At Clement Insurance Services, we are committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with us, including through our website, mobile applications, customer service channels, or other services. We comply with applicable laws, including the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state regulations. 1. Information We Collect We collect information to provide health insurance services, process claims, and improve your experience. The types of information we may collect include: Personal Information: Name, address, phone number, email address, date of birth, Social Security number, and other identifiers. Health Information: Medical history, diagnoses, treatment records, prescriptions, and other data related to your health or claims, classified as Protected Health Information (PHI) under HIPAA. Financial Information: Payment details, bank account information, or credit card numbers for premium payments or reimbursements. Mobile and Digital Information: Device identifiers, IP addresses, browsing activity, and app usage data when you use our website or mobile app. Text Messaging Data: Phone numbers and opt-in consent for text message communications (e.g., appointment reminders or claims updates). Other Information: Demographic details, survey responses, or information you provide through customer service interactions. 2. How We Collect Information We collect information in the following ways: Directly from You: When you enroll in a plan, submit claims, update your account, or communicate with us via phone, email, or text. Automatically: Through cookies, web beacons, or device data when you use our website or mobile app. From Third Parties: From healthcare providers, employers (for group plans), or business associates (e.g., claims processors) with your authorization or as permitted by law. 3. How We Use Your Information We use your information to: Provide and manage health insurance coverage, including processing claims and coordinating benefits. Communicate with you about your plan, claims, or account updates via email, phone, or text (with your consent). Comply with legal and regulatory requirements, such as reporting to government agencies or responding to subpoenas. Improve our services, including analyzing usage trends and developing new offerings. Prevent fraud, ensure security, and verify your identity. Respond to your inquiries or provide customer support. 4. How We Share Your Information We only share your information as necessary to provide our services, comply with laws, or with your consent. Below are the categories of recipients and purposes: Healthcare Providers and Business Associates: We share PHI with providers (e.g., doctors, hospitals) for treatment or with business associates (e.g., claims processors, billing services) under HIPAA-compliant agreements to ensure your care or process claims. Legal and Regulatory Compliance: We may disclose information to government agencies, auditors, or law enforcement as required by law or to protect our rights. With Your Consent: We share information for purposes you authorize, such as coordinating with a family member or third-party service. De-Identified Data: We may share aggregated or anonymized data that cannot identify you for research or analytics. Mobile and Text Messaging Data Protections: No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. This means your phone number and text messaging preferences remain confidential and are used solely for communications you have opted into, such as claims alerts or appointment reminders. We do not sell your personal or health information or share it with third parties for marketing purposes unless explicitly authorized by you. 5. Your Choices and Rights You have rights regarding your information, subject to applicable laws: Access and Correction: You may request access to or correction of your personal or health information. Contact us as outlined in Section 11. Opt-Out of Communications: You may opt out of non-essential communications, such as promotional emails or texts, by following unsubscribe instructions or contacting us. Note that you cannot opt out of essential communications (e.g., claims or coverage updates). Text Messaging Opt-In/Out: You control text message communications by providing or withdrawing consent. Reply “STOP” to any text or contact us to opt out. HIPAA Rights: Under HIPAA, you may request restrictions on certain uses of PHI, request confidential communications, or obtain an accounting of disclosures. Submit requests in writing to our Privacy Officer (see Section 11). State-Specific Rights: Depending on your state (e.g., California, Virginia), you may have additional rights, such as requesting deletion of certain data or opting out of data sharing. 6. Data Security We implement physical, technical, and administrative safeguards to protect your information, including: Encryption of sensitive data during transmission and storage. Access controls to limit employee access to necessary information only. Regular security audits and employee training on privacy compliance. HIPAA-compliant agreements with business associates handling PHI. Despite our efforts, no system is completely secure. If a data breach occurs, we will notify you as required by law and take steps to mitigate harm. 7. Data Retention We retain your information only as long as necessary to provide services, comply with legal obligations (e.g., tax or insurance regulations), or resolve disputes. For example, we retain claims data for the period required by HIPAA or state law. When no longer needed, we securely delete or anonymize your information.