Security and Privacy Policy


Last updated: October 18, 2016

Privacy Policy Applicable to Use of the Website by Institutions and Their End Users

Covr Financial Technologies, LLC (the “Company”) recognizes the importance of safeguarding the personal information provided to us by the users of our website (the “Website”). The Company has contracted with various institutions (“Institutions”) to permit such Institutions and the employees, administrators, agents or other representatives, clients and/or other end users of such Institutions (“you” or “End User(s)”) to access this Website via a website owned or operated on behalf of such Institution, and has implemented this Privacy Policy to govern the use of personally identifiable information and/or personal data that is collected via the Website (the “Personal Information”) from such End Users when such End Users communicate electronically with the Website -- via email or otherwise. This Privacy Policy does not govern Personal Information collected from any other source or in any other manner.

In the event that we make changes to this Privacy Policy, you can visit the page that you’re reading now and refer to the “Last Updated” date at the top of this page to learn when this Policy was last revised.

This Privacy Policy is incorporated by reference into the Terms and Conditions of Use of the Website, and explains how End Users’ information and data is used:

  • California Privacy Rights
  • Use of the Website
  • Collection and Use of Information
    • Collection of Information
      • Registration; User Profiles; Collection of Personal Information and Medical Data
      • Financial Information
      • IP Address
      • Other Information
    • Use of Cookies, Plug-ins and Web Beacons; Use of Google Analytics
    • Do Not Track Signals
    • Your Consent
    • Use of Information
      • In General
      • Opting In and Opting Out of Electronic Communications
      • The Sharing of Personal Information with Institutions and Insurance Companies and Medical Data With Insurance Companies
      • Lawful Access, Legal Action and Investigations
      • Disclosure of Personal Information to Non-Affiliated Third Parties
      • Acquisition of Business
      • Retention of Personal Information
    • Collection and Use of Aggregate Data
  • Links to Other Sites
  • Information Storage and Protection
  • Options to Review and Opt-Out Choices
  • Changes in Policy
  • Governing Law
  • Contact Us

California Privacy Rights.
Under California law, California residents who have provided personally identifiable information to a company may have the right to request a list of all third parties to whom that company had disclosed such information for the third parties’ direct marketing purposes during the preceding calendar year, along with a list of the categories of Personal Information that had been so disclosed. However, the Company’s privacy policy, as disclosed on this Website, does not currently permit the Company to share the Personal Information collected at this Website about you with non-affiliated third parties for such third parties’ direct marketing purposes. If you are a California resident who would like information on how to exercise your rights concerning third party disclosures, you may send an email to californiaprivacy@covrtech.com

Use of the Website.
The Company has required, and presumes that the applicable Institution has obtained, whatever consents it is required to obtain from End Users prior to providing such End Users with access to the Website. Each Institution is accepting responsibility for obtaining any and all such necessary consents for the Company to collect and use the Personal Information and Medical Data in the ways described in this Privacy Policy. All End Users, and the applicable Institution are consenting to the provisions of this Privacy Policy, including the use of Personal Information and Medical Data by the Company and/or its Affiliates and/or the Insurance Companies in the manner described herein; and with respect to the collection, use and/or disclosure of information obtained from End Users, the Institution assumes responsibility for: (a) establishing and maintaining procedures to protect the security and confidentiality of Personal Information and Medical Data provided by End Users through the Website while it is in such Institution’s possession, custody or control; (b) obtaining all verifiable prior consents from End Users as are required under any applicable law (collectively, “Applicable Law”); (c) providing notice to End Users, to the extent required under Applicable Law; and (d) providing End Users with a reasonable means to review, edit and delete Personal Information provided by End Users, to the extent required by Applicable Law.

For End Users: If you have any questions concerning use of the Website, and/or with respect to the collection and use of information or materials uploaded to this site, please contact the appropriate representative of your Institution.

