Last Updated on September 30, 2022
Information that we collect and process includes protected health information or PHI. The privacy and security of your PHI is protected by the Health Insurance Portability and Accountability Act of 1996, as amended, (“HIPAA”) and its implementing regulations, including its final privacy regulation, at 45 C.F.R. Parts 160 and 164 (known as the “Privacy Rule”), as administered by the federal Department of Health and Human Services. HIPAA places certain restrictions on the use and disclosure of PHI and requires us to protect the privacy and security of your PHI.
- What information do we collect?
We receive and store any information you enter on our Site or otherwise voluntarily provide to us, including your name, address, email address and your phone number. Notwithstanding the generality of the foregoing, we collect the information that you provide to us when you sign up for a seminar or other educational event, request a call from us, or otherwise contact us by phone or email. Depending on your use of our Services, the information collected may include:
- Information you provide to us by completing certain forms on our Sites or when requesting assistance with healthcare plan comparisons. For example, your first and last name, phone number and e-mail address.
- Information you provide to us by contacting us when you call or e-mail, such as first and last name, phone number and e-mail address. We may also request your contact information for the purposes of having someone contact your for additional information or to provide or in response to your request for information from us.
- Information you provide to us by registering for one of our seminars or our events, or when subscribing to our newsletter. Information collected may include your first and last name, phone number and e-mail address.
- Information that may include personal health information (“PHI”), which is protected by HIPAA (see section entitled “Protected Health Information (PHI) and HIPAA” for more information). If you choose to enroll with a health plan on our Site, your PHI may be transferred through the Site to the health plan you have chosen.
- Log-in information, such as username and password, that you may use in connection with our Services.
- Within our infrastructure, you can provide PII when registering for a seminar or event; requesting assistance with healthcare plan comparisons; downloading content; subscribing to a newsletter; or requesting we contact you. The provided PII can be used on its own or with other information to identify, contact, or locate a single person, or to better identify an individual in context. We house this information in a secured, encrypted database environment/solution. Any of this PII or PHI data is captured to be used for the purpose of helping to facilitate or complete your requests.
We will also collect other demographic and personal information about you, including your PHI which is protected by HIPAA. If you choose to enroll with a health plan on our site, your PHI is transferred through the Site to the health plan you have chosen.
From time to time our interactions with you will be conducted over the telephone or via videoconferencing, and such telephone calls and videoconferencing exchanges may be recorded.
The Services may capture some information about you automatically utilizing background local storage and session storage technologies (“Cookies”). Cookies are small files or other pieces of data which are downloaded or stored on your computer or other device, that can be tied to information about your use of the Services (including certain third-party services and features offered as part of our website).
When you search, use, or access our Services, we and our service providers may collect anonymous data (Non-PII) to help us understand our visitor actions (content searches, U.S. region, inquiries, etc.) in order to provide better or more personalized services and experiences for you. Similar to most websites you may access, https://www.bloomthrives.com/ may capture generic online data using “cookies” or similar generic data capture technologies. Anonymous Information we collect from visitors of our Site and other social media or search channels includes:
- IP addresses
- Source channel that drives visitors to our website and/or referral destination information
- Browser (which search engine) and device-type details (laptop, tablet, mobile phone)
- Number of visits, return visits, page views, time on our website, time of visit
- Internet Service Provider
- Region or geographic location
- And other similar generic metrics that do not refer to you individually
Other Social Media: If you use other Social Media, we may receive your information from the organizations offering those services. Their sharing with us of such information is subject to their privacy practices, likely found in their privacy policies. We are not responsible for the privacy practices of third parties. Please read any applicable third-party privacy policies carefully. You may be able to limit the sharing of your information via their privacy policies.
Controlling Cookies: Most web browsers automatically accept “cookies,” but if you prefer, you can edit your browser options to block or remove them in the future. The “Help” tab on the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you disable cookies, however, certain features on our Sites may not be available or function properly.
If you turn off any cookies, please be aware that you may lose some of the functionality of our websites. For more information about cookies and how to disable them please check one or more of the following resources: http://www.allaboutcookies.org/.
- How do we use your information?
