MHA Privacy Policy
Privacy Policy
Last Updated: March 25, 2024
Your privacy is important to us. Please read this Privacy Notice carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”), and to learn about your rights and choices regarding your Personal Data. For information about state-specific privacy rights, including the rights of residents of California, Virginia, Colorado, Nevada, Utah, or Connecticut, please click here. Managed Health Care Associates, Inc. is the controller of your Personal Data as described in this Privacy Notice, unless specified otherwise. This Privacy Notice applies to the collection and processing of Personal Data collected by us when you visit our branded websites that link to this Privacy Notice; use our online products and services as an authorized user where we act as a controller of your Personal Data; visit our branded social media pages; visit our facilities; communicate with us (including emails, phone calls, texts or fax); or register for, attend or take part in our events, webinars, trade shows or contests.
Collection of Personal Data. We collect three types of Personal Data from you:
Information You Provide: We collect and record any information that you provide to us directly, including any personal identifiers, professional or employment-related information, financial account information, commercial information, visual information, or internet activity information that you provide to us through this website or other medium.
Information We Collect Automatically: We automatically collect and store information about your use of this website and our services. To do so, we may use cookie technology and other online identifiers to track your IP address, web browser, geolocation, or your activity on this site. For more information about cookies and other tracking technologies, please see our Cookie Policy.
Other Information We Collect: We may combine data from other sources with Personal Data we receive from you. These other sources may be from third parties or from publicly available sources. This may include information related to your employment, education, commercial interactions, and internet activity.
In some cases, the collection and processing (see Section 2 below) of Personal Data is required for you to receive certain products or services. Personal Data does not include information that is anonymized or aggregated such that you cannot be identified from it.
If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so and have obtained any
necessary consent for the information to be used in accordance with this Privacy Notice. If you believe that your Personal Data has been provided to us improperly or want to exercise your rights relating to your Personal Data, please contact us by using the information in Contact Us section (Section 16) below.
Types of Personal Data We Collect. We may collect the following types of Personal Data about you.
identifiers (e.g., name, address, phone number, IP address);
records about you (e.g., signatures, physical characters or descriptions of you, content, timing, and method of communications you have with us, an information you share or upload to our website, services, or other digital properties)
demographic information;
internet or other online activity information;
geolocation data (e.g., computer/device location);
professional/educational information;
inferences drawn from any of the above.
Processing your Personal Data. Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we rely on other legal bases to collect and process your Personal Data. We process your Personal Data for the following purposes:
Providing our services, products, and website access: We process your Personal Data relating to your access of our services, products, website, and other digital properties (e.g., IP address, internet activity, account information, etc.) to ensure both you and we meet our obligations under the applicable contract, terms of use, or service agreement and to project future demand as well as improve our websites and services; absent a contractual relationship, we process your Personal Data to further our legitimate interest in operating and improving our websites and services.
Internal business purposes: We process your Personal Data to operate, maintain, and improve our services, products, and website, including customizing the content; maintaining internal business records, such as accounting, managing user accounts, document management and similar activities; enforcing our policies and rules; monitoring service usage, management reporting; auditing; and IT security and administration to meet our obligations to you to perform our contract with you,
or, if no contract applies, to the extent it is necessary for our legitimate interest in operating our business in a secure and efficient manner.
Internal research and product improvement purposes: We process your Personal Data to verify and maintain the quality or safety of our products or services; improve our products or services; design new products and services; evaluate the effectiveness of our advertising or marketing efforts; and debug and repair errors with our systems, networks, and equipment to perform our contract with you, or, if no contract applies, to the extent it is necessary for our legitimate interest in improving our products and services.
Securing our facilities, websites and services: We process your Personal Data (e.g., name, IP address, account information, internet activity) as part of our efforts to maintain, monitor and secure our facilities, websites, services, and products. This may include aggregating data, verifying accounts, investigating suspicious activity, and enforcing our terms and policies to the extent necessary to further our legitimate interest in maintaining a safe and secure website, products and services and in protecting our rights and the rights of others.
