Privacy Policy & Data Security
Last Updated January 09, 2024
This Privacy Policy explains how Flexpa USA, Inc. ("Flexpa," "we," "us," or "our") handles your Personal Information when you use our website, API, online services, or customer application. These are collectively called the "Flexpa Platform" We are committed to protecting your privacy and managing your information responsibly. This Privacy Policy details what information we collect, how we obtain and use it, when we share it, and your rights and choices regarding it.
This Privacy Policy is part of the Flexpa Terms of Service and Services Agreement ("Flexpa Agreements"). Any terms not defined here will have the same meaning as in the Flexpa Agreements.
By using the Flexpa Platform, you agree to our data practices as outlined in this Privacy Policy. If you disagree, please do not use our services. We encourage you to read the Privacy Policy carefully.
#1. Your Responsibilities
Under the Flexpa Agreements and by using the Flexpa Platform, End Users must comply with all applicable data protection, privacy, and security laws. These laws apply to the transmission of your Personal Information to Flexpa. You acknowledge and agree that you shall be solely responsible for:
- The accuracy, quality, and legality of any information, including any user content;
- Complying with all laws on collecting and using user content. This includes obtaining any required consents and authorizations.
- Having the right to transfer, or provide access to, the user content to Flexpa. This is for providing the Flexpa Platform under the Flexpa Agreements.
In this Privacy Policy, "Personal Information" includes both Personal Identifiable Information and Personal Health Information.
"Personal Identifiable Information" is data that identifies a person either directly or when combined with other information. Personal Information includes names, addresses, emails, phone numbers, and social security numbers.
"Personal Health Information" is data about a person. It is created or received by healthcare providers or plans. It includes information about a person's health, care services, or payment information. Examples are names, addresses, phone numbers, health insurance information, Medicare numbers, and financial details.
This Privacy Policy does not cover data that cannot identify you, such as anonymized or de-identified data. We can create or extract such anonymized or de-identified data from our databases and use it for any lawful purpose.
We collect information about you when you provide it to us, when you use our Flexpa Platform, and when other sources provide it to us, as further described below.
Information that is necessary for the use of Flexpa and its Platform
We ask for and collect the following Personal Information about you when you use the Flexpa Platform, including transferring any such information to a third party to facilitate the use of the Flexpa Platform. This information is necessary for us to deliver the services to you and for us to comply with the law. If you choose not to provide this information, we cannot provide you with access to the Flexpa Platform.
- Account Information. When you sign up for a Flexpa account, we require certain information such as your first name, last name, telephone number, and email address.
- Personal Health Information. When you use Flexpa to link your Personal Health Information to third-party application, you will be asked to share your Personal Health Information with Flexpa. To operate the Online Service and to increase service reliability, Flexpa requires you to allow storage of your Personal Health Information on Flexpa’s data servers.
- User Content. This consists of all text, documents, or other content or information uploaded, entered, or otherwise transmitted by you in connection with your use of the Flexpa Platform.
Information you choose to provide to us
You may provide us with more personal information at any time. We will use this information to improve your experience with the Flexpa Platform. We will process this additional information consistent with our legitimate interest or your consent. You may also provide us information when you: fill in a form, update your account, respond to surveys, post on forums, join promotions, communicate with support, or use other features of the Flexpa Platform.
Information we collect automatically when you use the Flexpa Platform
When you use the Flexpa Platform, we automatically collect certain information about your use We collect the following information to ensure that we provide you with the best available experience using the Flexpa Platform, we are able to improve functionalities, and we are able to comply with our legal obligations:
- Usage Information. We collect information about your interactions with the Flexpa Platform such as the pages or content you view, your searches, and communications.
- Log Data and Device Information. We automatically collect log data and device information when you access and use the Flexpa Platform, even if you have not created an account or logged in. That information includes, among other things: details about your use of the Flexpa Platform ,including clicking links to third-party apps), your IP address, access dates and times, and hardware and software information. It also includes device info, device event info, unique identifiers, crash data, cookie data, and the pages you interacted with
- Cookies and Similar Technologies. We use server logs, cookies, tracking pixels, and other similar technologies. to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. Cookies are small text files placed on your computer or mobile device when you visit a site. They let us: (i) recognize your device; (ii) store your preferences; (iii) track the web pages you've visited on the Flexpa Platform; (iv) improve your experience by delivering and measuring tailored content; (v) perform searches and analytics; and (vi) assist with security or administrative tasks.
- Most browsers are automatically set to accept cookies whenever you visit a website. You can disable cookies or change your cookie settings. If you are based in Europe, visit www.youronlinechoices.eu for more details about cookies. If you are in the US, visit to www.aboutads.info/choices/ for more information. To change your settings, visit www.allaboutcookies.org/manage-cookies. If you disable cookies that are necessary or essential, you will not be able to access all parts of the Flexpa Platform and it may not operate as expected. Disabling cookies that remember your preferences or analytics, will prohibit us from providing you with relevant information.
- Analytics. We may share your Personal Information with third-party analytics providers to monitor and analyze how you are using the Flexpa Platform. The analytics providers track and report website traffic and use this information to monitor the use of the Flexpa Platform. Visit allaboutcookies.org/manage-cookies to update your settings or opt out of third-party cookies.
Information we receive from third parties in connection with the Flexpa Platform
Please note that we use certain third-party service providers and business partners on the Flexpa Platform to enhance your experience or deliver certain services. Such third parties include the Flexpa Client or Customer that interacts directly with the End User. These third parties may collect Personal Information in performing their services and/or functions on the Flexpa Platform.
We use your information for various purposes depending on the types of information we have collected from and about you, in order to:
- Respond to your requests
- Provide you with more effective and efficient service
- Contact you by email, postal mail, or phone regarding Flexpa and the Flexpa Platform
- Customize you content
- Secure our Flexpa Platform and resolve technical issues being reported
- Help us better understand your interests and needs, and improve the Flexpa Platform, including through research and reports, and test, improve, and create new products, features, and services. We test and analyze certain new features with some users before rolling the feature out to all users. Any user test of new Flexpa features will be done with the express consent of the user and may be governed by additional agreements related to the user test.
- To allow access to third party services’ accounts at your direction and consent.
- For our business purposes we have a legitimate interest, when we:
- Operate the Flexpa Platform, including by storing any information on Flexpa servers or by transferring any information to necessary third parties to enable us to provide and operate the Flexpa Platform
- Apply information security policies and controls on the Flexpa Platform, including overall integrity, identity management and account authentication
- For research and development to improve Flexpa’s Services
- Investigate and prevent fraudulent transactions or unauthorized access to the Flexpa Platform
- Comply with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others
- Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others
- For other purposes for which we obtain your consent
We may anonymize and de-identify aggregate information collected through the Flexpa Platform so that such information does not identify you as the source of the information. We may use such information to improve the Flexpa Platform, by and through any third-party we use to integrate Flexpa Platform with the users’ database, for research.
#5. Data Subject Rights and Your Choices
When you share information with us, the Personal Information that you share may have an impact on others. For example, if you share Personal Health Information related to genetic or family history, this may have an impact on your family members.
When you share information with us, the Personal Information that you share may have an impact on others. For example, if you share Personal Health Information related to genetic or family history, this may have an impact on your family members.
You have certain rights with respect to your information as further described in this section.
If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us using the information in the “Contact Information” at Section 12. You have the following rights with respect to your Personal Information
- You have the right to request we provide access to and/or a copy of certain information we hold about you.
- You have the right to prevent the processing of your information for direct-marketing purposes.
- You have the right to have us update information which is out of date or incorrect.
- You have the right to restrict the way that we process and disclose certain of your information.
- You have the right to withdraw your consent at any time where we rely on your consent as the basis to process or use your Personal Information.
Please note that we may ask you to verify your identity before responding to such requests. We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
#6. Third-Party Links
The Flexpa Platform contain links to third-party websites. If you choose to use these sites or features, you may disclose your information not just to those third-parties, but also to their users and the public more generally depending on how their services function. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third-parties.
#7. Data Security
We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. In the unlikely event of a data breach, you will be notified as soon as reasonably possible, in accordance with applicable law. Furthermore, we are not responsible for any breach of security or for any actions of any third parties that receive the information.
#8. Data Retention
We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.
We reserve the right to retain any Personal Information as long as the Personal Information are needed to: (i) fulfill the purposes that are described in Section 4 and (ii) comply with applicable law.
If your account is deleted or terminated, your Personal Information will be deleted within 45 days from termination or request for deletion. Once this time period has expired, we will delete your data in its entirety, except as to the extent necessary to comply with applicable law. If your account is dormant without activity for over a year, your Personal Information will be deleted within 45 days from the one-year dormant period in its entirety, except as to the extent necessary to comply with applicable law.
There are several ways that you can control your Personal Information
- You may change your personal account information by updating your health insurance account page
- You may request deletion of your account by contacting us at privacy@flexpa.com
- You may request deletion of your Personal Information pursuant to Section 8 by contacting us at privacy@flexpa.com
Users in certain jurisdictions may have additional rights regarding control of their Personal Information.
In certain circumstances, we share personal information with third parties where disclosure is necessary in connection with the delivery and offering of the Flexpa Platform to you and the operation of our business. These third-party service providers are required to protect personal information we share with them and may not use any directly identifying personal information other than to provide the services for which we have contracted them. They are not allowed to use the personal information we share for purposes of their own direct marketing (unless you have separately consented to such use under the terms provided by the third party). Any information shared will be governed by the third-party provider’s privacy policy (including any Personal Information we may access via the third-party provider). These third-party providers should inform you about how you can modify your privacy settings on their sites.
We may share Your Personal Information in the following situations:
- With Service Providers: We may share Your Personal Information with Service Providers to provide you the Flexpa Platform and to monitor and analyze the use of our Service, for payment processing, to contact You.
- With Affiliates: We may share Your Personal Information with affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with us.
- With business partners: We may share Your Personal Information with our business partners to offer You certain products, services or promotions.
- With other users: when You share Personal Information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your name, profile, pictures and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile.
- When necessary to comply with laws and law enforcement requests or otherwise to protect the Company: Under certain circumstances, the Company may be required to disclose Your Personal Information if required to do so by law or in response to valid requests by public authorities. We may disclose Personal Information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or act regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Flexpa Agreements, or as otherwise required by law
- With Your consent: We may disclose Your Personal Data for any other purpose with Your consent.
If ownership of all or substantially all of Flexpa’s business changes, or we undertake a corporate reorganization (including, but not limited to, a merger or consolidation) or any other transfer between Flexpa entities, you expressly consent to Flexpa transferring your Personal Information to the new owner of successor entity so that we can continue providing the Flexpa Platform. If required by applicable law, Flexpa will notify the applicable data protection agency in each jurisdiction of such a transfer in accordance with the notification procedures under applicable data protection law. We will endeavor to provide you with notice of any material changes to the Privacy Policy following a business transaction.
In the event of such business transaction you will have the right (1) to request that we securely dispose of or transmit your data subject to our legal obligations; (2) to securely download your data; (3) to close your account; (4) right to ensure that the new owner or controlling entity’s privacy policies are consistent with this Privacy Policy.
#12. Children
We do not knowingly collect Personal Information online from children under 16 (note that the minimum age may vary based on location and on local law). If you become aware that a child has provided us with Personal Information without parental consent, please contact us through privacy@flexpa.com. If we become aware that a child under 16 has provided us with Personal Information without parental consent, we will take steps to remove the data and cancel the child’s account.
#13. California Requirements
If you are a California resident, there are some additional rights that may be available to you under the California Consumer Protection Act (“CCPA”). This Privacy Policy explains the tools that we have made available to you to exercise your data rights under the CCPA, such as the right to deletion and the right to request access to the categories of information we have collected about you. We encourage you to manage your information, and to make use of the privacy controls we have included in our Services. You will not be discriminated against for exercising any of your privacy rights under the CCPA. In order to protect your information from unauthorized access or deletion, we may require you to provide additional information for verification. If we cannot verify your identity, we will not provide or delete your information.
This Privacy Policy describes the categories of personal information we may collect, the sources of that information, and our deletion and retention policies. We have also included information about how we may process your information, which includes for "business purposes" under the CCPA - such as to protect against illegal activities, and for the development of new products, features, and technologies.
#14. Changes to Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “effective date” at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
We will not make changes that have a retroactive effect unless we are legally required to do so.
If you have questions or complaints regarding this Privacy Policy, please contact us by email at privacy@flexpa.com.