HealthWell Foundation Privacy Policy

Last updated: January 2, 2026

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND HOW WE TREAT YOUR PERSONAL INFORMATION AND WHAT CHOICES AND RIGHTS YOU HAVE IN THIS REGARD.  IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, YOU SHOULD NOT ACCESS OR USE THE SITES OR ENGAGE IN COMMUNICATIONS WITH US CONCERNING OUR SERVICES.

THE SITES ARE INTENDED FOR USERS LOCATED IN THE UNITED STATES AND ARE NOT INTENDED FOR USERS LOCATED IN OTHER COUNTRIES, INCLUDING THE EUROPEAN UNION AND THE EUROPEAN ECONOMIC AREA.

Introduction

HealthWell Foundation, Inc., a 501(c)(3) foundation (“Foundation” or “we”), respects your privacy and are committed to protecting it through our compliance with this policy (“Privacy Policy”).  We are committed to informing you about how we treat identifiable information relating to individuals (“personal information”).  This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our website at www.healthwellfoundation.org as well as other websites that direct to or otherwise contain a link to this Privacy Policy (collectively the “Sites”); or otherwise provide to us in connection with our products and services (the “Services”).

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with or policies and practices, your choice is not to use these Sites, our social media accounts, and offline sources.  By accessing our Sites, you agree to this privacy policy. This policy may change from time to time (see Updates and Changes to our Privacy Policy). Your continued use of these Sites after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

THE FOUNDATION IS NOT A MEDICAL PROVIDER NOR IS IT A “COVERED ENTITY” SUBJECT TO STATE OR FEDERAL LAWS GOVERNING THE PRIVACY OF MEDICAL RECORDS OR INFORMATION, INCLUDING THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996, AS AMENDED FROM TIME TO TIME, COMMONLY REFERRED TO AS “HIPAA”.

DONOR PRIVACY: We will not sell, share, or trade our donors’ names or personal information with any other entity, nor send mailings to our donors on behalf of other organizations. This policy applies to all information received by the Foundation, both online and offline, as well as any electronic, written, or oral communications.

Information We May Collect

  • We may collect and process the following types of personal information from you for the purposes listed below.  The information we collect depends upon things such as the nature of our relationship, the method you communicate with us, and the purpose for your interaction with us. Contact Information: When you visit the Sites, register for events or programs with us, sign up for our newsletter or mailing list, contact us via the Contact Us form on the Sites, request our Services, submit a comment or question, or otherwise provide us your personal information, we may collect your first and last name, email address, telephone number or other contact details in connection with our Services or to respond to your request or inquiry.
  • Application Information: Some information is required to complete applications via our Sites, such as your first and last name, mailing address, email address, marital status, gender, date of birth, and social security number, as well as names of primary care providers, insurance information, approvals, and prescriptions.
  • Transaction Information: This may include information about your purchase of products and payment information. We do not store your payment information, but our payment processor may store such payment information for the purpose of facilitating any payments to us.
  • Device and Usage Information: When you visit the Sites, we and other third parties may automatically collect certain usage or network activity information from your browser or your mobile device, which includes the date and time of your visit, your Internet Protocol (IP) address or unique device identifier, domain server, your browser type, access time, cookies, and data about which pages you visit.
  • Cookies and Similar Technologies: We use cookies, pixels, and similar technologies as described in the “Cookies and Similar Technologies” section of this Policy. If you choose to disable cookies and similar technologies, some areas and features of the Sites may not work properly. Where required by law, we rely on your express opt-in consent for the use of marketing, performance, and analytic cookies and similar technologies.
  • Geolocation Information: This may include the IP address or other location information transmitted by a mobile or other device (depending upon your settings) when you interact with the Sites.
  • Communications Data: If you contribute to the Sites, provide us with feedback, ask us questions, or otherwise communicate with us, in addition to your Contact Information, we will collect the subject matter of your message, any comments, content, or other information that you choose to provide, and other information needed to respond to your communication.  If you receive email communications from us, we may use certain tools to capture data related to if/when you open our message and if/when you click on any links or banners it contains.
  • Video Viewing Information: We may collect information about videos that you view or stream on the Sites as well as the accounts that you link together with our Services, including social media accounts.  Please see the “Visual Materials and Consent to Collect, Use, and Disclose Video Viewing History” section of this Policy for additional information.
  • Sensitive Information: Sensitive information is collected from users who are applying for funding for medical treatments; and during the application process, we may request information such as social security numbers, insurance policy numbers, pharmacy information, medical conditions, medications you use to determine which patient assistance programs can properly assist you. Your medical conditions may be considered Protected Health Information (“PHI”) and therefore sensitive personal information. You may elect not to provide your medical condition or other sensitive personal information, but you may not be able to participate in patient assistance programs through the Sites. We do not use Cookies to enable ad targeting based on sensitive personal information.
    • Sensitive information is collected from donors and sponsors who make donations to the Foundation or sharing content in our social media accounts, please do not disclose sensitive personal information (information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context, such as protected health information, social security numbers, or healthcare account numbers) unless we specifically request your consent.
    • Automatically as you navigate through the Sites. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
    • From third parties, for example, our business partners.
  • Other information that you voluntarily share with us to facilitate use of the Sites, or our Services which is not specifically listed here.  We will use such information in accordance with this Policy, as otherwise disclosed at the time of collection, in accordance with our applicable agreement with you, or to the extent necessary for providing the Sites or our Services.

