This Policy is current as of the effective date listed above. We may update this Policy from time to time, so please be sure to check back periodically. Your continued use of the Site, App, or Services after the effective date of any updates will mean you acknowledge and agree to be bound by those revisions.
The Information We Collect About You
We collect information about you directly from you, automatically through your use of our Site, App or Services, and from third parties.
Information We Collect Directly from You. The information we collect from you depends on how you use our Services. Information we collect may include:
- If you create an account with us, we collect your email address and the password you create for your account.
- If you would like to get a quote or apply for health insurance coverage (for yourself or a dependent), the information we collect may include: your name, gender, birthdate, physical address, email address, Social Security number, phone number, and information about any health conditions, upcoming procedures, and tobacco usage for any individual seeking coverage. If you submit an application for health insurance coverage, we will collect additional information, including but not limited to, your payment information (such as your payment method and billing address).
- When you submit your claims, we collect images of the documentation you upload, such as medical invoices from your physician, pharmacy, or other health care provider. These medical invoices may include name, date of birth, mailing address, and information about the treatment, services, and products received.
- We collect the information you provide us when you fill out a survey, questionnaire, or other type of form you complete through the Services.
- If you contact us, we collect contact information, such as name, email address, mailing address, and phone number. We also collect any information you choose to communicate.
- While you are navigating the Site or using the Services, we may also collect your search queries, such as services or prescription drugs.
Information We Collect Automatically. We automatically collect information about your use of our Services through cookies, web beacons, and other technologies. To the extent permitted by applicable law, we combine this information with other information we collect about you, including your personal information. Please see the section “Cookies and Other Tracking Mechanisms” below for more information.
When you use our Site, we may collect your domain name, browser type and operating system, web pages you view on the Site, links you click on the Site, and your IP address. We may also collect information about the length of time you spent visiting our Site and/or using our Services, and the referring URL, the web pages that led you to our Site, the date of your visit, referring search keywords, and your device type, model, and version. We may also collect your location.
When you use our App, we may collect your mobile device ID, device type and model, operating system type, name and version, and language information. We may also collect information about your activities within the App, and the length of time that you are logged into our App. When you share your location with us, we will collect location information from your mobile device to show you policy options available in your area and to show you health care providers and pharmacies near your location. We may also collect browser links in any app that sends you to a Rockethealth.com URL. In those cases, we will offer to redirect you to our App instead.
Information We Collect from Other Entities. We may collect information about you from third-party sources, such as: service providers, business partners, public and third-party databases, platform providers, non-affiliated partners, other users of our Services, public sources, third-party advertising partners, or from other third parties. Information we collect from third parties may be combined with other information we have collected about you.
If someone else requests a quote or applies for health insurance coverage on your behalf (e.g., if you’re a dependent), we collect the following information from them about you: your name, gender, birthdate, physical address, email address, Social Security number, phone number, and information about any health conditions, upcoming procedures, and tobacco usage for any individual seeking coverage.
Additionally, you can choose to log into our Services through your Facebook account. If you log into our Services using Facebook, you must enter your Facebook account login information. We will ask that you grant us permission to: access and collect your Facebook basic information (this includes your name, profile picture, gender, networks, user IDs, list of friends, date of birth, email address, phone number, and any other information you have set to public on your Facebook account). If you allow us to have access to your Facebook profile information, then we will have access to this information even if you have chosen not to make that information public via Facebook.
We store the information that we receive from Facebook with other information that we collect from you (like when you created an account) or receive about you (from third-parties). Any third-party social networking site controls the information it collects from you. For information about how social networks may use and disclose your information, including any information you make public, please look at their respective privacy policies. We have no control over how any third-party site uses or discloses the personal information it collects about you.
Biometric Authentication. You may choose to enable biometric authentication (using fingerprint, Touch ID, or Face ID) to sign in to our Site or App. To do this, you are required to save your Rocket Health account ID on your mobile device. We do not control the functionality of fingerprint, Touch ID or Face ID and we do not have access to your fingerprints or facial recognition information. You understand and agree that any fingerprint stored on your mobile device can be used to access your account at Rocket Health. For more information on how biometric functionality works for your device, please refer to your device manufacturer’s support resources. There may be circumstances where biometric authentication will not function as expected and you will be required to sign in to your Rocket Health account using your passcode.
How We Use Your Information
Our Uses of Your Personal Information. We use your information, including your personal information, for the following purposes:
- To provide, maintain, and improve our Services.
- To enable you to apply for a health insurance policy.
- To provide you with a Rocket Health payment card to use when you pay for covered health care procedures, services and products.
- To underwrite the health insurance policy or, if applicable, to provide services to our partner insurance carrier that underwrites the policy, such as issuing and administering the policies and handling claims.
- To process your claims; for example, to request that your provider send additional information about your diagnosis and treatment.
- To facilitate payments to health care providers and pharmacies.
- To notify you about changes to our Services.
- To communicate with you, including via text message, about your use of our Services, to respond to your inquiries and complaints, and for other customer service purposes.
- To tailor the content and information that we may send or display to you, to offer location customization and personalized help and instructions, and to otherwise personalize your experiences while using the Services. For example, we may display to you the different insurance policies available to you, or we may display available health care providers and/or pharmacies in your geographic area.
- To send you marketing materials, via mail, email, text or telephone, about products and services that may be of interest to you either from us, our business partners, or other third parties.
- To send you news and newsletters.
- For research and analytics purposes, including to better understand how users access and use our Services, both on an aggregated and individualized basis.
- To administer surveys and questionnaires, such as for market research or user satisfaction purposes.
- To comply with legal obligations, as part of our general business operations, and for other business administration purposes, such as maintaining customer records, monitoring your compliance with any of your agreements with us, collecting debts owed to us, and safeguarding our business interests.
- To fulfill any other purpose for which you provide the information or to fulfill purposes that you otherwise request or consent to.
How We Share Your Information
We may share your information, including personal information, as follows:
Partner Carriers. If you purchase an Access Plan, we may share the information we collect from you with the partner insurance carrier that underwrites your health insurance policy.
Service Providers, and Other Processors**.** We may disclose the information we collect from you to service providers or other processors, such as customer management providers and IT services providers, to help us provide our Services to you, to assist us in analyzing how our Services are used, to market to you, and to provide other services.
In providing our health insurance services, you will receive a Rocket Health payment card to use when paying for covered health care procedures, services, and products. We will share your information with our payment processor, including your name and address to enable you to use this payment card and to help us process claims. This includes printing and shipping a payment card to you, and other information needed to process the payment of your claims. If you choose to use one of our telemedicine providers, we will share your information, including your personal information and health conditions, with the telemedicine provider.
We will not share your personal information with third-parties for their own marketing purposes without your consent.
Subsidiaries and Affiliates. We may disclose the information we collect from you to our affiliates or subsidiaries as needed to provide the Services to you.
Other Affiliated and Non-Affiliated Third Parties. We may share the information we collect from you with other affiliated and non-affiliated third parties, including:
- Insurance support organizations;
- Brokers and agents;
- Government entities (e.g. regulatory, quasi-regulatory, tax or other authorities, law enforcement agencies, courts, arbitrational bodies, and fraud prevention agencies);
- Consumer reporting agencies;
- Advisors including law firms, accountants, auditors, and tax advisors;
- Insurers, re-insurers, policy holders, and claimants;
- Group policyholders (for reporting claims data or an audit);
- Advertising networks, data analytics providers, and social networks;
- Service providers and affiliates for actuarial or research studies; and
- As permitted by law.
In addition, we may also share your personal information under the following circumstances:
Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your personal information with lenders, auditors, and third-party advisors, including attorneys and consultants.
In Response to Legal Process. We disclose your information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
Aggregate and De-Identified Information. We share aggregate or de-identified information about users with third parties for marketing, advertising, research, or other purposes.
Others for Business Purposes. We may also share your personal information by disclosing it to a third party for a business purpose, including the business purpose of directly or indirectly enabling or effecting commercial transactions. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purposes except performing the contract.
Our Role as a Business Associate Under the Health Insurance Portability and Accountability Act (“HIPAA”)
When we act as a Business Associate to a Covered Entity (such as a health plan) under HIPAA, our uses and disclosures of personal information are limited to the following purposes to provide you with the Services: for proper business, management, and administration purposes, to de-identify data, for data aggregation, and to meet our legal obligations.
We may use or disclose personal information on behalf of, or to provide services to, Covered Entities for purposes of fulfilling our service obligations to them, if such use or disclosure of PHI is permitted or required by the Business Associate agreement and is in compliance with HIPAA.
Cookies. Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process or to allow us to track your activities while using our Services. There are two types of cookies: session and persistent cookies.
Session Cookies. Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Services. This allows us to process your online transactions and requests and verify your identity, after you have logged in and as you move through our Services.
Persistent Cookies. Persistent cookies remain on your device after you have closed your browser or turned off your device. We use persistent cookies to track aggregate and statistical information about user activity.
Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.
Cached Information. The Site and App automatically store small bits of information to the local data storage on your browser and mobile device about your use of the Site and App and your preferences (“Cached Information”). We use Cached Information to enhance your experience on our Site and App. If you log out of the site, Cached Information stored on the browser will be deleted. If you delete the App from your device, Cached Information stored on the device will also be deleted.
Clear GIFs, Pixel Tags and Other Technologies__. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our third-party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Cross-Device Use. We and our third party service providers, including Google, may use the information that we collect about you (whether directly from our Site, through your device(s), or from a third party) to help us and our third party service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). We and our third-party service providers also may use the cross-device use and other information we learn about you to serve targeted advertising on your devices and to send you e-mails. To opt-out of cross-device advertising, you may follow the instructions set forth in the Third-Party Ad Networks section below. Please note: if you opt-out of these targeted advertising cookies, your opt-out may be specific to the web browser, app, or device from which you accessed the opt-out. If you use multiple devices or web browsers, you may need to opt-out from each browser or device that you use.
Third-Party Data Collection. We may use third-party data collectors to record and store information about how our Site and App are used. These third-party service providers use tracking technologies to analyze a visitor’s real-time interactions with our Site and App, including for example, clicks, mouse movements, and data inputs. They then store such information on our behalf. We may provide these third-party data collectors with information, including personal information, about you.
Do-Not-Track Signals. Please note that our Site does not recognize or respond to any signal which your browser might transmit through the so-called “Do Not Track” feature your browser might have. If you wish to disable cookies on our Site, you should not rely on any “Do Not Track” feature your browser might have. For more information about do-not-track signals, please click here.
Users may opt out of many ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising. Please be advised that opting out of ad networks will opt you out from certain companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Site or on other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Additional information is available on the DAA’s website at www.aboutads.info and https://youradchoices.com/appchoices.
User Generated Content
We invite you to post content on our Services, including your comments and healthcare provider reviews that you would like to be available on our Services. If you post content to our Services, all of the information that you post will be available to all registered users on our Services. If you post your own content on our Services, your posting may become public and Rocket Health cannot prevent such information from being used in a manner that may violate this Policy, the law, or your personal privacy.
Security of Your Personal Information
We have implemented reasonable organizational, technical, and administrative measures to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.
You should take steps to protect against unauthorized access to your account, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust, unique password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Access Your Personal Information
You may modify certain personal information that you have submitted by logging into your account and updating your profile information.
We may also modify your personal information on your behalf if you have requested us to do so. If you would like to request that we update your personal information, you can call our Member Care team at 1-877-653-6440
Please note that copies of information that you have updated, modified, or deleted may remain viewable in cached and archived pages or backups of the Services for a period of time.
We may use your personal information to send promotional communications to you by mail, email, telephone or text message. You may opt-out of promotional communications by following the opt-out instructions below:
- Email: click the ‘unsubscribe’ link in any promotional email
- Text: text ‘STOP’ to unsubscribe
- Other: contact our Member Care team to update your marketing preferences
Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving promotional communications, we may still send you communications about your account or any services you have requested or received from us.
Notice Concerning Children
Parents and legal guardians may use our Site, App, and Services on behalf of their minor dependents, but our Site, App, and Services are not intended to be used directly by children under 18 years old. By using our Site, App, or Services, you represent and warrant that you are at least 18 years of age. In addition, if you are using our Site, App, or Services on behalf of an individual under 18, you represent and warrant that you are their parent or legal guardian with the legal authority to do so.
If you are under age 18, you may not use our Site, App, or Services. We do not knowingly collect personal information from, or target our Site, App, or Services to, children under the age of 18. If we discover that the Site, App, or Services are being used inappropriately, we may disable account access. If we learn that we have directly collected the personal information of a child under 18, we will take steps to delete the information as soon as possible. Please immediately contact us if you become aware that a child has provided us with personal information. We understand that there may be exceptions to this rule, such as for children who are emancipated.