StayWell Privacy Policy

Welcome to the StayWell Privacy Policy (the “Privacy Policy”). Protecting your privacy is important, and The StayWell Company, LLC (“StayWell”, “we”, “us”, “our”) is committed to clearly explaining how we treat your Information.

This Privacy Policy explains how we collect, use, share, and protect your Personal Information and Personal Health Information (as those terms are defined below in the section titled “The Information and How We Collect It”) (collectively “Information”) when you visit our websites, portals and/or portal-related mobile applications (such mobile applications collectively referred to hereinafter as the “App”) (together with the programs offered through or facilitated by such sites, portals, and App, the “StayWell Services”). Please read this Privacy Policy carefully and be aware that by accessing the StayWell Services and clicking “agree,” “accept,” or the equivalent, you agree that you have read this Privacy Policy and that you accept and, where applicable, consent to the privacy practices described here. 

We will not use or disclose your Information, except as described in this Privacy Policy. 

If we collect your Information on behalf of your group health plan (your “Plan”), we will use and disclose your Information only as permitted by your Plan, in compliance with all applicable law, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  Use of the StayWell Services, including the portal, website, and App is also subject to our Terms of Use, found under “My Account” (the “Terms of Use”).  In the event of a conflict between the provisions of this Privacy Policy and the provisions of (a) our Terms of Use and/or (c) StayWell’s services agreement with your employer, the provisions which provide greater protection for Information will control.

THE STAYWELL SERVICES ARE NOT A SUBSTITUTE FOR PROFESSIONAL MEDICAL ADVICE, AND WHILE THE STAYWELL SERVICES MAY PROVIDE INFORMATION INTENDED TO BE EDUCATIONAL, STAYWELL CANNOT AND DOES NOT PROVIDE MEDICAL ADVICE OR DIAGNOSE YOUR HEALTH CONDITIONS. ALWAYS CONSULT A PHYSICIAN OR OTHER HEALTHCARE PROVIDER FOR PERSONAL MEDICAL ATTENTION AND ADVICE. DO NOT USE THE STAYWELL SERVICES AS A SUBSTITUTE FOR CONSULTING WITH YOUR PHYSICIAN OR OTHER HEALTHCARE PROVIDER. USE OF THE STAYWELL SERVICES IS NOT INTENDED FOR MEDICAL EMERGENCIES. IF YOU THINK YOU HAVE A MEDICAL EMERGENCY, CALL 911 IMMEDIATELY OR GO TO YOUR NEAREST EMERGENCY MEDICAL SERVICE PROVIDER.

STAYWELL DOES NOT REPRESENT OR WARRANT THAT THE STAYWELL SERVICES OR ANY PARTICULAR DRUG OR TREATMENT IS SAFE, APPROPRIATE, OR EFFECTIVE FOR YOU.  STAYWELL DOES NOT VERIFY THE ACCURACY OF THE INFORMATION UPLOADED OR COMMUNICATED TO THE STAYWELL SERVICES, THOUGH STAYWELL HAS THE RIGHT TO MONITOR SUCH INFORMATION.    STAYWELL IS NOT RESPONSIBLE FOR THE CONDUCT OF OTHER USERS OF THE STAYWELL SERVICES, INCLUDING THE INFORMATION UPLOADED BY USERS.  PLEASE CONTACT STAYWELL AT privacy@staywell.com TO NOTIFY US OF ANY SUSPECTED INAPPROPRIATE OR ILLEGAL CONDUCT OR CONTENT YOU ENCOUNTER ON THE STAYWELL SERVICES. 

Our commitment to your privacy

StayWell respects and protects your privacy as a user of the StayWell Services. This Privacy Policy describes our practices regarding your Information.

In particular, this Privacy Policy describes:

  • The information we collect and how we collect it;
  • How we use your Information;
  • How we may share your information with third parties;
  • Your rights and choices as a participant;
  • Rights that you may have if you are using the StayWell Services in the European Union;
  • How StayWell protects your Information;
  • Changes to the Privacy Policy;
  • Questions about this Privacy Policy; and
  • Who can use the StayWell Services.

