Last updated: January 28, 2022
The purpose of this Privacy Policy is to describe how TurningPoint Healthcare Solutions LLC and its affiliates (“TurningPoint”, “we”, “our” or “us”) collect, use and share information about you through our websites (“Sites”), mobile applications (“Apps”), and any other online services that link to this Privacy Policy (collectively, the “Services”) and in email, text, and other electronic messages between you and the Services and written documents, phone calls and other offline activities between you and TurningPoint.
Please read this notice carefully to understand how we use, disclose and otherwise manage the personal information we collect about you. If you do not understand any aspects of this Privacy Policy, please feel free to contact us (our contact information is at the end of this Privacy Policy). This Privacy Policy is not a contract and does not create any contractual rights or obligations.
We are constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time. Unless we say otherwise, changes will be effective upon the last updated date at the top of this Privacy Policy. Please check this Privacy Policy regularly to ensure that you are aware of any changes. If we make material changes to this Privacy Policy, we will attempt to notify you and/or obtain your consent as required by law. Your use of the Services after changes to this Privacy Policy means you have accepted the changes.
If you use our Services because they are offered to you as a member or participant in a health plan sponsored or administered by one of our health plan customers, or you receive healthcare from one of our affiliated professional entities, we may collect Protected Health Information about you that is governed by HIPAA, either directly from you or from or on behalf of your health plan or our affiliated professional entities that provide healthcare services to you. Where this is the case, we act as a “business associate” to your health plan or our affiliated professional entity, and your health plan’s or our affiliated professional entity’s Notice of Privacy Practices and our agreements with your health plan or our affiliated professional entity will govern the use of your Protected Health Information, not this Privacy Policy. If you have any questions about the use and disclosure of your Protected Health Information, please contact your health plan or our affiliated professional entity that provides healthcare services to you.
“HIPAA” means Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act and their implementing regulations as amended from time to time. “Protected Health Information” is individually identifiable health information that is protected by HIPAA and that we receive on behalf of Covered Entities. “Covered Entity” refers to a health plan, healthcare provider or other entity subject to HIPAA.
Information You Provide to Us. We collect information you provide to us through the Services and offline, for example when you create or modify your account, register to use our Services, purchase
products or services from us, request information from us, contact customer support, fill out any form on a Site, or otherwise communicate with us. This information may include:
Information We Collect Automatically. Whenever you interact with our Services, we automatically receive and record information from your browser or device using cookies or similar technologies. This information may include your IP address, geolocation data, device identification, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. To learn more about the cookies and other technologies we use, please see our Statement on Cookies and Similar Technologies below.
The information we collect automatically may include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve the Services and to deliver a better and more personalized service, including by enabling us to:
We may use this data to customize content for you that we think you might like, based on your usage patterns. We may also use it to improve the Services – for example, this data can tell us how often users use a particular feature of a Service, and we can use that knowledge to make the Services more helpful to as many users as possible.
To Provide Services and Information. We use your information to:
Vendors and Service Providers. We may provide information to third-party vendors and service providers that help us operate and manage our Services and deliver products and Services that you purchase through us. These vendors and service providers will have access to your personal information in order to provide these services, but when this occurs we implement reasonable contractual and technical protections to limit their use of that information to helping us provide the service.
Third-Party Analytics. We use selected third parties to collect data about how you interact with the Services. This information may be used to, among other things, improve the functionality of our Services.
With Your Consent. In addition to the sharing described elsewhere in this Privacy Policy, we will share personal information with companies, organizations or individuals when we have your consent to do so.
Legal Proceedings. We will share personal information with third party companies, organizations or individuals if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
Transfer in the Event of Sale or Change of Control. If the ownership of all or substantially all of our business changes or we otherwise transfer assets relating to our business or the Site to a third party, such as by merger, acquisition, bankruptcy proceeding or otherwise, we may transfer or sell your personal information to the new owner. In such a case, unless permitted otherwise by applicable law, your information would remain subject to the promises made in the applicable privacy policy.
Our Services use cookies and other data collection technologies described in this section.
Cookies. A cookie is a small file placed on your computer’s hard drive that collects and stores information about your equipment, preferences and browsing patterns. We use cookies to analyze web page traffic, usage patterns, and to tailor our Services to your individual interests. For more information about cookies, visit allaboutcookies.org.
Web Beacons. A web beacon (also referred to as clear gif, pixel tag or single-pixel gif) is a transparent graphic image used in tandem with cookies that enables us to record a user’s actions. We use web beacons to count users who have visited those pages, verify system and server integrity and for similar statistical measures.
