- The Categories of Data We Collect When You Use Our Services
- How We Collect Personally Identifiable Information
- How We Collect Non-Personally Identifiable Information
- How We Use the Data We Collect
- How We Share and Disclose Your Identifiable Information with Others
- What You Can Do With Your Information
- Retention of Your Personally Identifiable Information
- Users Outside of the United States
- 1819 LLC or Quil-branded websites, including www.quilhealth.com
- 1819 LLC or Quil-branded mobile applications
We are not responsible for the privacy practices of any third party service providers (such as health plans, health care providers, internet service providers or cloud service providers) or other third parties operating websites or applications to which our Services link, unless we have contracted with them to deliver a portion of our Services. The inclusion of a link in any Services to the services provided by another party does not imply that we endorse, or otherwise monitor the privacy practices of that linked third party website or application.
The Categories of Data We Collect When You Use Our Services
We may collect two basic types of information: Personally Identifiable Information (PII) and Non-Personally Identiﬁable Information.
By “Personally Identifiable Information”, we mean data that is unique to an individual, such as a name, address, e-mail address, telephone number, and certain personal device information. Personally Identifiable Information may also include information known as Protected Health Information (“PHI”) which is deﬁned by and managed in accordance with the Health Insurance Portability and Accountability Act of 1996, as amended (including its implementing regulations, “HIPAA”).
By “Non-Personally-Identiﬁable Information,” we mean information that does not identify you personally, but can provide us with usage data, either individually or in the aggregate. Non-Personally Identiﬁable Information may include:
- Demographic information, anonymized or aggregated
- Certain information collected automatically through your device such as web browser
- Mobile App API and Website HTTP requests, cookie technology, pixel tags or beacons, and other technologies, and other non-personally identiﬁable information collected by us or provided by you.
How We Collect Personally Identifiable Information
We collect Personally Identifiable Information when you voluntarily register or create a personal proﬁle with us, request products, services, or information from us or interact with our Services. Some of this Personally Identifiable Information includes personal device information – such as physical location, IP address, battery information, application activity, data usage, and malware information – which we collect automatically to authenticate you and/or your personal device. We also may collect Personally Identifiable Information and Non-Personally-Identiﬁable Information from your health plan and/or health care providers that have we established Business Associate Agreements with to help improve your wellness planning experience.
How We Collect Non-Personally Identifiable Information
If you have not registered for an account, then we treat you as a “Visitor” to our websites and/or mobile applications. After you have registered for an account, we treat you as a “Consumer” of our Services. When you visit or interact with our Services as a Visitor, we collect data from you through a number of different automated technologies (“Tracking Technologies”), including:
Browser and device information. We may automatically collect certain web browser information. Web browsers collect and store information about the type of device and operating system you are using to access our Services, as well as your device’s media access control (“MAC”) address for facilitating network communications. Accessing this information helps us to establish a secure and consistent connection to you and to customize experience and content when you use our Services.
“Cookie” technology. A “cookie” is an element of data that we can send to your web browser when you link to our Services. It is not a computer program and has no ability to read data residing on your computer or instruct it to perform any step or function. By assigning a unique data element to each Visitor, we can recognize repeat users, track your usage patterns and better serve you when you return to our Services later. The cookie can also track your usage patterns as you visit other websites across the internet. Your browser may offer you a “Do Not Track” option, which allows you to prevent us from tracking your online activities over time and/or across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using a Service and after you leave the Service. However, as we describe below under “How We Share and Disclose Your Personally Identifiable Information with Others”, we do not share or disclose this information as Personally Identifiable Information with any third parties.
Tracking pixels or beacons. Tracking pixels (sometimes referred to as “web beacons”) are tiny graphics with a unique identiﬁer that perform a similar function to cookies, except that we include them our websites and mobile applications to help us collect data about user activity. By contrast, cookies are stored on a user’s computer hard drive. Web beacons are embedded invisibly on our web pages and are about the size of the period at the end of this sentence.
IP Address. When you subscribe to an Internet Service Provider (ISP), your computing device is assigned an IP Address. We may track and store this address to help us manage security, monitor usage volume and patterns, and to customize experience and content when you use our Services.
Device ID. Each mobile or web-accessible device has a unique alpha-numeric device identiﬁer. By tracking and storing the Device ID for your device, our Services are able to recognize repeat users (or households), track usage patterns and better serve you when you return at a later time. It also helps us manage security, and monitor usage volume and patterns.
