Privacy Policy

Last Updated: August 8, 2024

We are committed to protecting and respecting your privacy. This Privacy Policy describes how ClearPoint Health, Innovative Stop Loss Solutions, CliniCaptive, and our affiliates, (“we,” “us,” or “our”) collect, use, share, or disclose any Personal Information provided by or about you, either directly or indirectly, when you visit any of our affiliated companies’ websites (the “websites”), interact with us through the services and products that we provide to you, or with our customers who provide us with your Personal Information so that we can offer our services to them (the “Services”).

We encourage you to review this Privacy Policy whenever you access our websites or use our Services, or otherwise interact with us, to stay informed about our data privacy practices and the choices available to you. By visiting our websites and using our Services, you agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our websites, or access or utilize our Services. Please note that your Personal Information may be collected from insurance carriers in accordance with our contractual commitments to our insurance carrier customers. In these instances, we encourage you to review the privacy policy of the appropriate insurance carrier customer from whom we received your Personal Information by virtue of your relationship with that insurance carrier.

Personal Information We Collect

“Personal Information” includes any information that, alone or in combination with other information, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual. It generally means the same as the terms “personally identifiable information,” or “personal data,” “protected health information,” or “nonpublic personal information,” as defined under applicable data protection laws. Personal Information does not include publicly available information obtained from government records, made publicly available by an individual, information that has been deidentified or aggregated, or information that has been rendered anonymous.

The categories of Personal Information we collect, process, and otherwise use generally includes one or more of the following categories:

  • Identifiers such as your name; alias; email address; Internet Protocol address; postal address; telephone number or similar contact information; government-issued identifier, such as a Social Security number; signature; or similar other identification numbers.
    •  
  • Protected classifications under state or federal law, such as your age; racial or ethnic origin; marital status; and gender information.
    •  
  • Commercial information such as products or services purchased, obtained, or considered.
    •  
  • Internet or other electronic network activity information including, but not limited to, browsing history; usage information related to how our websites’ visitors use our systems; your internet protocol (“IP”) address of your device; device manufacturer; operating system; search history; and information regarding your interaction with our websites.
    •  
  • Professional or employment-related information including current and past employment history; job applicant data; educational history; and professional licenses and qualifications.
    •  
  • Sensitive Personal Information including the following types of information:
 
  • your account log-in, in combination with any required security or access code; password; or credentials to identify individuals and authenticate access to an account, or any financial information, including an account number, debit card number, or credit card number.
    •  
  • health-related information, including information about your physical and mental health conditions; healthcare treatments, diseases, diagnoses, or procedures; outcomes of treatments; prescription history; health information that is derived or inferred from non-health data; and payments for healthcare treatments, diseases, diagnoses, or procedures.
    •  
  • information concerning your sexuality; sexual identity; religious beliefs or affiliation; and union membership or affiliation (for example, if you express preferences regarding medical treatment based on your religious beliefs, or if your union membership confers certain insurance benefits).
    •  
  • information regarding minor children under the age of 18.
    •  
  • information about your criminal record; civil litigation history; or other similar background information necessary for preventing, detecting and investigating fraud.
    •  
  • biometric information including imagery of the iris; retina; fingerprint; face; hand; palm; or vein patterns and keystroke patterns or rhythms.

In certain circumstances, we may aggregate and/or deidentify Personal Information for additional purposes, including risk modeling and automated analytics. Aggregate and deidentified information cannot be used to identify you and is not considered Personal Information under applicable laws.

How We Collect and Use Your Personal Information

We collect Personal Information directly from you, such as when you visit our websites, send us messages through the “Contact Us” feature of our websites, or otherwise communicate directly with us. We also collect your Personal Information from your representatives, your employer, association, benefit plan, and/or other third parties such as insurance companies and intermediaries, underwriting entities, plan administrators, brokers, general agents, credit agencies, or financial institutions that deliver insurance and other services. We also collect your Personal Information automatically when you use our websites in the form of cookies or related data collection technologies (as described in greater detail, below).

We, and the service providers working on our behalf, may use the Personal Information that we collect about you for various purposes, including:

  • To respond to you and provide you with information that you may have requested, including support requests related to the delivery of Services, or to provide you with administrative information and/or information that may be of interest to you concerning our Services, or other offerings.
    •  
  • To evaluate, assess, and process your claims, or to assist our customers in doing so, and to adjudicate claims and manage disputes.
    •  
  • To research, assess, model, and analyze trends concerning risks and the provision of insurance for the purpose of underwriting our customers’ insurance policies.
    •  
  • To inform our insurance quoting process, determine coverage, and issue policies.
    •  
  • To verify or authenticate your identity or account.
    •  
  • To detect, prevent, or investigate fraud or manage the security of our websites or Services, or similar activities.
    •  
  • To administer, monitor, improve, and enhance the functionality of the websites or our Services, troubleshoot problems, personalize your experience, or monitor the performance and effectiveness of the Services.
    •  
  • To manage and audit our business operations and comply with internal audit, tax, and legal requirements.
    •  
  • To comply with certain legal obligations, such as enforcing our Terms of Service, responding to a subpoena, court order, discovery request, or other legal process, or producing documentation in connection with legal or administrative proceedings and government or internal investigations, or where otherwise permitted by law.
    •  
  • As otherwise directed by our insurance carrier customers, to the extent such direction complies with applicable laws.

