Privacy Policy

This Privacy Policy (“Privacy Policy”) describes the data collection practices of CIC Health, LLC (“CIC Health”, “we” or “us”)  and how we use, disclose, and protect your personal information. This Privacy Policy applies to the information we collect through your use of this website, including any messaging in connection with the website (the “Website”).

This policy was posted on October 16th, 2020, and last updated on October 16th, 2020.


By accessing, using, or viewing the Website you agree that you have read and understood this Privacy Policy and unconditionally agree to be bound by it.  Further, you consent to the collection and use of your information in the manner we describe in this Privacy Policy. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, PLEASE DO NOT USE THIS WEBSITE.

For the avoidance of doubt, this Privacy Policy applies to your use of this Website and does not apply to other CIC Health websites specific to programs involving CIC Health services. Such websites are governed by privacy policies and terms displayed on such websites.

2.Changes to our Policy

We reserve the right to modify or amend this Privacy Policy at any time. All changes to this Privacy Policy will be effective immediately upon their posting to the Website. We will notify you of material changes to this Privacy Policy by posting the modified Privacy Policy on the Website. Continued use of the Website after the effective date of a modified Privacy Policy will indicate your agreement to any modified terms.

3. Personally Identifiable Information We Collect

You may generally use this Website without disclosing personally identifiable information. However, use of certain features and functions of the Website may require you to submit personally identifiable information to us.

In your use of the Website, we may collect any information that you voluntarily share with us, including by filling in forms on our Website. This information may also be collected by third party service providers or partners on our behalf. This information may be collected when you voluntarily submit information to us via the Website. We may use third party service providers to assist us in collecting and maintaining this information. However, we require such service providers to maintain the confidentiality of such information.

4. How we use Personally Identifiable Information we Collect

We will use personally identifiable information: (i) the purpose for which you provide it; (ii) as otherwise may be disclosed at the point of collection, and/or (ii) as described below In addition, we may use your personal information in the aggregate in a non-identifiable way in order to better understand how to improve the Website and for any other lawful purpose.

5. Other Information Collected On the Website

When you visit the Website, we may passively collect the following non-personal information about you and your usage of the Website.

  1. IP Address

    Your IP address may be collected.  Your “IP address” is usually associated with the network location and physical location from which you enter the Internet.  We log IP addresses for systems administration purposes.  This information helps us determine how often different areas of our site are visited and we may also use this information to personalize the content that is displayed to you on the Website based on your previous visits.  We do not link IP address to any information that is personally identifiable.

  2. Cookies

    We use cookies to track the use of the Website and to facilitate and enhance your experience on the Website, and to statistically analyze trends and other user behavior on the Website. The term “cookies” refers to electronic data stored by your computer browser. Examples of cookies we may use on our website: session cookies (we use these cookies to operate our Service) and preference cookies (we use these cookies to remember your preferences and various settings). The cookies enable us to facilitate your access to different aspects of the Website. For example, by showing when and how you visit the Website, cookies help us to see which pages of the Website are popular and which are not. Cookies can also help us to improve your enjoyment of the Website, for example, by remembering your address or other information when you request information or services on the Website. Most web browsers automatically accept cookies, but you can disable this function so that your browser will not accept cookies. Please be aware that if you disable this function, it may impact your use and enjoyment of the Website.

  3. Web Beacons and Pixel Tags

    The term  “web beacons”  and “pixel tags” refer to Internet tools, such as transparent images on the Website or in emails that we may send to you that help us to determine whether a page has been viewed or an email opened. A pixel tag is a type of web beacon embedded in an image on the website.   In general, any electronic image viewed as part of a web page can contain a pixel tag or other web beacon. We may also use these Internet technology tools to allow us to track the internet browser most commonly used to access the Website and the pages that are most popular, which statistics assist us in making the Website more user-friendly and accessible.

  4. Statistical Identifiers and Device Recognition

    We (or our service providers on our behalf) may employ statistical identifiers, also known as device recognition tools.  These tools may be used to assist in managing the content on the Website by informing us (without using cookies) of the content that you use and view on the Website.  These tools collect various information about your device, such as your screen resolution, browser type, and operating system.  Many devices have unique, or near unique, device profiles such that collecting this information allows us and our service providers to determine with a reasonable level of statistical accuracy information on your engagement with the Website and advertisements on the Website, as well as your device when you interact with the Website.  We do not tie this statistical information to your personal information.

  5. Surveys

    We may also ask that you participate in anonymous surveys, which allow us to collect additional data to help us improve the Website. Participation in such surveys is voluntary and is not connected to any of your personal information.

  6. Analytics

    We use non-personally identifiable information in the aggregate to determine how much traffic the Website receives, to statistically analyze Website usage, to improve our content, and to customize the Website’s content, layout and services. In addition, we may use your IP address to help diagnose problems with our server, to manage the Website and to enhance the Website based on the usage pattern data we receive.

  7. "Contact Us" Feature

    Like most sites on the Internet, our Web site contains a feature that allows you to contact us with your comments or questions.  This feature is called "Contact Us."  To use this feature, there is an icon at the top of each page on our Web site which you can click onto.  When you do click this icon, a screen will prompt you to provide us with certain information, such as your first and last name, email address, phone number, your address, including your city and state, and other pertinent information. The information collected through the "Contact Us" feature is used to respond to your inquiries. 


6. How we Disclose the Information We Collect

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. In addition, you agree that we have the right to disclose personal information that we collect or you provide:

  • to any member of our group, which means our subsidiaries and affiliates, including our ultimate holding company and its subsidiaries and affiliated, professional corporations as needed to provide our services;

  • to analytics providers that assist us in the improvement and optimization of the Website;

  • to fulfill the purpose for which you provide it;

  • for any other purpose disclosed by us when you provide the information or with your consent;

  • to third-party service providers specifically involved in the processing of your information received via the Website and as otherwise necessary to manage the Website and provide the services you request;

  • to resolve disputes, investigate problems, and enforce the Website terms of use or any other agreement with CIC Health;

  • to investigate and disclose information from or about you if we have a good faith belief that such investigation or disclosure is (a) reasonably necessary to comply with legal process and law enforcement instructions and orders, such as a search warrant, subpoena, statute, judicial proceeding, or other legal process served on us; (b) helpful to prevent, investigate, or identify possible wrongdoing in connection with the Website; or (c) protect our rights, reputation, property, or that of our users, affiliates, or the public;

  • if we, or any of our businesses, are sold or disposed of as a going concern, whether by merger, reorganization, sale of assets or otherwise, or in the event of an insolvency, bankruptcy or receivership; and

  • in connection with a commercial transaction where we are seeking financing, investment, support or funding.

7. Access to your Personally Identifiable Information

Upon written request and verification of your identity, we will provide you with your personal information in our possession as well as the personal information, if any, that we have disclosed to third parties. Requests for such information should be sent to the contact information below. 

You may also update, correct, or delete your personal information in our possession by contacting us.

8. Handling of Electronic Records and Backup

In general, we will retain all information collected through the Website for, at a minimum, the length of time permitted by law. We maintain backup files as a protection against natural disasters, equipment failures, or other disruptions. Backup files protect you and us because they lower the risk of losing valuable data. Backup files may contain records with your personal information. Removing a record from our active files and databases does not remove that record from any backup systems. Such backup data will eventually be passively deleted as backup records are erased through the normal recycling of backup files. In the meantime, as long as backup records exist, they receive the same security protections as our other records.

9. Security

Communications between your browser and portions of the Website containing personally identifiable information may be protected with various forms of encryption. This encryption is to help protect your information while it is being transmitted. Once we receive your information we strive to maintain the physical and electronic security of your personal information using commercially reasonable efforts.HOWEVER, NO DATA TRANSMISSION OVER THE INTERNET OR ANY WIRELESS NETWORK CAN BE GUARANTEED TO BE PERFECTLY SECURED. AS A RESULT, WHILE WE STRIVE TO PROTECT YOUR PERSONAL INFORMATION USING COMMERCIALLY AVAILABLE AND INDUSTRY STANDARD TECHNOLOGY, WE CANNOT ENSURE OR GUARANTEE THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US, AND YOU DO SO AT YOUR OWN RISK.We have implemented measures designed to secure your personal information form accidental loss and from unauthorized access, use, alteration, and disclosure.

10. Security Breach

If we determine that your personal information has or may reasonably have been disclosed due to a security breach of our systems, we will notify you to the extent required by applicable state and federal law, using your information that we have on file.

11. Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

12. Children Under the Age of 18

The Website is not intended for children under the age of 18.   No one under the age of 18 may provide any personal information on this Website.  We do not knowingly collect personal information from children under the age of 18. If we learn that we have collected or received personal information through this Website from a child under the age of 18, we will delete that information. If you believe we might have any information from or about a child under the age of 18 submitted through this Website, please contact us at the address below.


13. California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of the CIC Health Website and CIC Health Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. CIC Health does not disclose any personal information to third parties for their direct marketing purposes.


14. Third Party Privacy

This Privacy Policy applies only to the Website provided by CIC Health. CIC Health is not responsible for the privacy practices of any third party website you access from this Website. You should review the privacy policy of every website before using the website or submitting any information to the website.


15. Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

CIC Health contracts for Services exclusively in the United States, and this website is for use exclusively by residents of the United States of America.

If you are from the European Economic Area (EEA), CIC Health’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

CIC Health may process your Personal Data because:

  • We need to perform a contract with you

  • You have given us permission to do so

  • The processing is in our legitimate interests and it's not overridden by your rights

  • For payment processing purposes

  • To comply with the law

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. CIC Health aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you.

  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.

  • The right to object. You have the right to object to our processing of your Personal Data.

  • The right of restriction. You have the right to request that we restrict the processing of your personal information.

  • The right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format.

  • The right to withdraw consent. You also have the right to withdraw your consent at any time where CIC Health relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

16. "Do Not Sell My Personal Information" Notice for California consumers under California Consumer Privacy Act (CCPA)

Under the CCPA, California consumers have the right to:

  • Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

  • Request that a business delete any personal data about the consumer that a business has collected.

  • Request that a business that sells a consumer's personal data, not sell the consumer's personal data.

If you make a request, we have 30 days to respond to you. If you would like to exercise any of these rights, please contact us.

17. Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.


18. Contact Information

To contact us about this Privacy Policy, please contact us at:

CIC Health

1 Broadway

Cambridge, MA 02142

Attn: General Counsel