- Individuals & Families
- About Us
- Contact us
Signify Health Privacy Center
- Text Messaging Terms and Conditions - Access here
This Policy was last updated on July 22, 2022
Signify Health (also referred to herein as “Signify,” “we,” “us,” and “our”) is committed to protecting the privacy and security of the personal information we collect, use, share, and otherwise process as part of our business. We also believe in transparency, and we are committed to informing you about how we treat your personal information.
This Policy does not apply to Protected Health Information.
When we provide services for a “Covered Entity” (for example, a health plan), we act as a “Business Associate” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In that capacity, we collect, receive, maintain, use, and disclose Protected Health Information (“PHI”) only as permitted or required under applicable law and our Business Associate Agreements. The Covered Entity’s notice of privacy practices describes and controls how we collect and process PHI.
Individuals in the EU / EEA. For further information about how Signify collects, stores, uses, transfers and otherwise processes personal data in or from certain countries in the European Economic Area, the United Kingdom, and Switzerland (together, for purposes of this section of the Privacy Statement, “EEA”), in accordance with the General Data Protection Regulation (GDPR) and its local implementations, see “Additional Disclosures for Data Subjects in the EEA, The U.K. and Switzerland.”
What information do we collect?
Notice at Collection. We collect the following information from you for the purposes described in the “How Do We Use and Share Your Information?” section of this Policy. We may also obtain any of the information listed below from data vendors to supplement the information we collect from you. You should only share personal information about other individuals who have provided you with the permission to do so. Information collected includes:
- Contact Information: When you visit the Site, we may ask you for your Contact Information. We may also ask you for Contact Information about other people for whom you are requesting services from us. Contact Information may include your first and last name, email address, street address, city, state, zip code, telephone number, date of birth, job title, company name or other contact details, or other information you choose to share with us.
- Quality Assurance Information: We may use your personal information to monitor our services for quality assurance purposes. We may associate this with your Contact Information. We use and share this information as necessary to provide our services. For example, we may share your results with our communications vendors.
- Communications, Feedback, Support, and Inquiries: If you contact us via phone, mail, email, chat, or social media; contact us for support or to ask us questions or report a problem; provide us with feedback; respond to our surveys; or submit other content, we will collect Communications, Feedback, Support, and Inquiries in addition to your Contact Information. Communications, Feedback, Support, and Inquiries may include the subject matter of your message and any comments, ratings, reviews, content or responses that you choose to provide. We may keep a log of the information you provide, and this could include additional personal information about you if you decide to include that information. Your Contact Information may be stored with Communications, Feedback, Support, and Inquiries if you decide to include that information.
- In addition, when you communicate with us, including through any social media site, we will collect and aggregate the information that is tied to your account and your engagement with us, and we may retain all content, messages, and information that you provide to us.
- If you receive email communications from us, we use certain tools to capture data related to if/when you open our message and if/when you click on any links or banners it contains. Other information collected through this email tracking feature includes: your email address, the date and time of your “click” and other interactions on the email, a message number, the name of the list from which the message was sent, a tracking URL number and/or IP Address, and a destination page.
- Usage Information: When you visit the Site, we automatically collect Usage Information from your browser and your device. Usage Information includes the date and time of your visit, geolocation, time zone, Internet Protocol (IP) address, unique device identifier, domain server, operating system, browser type, access time, what websites or search terms referred you to the Site, and data about which pages you visit and how you interact with the Site.
- Inferences: We may draw inferences from any of the categories of personal information identified above to create a profile about you, which may reflect topics like your preferences.
Cookies and Similar Technologies
First-Party and Third-Party Cookies
A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” or “permanent” cookie). “Session” cookies are temporarily stored on your hard drive and only last until they expire at the end of your browsing session. “Persistent” or “permanent” cookies remain stored on your hard drive until they expire or are deleted by you. Local stored objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you’re visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website.
In addition to cookies, there are other automatic data collection technologies, such as Internet tags, web beacons (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.) that can be used to collect data as users navigate through and interact with a website:
- Web beacons: These are tiny graphics (sometimes called “clear GIFs” or “web pixels”) with unique identifiers that are used to understand browsing activity. In contrast to cookies, which are stored on a user’s device, web beacons are rendered invisible on web pages when you open a page.
- Social Widgets: These are buttons or icons provided by third-party social media platforms that allow you to interact with social media services when you view a webpage or mobile app screen. These social widgets may collect browsing data, which may be received by the third party that provided the widget and are controlled by third parties.
- UTM Codes: These are strings that can appear in a URL (the “Uniform Resource Locator,” which is typically the http or https address entered to go to a web page) when you move from one web page or website to another. The string can represent information about browsing, such as which advertisement, page, or publisher sent the user to the receiving website.
- Site Optimization and Usage Tracking. We contract with third party service providers to help manage and optimize our Internet business and communications, and these third-party service providers may also use the technologies described in this section to collect certain information when you use our Platform(s).
What Cookies and Similar Technologies Are in Use and Why Do We Use Them?
We use first-party and third-party cookies and similar technologies for purposes such as to improve Site functionality, to measure and track how users interact with the Site and perform similar analytics, to track ad-driven activity on the Site, and to otherwise tailor our communications with you. We may also display targeted ads to you through social media platforms.
- Necessary Cookies: These cookies are necessary for the Site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.
- Functionality Cookies: We use a set of cookies that are optional for the Site to function. They are usually only set in response to information provided to the Site to personalize and optimize your experience as well as remember your chat history. These cookies allow the Site to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies cannot track your browsing activity on other websites. These cookies remember choices you make to improve your experience.
Other Third-Party Technologies
Some third parties may use automated data collection technologies to collect information about you when you browse the Internet. The information they collect about your online browsing activities over time and across different websites and other online services may be associated with your personal information and used to provide you with targeted content. We do not control these third parties’ technologies or how they may be used. If you have any questions about targeted content, you should contact the responsible party directly or consult their privacy policies.
Choices About Cookies
Most web browsers are set by default to accept cookies. If you do not wish to receive cookies, you may set your browser to refuse all or some types of cookies or to alert you when cookies are being sent by website tracking technologies and advertising. You may adjust your browser settings to opt out of accepting a “persistent” cookie and to only accept “session” cookies, but you may need to adjust your settings each time to enjoy the full functionality of the Site.
For more information on how to modify your browser settings to block or filter cookies, http://www.cookiecentral.com/faq/. You may learn more about internet advertising practices and related consumer resources at http://www.aboutads.info/consumers/, http://www.networkadvertising.org/choices, and http://youronlinechoices.eu/.
How do we use and share your information?
Where permitted by applicable law, we may use the personal information we collect for one or more of the following purposes:
- Delivering the services that you have requested;
- Detecting fraud and preventing loss;
- Providing you with information about our services;
- Contacting you about products or services that may be of interest to you;
- Managing our relationship with you;
- Improving our services and customer service;
- Improving our testing, research, analysis and development;
- Allowing you to contact us and facilitate your communication with us;
- Responding to your feedback, requests, questions, or inquiries;
- Registering you for our email distribution lists;
- Sending you periodic emails;
- Administering a promotion or survey;
- Enabling you to share reviews, comments, questions, and answers;
- Providing you more tailored advertising or communications;
- Operating the Site(s) and preparing aggregate traffic information;
- Recognizing your device and remembering your interactions;
- Providing you with a more personal and interactive experience on the Site;
- Engaging with you on social media, including contacting you via social media and using other social media tools to interact with you;
- Operating our business;
- Fulfilling our obligations as an employer;
- Enforcing our policies and contracts;
- Facilitating, or use in connection with, corporate mergers, acquisitions, reorganizations, dissolutions, or other transfers;
- Ensuring safety of person or property;
- Asking if you would like for us to share your information with third parties;
- Accomplishing any other purpose related to and/or ancillary to any of the purposes and uses described in this Policy for which your information was provided to us;
- Accomplishing another purpose described to you when you provide the information, for which you have consented, or for which we have a legal basis under law;
- Complying with federal, state, or local laws;
- Complying with a civil, criminal, or regulatory inquiry, investigation, subpoena, order, or summons by federal, state, or local authorities;
- Cooperating with law enforcement agencies;
- Exercising or defending legal rights or claims; and
- Creating, using, retaining, or disclosing de-identified or aggregated data.
How do we disclose or share the information described in this Policy?
Where Communications permitted by applicable law, we may share the information described above in the following contexts:
- Corporate Affiliates: We may share your information with our corporate affiliates and with their respective officers, directors, employees, professional advisors, and agents.
- Acquisitions and Similar Transactions: We may disclose your information in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our company assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.
- Disclosures with Your Consent: We may ask if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this Policy. We will only disclose your information in this context with your consent.
- Legal Obligations and Rights (Subpoenas, Court Orders, and Warrants): We may disclose the information described in this Policy in response to subpoenas, warrants, court orders 6 4826-9599-2535 or other legal process, or to comply with relevant laws. We may also share such information in order to establish or exercise our legal rights; to defend against a legal claim; and to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our contracts.
- Professional Advisors: We may share information with our insurers and professional advisors, including attorneys and accountants, that need access to such information to provide operational or other support services on our behalf.
- Service Providers: We may share your information with our service providers that need access to such information to provide operational or other support services on our behalf. Among other things, service providers help us to administer the Site; provide technical support; offer customer support; send marketing, promotions and communications; provide advertising services; assist with auditing; perform quality and safety-related services; and assist with other legitimate purposes permitted by law.
- De-identified or Aggregated Data: We may disclose aggregated information about our users, and information that does not identify any specific individual, such as groupings of demographic data and customer preferences, for purposes such as new product and marketing development.
How long do we store and use your information?
We will retain and use your information for as long as is necessary to fulfill the purposes for which it was collected, to comply with our business requirements and legal obligations, to resolve disputes, to protect our assets, to provide our services, and to enforce our agreements.
We take reasonable steps to delete the information we collect when (1) we have a legal obligation to do so or (2) we no longer have a purpose for retaining the information. We may also decide to delete your information if we believe it is incomplete, inaccurate, or that our continued storage of it is contrary to our legal obligations or business objectives. When we delete information, it will be removed from our active servers and databases; but, it may remain in our archives when it is not practical or possible to delete it.
To the extent permitted by law, we may retain and use anonymous, de-identified, or aggregated information for performance reporting, benchmarking, and analytic purposes and for product and service improvement.
How do we protect your information?
We want you to feel confident using our Site(s) to transact business. However, no system can be completely secure. Therefore, although we take steps to secure your personal information, we do not promise, and you should not expect, that your personal information will always remain secure.
The safety and security of your personal information also depends on you. You should take care with how you handle and disclose your personal information and should avoid sending personal information through unsecure e-mail. We encourage you to learn about how to prevent identity theft. Some helpful resources can be found on the websites like the site of the Federal Trade Commission, www.ftc.gov.
If a data breach compromises your personal information, we will notify you and any applicable regulator when we are required to do so by applicable law.
Rights and choices about your personal information
- Communication Preferences: You may receive telephone calls, text messages, and emails from us using the numbers or email addresses you provide. You may change your communication preferences at any time by contacting us via the “Contact Us” details provided at the end of this Policy. If you no longer wish to receive communications from us via email, you may also opt-out by clicking the “unsubscribe” link at the bottom of our emails. If you wish to change your communication preferences, please provide your name, telephone number, and/or email address so that we may identify you in the opt-out process. Once we receive your instruction, we will promptly take action.
- Cookies: You may set your browser to refuse all or some browser cookies or to alert you when cookies are being set. For more information on how to modify your browser settings to block or filter cookies, see the section, “Cookies and Similar Technologies” herein and visit http://www.cookiecentral.com/faq/. You may learn more about internet advertising practices and related consumer resources at http://www.aboutads.info/consumers/, http://www.networkadvertising.org/choices, and http://youronlinechoices.eu/.
- Online Tracking Signals: Except if required by law, we do not currently recognize browser settings or signals of tracking preferences, which may include “Do Not Track” instructions. “Do Not Track” is a web browser setting that seeks to disable the tracking of individual users’ browsing activities. We adhere to the standards set out in this Policy and do not currently respond to “Do Not Track” signals on the Site or on third-party websites or online services where we may collect information.
- Accuracy and Updating Your Personal Information: Our goal is to keep your personal information accurate, current, and complete. If any of the personal information you have provided to us changes, please let us know by contacting us at email@example.com. For instance, if your email address changes, you may wish to let us know so that we can communicate with you. If you become aware of inaccurate personal information about you, you may want to update your information. We are not responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us. We honor such requests when we are required to do so under applicable law.
- Complaints: If you believe your rights relating to your personal information have been violated, you may lodge a complaint with us by contacting via the “Contact Us” details provided at the end of this Policy.
Additional disclosures for data subjects in the EEA and the U.K.
When This Section Applies
This section applies solely to and provides information about how and Signify collects, stores, uses, transfers and otherwise processes personal data in or from certain countries in the European Economic Area, the United Kingdom, and Switzerland (together, for purposes of this section of the Privacy Statement, “EEA”), accordance with the General Data Protection Regulation (GDPR) and its local implementations.
We will use your personal data only for the purposes and in the manner set forth herein, which describes the steps we take to ensure the processing of your personal data is in compliance with the Data Protection Acts 1988 to 2018 (as amended) and any subsequent data protection and privacy legislation, European Union Law including Regulation (EU) 2016/679, known as the General Data Protection Regulation or GDPR and any subsequent amendments (collectively referred to as “Data Protection Legislation”).
Identity of the Controller of Personal Information
For the purposes of Data Protection Legislation, the Data Controller is Signify Ireland Technology Development Limited, an Irish registered company (Registered Number 709746) and having its registered office address at Alcantara (Block C) Bonham Quay, Galway, , Ireland.
Contact Details of the Data Protection Officer
It has been determined that Signify is not required to have a Data Protection Officer. Please see “Contact Us” for how to reach us.
Legal Bases for Processing of Your Personal Data
Where Signify is acting as a data controller, the personal data we collect from you or through our systems (as described in the “What Information Do We Collect?” and “How We Use and Share Your Information?” sections above) helps us manage our actual or potential employment relationship with you, and to comply with our legal obligations for the conduct of our business. Signify uses your personal data only when we have a valid legal basis to do so. Depending on the circumstance, Signify may rely on your consent or the fact that the processing is necessary to fulfill a contract with you, protect your vital interests or those of other persons, or to comply with law. We may also process your personal data where we believe it is in our or others’ legitimate interests, taking into consideration your interests, rights, and expectations. If you have questions about the legal basis, see “Contact Us” for further information.
Where Does Signify Obtain my Personal Data From?
Most of the personal data we process (as described above in “What Information Do We Collect?”) is obtained from you when you access this Site , but we also obtain personal data about you in the course of the performance of your contract with us or potential contract with us, including when you are a candidate for a position at Signify.
In some circumstances, we may request your explicit consent to process (specific types of) personal data. In these circumstances, you are able to withdraw your consent at any time by following the instructions provided when you gave consent or at the contact details below.
You are required to provide consent to strictly necessary cookies in order to use our Site. If you do not provide your consent you may not be able to apply for positions with us and you may not be able to use the full functionality of our Site.
No decisions will be taken about you using automated means, we will notify you in writing if this position changes.
Transfers Outside the European Economic Area
We will transfer your personal data to the United States of America and other countries outside of the EEA. When we transfer your personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such Data, including standard contractual clauses under GDPR Article 46.2 or adequacy decision under GDPR Article 45. Please see the ‘Contact Us’ section below if you wish to obtain information concerning such safeguards.
Retention of Personal Data
We will keep your personal data for as long as it is necessary to fulfill the purposes for which it was collected as described above and in accordance with our legal and regulatory obligations. This may mean that some information is held for longer than other information. The criteria we use to determine data retention periods for personal data includes the following:
- Retention in case of queries; we will retain it for a reasonable period after the relationship between us has ceased;
- Retention in case of claims; we will retain it for the period in which it may be enforced (this means we will retain it for 10 years in some instances); and
- Retention in accordance with legal and regulatory requirements; we will consider whether we need to retain it after any period described in this section because of a legal or regulatory requirement.
You may have various rights under data protection legislation in your country (where applicable).
Right of Access: Subject to certain conditions, you are entitled to have access to your personal data which we hold (this is more commonly known as submitting a “data subject access request”).
- How do I execute this right? Requests for such information should be made in writing to firstname.lastname@example.org If possible, you should specify the type of information you would like to see to ensure that our disclosure is meeting your expectations.
- What conditions must be met to exercise this right? We must be able to verify your identity. Your request may not affect the rights and freedoms of others, e.g. privacy and confidentiality rights of other customers. Data solely retained for data backup purposes is principally excluded.
Right of Data Portability: Subject to certain conditions, you are entitled to receive the data which you have provided to us and which is processed by us by automated means, in a commonly-used machine readable format.
- How do I execute this right? Requests should be made in writing to email@example.com If possible, you should specify the type of information you would like to receive to ensure that our disclosure is meeting your expectations.
- What conditions must be met to exercise this right? The GDPR does not establish a general right to data portability. This right only applies if the processing is based on your consent or on our contract with you and when the processing is carried out by automated means (e.g. not for paper records). It affects only personal data that was “provided” by you. Hence, it does, as a rule, not apply to personal data that was created by Signify.
Rights in Relation to Inaccurate or Incomplete Personal Data: You may challenge the accuracy or completeness of personal data which we process about you. If it is found that personal data is inaccurate, you are entitled to have the inaccurate data removed, corrected or completed, as appropriate.
- How do I execute this right? We encourage you to notify us of any changes regarding your personal data as soon as they occur, including changes to your contact details, telephone number, immigration status. Please always check first whether self-help tools are available. If no such tools are available, requests should be made in writing to firstname.lastname@example.org.
- What conditions must be met to exercise this right? This right only applies to your own personal data. When exercising this right, please be as specific as possible.
Right to Object to or Restrict our Data Processing: Subject to certain conditions, you have the right to object to or ask us to restrict the processing of your personal data.
- How do I execute this right? Requests should be made in writing to email@example.com.
- What conditions must be met to exercise this right? This right applies only if the processing of your personal data is explicitly based on our so-called “legitimate interests” (see “basis of processing” above). Objections must be based on grounds relating to your particular situation. They must not be generic so that we can demonstrate that there are still lawful grounds for us to process your personal data.
Right to Have Personal Data Erased: Subject to certain conditions, you are entitled, on certain grounds, to have your personal data erased (also known as the “right to be forgotten”), e.g. where you think that the information we are processing is inaccurate, or the processing is unlawful.
- How do I execute this right? Requests should be made in writing to firstname.lastname@example.org.
- What conditions must be met to exercise this right? There are various lawful reasons why we may not be in a position to erase your personal data. This may apply (i) where we have to comply with a legal obligation, (ii) in case of exercising or defending legal claims, or (iii) where retention periods apply by law or our statutes.
Right to Withdraw Consent: You have the right to withdraw your consent to any processing for which you have previously given that consent.
- How do I execute this right? Requests should be made in writing to email@example.com.
- What conditions must be met to exercise this right? If you withdraw your consent, this will only take effect for the future.
Your Right to Lodge a Complaint with a Supervisory Authority
You have the right to make a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR. The Irish personal Data Protection Authority contact details are:
Data Protection Commission
Telephone: +353 (0)761 104 800 (10:00 - 12:00hrs Monday - Friday) or
+353 (0)578 684 800 (14:00 - 16:00hrs Monday - Friday)
For further information please visit www.dataprotection.ie
This Policy is applicable only to the Site, and it does not apply to any third-party websites.
The Site may contain links to, and media or other content from, third parties. These links are to external resources and third parties that have their own privacy policies. Because of the dynamic media capabilities of the Site, it may not be clear to you which links are to external, third-party resources. If you click on an embedded third-party link, you will be redirected away from the Site to the external third-party website. You can check the URL to confirm that you have left this Site.
We cannot and do not (1) guarantee the adequacy of the privacy or security practices employed by or the content and media provided by any third parties or their websites, (2) control third parties’ independent collection or use or your information, or (3) endorse any third-party information, products, services or websites that may be reached through embedded links on this Site.
Children's Online Privacy Protection Act
The Children’s Online Privacy Protection Act (“COPPA”), as well as other data privacy regulations, restrict the collection, use, or disclosure of personal information from and about children on the Internet. Our Site and services are not directed to children aged 13 or younger, nor is information knowingly collected from children under the age of 13. No one under the age of 13 may access, browse, or use the Site or provide any information to or on the Site. If you are under 13, please do not use or provide any information on the Site (including, for example, your name, telephone number, email address, or username). If we learn that we have collected or received personal information from a child under the age of 13 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete it. If you believe we might have any information from or about a child under the age of 13, please contact us using the contact information provided below
For more information about COPPA, please visit the Federal Trade Commission’s website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.
Updates and changes to this policy
You are expected to, and you acknowledge and agree that it is your responsibility to, carefully review this Policy prior to using the Site, and from time to time, so that you are aware of any changes. Your continued use of the Site after the “Last Updated” date will constitute your acceptance of and agreement to such changes and to our collection and sharing of your information according to the terms of the then-current Policy. If you do not agree with this Policy and our practices, do not access, view, or use any part of the Site.
For more information, or if you have any questions or concerns regarding this Policy or wish to exercise your rights, you may contact us using the information below, and we will do our best to assist you.
By Email: firstname.lastname@example.org
4055 Valley View Lane, Ste 400
Dallas, TX 75244
Attn: Privacy Department
Alcantara (Block C) Bonham Quay
Attn: Site Lead (Data Privacy and HR)