The Company Website affords End Users an opportunity to apply for and purchase insurance products from third party insurance companies (each, an “Insurance Company,” and collectively, “Insurance Companies”). The Company Website does not offer advice concerning any tax, legal, insurance or financial matters. The Company makes no representations or warranties with respect to any insurance products accessible through, or identified on the Company Website, or the suitability of any such insurance products for any specific End User. As set forth in this Privacy Policy, we collect certain information from End Users, provide certain information (including Personal Information and Medical Data) to Insurance Companies and route certain End Users to the websites of Insurance Companies for further interaction and the direct provision of information (which may include: Personal Information; other personally identifiable information; Medical Data; other information about an End User’s medical history, illnesses, medical conditions, family history, and/or drug use; and/or other information) by such End Users to the applicable Insurance Companies (collectively, “Insurance Information”).

Collection and Use of Information.

Collection of Information
At times, the Company may collect your Personal Information. For example, we collect your Personal Information if you register for an account or send us an email, and provide us with your name, address, telephone number and/or email address. If you are purchasing insurance products through our Website, you may be asked to provide certain financial information, such as credit card information, which we will route to our payment processors (which information will be used solely for your purchase and not be retained), and/or or Medical Data. Additionally, if you enter any password-protected area of this Website, then this Website will recognize who you are and will collect the information that you submit. This Policy only covers information collected at the Website. Moreover, any information collected about you from this Website may be associated with other information that the Company has collected about you from other sources.

The Company shall be free to use any ideas or concepts contained in your communications for any purpose whatsoever, including but not limited to the development, production and marketing of products and services that incorporate such information, without any compensation or credit to you.

Registration; User Profiles; Collection of Personal Information and Medical Data. In connection with the registration process, each End User will provide user profile information, which may include Personal Information such as the End User’s residential address, email address, telephone number and date of birth. When an End User is seeking information about insurance products, the information collected by the Company at the Website may also include such Personal Information and may also include certain personal health care information, such as medical conditions and prescription drug use information (“Medical Data”).

The End User will also be asked to create an account as part of the registration process. Information concerning the account should not be disclosed to anyone. Each End User is responsible for the security of his/her account, and shall take precautions to keep such account private and to prevent unauthorized use thereof. The Company will not be responsible for any losses, damages or consequences suffered due to careless or unauthorized use of a password.

If an End User shares his or her account information, Personal Information or Medical Data with others, the End User shall be responsible for all resulting actions, including actions taken in the name of the End User’s account. Therefore, if an End User’s account has been compromised for any reason, the End User should immediately contact support@covrtech.com.

Financial Information. If you are involved in a transaction through the Website, we will collect and forward your credit card and billing information to the payment processors for the Insurance Companies with whom you seek to enter into an agreement. These payment processors may collect and use your financial information and/or information relating to your method of payment to process your purchases and/or returns as made through this Website. The Company and such payment processors may also use the information you provide to protect against or identify possible fraudulent transactions, and otherwise as may be reasonably needed in connection with your transaction.

IP Address. An IP (Internet Protocol) address is a number that is automatically assigned to your computer by your internet service provider when you log on. Your IP address is not linked to your Personal Information but the Company does reserve the right to use IP addresses to identify individuals who threaten the Website or other users of visitors. IP addresses may also be used to help diagnose problems with the Website and to gather broad demographic information.

Other Information. When you access the Website, the Company will automatically receive some information about your use of the service. The type of information that is automatically collected by the Company includes such things as the date and time of access of the Website, the Internet protocol (IP) address of the computer that you are using, the domain and host from which you access the Internet, your browser software and operating system, the referring website address, and the specific activities you are engaged in while visiting the Website. This aggregate tracking information is used to help the Company improve and enhance the website experience for all of its visitors.

Use of Cookies and Web Beacons; Use of Google Analytics
The Website makes use of: (i) “cookies” - small data files which we may send to your computer on the basis of the information that we have collected about your visit; and (ii) “web beacons” – small strings of code that provide a graphic image that surveys visitors’ internet activity. They contain information allowing us to recognize when you are visiting the Website and to keep track of your preferences. Through the use of cookies and web beacons, we also may automatically collect information about your online activity on our Website, such as the web pages you visit, the links you click, and the searches you conduct on our Website. Cookies are stored in your computer’s browser or on your hard drive and can then be retrieved by the Website. This Website uses two kinds of cookies: so-called “session” cookies, which are deleted from your computer when you leave the Website and are used purely to help you to navigate around the Website; and “persistent” cookies, which remain on your computer so that the Website can recognize you when you return.

We may also use third-party advertising companies to target and show you advertisements when you visit the Website. These third-party advertisers may use web beacons and may send “cookies” to your computer or other device to gather information about your preferences to provide you with advertising that is more likely to relate to your interests.

If you want to delete any cookies that were already sent to your computer or personal device, please refer to your web browser’s “Help” facility. In addition, most web browsers can be set to prevent you from receiving new cookies, notify you before accepting cookies or disable cookies altogether. Details about this can normally be found in the “Help” facility provided with your browser. Please note that if you disable cookies you may not be able to take advantage of some of the Website's interactive functionality.

This Website uses Google Analytics, a web analytics tool provided by Google, Inc. (“Google”) that helps website owners understand how visitors engage with their websites. We can view a variety of reports about how visitors interact with our Website so we can improve it. Google Analytics collects information anonymously. Google uses cookies, and IP addresses, and it reports website trends without identifying individual visitors. In the event a visitor to the Website voluntarily submits contact information to Google, Google may then associate such information with the applicable IP address to enable us to see that visitor’s specific interactions with our Website.

For more information related to Google Analytics, click here:
http://www.google.com/analytics/learn/privacy.html.

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-On. For information about and to install Google Analytics Opt-out Browser Add-on, click here:
https://tools.google.com/dlpage/gaoptout?hl=en

Do Not Track Signals
Certain web browsers provide users with an option by which you may have your browser send a “Do Not Track” signal to websites that you are visiting, advising the recipient websites that you do not want to have your online activity tracked. However, the way browsers communicate such “Do Not Track” signals is not yet uniform and, accordingly, our Website does not take any action in response to such signals. In the event a final standard is developed and accepted, we may reassess how we should respond to such signals.

Your Consent
We only collect, use and/or disclose your Personal Information with your consent. Your consent may be implied from the circumstances or may be expressly given for a particular purpose. For example, when you submit your Personal Information to us, you are consenting to the collection, handling, use and disclosure of your Personal Information for the purposes identified or apparent at the time of collection and as otherwise described in this Privacy Policy.

When you register for an account through the Website, the Company may provide you with the opportunity to receive information from companies or individuals who have services, products, information and/or offers that we think might be of interest to you. If you elect to receive such information or offers, the Company may from time to time provide your contact information to these entities so that they may send you such information. If you no longer want us to share your contact information with others, follow the instructions set forth in the Opting In and Opting Out of Electronic Communications section in this Policy. If you no longer want to receive information from those third parties, you will need to opt out of those communications by following the instructions set forth in such other parties’ privacy policies.

Certain services offered at this Website may be co-sponsored by another company. If you provide information to the Company in connection with a co-sponsored service, the information you provide will be used for the purpose for which you provided the information and may be shared with that co-sponsor partner. Your Personal Information may also be used for by the Company for other purposes in accordance with the Company’s privacy policy and by the co-sponsor partner in accordance with that party’s privacy policy. If you wish to opt-out of a co-sponsor partner’s future use of your Personal Information for marketing or other purposes, you will need to contact the co-sponsor partner directly.

You must be 18 years of age to use the Website. the Company does not knowingly collect or maintain any Personal Information from children under the age of 13, and no part of this Website is designed with the purpose of attracting such children. If you use the Website from any country outside the United States, the various communications will necessarily result in the transfer of information across international boundaries. By visiting the Website, you consent to these transfers.

Use of Information

In General. We use your Personal Information and Medical Data for the purposes for which it is submitted, such as to reply to your emails and inquiries, to allow you to obtain information on insurance products, and to apply to purchase insurance products offered by various Insurance Companies. Your Personal Information may also be used in the following ways:

  • to deliver materials, information and services to you,
  • to give you notice of and/or resolve any problems that may arise in connection with our services,
  • to better understand the needs and interests of our customers,
  • to analyze the success of our services and Website and for research and development purposes,
  • to manage the Website's interactive functionality,
  • to help the Company improve and enhance the Website experience for all of its visitors, and customize the content on our Website,
  • for compliance with the Company’ legal and regulatory obligations,
  • as otherwise reasonably required to provide customer services and maintain the Website,
  • to investigate potential breaches of the Terms and Conditions of Use of the Website,
  • to investigate potentially unlawful activity,
  • for any other purpose outlined in this Privacy Policy and/or the Terms and Conditions of which this Privacy Policy is a part, and as permitted by law.
We may also use your Personal Information to contact you via direct postal mail and/or electronically to the extent such activity is permitted by law. This information may also be used to help the Company and its commercial partners, co-sponsors and services providers deliver information to you, and for other purposes as are reasonably necessary to provide the services requested by you. You may opt-out of receiving future mailings or other messages from us by following the instructions in the e-mail or other message you receive from us or by following the instructions set forth in the Opting In and Opting Out of Electronic Communications section in this Policy.

Opting In and Opting Out of Electronic Communications. At certain points where Personal Information is collected on our Website, there may be a box to indicate that you wish to receive certain information or communications from the Company. You may opt out of receiving electronic communications, such as emails from the Company at any time. In all of our electronic communications you will be given the opportunity to opt out of receiving future communications. You may also opt-out or change your preferences by providing opt-out instructions – e.g. sending an email to our Privacy Officer at privacy@covrtech.com , including the contact information we are using to communicate with you, such as your email address. Be sure to let us know the specific types of communications you no longer wish to receive.

The Sharing of Personal Information With Institutions and Insurance Companies and of Medical Data With Insurance Companies. The Company will collect and share an End User’s Personal Information with the Institution through which the End User has accessed this Website and with the Insurance Companies as necessary to provide the services as requested by the End User. The Company will collect and share End Users’ Medical Data as necessary to provide the services as requested by the End User, and once such occurs, the Company will not retain such information other than as permitted by law. The recipients who receive such Medical Data will be able to associate such Medical Data with the specific End User to which the Medical Data relates. The Insurance Companies may seek additional Personal Information and/or Medical Data from End Users and the Company may be involved in the transmission of any such information and/or data in connection therewith.

Lawful Access, Legal Action and Investigations. Your Personal Information may otherwise be disclosed to non-affiliated third parties as either permitted by, or to comply with, applicable laws and regulations. Your Personal Information may be transmitted through and stored on servers outside your home country, and may be accessed by authorities in those jurisdictions. We may disclose Personal Information if we believe it is necessary to investigate, prevent, or take action regarding suspected illegal activities or fraud, situations involving the physical safety of any person, violations of our Terms and Conditions of Use, or otherwise in accordance with applicable law. For example, the Company may disclose your Personal Information to comply with investigations by regulatory authorities or enforcement agencies in the United States of America or elsewhere, or to protect against or prevent actual or potential fraud. Furthermore, the Company may disclose your Personal Information if it has a reasonable good faith basis to believe that it is required to do so by law, compelled by court order or legal process, or is reasonably necessary and/or appropriate to protect the rights, property and/or safety of the Company or any other person or entity. Your Medical Data will only be otherwise disclosed as permitted by law.

Disclosure of Personal Information to Non-Affiliated Third Parties. In addition to the above disclosures, the Company may share End Users’ Personal Information and Medical Data, without restriction, with companies and organizations that we retain to perform services for us, such as those that provide data processing, computer software maintenance and development, and companies providing professional, legal or accounting advice to the Company. In such situations, the Company requires that these companies and organizations agree to (a) maintain the confidentiality of the Personal Information and Medical Data, and (b) limit the use of such Personal Information and Medical Data to the purposes for which it was provided. Finally, under limited circumstances, regardless of whether an End User has chosen to limit our sharing of his or her Personal Information as collected on the Website, Personal Information and Medical Data may be disclosed to non-affiliated third parties as either permitted by, or to comply with, applicable laws and regulations. For example, Personal Information may be disclosed to comply with investigations by regulatory authorities or enforcement agencies in the United States of America or elsewhere, or to protect against or prevent actual or potential fraud. Furthermore, Personal Information may be disclosed if there is a reasonable good faith basis to believe that disclosure is required by law, compelled by court order or legal process, or is reasonably necessary and/or appropriate to: (i) protect the rights, property and/or safety of the Company or any other person or entity; or (ii) prevent or take action concerning any alleged: (a) illegal activity or (b) breach of the Terms and Conditions or Privacy Policy of the Website.