Third-Party Sites

This Policy only applies to the Sites and Services, and it does not apply to any third-party websites or applications.

The Sites may contain links to, and media or other content from, third parties. These links are to external resources and third parties that have their own privacy policies. Because of the dynamic media capabilities of the Sites, it may not be clear to you which links are to external, third-party resources. If you click on an embedded third-party link, you will be redirected away from the Sites to the external third-party website. You can check the URL to confirm that you have left the Sites.

We cannot and do not (1) guarantee the adequacy of the privacy or security practices employed by or the content and media provided by any third parties or their websites, (2) control third parties’ independent collection or use or your information, or (3) endorse any third-party information, products, services or websites that may be reached through embedded links on the Sites.

Any information provided by you or automatically collected from you by a third party will be governed by that party’s privacy policy and terms of use. If you are unsure whether a website or application is controlled, affiliated, or managed by us, you should review the privacy policy and practices applicable to each linked website or application

Information We Receive from Third Parties

In addition to the information that we may collect from you directly, we may also receive information about you from other sources, including third parties, business partners, or publicly available sources.  If you connect your account on our Sites to your account on a third-party service, we may receive information from the other service. You may also choose to grant us access to your activity data from another service.  You can stop sharing information from the other service with us by removing our access to that other service.

Children’s Online Privacy Protection Act

The Children’s Online Privacy Protection Act (“COPPA”), as well as other data privacy regulations, restrict the collection, use, or disclosure of personal information from and about children on the Internet.    Our Sites and Services are not directed to children under the age of 13, nor is information knowingly collected from children under the age of 13.  No one under the age of 13 may access, browse, or use the Sites or provide any information to us.  If you are under 13, please do not use or provide any information on the Sites (including, for example, your name, telephone number, or email address).  If we learn that we have collected or received personal information from a child under the age of 13 without a parent’s or legal guardian’s consent, we will take steps to stop collecting that information and delete it. If you believe we might have any information from or about a child under the age of 13, please contact us via the “Contact Us” details provided at the end of this Policy.

For more information about COPPA, please visit the Federal Trade Commission’s website at: https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.

INFORMATION WE COLLECT THROUGH AUTOMATIC DATA COLLECTION TECHNOLOGIES

As you navigate through and interact with our Sites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Visit Data. Details of your visits to our Sites, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Sites.
  • Device Data. Information about your computer and internet connection, including your IP address, operating system, and browser type.