We treat data collected through Tracking Technologies as Non Personally Identifiable Information if you are Visitor to our Services or when it is aggregated with anonymized data. It only becomes Personally Identifiable Information if you become a Consumer of our Services. It only becomes PHI if we associate it in our systems with your registered account.
How We Use the Data We Collect
We use Personally Identifiable Information and Non-Personally-Identiﬁable Information so that we can:
- Verify your identity and authenticate access to your account
- Provide you with the Services
- Personalize the Services
- Provide you with customer service and technical support
- Evaluate and improve our Services
- Notify you of new Service features or new Services that we provide
- Notify you of other health services or plan benefits that your health care providers or health plan may provide
- Bill and collect payment for any applicable fees or charges
- Take action that helps us to maintain the security of our Services, the privacy of your Personally Identifiable Information, obey laws and help prevent fraud and abuse.
- Update any software that we provide in conjunction with the Services
- Take actions to enforce our agreements and policies
How We Share and Disclose Information With Others
Our policies for sharing and disclosing your Personally Identifiable Information with others depends on whether you have registered for an account with any of our Services and whether Non-Personally Identiﬁable Information has been linked to your Personally Identifiable Information. If you have not registered for an account, then we treat you as a “Visitor” to our websites and/or mobile applications. After you have registered for an account, we treat you as a “Consumer” of our Services.
Third Party Service Providers. We consider all data we collect from our Services to be conﬁdential. We use third party service providers to assist us in delivering our Services to you, including internet service hosting, technical integration, analytics, customer service, and fraud protection providers. We may share Personally Identifiable Information we collect about you with these third parties, to the extent necessary for them to provide these services. These companies are acting on our behalf and are required, by contract with us, to keep this information conﬁdential and are only authorized to use it for speciﬁc purposes.
Health Plans and Health Care Providers.
We also may share Personally Identifiable Information and Non-Personally-Identiﬁable Information with your health plan and/or health care providers where have we established Business Associate Agreements with to help improve your wellness planning experience.
With Your Authorized Representatives. Our Services may give Consumers the option of designating one or more individuals or organizations to access their Personally Identifiable Information through the Services. In these cases, we will ﬁrst request your consent and contact information that we can use to verify the identity of these individuals or organizations. You should only authorize this access to individuals or organizations with whom you have a trusted relationship, as we cannot control these individuals or organizations’ use of your Personally Identifiable Information or the access credentials that we issue to them with your consent.
Legal Authorities. We may be required by law or legal process to disclose Personally Identifiable Information to our lawyers, to third parties in connection with litigation, or to law enforcement personnel. We will disclose your Personally Identifiable Information in compliance with applicable laws. We may provide this information without your consent and without notice to you when we are required to do so in order to comply with a valid legal process such as a subpoena, court order, or search warrant.Business Transfers. If we enter into a merger, acquisition, or the sale of all or part of our assets, your Personally Identifiable Information may be included in the transferred assets. In such event, so long as we have a means to contact and are required to do so, we will provide you with notice of such transaction.
What You Can Do With Your Information
If you are a Consumer, you may update your Personally Identifiable Information (or correct it if it is incorrect) through your account or by contacting us at email@example.com. If you’d like us to help you remove your account or any of your Personally Identifiable Information that we have previously collected through a Service, please contact us firstname.lastname@example.org. We will respond to your request within 30 days.
Retention of Your Personal Information
We will retain Personally Identifiable Information for as long as your account is active or as needed to provide you with Services, or as otherwise necessary to help us improve our products and services, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements with you.
We have implemented technical, administrative and physical security measures based on generally accepted industry standards that are designed to protect your information from unauthorized access, disclosure, use and modiﬁcation. We regularly review our security practices to consider appropriate new technology and methods. However, no method of transmission over the Internet or method of electronic storage is entirely secure. We enter into agreements with our third-party service providers that require them to adhere to privacy and security standards that are no less stringent than our own for the services that we delegate to them.
We do not knowingly collect personal data from anyone under the age of 13 through our Services website, and our Services are not directed to children under the age of 13.
Users Outside of the United States
Effective Date: 10/29/2018
Last Updated Date: 10/28/2019