Stride Health, Inc.
Website and Mobile App Privacy Policy
09/30/2020 What's new?
Welcome. Welcome to this website or mobile application, a service of Stride Health, Inc. (“we” “us” or “our”). This Privacy Policy (“Privacy Policy”) explains how we collect, use and share personally identifiable information about you or members of your household when you use this website or mobile application, or any other website, mobile application or interactive features that link to this Privacy Policy.
This Privacy Policy describes the information we collect about you, and also how we use it, when we share it, how we protect it, and how you can take action about it. You can read this policy from top to bottom, or use these links to read specific sections that describe our privacy commitments to you.
The Websites and Services Covered by this Privacy Policy
This Privacy Policy applies to any website, mobile application or other interactive feature (each, a “Service, and collectively, “Services”) that links to this Privacy Policy, including, but not limited to:
Stride Health or Stride-branded websites, including www.stridehealth.com
Stride Health or Stride-branded mobile applications
Interactive email or text messaging features, when you provide your email address or cell phone number to us, or consent to our use of your email address or cell phone number, in a website or mobile application that links to this Privacy Policy.
In addition, our Healthcare.gov Privacy Supplement describes specific privacy practices that we use when Stride helps you to get health coverage through the Health Insurance Marketplace.
We are not responsible for the privacy practices of any third party service providers (such as health plans, health insurance marketplaces, internet service providers or cloud service providers) or other third parties operating websites or applications to which our Services link. The inclusion of a link in any Services does not imply that we endorse, or otherwise monitor the privacy practices of that linked third party website or application.
The Categories of Data We Collect When You Use Our Services
We collect two basic types of information about you and members of your household: Personally Identifiable Information and Non-Personally Identifiable Information.
Personally Identifiable Information includes data that is unique to an individual, like your name, address, social security number, e-mail address, telephone number and policy information. It can also include information which is not unique to you but which we’ve associated with your Stride account. For example, Personally Identifiable Information includes demographic information (like income, age, gender, household composition, race or ethnicity), health information (such as health condition or medical needs) or usage data (such as web browser information, server log files, cookie technology, pixel tags or beacons, and other technologies) that we collect when you use our Services and are logged into your Stride account.
Here’s a table that explains the types of Personally Identifiable Information we collect (with some examples thrown in):
Category | Examples | Purposes | Is it Personally Identifiable? |
Information about your location, household and medical priorities | Zip code |
Age, tobacco use
Doctors, prescriptions and health conditions | To find health plans available to you
To estimate premiums
To narrow plan recommendations | Only if you create a Stride account | | Account information | Email address and password | To register for a Stride account | Yes | | Application information | Name, date of birth, home address, plan selection, government-issued identifiers | To apply for coverage, verify information, confirm eligibility and calculate monthly premium | Yes | | Coverage information | Medical record number | To complete enrollment and begin using benefits | Yes | | Payment information | ACH or payment card number | To pay first month’s premium | Yes, if you use the Stride app to track mileage for tax deduction purposes | | Mileage tracker | GPS coordinates and timestamps; expense receipts | To track mileage and calculate tax deductions | Yes, if you choose to use Stride Drive or Stride Tax | | Tracking information | Web browser information | To personalize services and improve service performance | Only if it’s linked to your Stride account |
We collect the same or similar types of information when you shop for dental or vision benefits, life or disability insurance. With your consent, we can also collect financial data to help you find, track and document money-saving tax deductions in our Stride mobile app.
Non-Personally-Identifiable Information means information that does not identify you personally and cannot reasonably be associated, reidentified or linked back to you or your household. Examples include information that may have started as Personally Identifiable Information but which has been stripped of identifiable factors in a way that prevents it from being re-associated, re-identified or linked back to you, members of your household or your Stride account.
How We Collect Information
The specific information we collect about you or members of your household -- and the reasons why we use, share and secure it -- varies with the Services you choose to access, and whether you are just looking at your options (“Lookers”), want to save your recommendations for later use (“Savers”) or apply for coverage or other financial products (“Buyers”).
Just Looking. If you visit our Services without creating a Stride account, we collect information that helps you find a health, dental or vision plan that works for you. We call this group of visitors “Lookers”. As a Looker, you can enter your zip code, age and gender for you and any dependents you want to include for coverage, and if you choose, information about your doctors, prescription drugs and health conditions. We use this information to return plan pricing and recommend plans that can save you money, without you needing to create a Stride account. We associate this data with a temporary session cookie for up to 7 days after your last visit to our site, and link it with some machine identifiers (like IP address, browser and device information) that are associated with a session (as opposed to a persistent cookie). That way, you can still look at your plan recommendations when you come back to the Stride site without a Stride account. If you don’t create a Stride account or return to our Service from the same device within 7 days, we clear the session cookie and all the collected information associated with it.