The Company will not sell, rent or market Personal Information collected on this Website to non-affiliated third parties for their marketing purposes, unless we have your consent. However, the Company may disclose aggregated statistics about visitors to its Website, along with anonymous information concerning individual visitors of its Website. We may combine anonymous information and/or aggregate information we collect with additional anonymous and/or aggregate information collected from other sources. We may share anonymous information (including aggregate information) we collect regarding our users with third parties (such as advisors, and/or consultants) for various business purposes including conducting general business analysis, and developing website content and services.

Acquisition of Business. In the event that the Company is involved in a merger, acquisition, consolidation, restructuring, reorganization, liquidation, sale or similar transaction relating to any portion of its business and/or assets, or in the unlikely event that the Company goes out of business or enters bankruptcy, each End User hereby acknowledges and agrees that the Website, all data collected on the Website (including Personal Information and Medical Data still within the Company’s possession), and any of the Company’s rights and obligations under this Privacy Policy may be included in the assets of, and/or transferred pursuant to, such transaction, and that any acquirer or successor (or a third party through bankruptcy) of the Company may continue to use the Personal Information and Medical Data as set forth in this Privacy Policy. If that occurs, a notice will be posted to such effect on the Website and/or notification will be provided by any other media or contact method as may be required by applicable laws and regulations.

In the event that an Affiliate is involved in a merger, acquisition, consolidation, restructuring, reorganization, liquidation, sale or similar transaction relating to any portion of its business and/or assets, or in the unlikely event that an Affiliate goes out of business or enters bankruptcy, each End User hereby acknowledges and agrees that any of such Affiliate’s rights and obligations under this Privacy Policy may be included in the assets of, and/or transferred pursuant to, such transaction, and that any acquirer or successor (or a third party through bankruptcy) of such Affiliate may continue to use the Personal Information as set forth in this Privacy Policy. If that occurs, a notice will be posted to such effect on the Website and/or notification will be provided by any other media or contact method as may be required by applicable laws and regulations.

Our “Affiliate(s)” are companies directly or indirectly controlled or owned by us, or companies that directly or indirectly control us, or are under common control with us.

Retention of Personal Information. Personal Information and Medical Data is retained to deliver our services, to otherwise fulfill identified or apparent purposes, and Personal Information may be retained for record-keeping. At some point the Company may elect to destroy, erase or anonymize your Personal Information. Once anonymized, the Company undertakes not to re-identify the information.

Collection and Use of Aggregate Data

The Company receives and stores certain types of information whenever an End User interacts with our Website. The Website automatically receives and records information on server logs, including a date/time stamp, the End User’s IP address, cookie information, internet service provider (ISP), pages viewed, and content and the media an End User has consumed (e.g., viewed, played, downloaded, uploaded, and shared).

This information is used to gather demographic information on visitors to the Website (such as geographic locations users are visiting from and the time spent on the site), help diagnose problems with the server, administer and improve the Website and analyze usage trends. As part of this use of information, we may provide this aggregate information to the Institutions, Insurance Companies, and we may also provide aggregate information to our Affiliates and partners about how Institutions and End Users use the Website.

The Company contracts with non-affiliated third parties/business partners to host the Website and to provide data collection and reports regarding users’ activities on the Website. These non-affiliated third parties/business partners use cookies on our behalf and receive information about the End Users browsing activity and collects information anonymously (meaning without attaching it to any personally identifiable user) and aggregates information collected from End Users. These non-affiliated third parties/business partners have agreed not to use this information other than (i) in connection with providing services to us to make our Website more useful and efficient, (ii) as permitted in this Privacy Policy, or (iii) as otherwise permitted by law.

The Company will also aggregate Personal Information and/or Medical Data, and may use, share and disclose such aggregated Personal Information and/or Medical Data as permitted by law. For example, the Company may use such aggregated Personal Information and/or Medical Data for research and product development purposes, and may also share such aggregated Personal Information and/or Medical Data with the Institutions, Insurance Companies and other of the Company’s business partners and Affiliates.

Regardless of whether an End User has chosen to limit the Company’s sharing of Personal Information as collected on the Website, the Company may, without restriction, use, share and disclose aggregated statistics about End Users, along with specific information concerning individual End Users that is not Personal Information in any way permitted by applicable law.

Links to Other Sites and Services
The Website may contain links to various other sites (such as sites owned by Institutions and/or Insurance Companies) that may ask to collect user information voluntarily. Please be aware that these other websites may have different privacy policies that may subject users to different privacy practices. Please review the privacy policies of such other websites for information concerning what information is collected on such websites and how it is used.

Information Storage and Protection
The Company will maintain reasonable procedures to protect the security and confidentiality of Personal Information and Medical Data provided to it by End Users, in accordance with Applicable Law.

There are industry standard safeguards in place to protect End Users’ Personal Information and Medical Data, such as the use of firewalls and SSL certificates, and limiting access to such information by company personnel. Personal Information and Medical Data will be stored in databases and servers located in the United States. However, no transmission made through the internet can be made completely secure, and accordingly, the Company will not be liable for the disclosure of any End Users’ Personal Information or Medical Data that occurs as a result of transmission errors or the actions of any third party to the fullest extent permitted by law.

In the unlikely event that the Company determines that there may have been a security breach that results in the unauthorized disclosure of Personal Information or Medical Data to a third party, the Company will promptly notify consumers whose Personal Information or Medical Data it reasonably believes may have been compromised by posting information on the Website and, if email contact is possible, then also by sending an email notification with respect to the situation.

Options to Review and Opt-Out Choices
In addition to having the ability to opt-out of receiving electronic communications, such as emails from the Company, End Users may access, review and, in certain situations, update, revise and/or delete certain Personal Information and Medical Data by sending an email to our Privacy Officer at privacy@covrtech.com and providing the contact information we are using to communicate with you, such as your email address. Additionally, please note that while you may request the updating, revision or deletion of such information, a copy of the unrevised information may be maintained in the Company’s records after any such revision or deletion.

As the Website evolves, End Users may be offered additional options for reviewing and/or editing Personal Information and Medical Data. Please check this Privacy Policy often to make sure you have reviewed the most recent version.

If for any reason you wish to discontinue the use of the Website and have your Personal Information removed from our database, please send an email to our Privacy Officer at privacy@covrtech.com and include the contact information we are using to communicate with you, such as your email address.

Changes in Policy
From time to time, the Company’s Privacy Policy may change. The Company will post changes to the Privacy Policy on the Website. Please review this Privacy Policy often so that you will remain abreast of the Company’s current policies. Users of the Website are responsible for making sure they are aware of the provisions of the Company’s most current (see the date at the top of this Privacy Policy) Privacy Policy.

Governing Law
This Privacy Policy shall be governed by the laws of the State of New York of the United States of America, without regard to its conflict of law provisions.

Contact Us
If you have any questions or complaints concerning this Privacy Policy or our handling of your Personal Information (other than with respect to California Privacy Rights) you may contact us at privacy@covrtech.com or write to us at: Covr Financial Technologies, LLC, 401 W. Front Street, Boise, ID 83702, Attn: Privacy Officer.
If you have any questions concerning California Privacy Rights you may contact us at californiaprivacy@covrtech.com or write to us at: Covr Financial Technologies, LLC, 401 W. Front Street, Boise, ID 83702, Attn: California Privacy Officer.

# # # # # # # # #


Copyright © 2017
Account ID: 032