The information we collect and how we collect it

By accessing or using the StayWell Services and clicking “agree,” “accept,” or something equivalent, you consent to this Privacy Policy.

  • Personal Information. As part of the registration process and in order to provide you with StayWell Services, StayWell collects information about you such as your name, your employee or unique identification number, your date of birth, gender, address, email address, IP address, phone number and other contact information, and other non-medical information from you or from your employer or its designated representative (your “Employer”), or your Plan (“Personal Information”). The definition of “Personal Information” also includes any of your information that, by itself or combined with some other information, could reasonably be used to identify or contact you.  At any time during your use of the StayWell Services, you can decide not to provide us with Personal Information or Personal Health Information. However, if you choose not to provide us with your Information, that will affect our ability to provide you with certain StayWell Services.
  • Personal Health Information.  In order to provide you with the StayWell Services, we may ask you to provide information about your health or medical condition, such as your answers to a health self-assessment offered by the StayWell Services (a “Health Assessment”), biometric screening results, etc., and we may also collect health, fitness and activity information from your connected fitness devices that you choose to link to the StayWell Services, or from your participation in challenges or other wellbeing programs (all such health- and medical-related Personal Information is collectively referred to as “Personal Health Information”). 
  • Cookies. StayWell uses passive tracking mechanisms called “cookies” to track visitors as they use the StayWell Services. StayWell uses cookies to enhance your online experience, and to learn how you use our Services so we can improve the quality of information and resources available. Cookies are discussed in further detail in the “Cookies and Automatic Gathering of Certain Information” section below.

European Union Residents

If you reside in a country in the European Economic Area or in Switzerland, please click here.

How we use your Information

  • To Provide the StayWell Services. We use your Information to provide you with health management services such as Health Assessments, challenges, telephonic coaching or group coaching and onsite services. We may also use your information to customize the StayWell Services to meet your needs and preferences or to make your experience smooth and efficient, develop new products and services that are relevant to you, offer you additional StayWell health management services or to offer you wellbeing program related services from other contractors engaged by StayWell, your employer or your Plan.
  • Device Integration. You may elect to share certain information collected by various fitness and wellbeing devices and applications, like FitBit, by authorizing StayWell to connect to your device/application using our HealthTracker integration option. If you share your Information, StayWell may integrate the Information into your StayWell account, and/or provide the Information to your StayWell health coach (if applicable). When you download, install, and use the App on your mobile phone or other device, you agree to permit the App to automatically gather certain Information, including without limitation, advertiser IDs, carrier providers, a unique device identifier, the types of mobile devices accessing the App, and the types of operating systems accessing the App (collectively, "Mobile Device Data") to track the number of unique users using our App and to enable you to better interact with us and use the App. A unique device identifier is a string of alphanumeric characters (similar to a serial number) used to uniquely identify and distinguish each mobile phone or other device. We link your Mobile Device Data with the technical information accessed through your use of our App so that we may better provide you with services, administer resets to your account, or to delete information when you request that we do so. Location services can be enabled or disabled at any time, through your mobile device settings.
  • Aggregated data. We may combine your Information with Information collected from other participants to create anonymous aggregated data reports that may be disclosed to your Plan, your Employer and other third parties. StayWell may also use your Information as part of group statistical research and analysis to improve StayWell’s Services, as long as no Information that could be used to contact or identify you is disclosed to any unauthorized parties.
  • Apple Inc. HealthKit. Our App may allow for integration with the Apple® HealthKit.  We will not use or disclose to third parties user data gathered from the Apple Inc. HealthKit framework or HealthKit API for advertising or other use-based data mining purposes other than improving health, or for the purpose of health research.
  • Biometric screenings and flu shot services.  As part of biometric screenings or flu shot services that may be offered through the wellbeing program, certain of your Personal Information, such as your name, address, email address, date of birth, appointment date and time, and the service you registered for, may be provided to an onsite coordinator for the limited purpose of administering these services. That coordinator may be a contractor or an employee of your sponsoring Employer.