Still Thinking. If you don’t want your plan recommendations to be cleared, you can save your progress by creating a Stride account. This links the information associated with your session cookie to your Stride account. We call this group of visitors “Savers”. Once you become a Saver, all the information we collect from you is treated as Personally Identifiable Information, unless we de-identify or aggregate it in a way that makes it Non-Personally Identifiable Information.
Ready to Roll. If you’re ready to buy coverage from a plan or sign up for other benefits, we collect additional Personally Identifiable Information, as required by insurers or health insurance marketplaces to confirm your identity, verify eligibility and help you enroll in coverage. We call this group of users “Buyers.”
How We Use Tracking Technologies to Collect Usage Data
When you visit or interact with our Services, we may collect data from you through a number of different automated technologies (“Tracking Technologies”) to help us improve our Services and present you with sponsored content on other service platforms. Examples of how we use Tracking Technologies include:
Browser and device information. We may automatically collect certain web browser information. Web browsers collect and store information about the type of device and operating system you are using to access our Services, as well as your device’s media access control (“MAC”) address for facilitating network communications. Accessing this information helps us to establish a secure and consistent connection to you and to customize experience and content when you use our Services.
"Cookie" technology. A "cookie" is an element of data that we can send to your web browser when you link to our Services. It is not a computer program and has no ability to read data residing on your computer or instruct it to perform any step or function. By assigning a unique data element to each visitor, we can recognize repeat users, track your usage patterns and better serve you when you return to our Services later. The cookie can also track your usage patterns as you visit other websites across the internet, to support marketing campaigns that deliver sponsored content about our Services on other websites and service platforms. Your browser may offer you a “Do Not Track” option, which allows you to prevent us from tracking your online activities over time and/or across different websites. Our Services do not support Do Not Track requests at this time, which means that we may collect information about your online activity both while you are using and after you leave our Services.
Client-side page tagging. This technology uses code on each web page to write certain information about the page and the visitor to a log when a page is rendered to you by our Services. "Tagging" does result in a JavaScript program running in your browser, but it is limited to providing information about the page that you are requesting and the configuration of your browser. It will not read any of your data files, nor execute any additional programs. It does not extract any Personally Identifiable Information about you. You can prevent tagging by disabling JavaScript in your browser, but that may prevent you from using all of our Services’ functions.
Tracking pixels or beacons. Tracking pixels (sometimes referred to as "web beacons") are tiny graphics with a unique identifier that are embedded invisibly on web pages and are about the size of the period at the end of this sentence. They perform a similar function to cookies, except that cookies are stored on a user's computer hard drive. We may use web beacons on our websites and mobile applications to help us collect data about user activity.
IP Address. When you subscribe to an Internet Service Provider (ISP), your computing device is assigned an IP Address. We may track and store this address to help us manage security, monitor usage volume and patterns, and to customize experience and content when you use our Services.
Device ID. Each mobile or web-accessible device has a unique alpha-numeric device identifier. By tracking and storing the Device ID for your device, our Services may be able to recognize repeat users (or households), track usage patterns and better serve you when you return at a later time. It can also help us manage security, and monitor usage volume and patterns.
We treat data collected through Tracking Technologies as Non-Identifiable Personally Identifiable Information if you are a Looker, Saver or Buyer, except when it has been associated with your Stride account, in which case we treat it as Personally Identifiable Information.
How We Use the Data We Collect
We use Personally Identifiable Information and Non-Personally-Identifiable Information so that we can:
Verify your identity and authenticate access to your account
Provide you with the Services
Personalize the Services
Provide you with customer service and technical support
Evaluate and improve our Services
Notify you of new Service features or new Services that we provide
Notify you of other benefits that your plan or any of our Stride Benefits partners may provide
Bill and collect payment for any applicable premiums, fees or charges
Take action that helps us to maintain the security of our Services and the privacy of your Personally Identifiable Information, obey laws and help prevent fraud and abuse
Update any hardware, software or other tools that we provide in conjunction with the Services
Take actions to enforce our agreements and policies
How We Share and Disclose Information With Others
Our policies for sharing and disclosing your Personally Identifiable Information with others depends on whether you are a Looker, Saver or Buyer.
