Effective/updated as of January 1, 2022
Elevate Patient Financial Solutions℠, Incorporated and its affiliated entities are committed to protecting the privacy of certain data that is collected from you and that you submit when you access this website (the “Site”) and in other circumstances described in this Policy. The nature of our business requires that we gather and maintain information that is of a personal nature that you may wish to keep protected.
Changes to this Policy
We reserve the right to change this Policy at any time. In the event we make material change(s) to the Policy, they will be effective immediately upon posting to the Site and will apply after the “Effective Date” listed above. You understand and agree that your continued use of the Site after the effective date, means that the collection, use, and sharing of your information is subject to the updated Policy.
Except to the extent we obtain your consent or as permitted or required by applicable law, we will handle your personal information collected through the Site or as otherwise described in this Policy in accordance with the terms of the Policy in effect at the time of such collection.
Information We Collect
As you are probably aware, we may collect personally identifiable information on this Site from a variety of sources to operate the Site, carry out our business, comply with the law and other purposes described herein.
- Information You May Provide. Your name, email address, address, phone number, company affiliation, and related information in order to receive e-news about the company, respond to surveys, contact us or to request information. Any other information you may provide while filling in forma on our web-site.
- Information Provided by Third-Parties. For example, information provided by our business partners and business associates.
- Statistical Data. To monitor use of the Site and improve its quality, we may compile statistical information concerning the use of the Site through analytics services, such as those provided by Google Analytics. Examples of this information may include: the number of visitors to the Site, or to sections or pages within the Site, patterns of traffic flowing through the Site, length of time spent on the Site, or in sections or pages of the Site, the other sites that refer visitors to the Site, the pages of the Site that visitors frequently use as entry and exit points, utilization of the browser and operating systems and versions used by visitors to the Site. The analytics services may transfer this information to third parties in case of a legal obligation or if a third-party processes data on behalf of that service. To compile this information, we may collect and store:
- Your IP address
- Your operating system version
- Your browser version
- The pages you visit within the Site
- The number of times you visit the Site
- The length of time you spend on pages within the Site
- The site from which you linked to ours
- Information about your internet connection
- Search terms you used in search engines which resulted in you linking to the Site, etc.
IMPORTANT: By using the Site, you consent to the processing of any personally identifiable information provided or collected for the analytics purposes and functions described above.
How We Use Your Data
In general, we will use the personally identifiable information we collect about you only for the purpose it was collected, for compatible purposes, as permitted or required by law, as necessary to carry out our contractual duties and obligations, and as otherwise provided in this Policy. For example, we may use your data:
- To respond to your requests for information about Elevate Patient Financial Solutions or relating to activities, opportunities, events, or products appearing on the Site.
- To communicate with you. We may send you messages about the availability of our services, Site, security, or other service-related issues. Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.
- For our research and development efforts. We may use data, including public feedback and surveys, to conduct research and for the development of the Site and the services, products, and information we provide.
- For other everyday business purposes. By way of example, service development, contract management, IT and website administration, fulfillment, analytics, fraud prevention, corporate governance, reporting and legal compliance.
- To provide you with the products and/or services you have requested.
- To inform you of the products, services, events, or activities that we think may be of interest to you. For example, we may send you announcements, surveys, and newsletters using any communications preferences you have expressed. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means.
- To ensure your information is accurate and to personalize our communications to you. For example, we may aggregate your personal information with data from third-party sources for purposes of keeping information up to date. We may also rely on information from third parties in order to provide better, more personalized service. If you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal and social, or share and use it as described elsewhere in this Policy.
We do not share or sell your personally identifiable information with any third-party advertisers for their advertising. If you no longer wish to receive a communication from Elevate Patient Financial Solutions, you have the option of unsubscribing from our mailing list for that communication.
How We Share Your Data
In general, we will not disclose your personal data we collect through this Site except with your consent or as described in this Policy. In no case will we sell or license your personally identifiable information to third parties. We may disclose your data for the same reasons that we may use it as described in this Policy, which includes disclosing it to our affiliates and non-affiliated entities, as we deem necessary to carry out those purposes.
- Third Party Vendors. We may need to use or disclose this information with our third-party vendors:
- As you direct;
- To manage the Site;
- To provide you with products, services, or offers;
- To enhance our services by, among other methods, obtaining assistance with providing more personalized services to you through analytics and other technologies;
- To protect our interests and legal rights, such as through responding to subpoenas and defending litigation; and
- To protect against and prevent fraud, illegal activity (such as identifying and responding to incidents of hacking or misuse of our websites and mobile applications), claims and other liabilities. We endeavor to choose affiliates and non-affiliates with similar standards to ours regarding the protection of data.
- Legal Process, Security, Defense, Protection. It is possible that we will need to use or disclose information about you if required by law, subpoena, or other legal process. Additionally, we may disclose information about you if we have a good faith belief that disclosure is reasonably necessary to:
- demonstrate our relationship with you;
- investigate, prevent, or take action regarding suspected or actual illegal activities or to assist law enforcement agencies;
- protect the security or integrity of the Site;
- investigate and defend ourselves against any third-party allegations or claims; or
- protect the rights and safety of others.
- Change in Control or Sale. We may share your personally identifiable information in connection with certain business transactions, such as a sale, acquisition, merger, or change in control, or in preparation for any of these events. In such cases, we will take appropriate steps under the circumstances and to the extent possible to ensure that the recipient will apply privacy protections substantially similar to those established by this Policy. Any entity that acquires all or substantially all of the ElevatePFS’s assets will have the right to continue using your data consistent with this Policy or as otherwise agreed to by you.
Social Media Plugins
This Site may use social media plugins (e.g. Facebook and LinkedIn) to enable you to easily share information with others. When you visit our Site, the operator of the social plugin can place a cookie on your computer, enabling that operator to recognize individuals who have previously visited our Site. If you are logged into the social media website (e.g. Facebook, Twitter) while browsing our Site, the social plugins allow that social media website to share data about your activities on our Site with other users of their social media website. For example, Facebook Social Plugins allow Facebook to show your Likes and comments on our pages to your Facebook friends. Facebook Social Plugins also allow you to see your friends’ Facebook activity on our website. We do not control any of the content from the social media plugins. For more information about social plugins from other media websites you should refer to those sites’ privacy and data/information sharing statements/policies.
Safeguarding of Information
No system for safeguarding personal or other information is 100% secure and even though we have taken steps to protect your personally identifiable information from being intercepted, accessed, used or disclosed by unauthorized persons, we cannot fully eliminate security risks associated with personal information. However, we take a number of steps to safeguard the security of personally identifiable information obtained through the Site. For example, we maintain administrative, technical and physical controls to reasonably safeguard data from unlawful use, unauthorized access or disclosure. Additionally, we use Secure Socket Layer (SSL) data encryption when data is transmitted over the Internet to our Site. Individuals who have access to confidential and otherwise nonpublic data are required to maintain the confidentiality of such information. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.
Do Not Track
“Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests. This Site does not collect personally identifiable information about an individual consumer’s online activities over time and across different Web sites when a consumer uses our Site or service.
Links to Third Parties’ Sites
We may provide links to websites or resources outside of our Site for your informational purposes only. You acknowledge and agree we are not responsible for the availability of such sites or resources, and do not endorse and are not responsible or liable for any content, advertising, goods, services or other materials on, available through or provided by such sites or resources. We are not responsible for the privacy or other practices of such sites and cannot guarantee the security of any of your personal information that you provide or may be collected by such sites. We encourage you to review the privacy policies and terms and conditions on those linked sites.
Information of Children
The Site is not directed to children as the products and services on this Site are intended for persons 18 years of age and older. Elevate Patient Financial Solutions does not knowingly collect, use or disclose any personally identifiable information from children through this Site. If you are concerned about your child’s use of the Site, you may use web-filtering technology to supervise or limit access to the Site.