 

Disclosures of Your Information

We may disclose your Personal Information to third parties as described below.   

We may disclose Personal Information to the third parties described below in order to provide the StayWell Services, or when you give your consent for us to do so, or when we need to make such a disclosure in order to complete an action you wanted to perform, or, if you are a resident of the EU, when the disclosure is in furtherance of StayWell’s legitimate interests, as described in the “European Union Residents” section of this Privacy Policy.

We may also disclose your Personal Information and/or Personal Health Information, to the companies, agents, contractors, service providers, or others engaged to perform functions on our behalf (such as processing of payments, provision of data storage, hosting of our website, conducting audits, and performing web analytics). These third parties’ use of your Information may be subject to, and controlled by, the third party’s own privacy policy as well as the third party’s service contract with StayWell (if any).  Click here for more information.

 

We may also disclose your Personal Information to third parties when we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to (a) enforce or apply the terms and conditions of the StayWell Services, including investigation of potential violations thereof, (b) comply with legal or regulatory requirements or an enforceable governmental request, (c) protect the rights, property or safety of us, our users or other third parties, (d) prevent a crime or protect national security, or (e) detect, prevent or otherwise address fraud, security or technical issues. 

Additionally, we may disclose and transfer your information (including your Personal Information) to a third party in the event of a sale, merger, or transfer of all or substantially all of the assets of our company relating to the StayWell Services, or in the unlikely event of a bankruptcy, liquidation, or receivership of our business. We will notify you and inform you of the identity of such third party or third parties and either via email or by posting notice on our website. 

You further consent to StayWell’s disclosure of your Information, anonymously aggregated with information about our other users, to our clients, business partners, merchants, advertisers, investors, potential buyers and other third parties. 

We may also provide certain Information to your Employer to notify them whether or not you have completed your Health Assessment and/or to notify them whether or not you are eligible for an incentive, in compliance with applicable law.  If you were not eligible for an incentive and you request a reconsideration of that determination, we will provide your Employer with the following information for health plan administration purposes only: whether or not you have completed your Health Assessment or the follow up program(s) tied to the incentive, and the date of completion.

Lastly, StayWell may share your Personal Health Information with your Plan or with vendors of your Plan, as directed by your Plan for the purpose of health plan administration, in compliance with the requirements of HIPAA and other applicable laws.  Your Plan may request that we receive, store and display certain information provided by third-party vendors that offer services on behalf of the Plan, such as disease management vendors and third party administrators. Your Plan may also direct us to disclose your information to a third party that provides services on behalf of your Plan, in order to carry out specific activities related to the wellbeing program, or for health plan administration purposes. We may also provide certain Personal Information and Personal Health Information to your Plan for purposes of treatment, payment and health care operations, including benefits administration, appeals, and incentive management, in compliance with HIPAA and other applicable law.

 

Your rights and choices as a participant

 

  • You have the right to be treated with respect. As a participant, you have the right to be treated courteously and respectfully by StayWell and to receive services that (1) respect your privacy and dignity, (2) help you achieve your wellbeing goals, and (3) do not discriminate against you, regardless of your race/color, ethnicity, religion, national origin, disability, gender, age, marital status, or sexual orientation. As a participant you may not engage in offensive and/or abusive conduct when using the StayWell Services, including but not limited to posting offensive and/or abusive content on the portal or mobile apps, using an offensive nickname or posting offensive pictures.  If you engage in offensive/abusive conduct, StayWell may remove any offensive/abusive content and may limit your access to the StayWell Services.  If you see content posted by another StayWell Services user that you feel is offensive or abusive, please contact the StayWell HelpLine at 1-800-926-5455.