Third Party Service Providers. We consider all data we collect from Lookers, Savers and Buyers to be confidential. We use third party service providers to assist us in delivering our Services to you, including internet service hosting, payment processing, technical integration, marketing, analytics, customer service, and fraud protection providers. We share data with these third parties, to the extent necessary for them to provide these services. These companies are acting on our behalf and are required, by contract with us, to keep our data confidential and are only authorized to use it for specific purposes. We always seek your approval before exchanging Personally Identifiable Information about you with third party services that link your accounts with them to your Stride account.
Health Plans and Health Insurance Marketplaces. Our Services give Buyers the ability to seek coverage and determine eligibility for benefits offered by insurance carriers through the Health Insurance Marketplaces. The Personally Identifiable Information we share with these entities is the minimum necessary for them to act on an application that you make through our Services. We always seek your approval before submitting an application or exchanging Personally Identifiable Information about you with an insurance carrier or Health Insurance Marketplace.
The Marketplace Privacy Supplement describes the privacy practices of HealthCare.gov. You can also find links to the privacy policies of state-based health insurance marketplaces on our website and the notice of privacy practices of insurance carriers on their respective websites. You should read these privacy policies to understand how these third parties use your Personally Identifiable Information. We do not endorse these organizations, and have no control over how they manage your Personally Identifiable Information after we share or disclose it with them.
With Your Authorized Representatives. We deliver our Services to you and not to intermediaries that may offer assistance to you in managing your financial matters. While you may choose to share your Stride account credentials with someone, we have no way of verifying whether or not that person is really you, or whether they are authorized to access your Personally Identifiable Information. We have established procedures for verifying the authority of a personal representative that contacts us at your request about your Stride account.
Sponsoring Partners. We partner with companies that promote our Services as a benefits platform for their permanent or independent workforce. These partners share a link with their workforce to our Services. If you visit our Services through a link like this, you will be presented with a branded marketplace of benefits. We do not disclose any of your Personally Identifiable Information to these partners without your consent, nor do we receive any Personally Identifiable Information about you from them. We do not endorse or monitor the privacy practices of these sponsoring partners. You should read their privacy policies to understand how they may use your Personally Identifiable Information when you access our Services through a branded marketplace.
Marketplace Partners. We augment our Services with benefits made available through our marketplace partners. Without your express consent, we do not disclose any of your Personally Identifiable Information to these partners, nor do we receive any Personally Identifiable Information about you from them. However, we may share data sets or aggregated reports of Non-Personally Identifiable Information with them to evaluate Service adoption and performance. If we transform Personally Identifiable Information into Non-Personally Identifiable Information, and then share it with these third parties, we implement reasonable technical safeguards and business processes to prevent reidentification or the inadvertent release of identified information, and receive contractual assurances that marketplace partners will not attempt to reidentify any Non-Personally Identifiable Information that we give them.
Legal Authorities. We may be required by law or legal process to disclose Personally Identifiable Information to our lawyers, to third parties in connection with litigation, or to law enforcement personnel. We will disclose your Personally Identifiable Information in compliance with applicable laws. We may provide this information without your consent and without notice to you when we are required to do so in order to comply with a valid legal process such as a subpoena, court order, or search warrant.
Affiliates. We may share your Personally Identifiable Information with any parent or subsidiaries, or other companies or entities which control, are controlled by or under common control with us. If we do so, they will be required, by contract with us, to keep this information confidential and only for purposes that are permitted in this Privacy Policy.
Business Transfers. If we enter into a merger, acquisition, or the sale of all or part of our assets, your Personally Identifiable Information will likely be part of the assets transferred. We will notify you if this happens if we have a way to contact you and we are required to provide you with notice.
Cross-Device Linking and Advertising. Some of our third-party service providers use different Tracking Technologies to predict or determine a likely association or relationship between two or more devices such as smartphones, tablets, desktop computers, etc. We may use analytics provided by these third parties to help us serve online content, including advertisements, about the Service across the internet on websites and social media platforms. We do not permit any third parties to serve advertisements in our Services, and we do not disclose your Personally Identifiable Information to them.
Tracking Technologies Used By Third Parties. Bear in mind, third parties, including Facebook, may use cookies, web beacons, and other technologies to collect information about you when you visit our website or mobile applications, including your IP address, web browser, pages viewed, time spent on pages, links clicked, and conversion information. We are not responsible for third party tracking technologies, and we encourage you to check the privacy policies of these third parties to learn more about their privacy practices.