We may use aggregated, deidentified, or anonymized analytical data provided to or by our affiliates or service providers, but we do not share or disclose aggregated, deidentified, or anonymized analytical data with entities other than with our affiliates or service providers.

 

How We Share or Disclose Your Personal Information

We may disclose any of the above information with the following categories of third parties:

  • To companies under common ownership or control, including our parent company and affiliates.
    •  
  • To your employer, association, or benefit plan, and/or other third parties such as insurance carriers or intermediaries, underwriting entities, plan administrators, brokers, general agents, utilization management services, credit agencies, or financial institutions that deliver insurance and other services to you, and on whose behalf we process your Personal Information. 
    •  
  • To service providers who provide us software, applications, or other IT services that allow us to maintain and secure our websites, perform analytics regarding website engagement and underwriting services, process claims and payments, audit our business, improve our services and features, or that assist us in website development initiatives or to provide marketing communications or similar services.
    •  
  • To authorized business partners with whom we have engaged with to provide our Services.
    •  
  • To government entities, law enforcement agencies, regulators, or other third parties in order to protect our interests, rights, safety, or property, and/or to comply with the law or in response to a subpoena, court order, governmental request, or other legal process or to produce relevant documents or information in connection with litigation, arbitration, mediation, government or internal investigation, or other legal or administrative proceedings.
    •  
  • In connection with or in the event that we go through a business transition, merger, acquisition by another company, reorganization, change in ownership or control, sale, dissolution, or liquidation of all or a portion of our assets.
    •  
  • Any other third party, with your consent or at your direction, such as sharing with your representatives or third parties in order to verify your identity.

Sale or Sharing of Personal Information. In the past twelve months, we have not and will not sell or share (as such terms are defined under applicable data protection laws) your Personal Information. If we decide to sell or share your Personal Information, we will provide you with the right to opt-out prior to any such sale or sharing.

Cookies and Other Data Collection Technologies

We utilize certain automated data collection technologies, including cookies, when you visit our websites, including the following:

Cookies. Cookies are pieces of information stored on your device about your visit to and use of our websites. Cookies allow us to recognize your device and to collect information such as internet browser type, time spent on our websites, which pages you visited, and your language preferences. We may use cookies to analyze your use of the websites, personalize your experience, or to optimize the performance of our websites. We may engage third party vendors or partners to place cookies on our websites, and these third parties may collect information about your use of our websites through those cookies. We collect and use the following categories of cookies on our websites:

  • Necessary cookies make the website function and will be loaded onto your browser automatically. We use necessary cookies to perform the services you have requested, such as log-in to the website’s features, or to record that you have refused non-necessary cookies. Our website services providers, including website development consultants, use this information to perform services for us.
    •  
  • Performance or analytics cookies evaluate the performance of our websites, including the usage data and time you spend on a webpage, so that we can better understand our interactions with you. We use third-party analytics, such as Google Analytics, to better understand user engagement and metrics regarding the use of our websites. This can include the amount of time that you spent on a particular page and your movements on the website, and may also reveal information about your geographic location. You can opt-out of the use of Google Analytics cookies here.
    •  
  • Functional cookies allow the website to remember the choices that you make and to provide enhanced, personalized features.

Web Beacons and Pixels. Web beacons and pixels are graphic images placed on our webpages that allow us to understand behavior on our website and when users have performed a specific action on our websites. Web beacons and pixels help us to track user behavior and web traffic to deliver a better user experience.

Social Media Pixels and Interactions. Our websites may also use web beacons or pixels from social media companies, such as LinkedIn, and we may provide the option for you to interact with us over certain social media networking websites. When you use social networking platforms such as LinkedIn, we may collect your Personal Information, in accordance with the social media or networking website’s privacy policies. 

Your Choices Regarding Cookies. At any time, you may control the cookies installed on your device via the OneTrust cookie consent preference tool. You may choose to accept or refuse the use of cookies here: Your Cookie Choices. If you choose to block all non-necessary cookies, please note that certain functionality or features of our website may not be available to you, such as those that require identification. To the extent that information collected through our data collection technologies (including any information that we may link to Personal Information that you provide through the websites) is considered Personal Information under applicable data protection law, we will treat it as Personal Information. You can find more information about cookies and how to disable cookies at www.allaboutcookies.org.

Global Privacy Control. The Global Privacy Control (“GPC”) is a method for individuals to opt-out of the sale or sharing of their personal information, as such terms are described under applicable data protection laws, via a user-enabled privacy control that is available on certain internet browsers. We do not sell or share your Personal Information and as such, our systems are not configured to detect or respond to the GPC. You can learn more about the GPC here.