 

  • Marketing and advertising. StayWell does not accept any advertising on the StayWell website, portal or mobile Apps, and StayWell does not receive income from sponsors or advertisers. From time to time StayWell may offer programs or solutions in which StayWell has a financial interest. Those relationships will be prominently disclosed on the portion(s) of the StayWell Services where these programs or solutions are offered. Any mention of a particular service is otherwise not an endorsement but mentioned to you so that you will be aware of programs for which you are eligible.

 

  • E-mail, text and unsubscribing. StayWell and its agents may use e-mail or SMS text to send you notifications on behalf of your Employer or Plan about programs and services available to you.  By submitting your Personal Information to us that includes your telephone number (which submission you understand and agree to constitute making an “inquiry” to StayWell and its affiliated entities), you accept the terms of this Privacy Policy (as evidenced by your clicking “agree,” “accept,” or similar), and you expressly consent to receive these e-mails, texts, or phone calls from StayWell and its agents at the e-mail address or phone number in your StayWell profile whether or not you are on the Do Not Call list (federal or state). In addition to these general program e-mails, calls, and texts, StayWell or its agents may send you targeted e-mails or texts to notify you of programs that may be available to you, such as programs that you qualify for based on your Health Assessment results.   You may unsubscribe from targeted emails or texts at any time.  Please note that unsubscribing from StayWell targeted e-mails and/or texts will not affect e-mails or texts you receive from StayWell and its agents that are sent on behalf of your Employer or Plan.  By including your telephone number and/or email address in any submission to StayWell, you are extending an express invitation and providing your express written consent to StayWell and our agents and service providers (i) to contact you by telephone at the numbers you have provided (including through auto-dialed, pre-recorded, artificial voice, and/or text messages) so we or they may assist you with your use of the StayWell Services, and/or notify you of programs that may be available to you, and you hereby consent to any such calls even if your phone number is on any Do Not Call list; and (ii) to contact you by email at any email address you provide. You agree that StayWell has obtained your consent to receive a prerecorded message call in a manner permitted by the Electronic Signatures In Global and National Commerce Act (E-SIGN Act).

Transparency and Choice

Contact the StayWell HelpLine at 1-800-926-5455 to decline participation in the StayWell Services, or in a specific program, or to request that we stop using or disclosing your Information, or to request a copy of your Information or to file a complaint.  If you so request, unless otherwise prohibited by law, we will correct any errors or remove your Information from the StayWell Services; however, you should understand that if we remove your Information, our delivery of the StayWell Services may be adversely impacted, and your eligibility to receive incentives may also be affected. Even if you request that we remove your Information from the StayWell Services, we may continue to store, use, and disclose your Information as required by law and we may continue to use your Information in aggregated, de-identified form.  We will continue to protect the security and confidentiality of the Information disclosed to us prior to your decision to decline or cancel participation. 

You may request access to your Information by sending an email to privacy@staywell.com. We will try to locate and provide you with your Information and give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request, unless we need to retain it for legal reasons. You may also remove any content that you post to the StayWell Services using the deletion or removal options within the StayWell Services.  However, you understand and acknowledge that we (and you) are not able to control information that you have already shared with other users. 

If you need further assistance with removing any content you posted through the StayWell Services, you can email us at privacy@staywell.com. Removal of your posted content may not ensure complete or comprehensive removal from our computer systems, unless you also specifically direct us to delete your data, as discussed above.

We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Information.  In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.

You may withdraw any of the consents that you’ve granted in this Privacy Policy, request additional information about StayWell’s collection and/or use of your information, request to access your data that’s been collected by StayWell, and/or request that StayWell give you a copy of all of your Information that StayWell has collected by sending us an email describing your request at privacy@staywell.com

Lastly, if your Personal Information and/or Personal Health Information is subject to the GDPR, you may have certain additional rights, as described in the “European Union Residents” Section of this Privacy Policy.  Please send an email to privacy@staywell.com for more information.

