Privacy Policy for Affordable Care Act Information Services

Last updated: April 2025
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website or use our services related to the Affordable Care Act (ACA). By accessing our site or providing information to us, you agree to the practices described here. If you have any questions, please contact us at the address below.

1. Scope
This policy applies to:
  • Individuals seeking information or enrollment assistance for ACA health plans.
  • Healthcare providers, agents, and partners who use our platform.
  • Visitors to our website, mobile apps, or any online/offline services we operate.

2. Information We Collect
We collect personal information you provide directly and data automatically collected through technology:
  1. Information You Provide
    • Full name, date of birth, Social Security number, address, phone number, email.
    • Income details, household size, and eligibility data for ACA enrollment.
    • Documentation uploads (e.g., proof of income, identification).
  2. Automatically Collected Data
    • IP address, browser type, device identifiers, and usage logs.
    • Cookies and tracking pixels to improve user experience and site performance.
  3. Third-Party Sources
  • Government databases for eligibility verification.
  • Analytics providers (e.g., Google Analytics) under their own privacy policies.

3. Use of Information
We use your information to:
  • Determine eligibility and calculate premium subsidies.
  • Facilitate enrollment and communicate important updates.
  • Improve our website functionality, troubleshoot issues, and analyze usage trends.
  • Send newsletters, reminders, and customer support responses (with your consent).

4. Disclosure of Information
We may share your data under the following circumstances:
  • Healthcare Providers & Insurance Carriers: To process your enrollment and administer your plan.
  • Government Agencies: As required by ACA regulations for reporting and compliance.
  • Service Providers: Third-party vendors who assist with data hosting, verification, and analytics (under strict contractual safeguards).
  • Legal Requirements: In response to lawful requests, subpoenas, or to protect our rights and safety.
We do not sell or rent your personal information to unaffiliated third parties for marketing purposes.

5. Data Security
We implement administrative, technical, and physical safeguards to protect your data, including:
  • Encryption of data at rest and in transit (SSL/TLS).
  • Access controls and multi-factor authentication for staff.
  • Regular security audits, vulnerability scans, and penetration testing.
While we strive to secure your information, no system is 100% secure. If you believe your data has been compromised, contact us immediately.

6. Your Rights and Choices
Depending on your jurisdiction, you may have the right to:
  • Access, correct, or delete your personal data.
  • Restrict or object to certain processing activities.
  • Withdraw consent where we rely on it to process your information.
  • Receive a copy of your data in a portable format.
To exercise any of these rights, please submit a request to our Data Privacy Officer (contact details below).

7. HIPAA Compliance
If we handle protected health information (PHI) as a “covered entity” or “business associate” under the Health Insurance Portability and Accountability Act (HIPAA), we:
  • Comply with the HIPAA Privacy and Security Rules.
  • Enter into Business Associate Agreements with subcontractors.
  • Train staff on safeguarding PHI and breach notification protocols.

8. Cookies and Tracking Technologies
We use cookies and similar technologies to:
  • Remember your preferences and login state.
  • Analyze site traffic and user engagement.
  • Deliver targeted content (with your consent).
You can disable cookies through your browser settings, though this may affect site functionality.

9. Children’s Privacy
Our services are not directed to children under 13. We do not knowingly collect or maintain information from minors. If you believe we have inadvertently collected data from a child, please contact us for deletion.

10. Changes to This Policy
We may update this Privacy Policy periodically. When we do, we will revise the “Last updated” date and, where appropriate, notify you by email or a prominent notice on our site before the change takes effect.