California Privacy Act Notice. UNDER CALIFORNIA CIVIL CODE SECTIONS 1798.83-1798.83, CALIFORNIA RESIDENTS ARE ENTITLED TO ASK US, ONCE PER YEAR, FOR A NOTICE IDENTIFYING THE CATEGORIES OF INFORMATION WHICH WE SHARE WITH OUR AFFILIATES AND/OR THIRD PARTIES FOR MARKETING PURPOSES, AND PROVIDING CONTACT INFORMATION FOR THESE AFFILIATES AND/OR THIRD PARTIES. REQUESTS WILL APPLY TO INFORMATION PROVIDED DURING THE PREVIOUS CALENDAR YEAR (FOR EXAMPLE, IF YOUR REQUEST INFORMATION IN 2018, YOU WILL RECEIVE INFORMATION REGARDING 2017).
IF YOU ARE A CALIFORNIA RESIDENT AND WOULD LIKE A COPY OF THIS NOTICE, PLEASE SUBMIT A WRITTEN REQUEST TO: SUPPORT@STRIDEHEALTH.COM SUBJECT HEADING: “CALIFORNIA CIVIL CODE COPY OF NOTICE REQUEST) OR STRIDE HEALTH, INC, 501 2nd STREET, SAN FRANCISCO, CA 94107 (ATTN: PRIVACY).
What You Can Do With Your Information
You may update your Personally Identifiable Information (or correct it if it is incorrect) through your Stride account or by contacting us at support@stridehealth.com or by calling us at (415) 930-9110. If you'd like us to help you remove your account or any of your Personally Identifiable Information that we have previously collected through a Service, please contact us at support@stridehealth.com or by calling us at (415) 930-9110. In some cases, we may not be able to remove your Personally Identifiable Information, in which case we will let you know if we are unable to do so, and why.
Privacy Rights
We take your privacy seriously. We try to be transparent about our data practices in this Privacy Policy and by responding quickly to your privacy-related questions. Here are some of the questions we can help answer:
What kind of Personally Identifiable Information does Stride collect or create about me?
What specific pieces of Personally Identifiable Information does Stride have about me?
Besides me, who has received my Personally Identifiable Information from Stride?
Stride has out-of-date information about me. How do I update it?
Stride has incorrect information about me. How do I update it?
I want to delete my Stride account, and delete my data. How do I do that?
Send us an email at support@stridehealth.com or call us at (415) 930-9110, and we’ll get the ball rolling. If you are in California, you can also call (855) 977-1120.
We do our best to acknowledge your request within 10 days, and respond within 30 days. If you feel that any of your privacy concerns have not been addressed, send us another email and ask that your concern be forwarded to Stride’s Privacy Officer.
Retention of Your Personally Identifiable Information
We will retain Personally Identifiable Information for as long as your account is active or as needed to provide you with Services, or as otherwise necessary to help us improve our products and services, comply with our legal and contractual obligations, resolve disputes, and enforce our agreements with you.
Security
We have implemented technical, administrative and physical security measures based on generally accepted industry standards that are designed to protect your information from unauthorized access, disclosure, use and modification. We regularly review our security practices to consider appropriate new technological and other safeguards. However, no method of transmission over the Internet or method of electronic storage is entirely secure. Even so, we cannot guarantee in all cases that these measures will be sufficient to protect Personally Identifiable Information from unauthorized use.
Children
We do not knowingly collect personal data from anyone under the age of 13 through our Services website, and our Services are not directed to children under the age of 13. Children should always get permission from a parent or legal guardian before sending any information about themselves (such as their names, email addresses, and telephone numbers) to us.
Users Outside of the United States
The Services that link to this Privacy Policy are for users located in the United States. For this reason, we do not self-certify under the E.U.-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield to comply with data protection requirements when transferring personal data from the European Union or Switzerland to the United States. If you use any of our Services from outside of the United States, then by providing us any of your data, you understand and consent to the collection, use, processing, sharing, and disclosure of your personal data as described in this Privacy Policy, and acknowledge that the United States may not provide the same level of protection to personal data as the country in which you reside, whether that country is in the European Economic Area or elsewhere outside of the United States.
Email and Text Messages
After you create a Stride account, we may send you emails or SMS text messages to remind you of opportunities to save money. You can opt out of receiving these communications at any time by following the “unsubscribe” or “opt out” prompts in these communications.
Because of how email and SMS text messaging technologies operate, these communications are not encrypted. In addition, we have no control over the electronic networks that are used to transmit email or text messages. While interception or alteration of these messages is illegal, it is possible.