COOKIES AND SIMILAR TECHNOLOGIES

First and Third-Party Cookies

A “cookie” is a small file created by a web server that can be stored on your device (if you allow) for use either during a particular browsing session (a “session” cookie) or a future browsing session (a “persistent” or “permanent” cookie). “Session” cookies are temporarily stored on your device and only last until they expire at the end of your browsing session. “Persistent” or “permanent” cookies remain stored on your device until they expire or are deleted by you. Local stored objects (or “flash” cookies) are used to collect and store information about your preferences and navigation to, from, and on a website. First-party cookies are set by the website you are visiting, and they can only be read by that site. Third-party cookies are set by a party other than that website.

Other Similar Technologies

In addition to cookies, there are other automatic data collection technologies, such as Internet tags, web beacons, pixels (clear gifs, pixel tags, and single-pixel gifs), and navigational data collection (log files, server logs, etc.) that can be used to collect data as you navigate through and interact with a website. For example, pixels are small images on a web page or in an email that collect information about your browser or device and can set cookies.  Web beacons are tiny graphics with unique identifiers that are used to understand browsing activity. UTM codes are strings that can appear in a URL when you move from one web page or website to another. The string can represent information about your browsing, such as which advertisement, page, or publisher sent you to the receiving website.

What Cookies and Similar Technologies Are in Use and Why Do We Use Them?

We use certain cookies and similar technologies to operate the Sites to measure and track how you interact with the Sites, to ensure the privacy and security of our Sites, to enhance your experience and provide you with a more personal and interactive experience, to market to you, to track ad-driven activity, to perform usage analytics, and to otherwise tailor our communications to you.  Where required by law, we rely on your express opt-in consent for the use of marketing, performance, and analytic cookies and similar technologies. The cookies and similar technologies used on the Sites include the following:

Google Analytics. We may use Google Analytics to collect and process statistical data about the number of people using the Sites and to better understand how they find and use the Sites. The data collected includes data related to your device/browser, your IP address, and on-site activities to measure and report statistics about user interactions. The information stored is reduced to a random identifier. Any data collected is used in accordance with this Policy and Google’s privacy policy. You may learn more about Google Analytics by visiting: https://www.google.com/policies/privacy/partners/ and https://support.google.com/analytics/answer/6004245.

You can learn more about Google’s restrictions on data use by visiting the Google Privacy Policy located at: https://www.google.com/policies/privacy. To opt-out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout and install the opt-out browser add-on feature. For more details, visit the “Google Analytics opt-out browser add-on” page located at https://support.google.com/analytics/answer/181881?hl=en.

Google Analytics relies on the following cookies:

Cookies: _ga
Descriptions: Used to distinguish users.  The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
Type: Analytics
Duration: 1 year 1 month 4 days

Cookies: _ga_*
Descriptions: Used to store and count page views.
Type: Analytics
Duration: 1 year 1 month 4 days

Google Tag Manager. We may use Google Tag Manager, which allows marketed website tags to be managed using an interface. The tool itself (which implements the tags) does not use cookies and does not register identifiable data. The tool causes other tags to be activated which may, for their part, register personal information under certain circumstances. Google Tag Manager does not access this information.  Google Tag Manager is subject to the Google Privacy Policy located at: https://www.google.com/intl/en/policies/privacy.

Facebook Pixel. We may use Facebook Pixel to customize and display advertisements only to Facebook users who have shown an interest in our Sites or who have specific characteristics (e.g., certain demographics or interests in certain topics or products determined by websites visited) that we submit to Facebook.  The use of Facebook Pixel helps ensure that our advertisements are in line with the potential interests of users and do not have a nuisance effect.  Facebook Pixel also allows us to track the effectiveness of Facebook advertisements for statistical and market research purposes by seeing whether uses have been redirected to our Sites after clicking on a Facebook advertisement.  The Facebook Pixel is directly integrated into our Sites by Facebook and can store a cookie on your device.  The information collected about you is anonymous for us.  However, the information collected via the Facebook Pixel, on the Sites as well as other websites on which Facebook Pixel is installed, is also stored and processed by Facebook.  Facebook may link this information to your Facebook account and also use it for its own promotional purposes in accordance with Facebook’s Data Usage Policy.