Responding to contact requests: If you contact us electronically or by phone, we process your Personal Data (e.g., name, account information, government identifiers) to perform our contract with you, or, if no contract applies, to the extent it is necessary for our legitimate interest in responding to your inquiry and communicating with you. We may record and process communications for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded.
Marketing and advertising: We may process your Personal Data (e.g., name, account information, purchase history, internet activity) to advertise to you, conduct market research, and to provide other personalized content based upon your Personal Data to the extent it is necessary for our legitimate interest in advertising our websites, services or products. Where legally required, we will obtain your consent before engaging in any marketing or advertising.
Complying with legal and safety obligations: We process your Personal Data (e.g., name, account information, payment history, internet history) when cooperating with public and government authorities, protecting our legal rights, conducting audits, and protecting against abuse of our services and products. Any such
processing is based on our legitimate interest in protecting our legal rights or, when applicable, complying with a legal obligation to which we are subject.
In connection with a corporate transaction: We may process your information if we sell or transfer all or a portion of our business or assets including through a sale in connection with bankruptcy and other forms of corporate change in furtherance of our legitimate interest in operating and transacting the business of the company.
In some cases, we may provide specific services or offerings subject to separate or supplemental privacy policies. In those cases, we will prominently inform you of those policies and provide those policies in an easily accessible format.
Exclusions. This Privacy Policy does not apply to Personal Data that:
we process on behalf of our customers in the role of processor or other service provider, such as when we allow customers to create their own websites/applications to offer their own products and services, to send electronic communications to others; or otherwise use, collect, share or process Personal Data via our online products and services. Our customers’ privacy policies may be different from ours, and we are not responsible for those practices.
we process about current or former employees, job applicants, and other individuals who interact with us for employment-related purposes.
Protecting Personal Data. We take commercially reasonable precautions to protect the Personal Data in our possession from loss, misuse, unauthorized access, disclosure, alteration, or destruction. While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure or error-free. Personal Data you send to or from the website or via e-mail may not be secure, and we encourage you to contact us about more secure ways to share sensitive information when necessary. Where you use passwords, ID numbers, or other special access features on this site, it is your responsibility to safeguard them and to log out of any accounts you access after your sessions.
Your Individual Rights. Depending on our relationship with you and where you may reside , you may have certain rights relating to your Personal Data based on applicable local data protection laws, including from individual US state privacy laws (e.g., California, Virginia, Colorado, and other states), Canadian privacy laws, and the EU/UK General Data Protection Regulation. Depending on the applicable laws these rights may include the right to:
Request information about the categories of Personal Data we have collected about you, the categories of sources from which we collected the Personal Data, the purposes for collecting, sell or sharing the Personal Data, and to whom we have disclosed your Personal Data.
Request and receive copies of your Personal Data that we hold;
Request additional information about how we process your Personal Data;
Correct inaccurate or incomplete Personal Data (taking into account our use of it);
Request deletion of your Personal Data;
Restrict or object to our processing of your Personal Data, including restricting the sale or sharing of your data or its use for cross-context behavioral marketing. Where we process Personal Data for direct marketing purposes (either by us or third parties) or for cross-context behavioral marketing, you may not have to provide a specific reason for such objection;
Require us (if possible) to transfer your Personal Data to another controller (i.e., data portability);
Limit the use or disclosure of your sensitive Personal Data;
Restrict certain disclosures of your Personal Data to third parties;
Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and
Withdraw your consent to the processing of your Personal Data (to the extent we base processing on consent and not on another lawful basis).
We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights. You may exercise these rights, to the extent applicable, by making the request via our website here, by calling (800) 642-3020, by sending us an email at privacy@mhainc.com, or writing to us at Managed Health Care Associates, Inc., 400 Interpace Parkway, Building C, Suite 200, NJ 07054, Attn.: Data Security Officer. We will respond to any such requests within 30 days of receipt.
