Privacy Policy

Last updated and effective as of: August 12, 2021
Subscribili, Inc. and its affiliates (collectively, “Subscribili” or “Us” or “We”) value and respect your privacy. This Privacy Policy explains how and our associated web sites, mobile applications, and software tools (collectively, the “Subscribili Services”) will collect, use, and share information received from our users. Subscribili provides services, including the Subscribili Services, to healthcare and other service providers (“Providers”), enabling them to offer services to their patients. It also provides services to health benefit plans and the employers that sponsor those plans for their employees.We hope you will take the time to read this Privacy Policy carefully. By continuing to use the Subscribili Services, you agree to this Privacy Policy and the collection, use, disclosure, and storage of your personal information as described by this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Subscribili Services.This Privacy Policy is current as of the effective date listed above. We may modify this Privacy Policy or add additional terms from time to time to reflect, for instance, a change to the Subscribili Services or a change to the law. If any changes are made, we will notify you by updating the date at the top of the Privacy Policy. If a substantial change is made, such as a change regarding how we use the personal information we have previously collected from you, best efforts will be made to provide additional notice of such changes by adding a statement to our homepage or sending you a notification. You should review the Privacy Policy regularly. Any changes to the Privacy Policy will be effective immediately upon being posted to the web site. Continued use of the Subscribili Services after any such changes shall constitute your consent to such changes.Subscribili complies with all applicable laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA). This Privacy Policy operates in conjunction with our privacy policies and procedures under HIPAA.

Table of Contents
  1. The Information We Collect From You
  2. Use of Collected Information
  3. Sharing Your Personal Information
  4. Securing Your Personal Information
  5. Third-Party Data Collection
  6. Links to Third-Party Web Sites
  7. How the Subscribili Services Respond to “Do Not Track” Signals
  8. Children’s Privacy
  9. California Residents
  1. The Information We Collect From You

We collect information to make your experience, and the experience of others, better. The type of information that we collect depends on how you use the Subscribili Services. We collect information that you provide to us as well as information you provide to third parties.

Information You Provide Directly to Us:

Basic Information: We may collect personal information such as your name, date of birth, telephone number, email address, zip code, login credentials, and credit or debit card account information. We will also collect any personal information that you choose to post on the Subscribili Services.

Health Information: We may collect information about your healthcare or the healthcare of your dependents. We collect this information when you purchase or obtain Provider services, post content, submit information, or otherwise communicate with us. More information about how we handle this information may be found in our Notice of Privacy Practices under HIPAA.

Information We Collect When You Use the Subscribili Services:

Usage and Log Information: We may automatically collect certain anonymous information when you use Subscribili Services. This information may include, for example, your IP address, your Internet browser and operating system type, the date and time of your visit, and the URLs of other web sites that referred you to us.

Cookies and Other Tracking Technologies: We may use cookies and other tracking technologies, such as web beacons, when you use the Subscribili Services. A “cookie” is a small file placed on your computer that helps us to recognize your Internet browser. We may use both first and third-party cookies and tracking technologies in our Subscribili Services. We may use cookies and tracking technologies to monitor how the Subscribili Services are used, identify problems with the Subscribili Services, improve the Subscribili Services, analyze the Subscribili Services traffic, monitor the security of the Subscribili Services, provide you with information about products and services that may interest you, and gauge the effectiveness of our communications. Most Internet browsers allow you to adjust your preferences to reject cookies or to receive notifications before they are placed. If your browser is set to reject cookies, you may continue to use the Subscribili Services, but some aspects of the Subscribili Services may not function as intended.

  1.  Use of Collected Information

We do not sell, share, rent, or trade the personal information we have collected about you, other than as disclosed within this Privacy Policy or at the time you provide your information and subject to limits set forth in the Notice of Privacy Practices. We do not share your personal information with third parties for those third parties’ direct marketing purposes unless you consent to such use or sharing. We may use your information for the following purposes:

  • To provide Subscribili Services, including creating and administering your Subscribili account;
  • To purchase services from Providers;
  • To pass payment information to Providers;
  • To respond to and fulfill your support requests;
  • To remind you of upcoming events, such as renewals;
  • To communicate with you about your Subscribili account, such as payment reminders;
  • To communicate with you about the Subscribili Services or Provider services, including changes to those services;
  • To develop new products and services;
  • To offer you tailored content on the Subscribili Services;
  • To provide you with information about products and services that may interest you;
  • For our legitimate business needs;
  • To maintain and improve the Subscribili Services;
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA; and
  • For any other purpose to which you consent.
  1. Sharing Your Personal Information

We work with third parties that provide services and support for the Subscribili Services. We may share personal information with third parties as follows:

  • With Providers in order to complete your purchase of services from Providers or so that Providers can provide you with their services.
  • With service providers that help us deliver Subscribili Services.
  • For business purposes to i) contractors and service providers; ii) subsidiaries and affiliates; and iii) third parties with whom we partner to offer products and services to you.
  • With your consent for a specific purpose. We will notify you and request consent before you provide the personal information or before the personal information you have already provided is shared for such purpose.
  • To protect your health or safety or the health or safety of others if we reasonably believe it is necessary.
  • When we are legally required to do so, such as in response to court orders or legal process; to establish, protect, or exercise our legal rights; to defend against legal claims or demands; or to comply with the requirements of any mandatory applicable law.

We require that our third parties only use shared personal information to perform the services requested in accordance with this Privacy Policy and have adequate security measures in place to protect any of your shared personal information.

We may also share information within our corporate family, such as with subsidiaries, joint ventures, or affiliates, to the extent permitted by law. In the event that we enter into a corporate transaction, such as a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may transfer personal information that we have collected to the relevant third party.

We may share non personally identifiable information, such as aggregated user statistics and log data, with third parties for industry analysis, demographic profiling, to deliver targeted advertising about other products or the Subscribili Services, or for other business purposes.

All uses and disclosures that involve your personal health information that is protected by HIPAA will also be subject to the the terms set forth in our Notice of Privacy Practices.

  1. Third Party Data Collection

Some content or applications on the Subscribili Services may be provided by third parties, including analytics companies and advertising providers. The Subscribili Services may also include social media features, such as the Facebook “Like” button, and other widgets, such as the “Share” button or interactive mini-programs provided by third parties. These third parties may use cookies or other tracking technologies to collect information about you when you use the Subscribili Services. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different web sites and other online services.

Subscribili may partner with Google Analytics, which is a web analysis service provided by Google. Google utilizes the data collected to track and examine the use of our web site and may share this data with other Google services. You can learn more about how Google uses and shares personal information and about any choices you may have with regards to your personal information by visiting their web site at The Subscribili Services may also use Google Analytics Advertising Features, including Remarketing with Google Analytics, to advertise online. Third-party vendors, including Google, may show our ads on websites across the Internet. We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the Double Click cookie) together to inform, optimize, and serve ads based on your past visits to the web site. To opt out of Google’s use of cookies, you may visit Google’s Ads Settings.

  1. Links to Third-Party Web Sites

The Subscribili Services may contain links to third party web sites, such as social media web sites. Other webs sites may also reference or link to the Subscribili Services. This Privacy Policy is only applicable to the Subscribili Services. Subscribili has no control of these third party web sites or how they handle your personal information. Subscribili encourages you to please be sure to review these third party web site privacy policies before visiting their web sites.

  1. Securing Your Personal Information

Subscribili takes commercially reasonable physical, technical, and administrative security measures to protect personal information we collect from loss, misuse, unauthorized access, or improper disclosure. Please understand that there is no guarantee that transmission of information over the internet will be completely secure; and remember that when communicating with Subscribili, email is not a secure form of communication when transmitting sensitive or personal information.

  1. How the Subscribili Services Respond to “Do Not Track” Signals

The Subscribili Services are not currently configured to respond to Do Not Track signals. Therefore, the Subscribili Services will continue to collect information about you regardless of whether your browser’s “Do Not Track” feature is activated.

  1. California Residents

The “Shine the Light” Law: In compliance with the “Shine the Light” law, residents of the State of California are permitted to request and receive, once a year, a notice describing the categories of personal customer information we share with unaffiliated third parties for their direct marketing purposes. The notice will identify the categories of information shared, the third parties and affiliates with which it was shared, and their names and addresses. California residents can request a copy of the notice by submitting a written request to: .  In your request, please specify that you want a “California Privacy Rights Notice.” Please allow at least thirty days for a response.

California Consumer Privacy Act: The California Consumer Privacy Act (“CCPA”) provides California residents with specific rights regarding the collection, use, and sharing of their personal information, including the right to now, access, delete, and limit the sharing of their personal information.

Information we collect:

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could be reasonably linked, directly or indirectly with a particular consumer or device (“Personal Information”). Personal Information does not include i) publicly available information from government records; ii) de identified or aggregated consumer information; iii) information not within the CCPA’s scope such as:

  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
  • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

We have collected the following categories of Personal information over the last 12 months:

  • Identifiers: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
  • Categories of personal information described in Civ. Code § 1798.80(e): A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
  • Protected Classifications: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
  • Commercial Information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories.
  • Internet or Other Similar Network Activity: Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
  • Geolocation Data: Physical location or data.
  • Professional or Employment-Related Information: Current or past job history or performance evaluations.
  • Inferences Drawn from Other Personal Information: Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Your right to receive notice regarding the categories of Personal Information collected:

You have the right to receive disclosure of certain categories of Personal Information collected from you and the purposes for which those categories of Personal Information will be used over the past 12 months. After receiving and confirming your verifiable consumer request, we will disclose the following to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

We obtain the Personal Information listed above from the following categories of sources:

  • Directly from you (e.g., from forms you complete or products and services you purchase)
  • Indirectly from you (e.g., from observing your actions on our Websites)
  • From third-parties that interact with us in connection with the services we provide.

We disclose your Personal Information for a business purpose to the following categories of third parties:

  • Contractors and service providers.
  • Subsidiaries and affiliates.
  • Third parties with whom we partner to offer products and services to you.

In the preceding 12 months, we have not sold any Personal Information

Your right to request deletion of Personal Information collected:

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Verifying your request to receive notice or deletion:

In the case of notice and deletion, your request must be verifiable before we can fulfill such request. We will ask you or your authorized agent for information that allows us to reasonably verify your identity (that you are the person about whom we collected Personal Information) and the authorized agent’s identity, respectively.

To exercise the access, data portability, and election right described above, please submit a verifiable consumer request to us by:

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. We require that you and the individual who will be acting as your authorized agent complete notarized affidavits in order to verify the identity of the authorized agent and confirm you have authorized them to act on your behalf.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format:

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing prior to the 45-day expiration.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.


We will not discriminate against you for exercising any of your CCPA rights. We will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  1. Children’s Privacy

The Subscribili Services are not intended for persons under the age of 18. Complying with the Children’s Online Privacy Protection Act (“COPPA”) protects children under the age of 13.In compliance with COPPA, we do not knowingly collect, maintain, or use personal information from children under the age of 13. If we become aware that a child under the age of 13 has submitted personal information to us through the Subscribili Services, we will immediately delete such information. If you suspect that we have collected protected personal information from a child under the age of 13, please contact us.