Your privacy is important to us. We make sure that your personal information remains safe and confidential in accordance with federal and state laws. Please understand that Sharecare Operating Company, Inc. and its affiliates (hereinafter, “Sharecare”) may reach out to you by phone, and, although a spouse or family member may answer that phone call, Sharecare cannot discuss the program with anyone in your household until we have first spoken with you. After you have initially identified yourself, you may give us permission to talk to other members of your family if you so choose; you may refuse to grant such permission as well. This process allows us to safeguard your medical and insurance information, as required by the Health Insurance Portability and Accountability Act (HIPAA). Sharecare is not a telemarketing service and does not sell any of your information to anyone. Please visit our Terms page for additional terms and conditions applicable to the Sharecare platform.
- What information we collect and why we collect it.
- How we use that information.
- The choices we offer related to your information.
Information we collect
We collect information in the following ways:
- Information you give us. For example, many of our services, which are wellness programs offered by Sharecare and included in the Be Well SHBP well-being program (hereinafter, “Services”), require you to sign up for a Sharecare account, your registration for which will allow Sharecare to communicate with you, often via your indicated preferred method of communication (talk/text/email), about programs in which you are enrolled or for which you are eligible (hereinafter, “Sharecare Account”). When you do, we’ll ask for personal information, like your name, email address, or telephone number. If you want to take full advantage of the sharing features we offer, we might also ask you to create a publicly visible Sharecare profile, a personal health record where you can access all of your health information in one place (hereinafter, “Sharecare Profile”), which may include your name and photo.
- Information we get from your use of our Services. We may collect information about the Services that you use and how you use them. This information includes:
- Device information
We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Sharecare may associate your device identifiers or phone number with your Sharecare account.
- Log information
When you use our Services or view content provided by Sharecare, we may automatically collect and store certain information in server logs. This may include:
- details of how you used our service.
- Internet protocol address.
- device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.
- cookies that may uniquely identify your browser or your Sharecare account.
- Location information
When you use a location enabled Sharecare service, we may collect and process information about your actual location, like GPS signals sent by a mobile device. We may also use various technologies to determine location, such as sensor data from your device that may, for example, provide information on nearby Wi-Fi access points and cell towers.
- Device information
- Unique application numbers
Certain Services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to Sharecare when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.
- Local storage
We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
- Cookies and anonymous identifiers
How we use information we collect
We use the information we collect from all of our Services to provide, maintain, protect and improve them, to develop new ones, and to protect Sharecare and our users. We also use this information to offer you tailored content.
We may use the name you provide for your Sharecare Profile across all of the Services we offer that require a Sharecare Account. In addition, we may replace past names associated with your Sharecare Account so that you are represented consistently across all our Services. If other users already have your email, or other information that identifies you, we may show them your publicly-visible Sharecare Profile, such as your name and photo.
When you contact Sharecare, we may keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our Services, such as letting you know about upcoming changes or improvements.
We use information collected from cookies and other technologies, like pixel tags, to improve your user experience and the overall quality of our Services. For example, by saving your location preferences, we’ll be able to have our Services appear for the locations you prefer.
When showing you tailored ads, we will not associate a cookie or anonymous identifier with sensitive categories, such as those based on race, religion, or sexual orientation.
We may combine personal information from one service with information, including personal information, from other Sharecare Services – for example to make it easier to share things with people you know.
Sharecare processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live. All personally identifiable information (PII) for US-based enterprise programs [as opposed to a general consumer account, enterprise program accounts are those for which you are eligible to receive the Sharecare Services due to your employment by or relationship with a commercial or government entity that is a Sharecare client and that has contracted with Sharecare for provision of such Sharecare Services to you (hereinafter, “Enterprise Program(s)”)] is stored in the United States of America.
Transparency and choice
People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. For example, you can:
- Manage your email preferences in your Notifications settings.
- Control who you share information with through your Privacy settings.
- Take information out of many of our Services by contacting Sharecare Customer Support
We also personalize your experience on our sites and mobile Services by showing you advertisements from Sharecare or our advertising partners that are tailored to your interests. No advertisements are displayed to users for Enterprise Programs unless specifically approved by the applicable Enterprise Program. Learn more about interest-based advertising, including how to opt out.
Information you share
Many of our Services let you share information with others. Remember that when you share information publicly, it may be indexable by search engines. Our Services provide you with different options on sharing and removing your content.
Accessing and updating your personal information
Whenever you use our Services, we aim to provide you with access to your personal information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. When updating your personal information, we may ask you to verify your identity before we can act on your request.
We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).
Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. We aim to maintain our Services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our Services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.
Access, correction, or deletion requests can be made by contacting Sharecare Customer Support.
Information we share
We do not share personal information with companies, organizations and individuals outside of Sharecare unless one of the following circumstances applies:
- With your consent
We will share your personal information with companies, organizations or individuals outside of Sharecare only when we have your consent to do so. We require your opt-in consent for the sharing of any sensitive personal information. You will be provided an explanation of the personal information to be shared, the purpose for sharing the data, and the party to whom the data will be shared when Sharecare presents the opt-in consent to you. You may choose not to give your opt-in consent.
- For external processing
- For legal reasons
We will share personal information with companies, organizations or individuals outside of Sharecare if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request.
- detect, prevent, or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of Sharecare, our users or the public as required or permitted by law.
We may share aggregated, non-personally identifiable information publicly and with our partners – like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our Services.
We work hard to protect Sharecare and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:
- We encrypt many of our Services using SSL.
- We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
- We restrict access to personal information to Sharecare employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
- Protected Health Information (PHI) is encrypted at all times and Sharecare will comply with the requirements of HIPAA and other applicable laws as they relate to PHI and PII in order to protect users.
Compliance and cooperation with regulatory authorities