If you are not happy with how Managed Health Care Associates, Inc. handles your Personal Data and we cannot provide you with a satisfactory resolution to your request, you also have the right to lodge a complaint with a supervisory body for data protection in your jurisdiction. If you wish to pursue any of these rights, please contact us using the details set out at the end of this Notice below.
Disclosing Personal Data to Third Parties. We do not “sell” or “share” Personal Data about you as those terms are defined by the California Consumer Privacy Act. We may provide your Personal Data to the categories of recipients described below:
Managed Health Care Associates, Inc.’s divisions, holding companies, subsidiaries, and affiliates.
Third party service providers or other entities that perform services on our behalf, help us provide you with our products and services, and that otherwise support our relationship with you (such as direct mailing organizations). These third-party service providers have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process the Personal Data in accordance with this Privacy Notice and as permitted by applicable data protection laws.
Law enforcement, government agencies, or other regulators to comply with law or legal requirements, to enforce our agreements, and to protect our rights and the property or safety of Managed Health Care Associates, Inc. , our users, or third parties.
Where required by law, we will obtain your consent prior to disclosing your Personal Data to our business partners. Where our business partners use your Personal Data for their own purposes independently from us, we are not responsible for their privacy practices or personal data processing policies. You should consult the privacy notices of those business partners for details on their practices.
Transactional parties if we, or some or all of our assets, acquire or are acquired by another entity, including through a sale or in connection with a bankruptcy.
Entities to which you have consented to the disclosure.
We may also sell or share Personal Data that has been deidentified or aggregated with third parties for any purpose.
Disclosure of Personal Data. Although we have not “sold” Personal Data for money in the past 12 months, we engage in routine practices with our services products, and websites involving third parties that could be considered a “sale” or “sharing” as defined under California law. We do not knowingly sell or share any Personal Data of minors under the age of 16.
Identifiers (Section 2.A)
– Affiliates and subsidiaries - Not Applicable
– Service providers - Not Applicable
– Professional consultants - Not Applicable
– Vendors contracted with MHA that offer products and services to your company or as necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction Entities to which you have consented to the
Disclosure - Not Applicable
Records about you (Section 2.B)
– Affiliates and subsidiaries - Not Applicable
– Service providers - Not Applicable
– Professional consultants - Not Applicable
– Vendors contracted with MHA that offer products and services to your company or necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction - Not Applicable
– Entities to which you have consented to the disclosure - Not Applicable
Demographic Information (Section 2.C)
– Affiliates and subsidiaries - Not Applicable
– Service providers - Not Applicable
– Professional consultants - Not Applicable
– Vendors contracted with MHA that offer products and services to your company or necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction - Not Applicable
– Entities to which you have consented to the disclosure - Not Applicable
Internet or other electronic network activity (Section 2.D)
– Affiliates and subsidiaries - Not Applicable
– Service providers - Not Applicable
– Professional consultants - Not Applicable
– Vendors contracted with MHA that offer products and services to your company or necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction - Not Applicable
– Entities to which you have consented to the disclosure - Not Applicable
Geolocation data (Section 2.E)
– Vendors contracted with MHA that offer products and services to your company or necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction - Not Applicable
– Entities to which you have consented to the disclosure - Not Applicable
Inferences (Section 2.G)
– Affiliates and subsidiaries - Not Applicable
– Service providers - Not Applicable
– Professional consultants - Not Applicable
– Vendors contracted with MHA that offer products and services to your company or necessary to complete transactions you request - Not Applicable
– Law enforcement, government, agencies, and other recipients for legal, security, or safety purposes - Not Applicable
– In connection with a corporate transaction - Not Applicable
– Entities to which you have consented to the disclosure - Not Applicable
Promotional and Marketing Policy. We may ask you to consent to being contacted by us for promotional and marketing purposes. However, you may opt-out of receiving promotional or marketing emails at any time by notifying us as a reply to any unwanted e-mail, by using the unsubscribe function in an e-mail, contacting us
at privacy@mhainc.com, or by writing to us at Managed Health Care Associates, Inc., 400 Interpace Parkway, Building C, Suite 200, NJ 07054, Attn.: Data Security Officer or by calling (800) 642-3020. Requests to unsubscribe from Managed Health Care Associates, Inc. e-mails may take 10 business days to process.
Third-party Websites. The website may contain links to other third-party sites. When you click on one of these links you are visiting a website operated by someone other than us and the operator of that website may have a different privacy policy. We are not responsible for their individual privacy practices, so we encourage you to investigate the privacy policies of such third-party operators.
Children. Our website is not intended for children under 16 years of age. No one under age 16 may provide any information to us through this website. We do not knowingly collect Personal Data from children under 16. If you are under 16, do not access, use, or provide any information on the website or on or through any of its features. If we learn we
have collected or received Personal Data from a child under 16 without parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us by sending us an email privacy@mhainc.com, or by writing to us at Managed Health Care Associates, Inc., 400 Interpace Parkway, Building C, Suite 200, NJ 07054, Attn.: Data Security Officer.
Data Security. Although we maintain reasonable security safeguards, no security measures or communications over the Internet can be 100% secure, and we cannot guarantee the security of your information. While we work hard to protect data incidents, we have dedicated controls and procedures in place for when such situations, along with the procedures that are required to make notifications to you and to the relevant Supervisory Authority as appropriate.
Data Retention. Your Personal Data will be retained as long as necessary to fulfill the purposes we have outlined above unless we are required to do otherwise by applicable law. This includes retaining your Personal Data to provide you with the products or services you have requested and interact with you; maintain our business relationship with you; improve our business over time; ensure the ongoing legality, safety and security of our services and relationships; or otherwise in accordance with our internal retention procedures. Once you have terminated your relationship with us, we may retain your Personal Data in our systems and records in order to ensure adequate fulfillment of surviving provisions in terminated contracts or for other legitimate business purposes, such as to enable easier future user onboarding, demonstrate our business practices and contractual obligations, or provide you with information about our products and services in case of interest. If you would like to know more about the retention periods applicable to your Personal Data, you can contact us at privacy@mhainc.com.
Changes to this Privacy Policy. We may update this Privacy Policy at our discretion to reflect changes we deem necessary or to satisfy legal requirements. We will post a prominent notice of material changes on our websites.
Contact Us. We welcome comments and questions regarding this Privacy Policy. Any such questions should be directed via e-mail to privacy@mhainc.com. Additionally, you may make your request in writing to Managed Health Care Associates, Inc., 400 Interpace Parkway, Building C, Suite 200, NJ 07054, Attn.: Data Security Officer.
Provisions in the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VDCPA), Colorado Privacy Act (CPA), Utah Consumer Privacy Act (UCPA), Nevada Senate Bill 220, and Connecticut Data Privacy Act (CTDPA) and other state statutes
require some or all of the following disclosures. These disclosures supplement the Privacy Notice above and areas effective as of March 25, 2024.
Categories of personal information collected. The personal information that Managed Health Care Associates, Inc. collects, or has collected from consumers in the twelve months prior to the effective date of this Disclosure, fall into the following categories established by the California Consumer Privacy Act and listed in Section 2 above.
Sources from which we collect your Personal Data. We collect the categories of Personal Data listed above from the following types of sources: directly from consumers, data analytics companies, ad networks, social networks, internet service providers, service providers that help us to run our business, and data resellers such as data management platforms. We also collect Personal Data automatically via cookies, web beacons, and other tracking technologies when you use our websites, online services, or mobile apps.
Purposes for which we use your Personal Data: We use your Personal Data for the purposes listed in Section 3 of the main privacy notice above.
No selling or sharing of Personal Data. Managed Health Care Associates, Inc. has not sold or shared any Personal Data of consumers, as those terms are defined under the California Consumer Privacy Act, in the 12 months prior to the effective date of this Disclosure.
No Discrimination. Managed Health Care Associates, Inc. will not discriminate against any consumer for exercising their rights under the applicable state laws.
Virginia Consumer Data Protection Act Deidentified Data Disclosure. We may use deidentified data in some instances. To the extent we use deidentified data, we will either maintain this data without attempting to re-identify it or we will treat it as Personal Data subject to applicable law.
COOKIES AND TRACKING TECHNOLOGIES
Tracking technologies (e.g., cookies, tags, pixels, fingerprinting, web beacons) are used to store and/or share information about website visitors, their systems, and browsers. Information collected by cookies and tracking technologies varies depending on the technology used and can be of a personal nature (information that directly or indirectly identifies you) and of non-personal nature (information that does not directly or indirectly identify any single individual).
We use the following tracking technologies on our website:
Cookies - It’s a type of data from a website in the form of a text command stored within a web browser to remember information about you, such as language preference and login information, or to carry out the necessary communication transmissions (e.g. HTTP requests) to provide a service or application that you have requested.
Purposes:
Delivering security features to enhance protection against cyberattacks; Assisting you in navigation, providing functionalities related to our service application, and website (e.g. display and visual elements); Assisting you with registration to our events, login, and to provide feedback; Assessing your products, services, or applications to aggregated statistics (e.g. number of pages you visited on our website); As our promotional and marketing effor behavioral advertising).
Web Beacons - It’s a small tag placed on a website resource (e.g., webpage) or in an email to track how the user interacts with the content. This interaction generates a “hit,” counting your interaction with the HTML content. For example, if you click on one of our ads on the website, a web beacon will record that interaction.
Purposes:
Acquiring essential insights into the performance of the content; Evaluating the effectiveness of our marketing campaign
Web Tags or Tracking Pixels - It’s a type of code (e.g. JavaScript code in a tag manager) or pixel (a small 1×1 transparent image) loaded into the web page to enable website features, like the web design components, or to track user’s behavior across websites and devices. These are commonly associated with social media widgets such as a like button.
Purposes: Loading necessary features such as fonts, webpage layout, videos, an Analysis of user experience; Providing a better experience to individual customers by loading personalized and enhanced content.
These technologies typically fall into one of three categories:
Strictly-necessary technologies. These technologies are required for the operation of our website, our products, and our services, and therefore cannot be turned off.
You can set your browser or device to block or alert you about these cookies, but functionality may be impaired.
Analytical/Performance technologies. When you have permitted, we collect statistical information about how our website and services are used. This includes the collection of information such as your IP address or other identifiers, browser information, and information about the content you view and interact with to record how you use the website, our products, and services. These analytics services help us count users, identify popular offerings, and track the demographics and interests of our users.
Targeting technologies. When you have permitted, these technologies record your activity on our site or using our services including the pages you have visited and the links you have followed. We may use this information to make our content more relevant to you to measure the effectiveness of our marketing. We may also share this information with third parties for this purpose. These are also optional technologies, although if you do not allow these cookies, you will experience less targeted advertising.
Your Choices: Managing Your Preferences
Your Preferences
When you first visit our website, you will be presented with a banner which offers you a choice about whether to accept or reject cookies or tracking technologies of different types, with the exception of those cookies which are strictly necessary.
If you wish, you can also choose how web browser cookies are handled by your device via your browser settings. Some devices allow you to control this through your device settings. If you choose not to receive cookies at any time, websites may not function properly and certain services will not be provided. Each browser and device is different, so check the settings menu of the browser or device to learn how to change your settings and cookie preferences.
You can find information on how to manage cookie settings on certain browsers via the following links: