Privacy Policy.

Poppins Health Privacy Policy
Last Revised: March 1, 2022IntroductionThank you for visiting Poppins Health Corporation, a Delaware corporation, and its subsidiaries and affiliates(collectively, “Poppins Health”, “we,” “its,” “ours” or “us”). Poppins Health, either directly or via its online services, including via its online services, including www.poppinshealth.com and www.unifihealth.com (collectively the "Website”), member and employer facing websites and mobile applications, and other service interfaces (the “Platform”), provides health plan and benefits administration services (collectively, such services, the Website, and the Platform, and all functionality related thereto, are referred to as the "Services”). This Privacy Policy describes how we collect, use, and disclose personal information via our Services.

We may provide you access to third-party sites or applications through our Services. This Privacy Policy does not apply to these third-party sites and we are not responsible for their independent privacy policies or practices. As you visit these sites, we encourage you to review their privacy policies.

Please read these Terms and our Privacy Policy carefully before using the Services because they govern your use of the Services.

Definitions
“Customers’ means employers who have signed up to access and use our Services made available through the Employer Portal.

“Authorized Users” means employees, contractors, providers, brokers, agents, or representatives of Customer who are authorized by Customer to access and use our Services made available through the Employer Portal or the Provider Portal.

“Members” means (i) employees of Customer, together with their spouses and dependents who are enrolled in a health plan administered by Poppins Health and who have signed up to access and use our Services made available through the Member Portal; or (ii) individuals who have signed up to access and use our Services made available through the Member Portal.Personal Information We Collect and ReceiveWhen you interact with us via our Services, we may collect Personal Information about you. When we use the term “Personal Information” we mean any information that relates to you, identifies you personally, or could be used to identify you, such as your full name, address, email, or your telephone number. Below are the four categories of Personal Information that we collect about you and have collected about you in the last 12 months or from January 1, 2022, whichever is longer.

Information You Provide to Us
When interacting with our Services, you may choose to provide us with Personal Information, such as:Contact Information. You may choose to provide us with business contact information, such as name, e-mail, phone number, and company name to receive more information about our products and Services.

Account Information. If you would like to sign up for an account, you will need to provide your name, date of birth, Social Security Number, email address, phone number, zip code, and Member ID (if applicable). We will use this information to verify that you are employed by an eligible employer in order to qualify for benefits. In order for us to set up an account for you on the Employer Portal or the Provider Portal, as applicable, you will need to provide your name, email address, and Tax ID/NPI number (only for providers).

Job Applicant Information.
When applying for a job through our corporate website, you may choose to provide us with Personal Information, such as your name, e-mail, phone, resume, cover letter, and links to personal profiles and websites containing Personal Information.

Health Risk Assessment Information.
Members who sign up to use the Member Portal will also be asked to provide us with background health information that relates to their past, present, or future physical or mental health or condition, including but not limited to, their current health condition, how often they see a doctor, and whether they have any chronic health conditions(collectively, “Health Risk Assessment Information”).

Employer Information:
In order for us to set up an account for you on the Employer Portal or the Provider Portal, as applicable, you will need to provide your name, email address, and Tax ID/NPI number (only for providers).

Member Information.
We collect Member Information (as defined below) from the primary Member’s employer who is our customer, Member’s healthcare providers, and other third-party vendors (e.g., pharmacy benefits manager) who provide services to Customer and/or Poppins Health. Member Information includes information about the Member, the Member’s spouse and the Member’s dependents, including but not limited to, name, e-mail address, date of birth, gender, and postal address (“Member Information”). Member Information is used to provide the Services, provide support, and to operate, maintain and improve the Services.

Customer Data.
In the course of using our Services, Customers provide us data (“Customer Data”). We use Customer Data in accordance with the terms and conditions of that certain master services agreement between the applicable Customer and Poppins Health.You are not required to provide this information to use our corporate website; however, you may not be able to use certain features without providing the requested Personal Information.

Information We Receive in the Course of Business
We may receive or deduce information about you, including Personal Information, in the ordinary course of our business. For example, this includes Personal Information you may provide when attending a conference or event or in other business interactions with us.      

Information We Collect from Third Parties
To the extern permitted by applicable law, we may receive Personal Information about you from publicly available sources, third-party service providers, and/or partners and combine it with information we have about you to provide a more personalized experience.

Information Automatically Collected When you use our Services, we automatically collect information about the Services you use and how you use them. This information is necessary to provide and improve the functionalities of our Website and Services, and to comply with legal obligations and security requirements.

Device and Connection Information. We automatically collect certain informationwhen you access or use our Services. This information includes your browsertype, device information and settings, operating system information, IPaddress, access dates and times, and any links you clicked to navigate to ourwebsites. Collecting this information allows us to customize your experienceand content when using our Services.

Tracking Technologies. We use cookies, web beacons, pixels, and other tracking technologies for remembering your settings and preferences and analyzing your clicks and movements on our sites in order to improve your experience with our Services. You can control the use of cookies through your browser.  