Sometimes, we send you emails that include a secure link that allows you to securely upload your Personally Identifiable Information. We recommend that you use these links wherever possible. If instead you choose to send or request information over unencrypted email or SMS text message, you agree that you understand and accept that the information could be read by third parties.
Changes to this Privacy Policy
We reserve the right to change this Privacy Policy. When we change it, we will make a copy of it available to you by posting it on www.stridehealth.com and including a link to it in this Privacy Policy. If we make material changes to this Privacy Policy, we will make you aware of them where we post the updated policy and may also notify you by other reasonable methods that we select. If we make material changes to this Privacy Policy that will result in a new use, disclosure, or permission of access to your personal data that we previously collected and stored, we will obtain any consent that may be required by law. You understand and agree that if you use this website after the effective date of the updated Privacy Policy, we consider your use as acceptance of it.
This Privacy Policy replaces the Privacy Policy and Detailed Privacy Disclosures, dated October 19, 2018
This Privacy Policy amends the Privacy Policy dated January 1, 2020 by allowing disclosures of your Personal Data to Marketplace Partners with your express consent.
NOTICES FOR CALIFORNIA RESIDENTS
California Privacy Act Notice. UNDER CALIFORNIA CIVIL CODE SECTIONS 1798.83-1798.83, CALIFORNIA RESIDENTS ARE ENTITLED TO ASK US, ONCE PER YEAR, FOR A NOTICE IDENTIFYING THE CATEGORIES OF INFORMATION WHICH WE SHARE WITH OUR AFFILIATES AND/OR THIRD PARTIES FOR MARKETING PURPOSES, AND PROVIDING CONTACT INFORMATION FOR THESE AFFILIATES AND/OR THIRD PARTIES. REQUESTS WILL APPLY TO INFORMATION PROVIDED DURING THE PREVIOUS CALENDAR YEAR (FOR EXAMPLE, IF YOUR REQUEST INFORMATION IN 2019, YOU WILL RECEIVE INFORMATION REGARDING 2018).
IF YOU ARE A CALIFORNIA RESIDENT AND WOULD LIKE A COPY OF THIS NOTICE, PLEASE SUBMIT A WRITTEN REQUEST BY EMAIL TO SUPPORT@STRIDEHEALTH.COM SUBJECT HEADING: “CALIFORNIA PRIVACY” OR BY REGULAR MAIL TO STRIDE HEALTH, INC, 501 2nd STREET, SAN FRANCISCO, CA 94107 (ATTN: PRIVACY).
California Consumer Privacy Act (CCPA) Notice. UNDER CALIFORNIA CIVIL CODE SECTIONS 1798.100-1798.198 AND THEIR IMPLEMENTING REGULATIONS, CALIFORNIA RESIDENTS CAN REQUEST A DISCLOSURE IN MACHINE READABLE FORMAT OF THE CATEGORIES AND SPECIFIC PIECES OF PERSONALLY IDENTIFIABLE INFORMATION THAT WE HAVE COLLECTED ABOUT YOU AND YOUR HOUSEHOLD DURING THE 12 MONTHS PRECEDING OUR RECEIPT OF A VERIFIABLE CONSUMER REQUEST (LIMIT TWO TIMES PER 12-MONTH PERIOD). YOU CAN ALSO ASK WHERE THIS INFORMATION CAME FROM, WHAT WE USE IT FOR, AND WHETHER WE DISCLOSE OR SELL IT TO OTHERS. IF WE DISCLOSE OR SELL IT TO OTHERS, YOU HAVE THE RIGHT TO EASILY OPT OUT OF THIS PRACTICE. PLEASE CONTACT US AT SUPPORT@STRIDEHEALTH.COM SUBJECT HEADING “CALIFORNIA PRIVACY” OR (855) 977-1120 IF YOU WOULD LIKE TO LEARN MORE ABOUT OR EXERCISE ANY OF THESE RIGHTS.
STRIDE HAS NOT AND DOES NOT SELL YOUR PERSONALLY IDENTIFIABLE INFORMATION, SEPARATE FROM DISCLOSURES MADE TO PROVIDE YOU WITH SERVICES. STRIDE DOES NOT OFFER FINANCIAL INCENTIVES OR VARY ITS SERVICE TERMS WITH YOU IN EXCHANGE FOR YOU LETTING US SELL YOUR PERSONALLY IDENTIFIABLE INFORMATION.