How StayWell protects your Information

Security measures. In order to protect your Information, we utilize the following security measures:

  • A confidential subscriber identifier and unique user password limit access to this site and the Information of the users. Note, users of the StayWell Services should not share their passwords with others. You are responsible for maintaining the privacy and security of your individual username and password. You should take care to access the Services on private computers and/or close out of your browser session to avoid unauthorized access to your account if accessing on shared or public computers.
  • Whenever Information is transmitted to or from StayWell’s systems, it is encrypted using Secure Sockets Layer (SSL) technology, the standard for secure communication over the Internet.
  • Information is stored on StayWell’s servers behind a firewall, a device that is intended to prevent unauthorized users from accessing data on our servers.
  • Pursuant to HIPAA, StayWell uses reasonable and appropriate safeguards to protect your Information, and we may continue to store your Information for a minimum of six (6) years even if you have requested it be deleted, unless deletion is otherwise required pursuant to other applicable laws.
  • Despite our precautions there is always some risk that an unauthorized third party may find a way to thwart our security measures.

 

EU-US Privacy Shield

 

StayWell complies and its subsidiary, StayWell Health Management, LLC, (for purposes of this EU-US Privacy Shield Principles Section only, collectively “StayWell”) comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. StayWell has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles as set forth at https://www.privacyshield.gov/EU-US-Framework (the “Privacy Shield Principles”), the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

 

 

The Federal Trade Commission has jurisdiction over StayWell's compliance with the EU-US Privacy Shield.  There is a possibility, under limited conditions, for individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.

 

To the extent applicable, in compliance with the EU-US Privacy Shield Principles, StayWell commits to resolve complaints about your privacy and our collection or use of your Personal Information.  European Union individuals with inquiries or complaints regarding this Privacy Policy should first contact StayWell at:

 

The StayWell Company, LLC

Attention: Legal Department

800 Township Line Road, Suite 100

Yardley, PA 19067

privacy@staywell.com

 

StayWell has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

 

Cookies and Automatic Gathering of Certain Personal Information

Every time you use the StayWell Services (e.g., access a webpage, navigate to a specific page within the App), you consent to StayWell’s collection of certain Personal Information (discussed above) regarding that use.  For example, to improve the StayWell Services, we collect how, when, and which parts of the StayWell Services or its features you use.  Also, we may use your IP Address, media access control address (MAC Address), or other unique identifiers to assist us in collecting and analyzing this data

To assist us in collecting and storing this Personal Information, we may employ a variety of technologies, including “Cookies,” local browser storage, and “Web Beacons.”  A “Cookie” is a small amount of data a website operator may store in your web browser, that the website operator can access when you visit its website (or any other content it hosts, which may be embedded in other websites). A Cookie may also refer to web-browser-based storage provided by Adobe’s Flash plugin (a “Flash Cookie”).  The StayWell Services’ Cookies may contain user preferences, unique identifiers such as IP Address, and other Personal Information. A “Web Beacon” is a small, usually-transparent image placed on a web page that allows the operator of that image to read or write a Cookie.  By agreeing to this Privacy Policy and/or clicking “agree” to a pop-up screen describing use of Cookies, you consent to StayWell’s use of Cookies, local browser storage, and Web Beacons, and you consent to StayWell’s collection of certain types of your Personal Information and non-personal (i.e. non-identifying) information using these technologies.

Subject to the controls offered by your operating system and web browser, you can erase information stored in Cookies, Flash Cookies, and local browser storage at any time, but you may be forced to login to the StayWell Services again and you may lose some preferences or settings.  You can also set your browser to refuse all website storage or to indicate when it is permitted, but some features of our services may not function properly without it.

More information about managing Cookies is available here. Cookie management tools provided by your browser may not affect Flash Cookies. More information about managing Flash Cookies is available here. To learn how to manage privacy and storage settings for your local browser storage, please refer to the end user documentation for your browser.

