Privacy Policy


TRUSTe

Effective Date: September 28, 2021

Date Last Updated: September 28, 2021

PRIVACY STATEMENT – YOUR PRIVACY RIGHTS

  1. Introduction

Thank you for your interest in eHealthInsurance Services, Inc. (“eHealthInsurance,” “we,” “us,” or “our”).  We are committed to protecting the privacy of those with whom we interact.  This Privacy Statement (“Statement”) contains details about how we collect, use, and share Personal Information about you (defined below) that we obtain from you when you interact with us via our website, email, mobile application, and in other online and offline interactions, and from other sources.

Please read this Statement carefully.  It applies to the following websites owned and operated by eHealthInsurance, and our other websites where we post this document as the applicable Privacy Policy, along with any related websites, mobile apps, networks, applications, insurance agent and representative services, and communication channels (including online chat and telephone call centers), and other services provided by us (collectively, the “Service”):

Applicability: We collect Personal Information in several contexts as described below.  However, this Statement does not apply to the following information:

Changes: We may update this Statement from time to time.  The current Statement will be effective when posted.  Please check this Statement periodically for updates.  If any of the changes are unacceptable to you, you should cease interacting with us.  When required under applicable law, we will notify you of any changes to this Statement by posting an update on this website.  When required under applicable law, we will seek affirmative consent from you before making material changes to the way we handle Personal Information previously collected from you. If you do not provide such consent, Personal Information will continue to be used in a manner that is consistent with the version of this Statement that was in effect when the information was collected.

  1. Sources of Personal Information

We collect information about you and how you interact with us in several ways, including:

  1. Information you provide to us directly. We collect information that you provide to us directly, such as when you register with us through our Services or you apply for a health insurance or other product through our Services.
  2. Information automatically collected or inferred from your online interaction with us. We automatically collect technical information about your online interactions with us (such as IP address and browsing preferences).
  3. Information from public sources, such as information from public records maintained by government entities, and information you submit in public forums.
  4. Information from third parties. We receive information about you and your interactions with us from third parties, such as pharmacies, healthcare providers, insurance companies, credit reporting agencies , marketing and advertising providers, social network services, data brokers, and companies that provide or sell lists of potential purchasers.  We also may receive information about you from friends and family members (such as other people insured under the same policy as you).

We may combine information that we receive from the various sources described in this Statement, including third party sources and public sources, and use or disclose it for the purposes identified below.

  1. Types of Personal Information We Collect

The types of Personal Information that we may collect about you include:

  1. Identifiers, such as your name, alias, postal address, country of residence, unique personal identifier, online identifier, internet protocol address, email address, user name, phone number, social media identifiers (e.g., Twitter handle, Instagram name, etc.), Social Security number, driver’s license number, or other similar identifiers, including identifiers for family members who may be insured under an insurance policy
  2. Customer records, such as your name, signature, address, telephone number, bank account number, credit card number, or other payment information.
  3. Application and eligibility information for you and family members who may be insured under an insurance policy, such as age, date of birth, gender, health status, disability, medical history, military or veteran status, date of birth, and financial and tax information (for government subsidies).
  4. Commercial information and preferences, including product preferences, advertising preferences, products or services purchased, obtained, or considered, or other preferences or interests.
  5. Internet or other electronic network activity information, such as your browsing history, search history, IP address, and information regarding your interactions with us (including interacting with us online, by the mobile application, and through advertisements).
  6. Geolocation information, such as approximate location based on your IP address.
  7. Audio, electronic, visual, or similar information, such as call center recordings, or customer support chat logs.
  8. Professional or employment information, such as job title, employer, business address and contact information.
  9. Inferences drawn from any of the information we collect to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  1. How We Use Your Personal Information

We may use each category of your Personal Information described above in the following ways:

  1. To enable interactions between you and us, such as to facilitate online quoting, applications for, and purchases of our products; to register and administer your account, to support your interactions with us; to provide information about insurance plans; to communicate with you about your policy or our data practices; to install and configure changes and updates to programs and technologies related to interactions with us; to authenticate those who interact with us; and to respond to your requests, complaints, and inquiries.
  2. For our own internal business purposes, such as to evaluate or audit the usage and performance of programs and technologies related to interactions with us; to evaluate and improve the quality of your interactions with us and the quality of programs and technologies related to interactions with us; to design new services and products; to process and catalog your responses to surveys or questionnaires (e.g., customer satisfaction reviews); to perform internal research for technological development and demonstration; to conduct data analysis and testing; and to maintain proper business records.
  3. For legal, safety, or security reasons, such as to comply with laws and other legal requirements; to protect our safety, our property or the rights of those who interact with us, or others; and to detect, prevent, and respond to security incidents or other malicious, deceptive, fraudulent, or illegal activity.
  4. In a de-identified, anonymized, or aggregated format. We may convert Personal Information into a de-identified, anonymized, or aggregated format, and use such information for any legal purpose.
  5. For marketing.  We may use your Personal Information to market our products or services or those of third parties, such as our business partners. We may use your Personal Information to invite you to participate in marketing surveys, questionnaires, promotions, events or contests. We may audit aspects of our ad impressions. We may use your Personal Information for short-term transient use, including for contextual ad customization. We may use your Personal Information to enhance our content and to deliver advertisements to you, including in commercial emails.  For more information about online marketing activity, see Section 6 below.
  6. To fulfill other purposes disclosed at the time you provide Personal Information or otherwise where we are legally permitted or are required to do so.
  7. For any other purposes for which you provide consent.
  1. With Whom We Share Your Personal Information

We may share your Personal Information with the categories of recipients described below:

  1. Affiliates and subsidiaries: We may share your Personal Information within the eHealth Insurance group of companies, which includes parents, corporate affiliates, subsidiaries, business units and other companies that share common ownership for the purposes described above.
  2. Insurance providers, government health care exchanges, and related entities: In order to provide you with insurance you request, we may share your information with insurance companies, Federally-facilitated Exchanges or State-based Exchanges, HSA Trustees or Administrators, and similar entities.
  3. Service providers and other third parties that help fulfill requests: We may share your Personal Information with third-parties and service providers that facilitate and support us in processing a request or transaction on your behalf; to provide you with quotes, products, and services; and to process payments. We may share your Personal Information with an insurance agent when you request to be contacted by an agent, or when you request information about or an application for insurance that is offered through an insurance agent with whom we associate. If you are contacted by a third-party, any additional information that you subsequently choose to provide to any third-party entity will be governed by that entity’s privacy policy.
  4. Third parties that provide business and professional services to us, such as web hosting service providers, IT providers, operating systems and platforms, internet service providers, analytics companies, and marketing providers (e.g., we may share your email address with our outbound email marketing providers), our attorneys, accountants, and auditors. We take reasonable efforts to provide these companies with only the information they need to perform services on our behalf and to limit their use and disclosure of Personal Information.
  5. Business partners: We may also provide your Personal Information or provide access to your Personal Information to our business partners, including for third party marketing.
  6. For legal, security and safety purposes: We may share your Personal Information with third parties such as law enforcement, regulators, or others to comply with federal, state, or local laws, a subpoena or other legal process, and other applicable legal requirements; to protect the confidentiality and security of our records; to protect against or prevent fraud; for claims administration; to enforce or apply our Terms of Use and other agreements; and to protect our rights and our property or safety of our users or third parties.
  7. In connection with a corporate transaction: We may transfer any information we have about you in connection with a change in corporate control, including but not limited to a merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of eHealthInsurance Services, Inc. and its business, or as part of a corporate reorganization or stock sale.
  8. Organizations with which you have a relationship: We may disclose Personal information to an affinity group, employer, provider group, benefits administrator or consultant, healthcare system, pharmacy, financial services provider, or other entity with which you may have a relationship when such entity referred you to us or when you use our website or call center in connection with your relationship to such entity.
  9. To others with your consent.

We may also de-identity, anonymize, or aggregate Personal Information to share with third parties for any purpose.

  1. How We Use Cookies and Automatic Data Collection Tools

We also collect information, via cookies, web beacons, pixels, tags, or other tracking technologies, such as your Internet Service Provider and IP address, the date and time you access our website, the pages you access while visiting our website, and the Internet address from which you access our website. Some cookies exist only during a single session and some are persistent over multiple sessions over time. We use these technologies to remember user preferences, maximize the performance of our website and services, provide you with offers that may be of interest to you, measure the effectiveness of our email campaigns and to personalize online content. These cookies and other technologies may be used to track you across devices.

To provide you with more relevant and interesting experience, we may work with third party companies to display ads or customize the content on the website and on other websites. These companies may use cookies and similar tracking technologies as described in this Statement to gather information about your visits to the website, as well as your visits elsewhere on the Internet. These companies use this information to provide you with more relevant advertising known as interest-based advertising. You may choose whether to receive some interest-based advertising by submitting opt-outs. Some of the companies that perform advertising-related services for us may participate in the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. For more information about the DAA’s program, including how you can opt-out from receiving interest-based advertising from some or all of the DAA’s members, visit http://www.aboutads.info/choices. Some of these companies may also be members of the Network Advertising Initiative (“NAI”).  For more information about the NAI including how you can opt-out from receiving interest-based advertising from some or all of NAI’s members, please visit http://www.networkadvertising.org/choices/. Opting out of interest-based advertising will not opt you out of all advertising, but rather only interest-based advertising from us or our agents or representatives. Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your NAI / DAA browser-based opt-out may not, or may no longer, be effective.

Some browsers have incorporated Do Not Track (“DNT”) preferences. Most of these features, when turned on, send signals to the website you are visiting that you do not wish to have information about your online searching and browsing activities collected and used.  As there is not yet a common agreement about how to interpret DNT signals, we do not honor DNT signals from website browsers at this time.  However, you may refuse or delete cookies.  If you refuse or delete cookies, some of our website functionality may be impaired.  If you change computers, devices, or browsers, or use multiple computers, devices, or browsers, and delete your cookies, you may need to repeat this process for each computer, device, or browser. Please refer to your browser’s Help instructions to learn more about how to manage cookies and the use of other tracking technologies.

  1. Security and Retention

We maintain reasonable security procedures and technical and organizational measures to protect your Personal Information against accidental or unlawful destruction, loss, disclosure, access, alteration, or use. Nevertheless, transmission via the Internet and online digital storage are not completely secure and we do not guarantee the security of your information collected through the Service.

  1. Children’s Privacy

Interactions with us are intended for individuals 16 years of age and older.  Our interactions are not directed at, marketed to, nor intended for, children under 16 years of age.  We do not knowingly collect any information, including Personal Information, from children under 16 years of age.  If you believe that we have inadvertently collected Personal Information from a child under the age of 16, please contact us at the address below and we will use reasonable efforts to delete the child’s information from our databases.

  1. External Links

When interacting with us you may encounter links to external sites or other online services, including those embedded in third party advertisements or sponsored content which we do not control.  We are not responsible for the privacy practices and data collection policies for such third party services.  You should consult the privacy statements of those third party services for details.

  1. Your Rights

Upon request, eHealthInsurance will provide you with information about whether we hold any of your personal information. If your personal information changes, or if you otherwise want to correct, update, delete, or make other requests regarding your data (such as limiting sharing with non-affiliates), you may call us toll free at 800-977-8860 or by mail at

Customer Service, eHealthInsurance.com

11919 Foundation Place Suite 100

Gold River, CA 95670

Additionally, you may update your name, email address and password by clicking on the “Sign in” or “My Account” link on this website and signing in using your email address and password. We will respond to your request to access within a reasonable timeframe.

We will make reasonable efforts to respond to your request, but cannot guarantee that we will be able to honor your request.  For example, we generally will retain your information for as long as your account is active, as needed to provide you services, or for other business purposes. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Please note that once your application has been submitted to your chosen health insurance company or any other relevant party (such as the federal government in the case of an application involving advanced premium tax credits) you may have to contact the insurance company or such other party directly to update your application and/or exercise your individual rights under HIPAA.

  1. Terms of Use

The Terms of Use for interactions with us is incorporated by reference into this Statement, and can be found here

  1. Contact

If you have questions regarding this Statement or our privacy practices, please contact us at:

eHealthInsurance Services, Inc.

ATTN: Privacy

11919 Foundation Place, Suite 100

Gold River, CA 95670

privacy@ehealthinsurance.com

TELEPHONE:          800-977-8860

To opt-out of receiving promotional email messages from us, please click on the “Unsubscribe” link contained at the bottom of each email or by contacting us using the information above. To opt-out of receiving satisfaction surveys and/or information on additional products and services from us, you may contact us at the information above. Please note that you will still receive communications from us regarding your insurance quote, application, policy or advanced premium tax credit even if you opt-out of receiving our surveys and/or notices of additional products or services.

  1. California Consumer Privacy Act

In very limited cases, we may collect information about certain California residents subject to the California Consumer Privacy Act (“CCPA”).  However, this CCPA notice does not apply to the following information:

We collect limited personal information subject to the CCPA from data brokers.  We use and disclose such information for our marketing and related operational purposes. We do not “sell” personal information as defined under the CCPA and we do not knowingly sell the personal information of minors under 16 years of age years of age.  The following chart contains more detail about the categories of personal information we collect and disclose.

Categories of Personal Information We Collect Categories of Third Parties With Whom We Disclose Personal Information for a Business Purpose
Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, telephone number, or other similar identifiers. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Personal information subject to the California Customer Records Act. ·     Affiliates and subsidiaries

·     Third party service providers

·     For legal, security, and safety purposes

·     In connection with a corporate transaction

·     Entities to which you have consented to the disclosure

Characteristics of protected classifications under California or Federal Law, such as age, gender, religion, marital status, or medical information such as health status. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Commercial information, including records of personal property, product or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Geolocation data, limited to your address. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Professional, employment, or education information, such as job title, employer, business address and contact information, employment history, other professional information, or education history. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences and characteristics. ·       Affiliates and subsidiaries

·       Third party service providers

·       For legal, security, and safety purposes

·       In connection with a corporate transaction

·       Entities to which you have consented to the disclosure

Your Rights

Subject to legal limitations and exceptions, California residents may exercise the following rights by calling us toll free at 800-977-8860 or by using our webform:

Non-Discrimination: In accordance with applicable law, we will not discriminate against you for exercising these rights.

Verification: In order to exercise your rights, we may need to obtain information to locate you in our records, verify that you are a California resident, and/or verify your identity depending on the nature of the request.  If you are submitting a request on behalf of a household, we may need to verify each member of the household in the manner set forth in this section.

Please be aware there might be circumstances where we will not honor you request, as permitted under the CCPA. For example, if we are not able to verify your identity and that you are a California resident, we may not honor your access or deletion request. Additionally, we may not delete your personal information if an exception under the CCPA applies to your deletion request. When making a request, you will be asked to provide your zip code, first and last name, date of birth, phone number (optional) and indicate how you would like to be contacted, which may require you provide contact information. You will also be required to attest that you are entitled to make the request.

We may request alternative information under certain circumstances and will inform you if such information is needed in the verification process.

Authorized Agents: Authorized agents may exercise rights on behalf of consumers, but we reserve the right to also verify the consumer directly as described above. Authorized agents must contact us by mail at the address provided above and include documentation demonstrating the agent has authority to exercise rights on the consumer’s behalf.  At a minimum, we will require evidence of the agent’s identity, proof of registration with the California Secretary of State, and at least one of the following evidencing proof of your legal authority to act on the behalf of the individual consumer:

In the absence of any of the general conditions detailed above, we are entitled to reject any request submitted through an agent.

Timing: We will respond to Requests to Delete and Requests to Know within 45 calendar days, unless we need more time (in which case we will notify you), and may take up to 90 calendar days in total to respond to your request.

California Shine the Light: We do not share personal information subject to California Civil Code § 1798.83 (the “Shine the Light law”) with third parties for their direct marketing purpose.

eHealth's Medicare website is operated by eHealthInsurance Services, Inc., a licensed health insurance agency doing business as eHealth. The purpose of this site is the solicitation of insurance. Contact may be made by an insurance agent/producer or insurance company. eHealth and Medicare supplement insurance plans are not connected with or endorsed by the U.S. government or the federal Medicare program. We offer plans from a number of insurance companies.