Last Updated February 2, 2019
Information We Collect and How We Collect It
In connection with your access to our Site and/or use of our Service, we collect and store certain information about you. Some of this information can be used on its own or in combination with other information to identify you individually. We call that information “personal information.” We collect personal information and other information as described below:
- Information You Provide. We collect your personal information when you or our Client registers to use the Service, provides information when using the Site or Service, updates your account information, adds additional services, submits information to verify your identity, contacts us with questions or feedback, or otherwise communicates with us. This personal information may include your name, address, email address, phone number, bank account information and taxpayer identification number.
- Your Email or Social Network Contacts. We collect your email, social network and other contacts (“Contacts”) if you choose to share them with us.
- Public Information. We may collect information about you from public sources, such as public social media pages.
- Information from Third Parties. We may collect and receive information about you, including personal information and financial account information, from third parties, such as financial institutions and our service providers, for identity verification, fraud protection, risk assessment and other purposes. We may collect your business information from credit bureaus for the foregoing purposes as well. In addition, we may receive demographic information about you from third parties to help us better understand our users and to improve and market our Service.
- Health and Health Insurance Information. If you or our Client uses the Service to manage your health benefits (the “Benefits Service”), we may receive health information about you and your dependents in order to provide the Benefits Service. The health information may include information about your insurance carrier, insurance plan and claims you submit for coverage. We receive the health information (i) directly from you when you submit enrollment or claims information, or otherwise provide health information to us; (ii) from the primary policyholder on your benefits plan, if you are a spouse or dependent of the primary policyholder; (iii) from our Client; (iv) from insurance carriers; or (v) from other third-party administrators.
- Automatically Collected Information. We automatically collect certain usage information when you access the Site or use the Service, such as your device identifier (if using a mobile device), Internet Protocol (IP) address (if using a browser), operating system, browser type and the address of a referring site. We also automatically collect certain usage information through cookies and related technologies, as described below.
- Single Sign-On Information. Single Sign-On allows you to sign in to the Service from another service you use and with which we partner. We will collect certain information for security purposes in order to verify your authorized access to the Service, including your username and password for the other service.
Third-Party Software, Cookies and Other Related Technologies
Use of Your Information
We use information that we collect about you for the following purposes:
- to administer the Site, manage accounts and provide the Service;
- to monitor, analyze, improve and develop the Site and Service, and to create new Service features;
- to provide a more customized experience on the Site, Service and/or our partners’ or affiliates’ websites;
- to understand our users better;
- to validate user information provided to us for fraud and risk detection purposes;
- to determine eligibility for the Service;
- to prevent, identify and address fraudulent or other illegal activity and security issues;
- to (i) solicit feedback, (ii) respond to your or our Client’s comments, requests or inquiries, (iii) provide customer service and support, or (iv) otherwise contact you in connection with the Site or Service;
- to generate anonymized, aggregate data containing only de-identified, non-personal information that we may use to publish reports;
- for our marketing purposes, such as (i) informing you of our or our partners’ or affiliates’ products, services, features or offerings that may be of interest to you, (ii) providing you with newsletters, articles, reports, updates and announcements, as well as information about upcoming events, (iii) improving and tailoring our advertising and communications, (iv) analyzing our marketing efforts, and (v) determining your eligibility for certain marketing programs, events and offers;
- to operate our business, which includes, without limitation, using your information (i) to process payments, (ii) to manage and enforce contracts with you or with third parties, (iii) to manage our corporate governance, compliance and auditing practices, and (iv) for recruitment purposes, if you submit an application for employment with GreenLight via the Site;
- to (i) comply with laws, rules and regulations, including any disclosure or reporting obligations, (ii) resolve disputes with users or third parties, (iii) respond to claims and legal process (including but not limited to subpoenas and court orders) as we deem necessary or appropriate, (iv) protect our property rights or those of third parties, (v) protect the safety of the public or any person, and (vi) prevent or stop any activity we may consider to be (or to pose a risk of being) illegal, unethical or legally actionable; and
- for any other purpose for which you expressly authorize us to use your information.
Sharing and Disclosure of Your Information
We will only share your information with the third parties listed below for the purposes described above in the “Use of Your Information” Section:
- government agencies and taxing authorities, as required to provide the Service, including but not limited to the Internal Revenue Service and state and local tax agencies;
- group health plans, insurance carriers and other third parties, such as doctors, hospitals and pharmacies, as needed to carry out the Benefits Service (which may include but not be limited to facilitating benefits plan enrollments, health care operations and insurance payments);
- banking and financial institutions;
- certain parties as necessary to respond in good faith to legal process (including but not limited to subpoenas and court orders);
- legal and financial advisors and auditors;
- third-party agents, partners and service providers, who (i) are only permitted to use your information as we allow (which may include contacting you on our behalf), and (ii) are required under law or contract to keep your personal information confidential; and
- the following third parties under the circumstances described below:
- we may share business information with credit bureaus, and we may share information with certain companies, banks and organizations for the purposes of fraud prevention and determining eligibility for the Service;
- if there is a sale of GreenLight (including, without limitation, a merger, stock acquisition, sale of assets or reorganization), or in the event that GreenLight liquidates or dissolves, we may sell, transfer or otherwise share some or all of our assets, which could include your information, to the acquirer;
- from time to time, we may share reports with the public that contain anonymized, aggregate, de-identified information and statistics; and
- we may share your information with certain other third parties with whom you expressly authorize us to share your information.
We do not share information with third parties for their own direct marketing purposes. If we disclose any Protected Health Information (as that term is defined in 45 C.F.R. Part 160) to third parties, we will do so in accordance with the Health Insurance Portability and Accountability Act, as amended (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act, as amended (“HITECH”), and any other applicable state and federal privacy and security laws, as they may be amended from time to time.
Changing or Deleting Your Information
You may review, update, correct or delete your personal information through your account or by contacting us using the contact information listed below. If you would like us to delete your account entirely, please contact us at email@example.com with a request that we delete your personal information from our database. Please note that there may be some delay in the deletion of your data from our servers following your request. Additionally, we may retain some of your data as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or as needed for other legitimate business purposes.
You may unsubscribe from marketing and promotional emails that we send to you by following the opt-out instructions contained in such emails or by emailing us at firstname.lastname@example.org. If you opt out of receiving marketing and promotional emails from us, we may still need to send you emails related to your account and the Service.
Do Not Track
Our Site does not currently have the capability of responding to “Do Not Track” signals received from various browsers.
We employ administrative, physical and technical measures designed to protect your information from unauthorized access and to comply with HIPAA, HITECH and other applicable state and federal privacy and security laws; however, despite these efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed to prevent any interception or other type of misuse. We also depend on you to protect your information. Please set up a strong password and keep it confidential. If you become aware of any breach of security, please notify us immediately.
Links to Other Sites
Our Policy Toward Children
The Service is not directed to children under 13 and we do not knowingly collect personal information from children under 13. However, if a child under the age of 13 is a dependent on a benefits plan covered by the Benefits Service, we may collect information about the child (solely as needed to provide the Benefits Service) from the child’s parent or legal guardian, or from insurance carriers and third-party administrators.