Usage Information. We collect information about your interactions with our Services, such as the content you view, the links you click, the searches you conduct. We may also collect information about how you arrived and initially connected and otherwise interfaced with our Services, including hostnames and keyword searches that you might have used.  

Geo-Location. When accessing our Services, we may collect information about your approximately locations through your IP address or your precise location through GPS, if authorized by you, to offer you an improved experience. You may control or disable the availability of GPS location services in your device or browser settings.    

Do Not Track. In conformity with the California Online Privacy Protection Act(“Cal OPPA”) Do Not Track law, our Services currently do not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to lack of standardization regarding how that signal should be interpreted. In the meantime, you may use technical means to prevent some of the tracking, if any. See the technical means discussed in the section “Your Advertising Choices.”

Text MessagesYou may opt-in to receive SMS text messages from us relating to the Services. By opting-in to receive SMS text messages from us, you acknowledge that messaging and data rates may apply depending on your phone service provider.  You may opt-out of receiving SMS text messages at any time by texting STOP in response to the text messages you receive or by changing your notification and communication preferences in the relevant application. However, by opting-out of receiving text messages, you may not be able to use full functionality of the Services.

How We Use the Personal Information We Collect
Your Personal Information is used for the following purposes:

Provide and improve our Services
We may use your Personal Information to deliver and improve your experience with our Services, such as:Enable you to sign up to receive information about our products and services;Enable you to apply for jobs through Services or third party sites, such as LinkedIn;Provide you Website content;Personalize your experience with our Services; andConduct research and analysis to improve our Services.

Provide You with Information You Requested
We may use information collected through our Services and third-parties to communicate with you about our products and Services. You will always have the option to opt out of these communications.

Comply with Legal Requirements and Provide a Safe Environment
We use certain information collected through your use of our Services for the purposes of protecting your data and our Services, and for complying with legal obligations, such as: Prevent and detect harmful activity including security incidents, spam, fraud, and abuse;Investigate suspected security incidents;Comply with legal obligations;Enforce this Privacy Policy, our Terms of Services, and other terms you have agreed to; andResolve any disputes and enforce our agreements with third parties.

Aggregated Information
In an ongoing effort to better understand users of the Services, we may analyze the Information in aggregate form in order to operate, maintain, manage, and improve the Services. This aggregate information does not identify you personally. We may use this aggregate information for marketing purposes. We may share this aggregate information with our affiliates, agents, business and business partners, and other third parties. We may also disclose aggregated user statistics in order to describe the Services to current and prospective business partners and to other third parties for other lawful purposes.

Provide, Measure, and Improve our Advertising and Marketing
We may use your Personal Information for legitimate business purposes, including providing you with information about our products and Services that may be of interest to you, such as: Sending promotional messages and marketing communications that may interest you. You will always have the option to unsubscribe from these communications.Providing, personalizing, measuring, and improving our advertising, including advertising through external websites and social media platforms. If, in the future, we use your Personal Information in any way that is not described in this Policy, we will disclose this to you.

Sharing Your Information
We may share the Personal Information provided by you or collected by us through the use of our Services to services providers or third party business partners for legitimate business purposes. We have not (including in the most recent 12 months) sold and will not sell, rent, or lease your Personal Information to third parties without your consent. Additionally, consistent with the California Consumer Privacy Act (CCPA) and other applicable laws, we will never share or sell your Personal Information to affiliated companies or subsidiaries for direct marketing purposes without your explicit consent.

Sharing With Third-Party Service Providers
We use third-party business partners and service providers to help us provide and improve our Services. We may share the Personal Information you provide to us or that we collect from you through our Services to these third-party business partners and service providers as allowed by law. When we do so, we will only provide the information necessary for the third-party or service provider to perform its agreed upon services and require that they use such information for no other purpose than to provide the Services to us.

Sharing with Company Affiliates
We may share the Personal Information you provided to us or that was collected by us with our affiliated companies or subsidiaries for purposes of providing services to you. Consistent with the California Shine the Light Law and other applicable laws, we will never share or sell your Personal Information to affiliated companies or subsidiaries for direct marketing purposes without your explicit consent.

Sharing for Business Transactions
If we are involved in a merger, acquisition, sale of assets, bankruptcy, or insolvency event, we may sell or transfer some or all of our assets, including some or all of your Personal Information in connection with such transaction. We will notify you before your personal information becomes subject to a different privacy policy.

Sharing for Legal Compliance Purposes
We may share Personal Information collected through the use of our Services to respond to valid legal processes (e.g., a court order or subpoena). We may also share your information to comply with applicable laws, to protect the safety of any person, to address fraud, security, or technical issues, or to enforce this Privacy Policy, Terms of Service, and any other terms or conditions you have agreed to with us.

How We Protect Your Information
We take commercially reasonable steps to protect the Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the Information that you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, e-mail sent to or from the Services may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail and how you choose to interact and otherwise share with us via the Services.

Your California Privacy Rights
This section applies only to California residents, including current California residents and those that resided in California at any point from January 1, 2021, and provides additional details about the Personal Information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act of 2018 (the “CCPA”). For more details about the Personal Information we have collected over the last 12 months, including the categories of sources, please see ‘Personal Information We Collect’ above. We collect this information for the business and commercial purposes described ‘How We Use the Personal Information’ above. We share this information with the categories of third parties described in ‘How We Share Your Personal Information’ above. We do not sell the Personal Information we collect and we will not sell your Personal Information without your consent. Information you provide on our site may be collected by automated technology, such as a bot, cookie, or pixel tag, and used by us consistent with this Policy. Your behavior patterns and interactions with our Website and Platform may be used by us or by third-party advertisers to provide services or to surface relevant content to you as described in this Privacy Policy.

Your Rights Under the CCPA
If you are a California resident, as described in immediately above, you have rights in relation to your Personal Information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of Personal Information or the security of our systems. Additionally, we will only be able to act on your requests if we can verify your identity against the Personal Information we have collected about you. Below are the specific rights provided to you by the CCPA:

Right to Know
You have the right to request, in writing, (a) the categories of Personal Information we have collected about you, (b) the business or commercial purposes for the collection, (c) the categories of third parties with which we have shared your Personal Information, and (d) the specific pieces of Personal Information we have collected about you.

Right to Delete
You have the right to request that we delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions.

Right to Non-Discrimination
You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising any of the rights described in this section.          

Exercising Your Rights
You may exercise your rights described in this section by sending an e-mail to privacy@poppinshealth.com or by submitting this form. Your designated agent may submit are quest on your behalf by submitting this form. To verify your identity, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.

Your Advertising Choices
Your behavior patterns and interactions with our corporate website may be used by us or by third-party advertisers to surface relevant content to you. To do so, our advertising service providers either place or recognize a unique cookie on your browser. They may also use other techniques such as pixel tags to determine the content you view and surface relevant advertisements on their websites. If you would like more information about these practices and to learn about your choices, please visit the Digital Advertising Alliance or the Network Advertising Initiative. Your behavior patterns and interactions with any of our health risk assessment websites will not be used by Collective Health or by third-party advertisers to surface relevant content to you.

You may control interest-based advertising as explained below. Please note that opting out of receiving interest-based advertising does not result in blocking all advertisements served to you. You will continue receiving advertisements; these advertisements will be generic or based on the content of a webpage that you are visiting, instead of being targeted to your specific interests.

To Control Advertising on Websites
If you want to limit the amount of interest-based advertising you receive through websites, you may opt-out of certain forms of tracking. Please note that you will continue receiving advertising on third-party sites, but this advertising will not be based on your activities on our site. You can opt-out of certain forms of tracking by visiting Digital Advertising Alliance WebChoices or the Network Advertising Initiative Opt-Out.

To Control Advertising on Mobile Applications
If you want to limit the amount of interest-based advertising you receive through mobile applications, you may opt-out of certain forms of tracking. You can learn more about ad choices for mobile devices by visiting the Digital Advertising Alliance AppChoices Digital Advertising Alliance AppChoices and downloading the AppChoices mobile application. To immediately end all targeting on a mobile device, you can also limit ad tracking in the device settings. For instructions on how to limit ad tracking on your mobile device, please visit Apple Support or Android Support.·      

To Control Information Collected and Used by Google Analytics
We use Google Analytics to analyze our corporate website traffic and interactions. For more information on how Google uses this information, please refer to How Google Uses Data When You Use Our Partners’ Sites or Apps. Information collected by the Google Analytics cookie is transmitted to and stored by Google in accordance with its privacy practices. To opt out of Google Analytics, please visit Google Analytics Opt-Out.

Information Security
Although we are serious about protecting the security of your Personal Information and have taken steps to protect your Personal Information from loss, misuse, unauthorized access, disclosure, or destruction, no security measures are completely secure and we do not and cannot guarantee the security of your information. If you have reason to believe that your information has been lost, stolen, or otherwise compromised from our sites, please contact us immediately via email at security@poppinshealth.com

Changes to this Privacy Policy
We may change this Privacy Policy as needed to accurately reflect our information collection, use, and sharing practices. If we make changes to this Privacy Policy, the revised policy will be posted on this site with the last effective date. The effective date of the Policy is the date indicated at the top of the Privacy  Policy. Your continued use of the corporate website after the effective date signifies your acceptance of the revised Privacy Policy. It is therefore important that you review this Policy regularly to ensure you are updated on any changes.

Children
Our Services are directed toward adults and are not designed for, intended to attract, or directed toward children under the age of 16. If you are under the age of 16, you must obtain the authorization of a responsible adult (parent or legal guardian) before using or accessing our corporate website. If we become aware that we have collected any Personal Information from children under 16, we will promptly remove such information from our databases. If you learn that your child has used our corporate website to provide us with their personal information without your consent, please e-mail us at privacy@poppinshealth.com.

Contact Us
If you have questions comments about this Privacy Policy, please email us at privacy@poppinshealth.com or mail us at:

Poppins Health
1223 East Main Street
Columbus Ohio 43205