To understand more about Facebook advertising please visit: https://www.facebook.com/about/ads.  You may deactivate Facebook Pixel via the Cookie Settings on Facebook.  The Settings are located at the bottom of the main page for logged in users at: https://www.facebook.com/settings/?tab=ads#.

Other Third-Party Technologies

Some third parties may use data collection technologies to collect information about you when you browse the Internet. We do not control these third parties’ technologies or how they may be used. If you have questions about targeted content, you should contact the responsible party directly or consult their privacy policies.

Choices About Cookies

Most web browsers are set by default to accept cookies. If you do not wish to receive cookies, you may set your browser to refuse all or some types of cookies or to alert you when cookies are being stored. These settings may affect your enjoyment of the Sites’ functionality. Adjusting the cookie settings may not fully delete all of the cookies that have already been created. To delete them, you should review your web browser settings after you have changed your cookie settings.

The links below provide additional information about how to disable cookies or manage the cookie settings.  PLEASE NOTE: These third-party links are provided for your convenience and we may not actively monitor the content of these links.

Google Chrome: https://support.google.com/chrome/answer/95647?hl=en

Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Internet Explorer: http://windows.microsoft.com/en-GB/windows-vista/Block-or-allow-cookies

Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac and https://support.apple.com/en-us/HT201265

For more information on how to modify your browser settings to block or filter cookies, visit http://www.aboutcookies.org/. You may learn more about internet advertising practices and related consumer resources at https://youradchoices.com/control, https://thenai.org/about-online-advertising/faq, and http://www.networkadvertising.org/choices.

Third-Party Use of Cookies and Other Tracking Technologies

Some content or applications, including advertisements, on the Sites are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.

Visual Materials and Consent to Collect, Use, and Disclose Video Viewing History

The Sites may display live or prerecorded videos or similar audio-visual materials (“Videos”).  We are not in the business of delivering audiovisual materials.  Rather, the display and use of Videos on the Sites is incidental to our business and merely a peripheral part of our marketing strategy.  The provision of Videos on our Sites is not an admission by the Foundation and it shall not otherwise be interpreted, in any form or manner, to mean that the Foundation is a “video tape service provider” for purposes of the Video Privacy Protection Act (codified as amended at 18 U.S. Code § 2710) (the “VPPA”) or that the Foundation is otherwise subject to the VPPA.

We may collect personal information with respect to you viewing, streaming, or otherwise accessing such Videos and we may disclose such personal information regarding your video-viewing history on the Sites to third parties through the use of cookies, pixels, or other tracking technologies.

Consent to Collect, Use, and Disclose Video Viewing History

By viewing, streaming, or otherwise accessing Videos on the Sites, you hereby acknowledge, agree, and consent to the following:

Collection. We shall, through the use of cookies and similar tracking technologies, collect personal information with respect to you viewing, streaming, or otherwise accessing Videos.  Such personal information may include: (i) identifiers that can be used to recognize you or the device you use to access our Sites over time and across different services, such as a device identifier, an IP address, mobile ad identifiers, and similar data; (ii) the Video(s) you viewed, streamed, or otherwise accessed, including the nature, scope, and duration of such access and (iii) identifiers associated with your social media account, or similar online accounts.

Disclosure. We may, in our sole discretion, disclose personal information that we collect from you with respect to you viewing, streaming, or otherwise accessing Videos on our Sites to third-parties, such as social media partners like Facebook and our service providers, to assist with the operability and functionality of our Sites, to help us assess and improve our Sites, products, and Services, and to facilitate or assist with our marketing and advertising campaigns.