Do Not Track (“DNT”) Signals. DNT is a privacy preference that can be set in certain web browsers and provides the user with the opportunity to opt-out of tracking by websites. We currently do not respond to DNT or similar signals and the website will continue to collect information about you even if your browser’s DNT functionality is activated. To learn more about DNT, please visit https://www.donottrack.us.

Data Retention and Security

We retain your Personal Information for as long as reasonably necessary for the purpose for which the information was collected or as may be required by applicable law. Where we no longer need your Personal Information, we will anonymize or securely destroy it. We use reasonable administrative, technical, and physical safeguards and measures to prevent unauthorized access, use, or disclosure of your Personal Information. Although we exercise reasonable care in providing secure transmission and storage of information you provide to us through the websites, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure. As a result, while we strive to protect your information, we cannot guarantee or warrant the security of any information that you transmit to the websites.

Links to Third-Party Websites

Our websites may contain links to third-party websites. Please be advised that this Privacy Policy only addresses the collection, use, and disclosure of Personal Information by us and does not apply to your use of a third-party website such as LinkedIn or other vendors. We are not responsible for any information you may provide while browsing third-party websites. We encourage you to read the privacy policies on those websites before providing your information on such websites.

Children’s Privacy

Our websites are not intended for children under 18 years of age. If you are under 18, do not use or provide any information through the websites or on or through any of its features. If we learn we have collected or received Personal Information from a child under 18 without authorization, verification, or parental consent, we will promptly delete that information.

Transfer of Personal Information

Our websites are operated by and designed for users in the United States. If you reside outside the United States and use our websites or otherwise provide information to us, please be advised that (i) your Personal Information will be transferred to and processed in the United States; and (ii) by using our websites or submitting personal information through our Services, you explicitly authorize the transfer to and subsequent processing in the United States for the purposes described in this Privacy Policy, which may provide a different level of privacy protection than the country in which you are located.

Your Privacy Rights

Under applicable state privacy laws, you may have certain rights over your Personal Information. In particular, you may have the following rights:

  • Right to Know. You may request the following information about how we have collected and used your Personal Information during the past 12 months: (i) the specific pieces of Personal Information we have about you; (ii) the categories of Personal Information we have collected about you in the last 12 months; (iii) the categories of sources from which that Personal Information was collected; (iv) the purpose for collecting and selling your Personal Information; (v) the categories of your Personal Information that we sold or disclosed for a business purpose; and (vi) the categories of third parties with whom we may have shared your Personal Information.
    •  
  • Right to Deletion. You have the right to request that we delete the Personal Information that we have collected or maintain about you. We may deny your request under certain circumstances, such as if we need to retain the information to comply with our legal obligations or complete a transaction for which your Personal Information was collected. If we deny your request for deletion, we will let you know the reason why.
    •  
  • Right to Correct. You have the right to request that we correct any inaccurate information that we maintain about you. We will use commercially reasonable effort to correct the inaccurate Personal Information.
    •  
  • Right to Limit the Use and Disclosure of Sensitive Personal Information. As noted above, some of the information we collect may be considered Sensitive Personal Information. You have the right to request that we limit the use and disclosure of your Sensitive Personal Information to that use which is necessary to provide you with services you have requested and for other limited purposes as provided for under applicable law.
    •  
  • Right to Non-Discrimination. If you choose to exercise any of these rights, we will not discriminate against you in any way.

Please note that state-level privacy laws provide certain exemptions that may apply to Personal Information that we collect from you directly (in a business-to-business or employment capacity) or about you, pursuant to the Gramm-Leach-Bliley Act and similar state-level financial industry laws and the Health Insurance Portability and Accountability Act of 1996. To the extent that the collection of your Personal Information falls within the scope of the exemptions under these laws, the aforementioned rights may not apply to you.

Exercising Your Privacy Rights

To exercise any of the privacy rights listed above, please contact us at one of the methods listed below in the “Contact Us” section of the Privacy Policy below or directly through our webform located here. In many circumstances, we will work with the customers who have shared your Personal Information to assist them in responding to your privacy rights request directly.

Request Verification and Response. We will take steps to verify your identity before processing your request. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected Personal Information. We will confirm our receipt of a verifiable consumer request within ten business days and respond to a verifiable consumer request within 45 days of receipt. If we need more time to respond, we will provide written notification to you, including our reason for the need for an extension and respond to your request no later than 90 days after receipt. If we cannot verify your identity to comply with a request, we will explain the reason in our communication to you.

Authorized Agent. You may use an authorized agent to submit any of the above rights requests. To protect your Personal Information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

Modifications to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time by posting the revised version on this website and updating the “Last Updated” date at the top of the Privacy Policy. Please check this Privacy Policy periodically for any such changes or updates.

Contact Us

If you have questions regarding this Privacy Policy, please contact us through one of the methods listed below. Please include “Privacy Request/Inquiry” in the subject line of your email.

By email: privacy@getclearpoint.com

By telephone: 833-944-4508