Notice to California Residents
If you are a California resident, please read the following:
This CA Policy does not apply to personal information if it is:
- Personal information covered by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), called “Protected Health Information”. Such Protected Health Information includes identifying information processed through our medical billing services.
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Personal information covered by certain privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (FIPA), or the Driver’s Privacy Protection Act of 1994.
Information We Collect
We may collect personal information in a variety of categories through this Site to carry out our business, operate the Site, comply with the law, and other purposes described in the CCPA.
This CA Policy describes the categories of personal information (“PI”) we collect or have collected in the preceding 12 months through this Site and the purposes for which such PI may be used.
Categories of Personal
Identifiers and Contact information
Examples include real name, postal address, email address, telephone number, mobile number, account number, member ID, or other similar identifiers.
Information is Used
- Provide services or products.
- Respond to consumer requests.
- Track and log visits and use of the Site for marketing purposes, to perform business analytics, and develop the Site, services, and information provided.
- Communicate with consumers about services, products, events or activities in accordance with consumer expressed communication preferences.
- Maintain business records and meet Company record retention requirements.
- Manage the Site and provide technical support.
- Perform compliance and quality audits of services.
- Prevent unauthorized access to or use of the Company’s property, including the Company’s information systems, electronic devices, network, and data.
- Protect against fraud or other illegal activity.
- Protect the legal rights, privacy, safety or property of Company or its employees, agents, contractors, customers or the public.
- Investigate complaints, grievances, and suspected violations of Company policy.
- Carry out the transfer of all or a portion of the business or assets (including in connection with any bankruptcy or similar proceedings); or manage or arrange for acquisitions, mergers and re-organizations.
- Comply with applicable federal, state or local laws regarding the use, retention or disclosure of such information.
Examples include name, physical characteristics or description, insurance policy number, financial information, medical information, or health insurance information.
- Purposes listed above.
Internet or other electronic network activity
Examples include browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
- Purposes listed above.
- Business management.
- Recruiting efforts.
Professional or employment-related information
- Purposes listed above.
The Company may add to the categories of PI it collects and the purposes it uses PI. In that case, the Company will inform you.
The above categories of PI are or were collected from the following categories of sources:
- Directly from consumers;
- From Company’s analytics providers; and
- Through consumer’s activity on the Site.
The above categories of PI are collected for the following business or commercial purposes:
- Provide requested services or products;
- Communicate with the consumer;
- Verify consumer identity when providing requested information, services or products;
- Detect security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
- Debugging to identify and repair errors that impair existing intended Site functionality;
- Marketing and business analytic purposes; and
- Respond to law enforcement requests or as required by applicable law.
The above categories of PI are shared with the following categories of third parties:
- Government entities;
- Affiliated corporate entities;
- Analytics service providers;
- Site hosts;
- Consumers’ healthcare providers;
- Independent contractors providing hearing representation services on behalf of the Company;
- Outside legal counsel;
- IT service management providers; and
- Customer relationship management service providers.
For information regarding the Company’s practices concerning the sharing of job applicants’ PI with third parties please see Company’s Applicant Privacy Statement.
The Company has disclosed for a business purpose the following categories of PI in the preceding 12 months:
- Identifiers and contact information;
- Other elements;
- Internet or other electronic network activity;
- Professional or employment related information; and
- Information from job applicants.
The Company does not sell PI. As such, no category of PI has been sold in the preceding 12 months.
Pursuant to the CCPA, and as detailed below, consumers have various rights with respect to their PI. The CCPA does not extend the following rights to PI collected from a business’s employees or job applicants if the PI is collected and used solely for such employment purposes.
- Right to Request Deletion. You have the right to request the Company delete your PI from the Company’s records and direct any service providers to delete your PI from their records, subject to certain exceptions.Upon receipt of a verifiable consumer request, the Company will delete and direct any service providers to delete your PI from its records.The Company is not required to comply with your request to delete your PI if it is necessary for the Company (or its service provider) to maintain your PI in order to:
- Complete the transaction for which the PI was collected, provide a good or service requested by you, or reasonably anticipated within the context of the Company’s ongoing business relationship with you, or otherwise perform a contract between the Company and you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the Company’s deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent.
- To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with the Company.
- Comply with a legal obligation.
- Otherwise use your PI, internally, in a lawful manner that is compatible with the context in which you provided the information.
If you are under the age of 18, and a registered user of any site where this CA Policy is posted, California law permits you to request and obtain removal of content or information you have publicly posted. You may submit your request using the contact information at the end of this Policy. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
- Right to Request Information. You have the right to request the Company disclose the following to you as it relates to the 12-month period preceding the Company’s receipt of your verifiable consumer request:
- The categories of PI the Company has collected about you.
- The categories of sources from which the PI is collected.
- The business or commercial purpose for collecting or selling PI.
- The categories of third parties with whom the Company shares PI.
- The specific pieces of PI the Company has collected about you.
Upon receipt of a verifiable consumer request, the Company will provide a response to your request for information.
- Right to Request Information as to Sale or Disclosure for Business Purpose. Your PI is only disclosed as provided in this CA Policy. The Company does not sell your PI. You have the right to request the Company disclose the following to you as it relates to the 12-month period preceding the Company’s receipt of your verifiable consumer request:
- The categories of PI the Company has collected about you.
- The categories of PI that the Company disclosed about you for a business purpose.
Upon receipt of a verifiable consumer request, the Company will provide a response to your request for information as to the disclosure of PI for business purposes.
In addition to the CCPA, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by certain members of the ElevatePFS to third parties for the third parties’ direct marketing purposes. Requests may be made one time per calendar year. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g., requests made in 2022 will receive information regarding 2021 sharing activities). You may submit your request using the contact information at the end of this Policy.
- Nondiscrimination. We will not discriminate against you in violation of the CCPA for exercising any of your CCPA rights. For example, we generally will not provide you a different level or quality of goods or services if you exercise your rights under the CCPA.
Submitting Consumer Rights Requests
To submit any of the Consumer Rights requests as outlined above, please contact us at our Compliance Hotline at 1-888-919-4550 or compliance@ElevatePFS.com. You may also submit a request in writing to the address below:
Attn: General Counsel
25700 Interstate 45 North, Suite 300
Spring, TX 77386
We reserve the right to only respond to verifiable consumer requests. A verifiable consumer request is one made by any individual who is:
- The consumer who is the subject of the request,
- a consumer on behalf of the consumer’s minor child, or
- by a natural person or person registered with the Secretary of State authorized to act on behalf of a consumer.
If the Company requests, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of a consumer. Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. PI collected from an individual to determine whether a request is a verifiable consumer request may not be used for any other purpose. We will endeavor to respond to a verifiable consumer request within forty-five (45) days of receipt, but we may require an extension of up to forty-five (45) additional days to respond and we will notify you of the need for the extension.
Notice to Site Users Located Outside the U.S.
ElevatePFS operates in accordance with the laws of the U.S. When you access our Site from outside the U.S., we may transfer the personal information that we collect from you to a location outside of your jurisdiction, including the U.S. The data protection laws in these jurisdictions may not provide you with the same protections as those of your jurisdiction. By using this Site you acknowledge that these laws may provide a different standard of protection and you consent to the transfer of your personal data to other jurisdictions, including the U.S.
Your Choices Regarding Your Personal Information
You can always limit the information you provide to us, but if you choose not to provide certain requested information, you may be unable to access some of the services and content on the Site. You can also limit the communications that we may send you by following a simple opt-out or unsubscribe process. Simply follow the instructions in our newsletter or other communications to opt-out of receiving, or unsubscribe from, future communications.
Please note that even if you opt-out of certain communications from us, we may still need to contact you with important information about your use of the Site.
How to Contact Us
Attn: General Counsel
25700 Interstate 45 North, Suite 300
Spring, TX 77386