Withdrawal of Consent. You acknowledge and agree that you may prevent us from collecting and disclosing personal information from you with respect to you viewing, streaming, or otherwise accessing Videos on our Sites: (i) by changing your browser settings in accordance with the instructions set forth in our Privacy Policy or (ii) by adjusting your privacy settings in our cookie management tool (see the “Your Privacy Choices” link on the footer of our Sites). These options will prevent the deployment of cookies and similar online tracking technologies that are used to collect, process, and disclose your personal information in connection with the Videos.

HOW WE MAY USE OR SHARE YOUR INFORMATION

How We May Use Your Information: We may use the information described above, including any personal information, in connection with the following business or commercial purposes or otherwise to the extent permitted by law:

  • To provide our Services, which includes making our Sites and our content available to you; to serve you the content and functionality you request; to offer you goods and services which may be of benefit to you; to communicate about our Services and responding to your feedback, requests, questions, or inquiries; to enhance your experience and provide you with a more personal and interactive experience; to improve and developing existing and new Services, including evaluations of functionality and features and recognizing your devices and remembering your preferences and interactions; to ensure the privacy and security of our Sites,  Services, and operations.
  • To operate our business, such as to obtain or maintain insurance coverage, managing risks, obtaining professional advice, to mitigate risks to the privacy and security of our Sites, Services, and operations, including fraud or phishing detection, to maintain our databases and back-ups; and to manage our relationships with you; to comply with your instructions or requests.
  • To manage our business relationship with you, such as to enforce our Terms of Use, conduct due diligence to assess the financial, reputational, or other risks arising from any relationship or prospective relationship with you, and comply with and enforce any contractual obligations.
  • To communicate with you, such as to contact you directly by mail, telephone, email, SMS, or other electronic messaging service to in order to respond and provide the appropriate assistance and response to you; to extend offers of goods and services or information that may be of interest to you; to keep records of our communications with you; to determine user interests; for usage analytics purposes; and to administer a promotion, survey, or other customer engagement features.
  • To assess the success of our marketing campaigns and enhance our marketing efforts;
  • To accomplish any other purpose related to and/or ancillary to any of the purposes described in this Policy, for which your personal information was provided to us;
  • To accomplish other purposes described to you when you provide the information, for which you have consented, or for which we have a legal basis under applicable law;
  • To comply with federal, state, or local laws;
  • To comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons, by federal, state, or local authorities and cooperation with law enforcement agencies concerning conduct or activity that we, a service provider, or a third party reasonably and in good faith believe may violate applicable law;
  • To establish, exercise, or defend legal rights or claims, whether in court, administrative, or other proceedings; and
  • Create, use, retain, or disclose de-identified or aggregated data which, upon aggregation and de-identification, are no longer treated as personal information subject to this Policy.

If you do not want us to use your information in this way, please adjust your user preferences in your browser and account profile. For more information, see Choices About How We Use and Disclose Your Information.

How We May Disclose or Share Your Information: Where acting as the controller of your personal information or where permitted by applicable law, we may without notice disclose or share your personal information described above in the following contexts:

  • Service Providers: We may share your personal information with our service providers and other parties who perform functions on our behalf.  Among other things, service providers help us to administer the Sites, support our provision of Services requested by you, provide technical support, sending marketing, promotions, and communications to you about our Services, provide payment processing, enhance the security of our Sites, and assist with other legitimate purposes permitted by law.
  • Corporate Affiliates: We may share your personal information with our subsidiaries or affiliates, and with their respective officers, directors, employees, accountants, attorneys, and agents.
  • Acquisition and Similar Transactions: If we sell, transfer, or otherwise share some or all of our assets in connection with a merger, reorganization, liquidation, dissolution, bankruptcy, or sale of assets, we may disclose your personal information as a part of the assets transferred as a result of the transaction.  For example, if another company acquires us, we will share your personal information with that company.
  • In Response to Legal Process or Defending Legal Claims: We may disclose personal information as required by law, court orders, subpoena, or other legal process or if we reasonably believe such action is necessary to comply with the laws.
  • Professional Advisors: We may share your personal information with our attorneys, accountants, and/or other fiduciaries and consultants that need access to your information to provide operational or other support on our behalf.
  • With Your Consent or at Your Direction: We may ask, from time to time, if you would like us to share your personal information with other unaffiliated third parties who are not described elsewhere in this Policy.  We may disclose your information in this context with your permission or upon your direction.
  • Third Parties: We may provide personal information about you to third parties that may offer services specifically requested by you.
  • Deidentified or Aggregated Data: We may share aggregated information, and information that does not identify any specific individual, such as groupings of demographic data and customer preferences, (i) for compliance with reporting obligations; (ii) for business or marketing purposes; and (iii) to assist us and others in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, marketing, and/or functionality.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. You can manage your local data storage settings in your in Options in your browser. If you disable or refuse cookies, please note that you may not be able to access portions of our Sites.

Third parties may provide you with ways to choose not to have your information collected or used in this way:

  • You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.
  • California residents may have additional personal information rights and choices. Please see Your State Privacy Rights and Your California Privacy Rights, for more information.
  • Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated address: [email protected]. However, please know we do not currently sell data triggering that statute’s opt-out requirements.

Accessing and Correcting Your Information. You can review and change your personal information by logging into the portals through our Sites and visiting your account profile page. You may also send us an email at [email protected] to request access to or correction of any personal information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

We do not delete User Contributions or other data from our systems. However, users may choose to manage or remove locally stored information, such as cached data or cookies, through their browser or device settings. Please note that copies of User Contributions may remain viewable in cached or archived pages, or may have been copied or stored by other  users of our Sites. Proper access to and use of information provided on the Sites, including User Contributions, is governed by our Terms of Use. California residents may have additional personal information rights and choices. Please see below for more information.

Your State Privacy Rights

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information.

To the extent you are a resident of certain U.S. states with comprehensive state privacy laws, you may be eligible for one or more of the following consumer rights where authorized by applicable U.S. state privacy laws.  This section provides an overview of these rights which we honor where required by applicable law.

  • Right to Access. Subject to certain conditions set forth in the applicable U.S. state privacy laws, you have the right to know and see what personal information we have collected about you and receive a copy of such information in a portable format, purposes for which we collect your personal information, recipients of your personal information to whom we disclose or share, which in some states may include categories of personal information collected, categories of sources of collection, business or commercial purposes for data processing, and categories of 3rd parties with whom we disclose that information.
  • Right to Correct. Subject to certain conditions and exceptions set forth in the applicable U.S. state privacy laws, you have the right to request that we correct any inaccurate personal information that we have collected about you.
  • Right to Delete. Subject to certain conditions and exceptions set forth in the applicable U.S. state privacy laws, you have the right to request that we delete the personal information we have collected about you.
  • Right to Opt-Out. Subject to certain conditions set forth in the applicable U.S. state privacy laws, you have the right to opt out of targeted advertising, profiling, the sale or sharing of your personal information, to the extent such instances occur (as defined under applicable state laws).  We do not have actual knowledge that we sell personal information of minors under 16 years of age.
  • Right to Non-Discrimination. You have the right not to be discriminated against for exercising any of your rights under any applicable U.S. state privacy laws.
  • Right to Appeal.  To the extent the applicable U.S. state privacy laws provide such rights, you may appeal our denial to act on your consumer rights under the applicable state privacy laws within a reasonable time. We will respond within designated period for responding to U.S. data subject requests and may exercise the right to extend this response period (to the extent authorized by applicable state privacy laws).
  • Right to Limit Use and Disclosure of Sensitive Personal Information.  If any U.S. state privacy laws classify your personal information we collect as “sensitive personal information,” we use such data reasonably necessary to provide and perform our Services as requested by you or as otherwise permitted by law.

