By accessing the BenefitsApp website and using the services offered, the User acknowledges having read and understood this General Policy on the protection of personal data, as well as the practices for collecting consent, collecting and processing data, information described in this document.
In general, you can visit our Website without having to send us any Data. However, in order to be able to provide you with certain services, BenefitsApp may ask you to provide certain Data.
Personal Data – hereinafter referred to as “the Data” – means any information relating to an identified or identifiable natural person – hereinafter referred to as “data subject”.
This Policy sets out the principles and guidelines for the protection of your Personal Data and is intended, among other things, to inform you of:
Table of Contents
1.) Presentation of the company
BenefitsApp is a product of the company HealthBenefitApp LLC (referred to herein as BenefitsApp for purposes of this Privacy Statement). BenefitsApp provides an native mobile app platform for communication of benefits information between benefits administrators and eligbile members. It enables administrator teams to create notification campaigns that reinforce member engagement, usage, and retention. It integrates authorized third party companies and shares limited data with those companies to provide enhanced benefits to eligibile members.
In accordance with general data protection regulations, BenefitsApp undertakes to:
Conscious of the fact that the provision of information online implies a great mark of trust on the part of the users, we consider this trust with the utmost seriousness and make a major priority of the security and the confidentiality of the personal data that is provide by your Benefits Administrator or when you use our product.
2.) Intellectual Property of our product
The content of our product, the general structure, the tree structure, the textual contents, the animated images or not and the logos of which the site is composed are the exclusive property of the company BenefitsApp. Any representation, total or partial, of this site or its content, on any medium, for a collective or professional use, even internally in the company, by any process whatsoever, without the express prior written permission the company BenefitsApp is prohibited.
3.) Contact Information
Contact Email: firstname.lastname@example.org
Headquarters: 3355 Keswick Road, Suite 105, Baltimore MD 21211
HQ Reception: +1-410-207-3863
4.) Collection and Use of Collected Data
Only personal data that is useful for the registration and implementatin of our product are collected and hosted by BenefitsApp. Personal data is collected from Benefits Administrators, and upon member registration and use of the BenefitsApp.
Legal Basis of our data processing
We are entitled to process your data from the moment you explicitly register to use the BenefitsApp mobile app and then thereafter. As a registered use, you agree to the End User Terms and Conditions found under “My Profile” within the BenefitsApp.
We are authorized and entitled to process your data upon signing a Business Associate Agreement with your Benefits Administrator. The Business Associate Agreement provides for the confidentiality, security and availability of certain Protected Health Information that may be received by BenefitsApp from or on behalf of its clients. The Agreement is intended to provide that such protected health information will be used or disclosed by the Business Associate only in a manner that is consistent with the applicable provisions of federal regulations (the “Administrative Simplification Regulations”) issued pursuant to the Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and this Agreement shall be interpreted accordingly. This Agreement also is intended to satisfy certain requirements of the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), included in the American Recovery and Reinvestment Act of 2009 (“ARRA”), when and as they become applicable to BenefitsApp or its clients and this Agreement shall be interpreted accordingly.
Data Collection Purpose
BenefitsApp collects and processes personal data including:
Categories of collected data
We refrain, with regard to personal information that you entrust to us, from any indirect collection, from any indirect use, and in a general way, from any act likely to infringe on your private life or your reputation.
BenefitsApp thus ensures to collect only data strictly necessary for the declared purpose of the various treatments implemented by the company. The following data is collected for the purposes of the services provided by the company:
During the exchanges concerning the projects of the company, various Personal Data may be collected with the prior and informed consent of the interested persons, for the sole needs of the treatment of the projects of the company.
5.) Data Retention Period
The company BenefitsApp, in accordance with the legislation in force, will keep the Personal Data only for the duration necessary for the treatment.
Concerning the treatment and the follow-up of the candidatures, the company BenefitsApp, in the respect of the legislation in force, will delete the data of the candidates within a maximum delay of one year after the last contact.
Concerning the communication and management of contact requests, the company BenefitsApp, in accordance with the legislation in force, will delete the data of its interlocutors within a maximum of three years after the last contact.
The personal data of the clients and prospects involved will be kept in active database for a maximum of three years, after the end of the contractual relationship for the clients, or the last incoming contact for the prospects, in accordance with the law.
For employees, the texts have variable durations for the preservation of certain data. (Employment contracts, URSSAF, pension funds, etc.) without prejudice to the legal obligations of conservation or limitation periods.
Beyond this period, the data may be anonymized and kept for exclusively statistical purposes and will not give rise to any exploitation of any nature whatsoever.
6.) Categories of Recipient of your Data
The Data collected is for internal use within BenefitsApp and strictly limited to the most appropriate teams to process the request made. However, we may share the Data collected with our technical service providers for the purposes described above.
We strictly require our partners to always act in accordance with applicable data protection laws and to pay special attention to the confidentiality of such Data. In application of the regulations in force, any subcontractor who could process personal data on behalf of BenefitsApp undertakes in particular to:
The recipients of your data are:
BenefitsApp may also disclose or transfer your personal data to third parties in the following particular circumstances:
7.) Data Transfer
In the event that your Data is transferred outside BenefitsApp systems, we make sure that personal data is transferred to those recognized as offering an equivalent level of protection.
8.) Mobile App Tags and Cookies policy of our web site
When you browse our website, we collect certain information using cookies.
A cookie is a text file saved on your device’s hard drive, such as when you visit a site or read an email. A cookie identifies the device on which it is registered, during the period of validity of the consent, which can not exceed 13 months.
Cookies are managed by your internet browser and only the issuer of a cookie may read or modify the information contained therein.
BenefitsApp uses Mobile App Tagging:
We use 4 types of cookies:
You can at any time choose to enable or disable cookies by going to the “Cookies” page located in the footer menu You can also disable and / or delete cookies from your computer, tablet or mobile phone by managing your browser settings.
9.) Measures taken for the protection of personal data
BenefitsApp has taken steps to prevent any personal data breach, including:
10.) Data Breach
In the event that we become aware of an illegal access to your personal data corresponding to a treatment for which we are responsible, we undertake to notify you of the incident as soon as possible if it meets a legal requirement as defined in our Business Associate Agreement.
11.) Applicable Law and Jurisdiction
Our website and our activity are governed by United States laws. In the event of litigation resulting from your use of our websites or its activity, the Maryland courts will be exclusively used.
12.) Modification of this Data Protection Policy
Click here to download the Standard Business Associate Agreement
All BenefitsApps require at least some device permissions. For example, a BenefitsApp will always require push message permissions to enable push messages in the app, geolocation permissions for allowing geo-based push messages, data storage permissions to save images in the cache, and internet permissions to download updates, to name a few. It is not possible to change these BenefitsApp permissions. They are required based on the possible features/functions of the BenefitsApp platform. These permissions are not uncommon for most apps. Please note that BenefitsApp does not, under any circumstances, share information with a third-party unless required to do so by law.
Any information collected by the BenefitsApp is private and only available to your Benefit Manager.
All BenefitsApp administration is maintained in secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all information you supply is encrypted via Secure Socket Layer (SSL) technology.