Google Analytics. We use Google Analytics to help us understand how users engage with our Services. Google Analytics uses cookies to track your interactions with our Services, then collects that information and reports it to us, without identifying individual users. This information helps us improve our Services so that we can better serve users like you. For more information on Google Analytics, visit support.google.com/analytics.
You can set your Internet browser settings to stop accepting new cookies, to receive notice when you receive a new cookie, to disable existing cookies, and to omit images (which will disable pixel tags). Note that the opt-out will apply only to the browser that you are using when you elect to opt out of advertising cookies. Please note, without cookies or pixel tags, you may not be able to take full advantage of all features of our Services.
Some web browsers incorporate a “Do Not Track” feature (“DNT”) that signals to the websites that you visit that you do not want to have your online activity tracked. Many websites and applications, including our Services, do not currently respond to web browser DNT signals because such signals are not yet uniform. For more information about DNT signals, please visit allaboutdnt.com.
You may review and request certain changes to the information we have collected about you by contacting us (our contact information is at the end of this Privacy Policy).
Text Messages and SMS. TurningPoint and those acting on our behalf may send you text (SMS) messages at the phone number you provide us. These messages may include operational messages about your use of the Services, as well as marketing messages. You understand that by providing your mobile phone number, you expressly consent to receive automated text messages from us to the mobile phone number you provide. Consent to receiving text messages is not required in order to be a user. Message and data rates may apply, and you should check the rates of your mobile carrier. You can opt out of receiving text messages by texting STOP in response to any text message. We share your mobile phone number with service providers with whom we contract in order to send you automated text messages, but we will not share your mobile phone number with third parties for their own marketing purposes without your express consent.
Marketing Communications. You may choose to stop receiving marketing, promotional, reminder, or notification emails, direct mail, phone and mobile marketing communications from us. You can opt-out of these messages following the instruction contained in the message or by contacting us and requesting to opt-out (our contact information is at the end of this Privacy Policy).
As a general matter, we will keep your personal information for as long as necessary to fulfill the purpose for which it was collected. If a law requires us to retain your information for a longer period of time, we will comply with that law. We will also retain your personal information as necessary to protect our legal rights.
We maintain administrative, technical, and physical safeguards designed to protect against unauthorized access, use, modification, and disclosure of your information in our custody and control. No data, on the Internet or otherwise, can be guaranteed to be 100% secure. While we strive to protect your information from unauthorized access, use, or disclosure, we cannot and do not ensure or warrant the security of your information.
We do not knowingly collect information, including personal information as defined by the Children’s Online Privacy Protection Act, from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personal information to us, you may contact us to request that we delete and stop use of that information (our contact information is at the end of this Privacy Policy). If we learn that we have received any information directly from a child under age 13 without first receiving his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services. We will then subsequently delete that child’s information.
The Services are intended for use only in the United States. If you use the Services or contact us from outside of the United States, please be advised that (1) any information you provide to us or that we automatically collect will be transferred to the United States; and (2) by using the Services or submitting information, you explicitly authorize its transfer to and subsequent processing in the United States in accordance with this Privacy Policy.
Certain California residents have additional privacy rights under the California Consumer Privacy Act (“CCPA”) and the Shine the Light law. To exercise your rights, you will need to follow the directions that are specific to each law.
California Consumer Privacy Act
Note that certain information, such as Protected Health Information and other medical information (as defined under the Confidentiality of Medical Information Act (“CMIA”)), is exempted from the CCPA. This means that we and certain service providers or other recipients may not be required to honor the rights described in this section and instead we comply with our obligations under other laws, such as HIPAA and CMIA.
The CCPA requires that we make certain disclosures about our general collection, use, and disclosure of personal information over the past 12 months. Accordingly, in the past 12 months:
With some exception, you may make a request to exercise the following rights with respect to the personal information we maintain about you:
If you exercise any of these rights, we will not discriminate against you in any way.
To make a request to exercise your right know or right to delete, contact us (our contact information is at the end of this Privacy Policy).
We will take steps to verify your identity before processing your request to know or request to delete. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the individual about whom we collected personal information. If you have an account with us, we will use our existing account authentication practices to verify your identity. If you do not have an account with us, we may request additional information about you so that we can verify your identity.
You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may verify both your and your agent’s identity and request a signed document from you that authorizes your agent to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.
Shine the Light
California residents may also request information from us once per calendar year about any personal information shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To request this information, please contact us (our contact information is at the end of this Privacy Policy). Your inquiry must specify “California Privacy Rights Request” in the subject line of the email, and you must include your name, street address, city, state, and ZIP code.
TurningPoint does not share personal information for marketing purposes.
Contact Us
If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or otherwise need to contact us, please do so by: