have on file for you.

Why WithMe

We're delivering health, happiness and savings.

Read more

Who We Serve

We're returning control to employers and their members.

Read more

Insights

Discover what we've done to better manage medication benefits.

Read more