Third Party Links

 

Please be aware that the StayWell Services may contain links to websites that are not operated by, affiliated with or endorsed by StayWell. Because these third-party sites are not under our control, we cannot be responsible for them, and this Privacy Policy does not apply to the privacy or security practices of those sites. Information you disclose once you access those other sites is not subject to this Privacy Policy. We encourage you to review the privacy policies of these linked sites for an explanation of how they may use your information.

Changes to the Privacy Policy

 

  • From time to time, StayWell may change this Privacy Policy and our privacy practices because of changes in legal or regulatory requirements, in our business practices, or to provide you with better services. When we do, we will post a revised Privacy Policy on our website. When the change involves how we handle your Personal Health Information, we will bring it to your attention when you log in or notify you by e-mail.

 

  • Changes that do not involve either (a) Personal Health Information, or (b) Information of EU individuals subject to the GDPR, will be effective immediately upon posting. Your continued use of the StayWell Services after the posting will be subject to the new terms and indicates your acceptance of the changes. If you do not accept the changes to the Privacy Policy, you should stop using the StayWell Services. 
  • Changes that involve either (a) your Personal Health Information, or (b) Information of EU individuals subject to the GDPR, will require your authorization and acceptance of the modified Privacy Policy.
  • Please note that the StayWell Services and this Privacy Policy are not used to communicate with you about changes to your Plan’s privacy practices, the Plan’s notice of privacy practices, or the Plan’s disclosure of your Information.

 

Your California Privacy Rights.

A California resident who has provided Personal Information to a business with whom he/she has established a business relationship for personal, family, or household purposes (“California Customer”) is entitled to request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes.  In general, if the business has made such a disclosure of Personal Information, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom Personal Information was disclosed in the preceding calendar year, as well as a list of the categories of Personal Information that were disclosed.

However, under the law, a business is not required to provide the above-described lists if the business adopts and discloses to the public (in its privacy policy) a policy of not disclosing a customer’s Personal Information to third parties for their direct marketing purposes unless the customer first affirmatively agrees to the disclosure, as long as the business maintains and discloses this policy.  Rather, the business may comply with the law by notifying the customer of his or her right to prevent disclosure of Personal Information to third parties for direct marketing purposes and providing a cost free means to exercise that right.  To prevent disclosure of your Personal Information for use in direct marketing by a third party for its own purposes, do not opt in to or authorize such use when you provide Personal Information through the Services.  Please note that whenever you allow your Personal Information to be shared with a third party to communicate with you (including StayWell), your information will be subject to that third party’s privacy policy.  If you later decide that you do not want that third party to use your information, you will need to contact the third party directly.  You should always review the privacy policy of any party that collects your information to determine how that entity will handle your information.

California Customers may request further information about our compliance with California’s privacy law by e-mailing privacy@staywell.com. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.

Questions about this Privacy Policy

If you have questions about this Privacy Policy, or any of StayWell’s other services, or if you would like to receive information about StayWell or its staff qualifications or to request a copy of your Information, please contact us at privacy@staywell.com or by writing to:

The StayWell Company, LLC 
Attention: Legal Department 
800 Township Line Road, Suite 100

Yardley, PA 19067

 

 

Who can use the StayWell Services

 

The StayWell Services are intended for adults located in the European Union and Switzerland 16 years or older, and in all other locations intended for adults 14 years or older.

People (a) under the age of 16 in the European Union and Switzerland, and (b) under the age of 14 in all other locations should not use the StayWell Services because the portal, website, and App are not designed for minors or children.  StayWell does not knowingly collect Information of users (a) under the age of 16 in the European Union and Switzerland, and (b) under the age of 14 in all other locations. 

You are responsible for your underage dependents’ use of the StayWell Services.

Use of the StayWell Services is subject to the Terms of Use found on the “My Account” page of the portal or to the separate terms of use found on the App and/or staywell.com.

Copyright © 2019. The StayWell Company, LLC.  StayWell is a registered trademark of The StayWell Company, LLC or its affiliates.

Revised January 1, 2019

European Union Residents Third party relationships