If you have questions or concerns regarding this Section or would like to exercise your consumer rights (to the extent available under applicable U.S. state privacy laws), please use the “Contact Us” details at the end of this Policy.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Sites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected] or write us at: HealthWell Foundation, 20440 Century Blvd, Suite 250, Germantown, MD 20874.

Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to:

  • Confirm whether we process their personal information.
  • Access and delete certain personal information.
  • Data portability.
  • Opt-out of personal data processing for targeted advertising and sales.

Colorado, Connecticut, and Virginia also provide their state residents with rights to:

  • Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose.
  • Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise any of these rights please send an email to [email protected] or write us at: HealthWell Foundation, 20440 Century Blvd, Suite 250, Germantown, MD 20874.  To appeal a decision regarding a consumer rights request please send an email to [email protected] or write us at: HealthWell Foundation, 20440 Century Blvd, Suite 250, Germantown, MD 20874.

DATA SECURITY

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. See our data security measures, below.

  • Your Responsibility. All information you provide to us is stored on our secure servers behind firewalls. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Sites like message boards. The information you share in public areas may be viewed by any user of the Sites. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Sites. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites.
  • Security Measures. We and our Service Providers protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls, data encryption, intrusion detection, anti-virus controls, using physical access controls to our data centers, and information access authorization controls. Sensitive Personal Information is not stored on the Foundation Sites, see the Patient and Donor Personally Identifiable Information, Because the internet and mobile web are inherently insecure and no information system is 100% secure and even the most secure system can be compromised, we cannot guarantee security. As such, the Foundation cannot ensure or warrant the security of any information you transmit to the Foundation.
  • Patient Personally Identifiable Information. We store your information in a patient database hosted by our Service Provider Salesforce. Salesforce’s privacy Policy is located at https://www.salesforce.com/company/privacy/#. Salesforce is a certified licensee of EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework.
  • Individual Donor Personally Identifiable Information. We store your information in donor databases hosted by our Service Provider Neon.  Neon’s privacy Policy is located at Privacy Policy | Neon One.
  • Credit Card Transaction Information. Donor credit card transactions for donations to the Foundation are processed by our Service Provider Neon.  Neon’s privacy Policy is located at Privacy Policy | Neon One.  The Foundation does not collect or retain any credit card information on our Sites or systems.
  • Donor Documentation. Information about patients and donors may be included in donor documents, proposals, and agreements retained on the Foundation’s systems.  The Foundation restricts access to patient and donor information to authorized Foundation employees and our Service Providers, contractors, and agents who need that information in order to operate, develop, or improve the Foundation, our Sites and services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination, if they fail to meet these obligations. We delete and destroy individual records of patient and donor information according to Foundation’s Record Retention Schedule.

UPDATES AND CHANGES TO THIS POLICY

We may add to, change, update, or modify this Privacy Policy from time to time in our sole discretion.  Should this Privacy Policy change, we will post all changes to this Privacy Policy on this page and any such changes, updates, or modifications will be effective immediately upon posting. If we make material changes, we will also notify you through a notice on the homepage of the Sites for a reasonable period of time.  We may also, in our sole discretion, notify you of changes to this Privacy Policy via email.  The date on which this Privacy Policy was last modified is identified at the beginning of this Privacy Policy.

You are expected to, and you acknowledge and agree that it is your responsibility to, carefully review this Policy prior to using the Sites, and from time to time, so that you are aware of any changes. Your continued use of the Sites after the “Last Updated” date will constitute your acceptance of and agreement to such changes and to our collection and sharing of your information according to the terms of the then-current Privacy Policy.  If you do not agree with this Policy and our practices, you should not use the Sites.

Contact Information

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

  • [email protected]
  • or write us at: HealthWell Foundation, 20440 Century Blvd, Suite 250, Germantown, MD 20874.

 

Chat Avatar