Last Updated: October 15th, 2020
How we protect your personal information
THE INFORMATION WE COLLECT ABOUT YOU
In General. We may collect personal information that can identify you such as your name and e-mail address, as well as other information that does not identify you such as your zip code. When you provide personal information through our website, the information may be sent to MedigapInsurancePlan.net servers located in the United States and other countries around the world.
Information You Provide. As mentioned above, we may collect information you submit on our website, such as your name, e-mail address and zip code. We may also track your interaction with email advertisements sent to you by MedigapInsurancePlan.net or our e-mail service providers on our behalf (for example, when you register, purchase, or browse in response to such emails).Interactions with our website, including page clicks, time spent, and other meta-data may also be collected. In addition, we may also collect data from internet cookies.
Information from Other Sources. We may also periodically obtain both personal and non-personal information about you from business partners, contractors and other third parties, as well as information from public databases. Examples of information that we may receive include information about your home and additional demographic information.
Other Technologies. We may use other standard Internet activity tracking technologies, such as web beacons and similar technologies, to track your use on our website or your interaction with our advertisements. A web beacon is a programming code used to display an image on a web page and can also transfer an individual's user identification to a database and associate the individual with previously acquired information about the individual. Such information may be used in targeted or behavioral advertising, as well as for the other uses described in this paragraph. We may include web beacons in promotional e-mail messages or newsletters or online advertisements to determine whether messages have been opened or acted upon. We may use the information we obtain in this manner to customize the services and offers we provide our website's visitors, to deliver targeted advertisements, and to measure the overall effectiveness of our online advertising, content, programming or other activities. We do not tie web beacons to any personal information you submit while on our website.
INFORMATION COLLECTED BY THIRD PARTIES.
Targeted or Behavioral Advertising
Targeted advertising (also known as behavioral advertising) uses information collected on an individual's web browsing behavior such as the pages they have visited or the searches they have made. This information is then used to select which Excel Impact advertisement should be displayed to a particular individual on websites other than an Excel Impact site. For example, if you have shown a preference for Medicare supplemental insurance while visiting an Excel Impact, site, you may be served an advertisement from or about the Excel Impact site for Medicare supplemental insurance when you visit a site other than the Excel Impact site. The information collected is only linked to an anonymous cookie ID (alphanumeric number); it does not include any information that could be linked back to a particular person, such as their name, address or credit card number. The information used for targeted advertising either comes from the Excel Impact site you are visiting or through third party website publishers.
In addition, we may place (or allow third parties to place) cookies and pixels on our website which enable our authorized service providers, advertising companies and advertising networks to collect information about our users who view or interact with their or our advertisements on our website or complete certain actions on our site, such as submitting a form. However, we do not tie these cookies and pixels to personal information that you submit on our website. The information collected by the cookies and pixels allows us and our partner companies to deliver, and gauge the effectiveness of, targeted advertisements, both on our website and when you are browsing other websites. Some of these third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative (www.networkadvertising.org), which offers a single location to opt out of ad targeting from member companies.
Storage of Information We Collect
We may store the personal information described above as necessary to accomplish the business purposes for which it was collected, as well as to comply with our legal and audit obligations, resolve reported and potential disputes, and enforce our agreements. We also maintain an information security program that limits storage of personal information to what is needed to fulfill our reasonable business, legal and audit requirements.
HOW WE USE THE INFORMATION WE COLLECT
In general. We may use information that we collect about you to:
WITH WHOM WE SHARE YOUR INFORMATION
We want you to understand when and with whom we may share personal or other information we have collected about you or your activities on our website, while using our services or in your other interactions (such as responding to e-mails) with us.
We may share your personal information with the following third parties:
Authorized Service Providers. We may share your personal information with our authorized service providers that perform certain services on our behalf. For example, we may engage other companies to provide data storage, to assist in marketing MedigapInsurancePlan.net products or services, to conduct audits, to provide web analytics, and to provide hosting, design, development and other operations which make our website work. Other third-party service providers may help us communicate with you through e-mail. Our policy is to permit these third-party service providers to obtain only the personal information they need to provide the services, and to require them to protect personal information to the same extent as MedigapInsurancePlan.net, including not using it for any improper purpose.
Business Partners. When you express interest in products, services or promotions offered through our website or our services, we may share your expression of interest with the businesses with which we partner to offer you those products, services and promotions, and, as applicable, their affiliates and third-party finder or marketing companies. When you elect to engage in a particular offer or program, you authorize us to provide your e-mail address, phone number, and other information to those businesses.
Marketers. From time to time, where permitted by applicable law, we may share your personal information and automatically collected or aggregated information about you with reputable direct marketers so that they may offer products and services, which we hope, will be of interest to you. Please see the section below entitled "Your Choices About Collection and Use of Your Information" for detailed information on your choices regarding your personal information.
Insurance Companies. If you provide your zip code, we will find insurance companies in your area whom we think may be of interest to you. Once you submit your zip code and select the company you wish to obtain a quote from, you will then be redirected to that third party site and provide information to them directly. Because the insurance companies and other partners on the MedigapInsurancePlan.net network with whom you are matched may retain or use your personal information whether or not you qualify for, or obtain, insurance or another product from them, you should contact these persons directly concerning their privacy and information sharing practices.
Special Notice to Vermont Residents.MedigapInsurancePlan.net will not share any personal information about you with other affiliated companies to the extent prohibited by applicable Vermont law or to the extent your prior consent to share is required by applicable Vermont law.
Other Situations. We also may disclose your information:
(1) In response to a subpoena or similar investigative demand, a court order or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law.
(2) When we believe disclosure is appropriate in connection with efforts to investigate, or to prevent or take other action regarding, illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees or others; or to enforce our website's terms and conditions or other agreements or policies.
(3) In the event MedigapInsurancePlan.net goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, or in the unlikely event of a bankruptcy, your personally identifiable information will likely be among the assets transferred. You will be notified via email or prominent notice on our website for 30 days of any such change in ownership or control of your personal information.
Please note that information may also be collected by third parties such as advertising companies and advertising networks via third-party cookies and pixels on our site (please see the subsection above entitled "Targeted or Behavioral Advertising" for details).
Aggregated and Non-Personal Information. We may share aggregated information (i.e., information about you and other customers collectively, but not specifically identifiable to you) and other non-personal information we collect under any of the above circumstances. We may also share it with third parties and affiliated companies to develop and deliver targeted advertising on our websites and on websites of third parties. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our website and the most popular features or services accessed. This information does not contain any personal information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.
HOW YOU CAN ACCESS YOUR INFORMATION
If your personal information changes, or if you would no longer like us to contact you, you may correct, update, or request deletion by emailing us at email@example.com.
We will retain your information for as long as needed to provide you services. We may also retain and use your information as necessary to comply with our legal and audit obligations, resolve reported and potential disputes, and enforce our agreements. If you wish to request that we no longer use your information to provide you services, please contact us at firstname.lastname@example.org. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing all such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backups), or for which access is not otherwise required. All requests are also subject to the next section below ("Your Choices About Collection and Use of Your Information").
We also maintain an information security program that limits storage of personal information to what is needed to fulfill our reasonable business, legal and audit requirements.
YOUR CHOICES ABOUT COLLECTION AND USE OF YOUR INFORMATION
You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our website because such information may be required in order for you to apply for or obtain products or services.
If you receive e-mail messages or newsletters from us, you will be given the opportunity, in any commercial e-mail that we send to you, to opt out of receiving such messages in the future. It may take up to 10 business days for us to fully process an opt-out request. We may send you other types of transactional and relationship e-mail communications, such as requests for additional information, confirmations, service updates or announcements, administrative notices and surveys, without offering you the opportunity to opt out of receiving them. Please note that opting out of receipt of commercial e-mail communications will only affect future activities or communications from us. If we have already provided your information to a third party before you have changed your preferences or updated your information, you may have to change your preferences directly with that third party.
HOW WE PROTECT YOUR PERSONAL INFORMATION
We take appropriate security measures (including physical, electronic, and procedural measures) to help safeguard your personal information from unauthorized access and disclosure. For example, with regard to MedigapInsurancePlan.net's internal operations, only authorized employees and authorized third party service providers are permitted to access personal information, and they may do so only for permitted business functions. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
The California Consumer Privacy Act (CCPA) provides California residents with the additional rights listed below.
Right to Know. You have the right to know and see what data we have collected about you over the past 12 months, including:
Right to Delete. You have the right to request that we delete the personal information we have collected from you. There are a number of exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:
Do Not Sell My Personal Information. You have the right to request that we do not sell your personal information. Please click here so that we can process your request in an efficient manner. Please note that we do not knowingly sell the personal information of minors under 16 years of age without legally-required affirmative authorization.
Authorized Agent. You have the right to appoint another person or entity registered with the Secretary of State ("Authorized Agent") to make a request for you. If you appoint an Authorized Agent you must provide us with legal authorization indicating your consent to have an Authorized Agent act on your behalf. Examples of acceptable forms of legal authorization include, but are not limited to, a fully executed Power of Attorney or a notarized affidavit.
Other Rights. You can request certain information about our disclosure of personal information to third parties for their own direct marketing purposes during the preceding calendar year. This request is free and may be made once a year. You also have the right not to be discriminated against for exercising any of the rights listed above.
Exercising Your California Privacy Rights. To request access to or deletion of your personal information, or to exercise any other data rights under California law, please contact us or direct your authorized agent to contact us using the following methods:
How We Verify Your Request. When submitting a request via one of the approved methods you will be prompted to provide some information, including your full name, address, email address and phone number. This information is used to validate your request. Upon collection of your information, you will receive an email asking you to validate ownership of that email address by means of a one-time link or code. Without confirmation of ownership of your email address your request may not be processed. The link in the verification email is set to expire after a few days to protect your information should someone gain unauthorized access to your email account at a later stage.To protect your data from unauthorized access, we use the other data points you provide and match it with the information we may have previously obtained from you. If there is a mismatch in the data provided, we shall inform you of this and deny your request, at which point you may start a new claim with corrected information. If the information matches, we will proceed with the processing of your request. The level of data verification may vary depending on the type of request as allowed by the law.
Response Timing. After submitting your request for access or deletion, you will receive a confirmation receipt within 10 business days that includes additional information. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing.
NOTE: We may revise this privacy notice from time to time as implementing regulations further develop and come into effect.
Categories of personal information we collect
We may collect the following categories of personal information from you or from third parties that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer (i.e., you) or household ("personal information"). Specifically, we may have collected the following categories of personal information within the last twelve (12) months since this policy was last updated:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
C. Protected classification characteristics under California or federal law.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial information.
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information.
Physiological, biological, or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
F. Internet or other similar network activity.
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
G. Geolocation data.
Physical location or movements.
H. Sensory data.
Audio, electronic, visual, thermal, olfactory, or similar information.
I. Professional or employment-related information.
Current or past job history.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other personal information.
Profile reflecting a persons preferences for insurance.
Please note personal information does not include:
Sharing personal information
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we may have disclosed the following categories of personal information for a business purpose:
California Customer Records personal information categories.
Protected classification characteristics under California or federal law.
Internet or other similar network activity.
|Inferences drawn from other personal information.|
We disclose your personal information for a business purpose to the following categories of third parties:
Our website is for adults, and we do not knowingly collect personal information from children under the age of 18.
VISITING OUR WEBSITES FROM OUTSIDE THE UNITED STATES
GENERAL DATA PROTECTION REGULATION
For residents of the European Union, Excel Impact, LLC makes all efforts to comply with the General Data Protection Regulation, which took effect on May 25, 2018. EU residents have certain rights under data protection laws. They don't apply in all circumstances. If you wish to use any of them, we'll explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018.
You have the right to complain to the Information Commissioner's Office which enforces data protection laws: https://ico.org.uk/. You can contact us using the details below.
Your right to object
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by going to the How to Contact Us section located below.
Legal basis for processing your personal information
Excel Impact, LLC relies on the following legal bases to use your personal data:
a) Assessing an application for a product or service you hold with us, including consider whether or not to offer you the product, the price, the payment methods available and the conditions to attach
b) Managing products and services you hold with us, or an application for one
c) Updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
d) Sharing your personal information with business partners and services providers when you apply for a product to help manage your product
e) All stages and activities relevant to managing the product or service including inquiry, application, administration and management of accounts
f) For some of our profiling and other automated decision making to decide whether to offer you a product and/or service, particular payment method and the price or terms of this
a) Managing your products and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
b) To perform and/or test the performance of, our products, services and internal processes
c) To follow guidance and recommended best practice of government and regulatory bodies
d) For management and audit of our business operations including accounting
e) To carry out monitoring and to keep records of our communications with you and our staff (see below)
f) To administer our good governance requirements and those of other members of our Group, such as internal reporting and compliance obligations or administration required for AGM processes
g) For market research and analysis and developing statistics
h) For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service
i) Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
j) For some of our profiling and other automated decision making
k) Where we need to share your personal information with people or organizations in order to run our business or comply with any legal and/or regulatory obligations
a) For some direct marketing communications
b) For some of our profiling and other automated decision making
c) For some of our processing of special categories of personal data such as about your health, if you are a vulnerable customer or some criminal records information
NO RIGHTS OF THIRD PARTIES
HOW TO CONTACT US
We have a dedicated data protection officer ("DPO"). You can contact the DPO using the details below:
Excel Impact, LLC
1035 NE 125th ST, Suite 310
North Miami, FL 33161