Any of the information we collect from you may be used to personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested, to improve your user experience of our Services, and to allow us to better service you in responding to your questions and comments. Specifically, we use the personal data we collect to respond to your inquiries, provide or enhance the Services you request, perform our contractual obligations, provide updates and other important information related to your activity on and with the Services, improve the Services, inform you of new Services or changes in Services, administer the Services, enter into contracts for services, fulfill legal obligations we have to governmental authorities or other third parties, and for other legitimate business purposes.
We may also use your information to troubleshoot problems, comply with a legal obligation such as court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law, and to respond as required for a corporate transaction, such as a divestiture, investment, merger, consolidation, or asset sale, or other significant matter.
Notwithstanding the generality of the foregoing, we may contact you via email or phone, if you requested, or gave us permission to give you a call-back.
We use and share deidentified data with a third-party vendor to develop target modelling which is used to enhance our Services to you. We also share your mailing information with third party printing vendors when you opt in to receive direct mailings from us through the Site.
The information that is collected with the tools on this Site may be used to assist your enrollment in the health plan you have chosen. When you interact with those tools, You consent to have that information provided to the Site and then transferred to that health plan.
You will have the opportunity through your user settings to opt out of any electronic marketing communications you may receive from us.
- Protected Health Information (PHI) and HIPAA
Our organization is dedicated to assisting people with aspects of healthcare insurance services, Medicare, and other topics related to general health needs. Through those efforts, you may provide us with some general contact information (personally identifiable – PII) as you explore Medicare Plans comparison options, resources, etc.
In addition to the collection of PII, we have outlined above, you should know that we collect and process information that also includes protected health information (“PHI”). The privacy and security of your PHI is protected by the Health Insurance Portability and Accountability Act of 1996, as amended, (“HIPAA”) and its implementing regulations, including its final privacy regulation, at 45 C.F.R. Parts 160 and 164 (known as the “Privacy Rule”), as administered by the federal Department of Health and Human Services.
HIPAA places certain restrictions on the use and disclosure of PHI and requires any entities who retain any of your personal health information to protect the privacy and security of it through its business practices, processes, and systems. Given those regulations, organizations with access to this data can only provide or disclose PHI as permitted or required under the Health Insurance Portability and Accountability Act regulations.
Individual states may have supplemental protection policies as well. Please consult with your state’s healthcare departments for those additional requirements or guidelines.
B. Email and Mobile Device Notifications
We try to keep email communications to a minimum, and give you the ability to opt-in/opt-out to any marketing communications we may send. For example, we may send you email relating to the Services we offer or requesting you to sign up our seminars. You may also elect to receive certain marketing communications in accordance with your preferences, and from which you may opt-out at any time.
- How Information may be Shared
In connection with the provision of our Services, we may share your information with internal personnel and our affiliates located in difference geographic locations in order to perform our Services. We may also share your personal data with certain trusted third-party services who perform services on our behalf to help us provide, improve, promote, or protect our Services, including without limitation our online store hosting provider, print vendors, payment processors, email delivery provider, customer service tools, cloud hosting provider and professional advisors. Whenever we share data with third-party services, we seek written commitments from such third parties that that they will protect the data with safeguards that are substantially equivalent to those used by Bloom.
When you utilize Health Plan Tools, we will share information with health plans you choose.
We may disclose information if we have a good faith belief that disclosure is necessary by law or the legal process, to protect and defend our or others’ interests or property, or to enforce agreements you enter into with us.
Your information may be transferred to another company in connection with a merger or in the event that our business is acquired in whole or part by another company.
We may share aggregated and de-identified information with third parties for analytical, research or other similar purposes.
- How do we protect your information?
We take the security of your personal information seriously. While no website can guarantee complete security, we use industry-standard practices to protect the data we collect and process. Bloom uses commercially reasonable efforts to protect your information, including maintaining reasonable physical, procedural and technical security with respect to its offices and information storage systems so as to prevent any loss, misuse, unauthorized access, disclosure or modification of your information under our control.
No Internet or e-mail transmission is ever fully secure or error free, however. We therefore cannot guarantee absolute security of your data, and we are not responsible for processes and networks that we do not control. Users assume the risk of security breaches and the consequences resulting from them. Please be careful in deciding what information you send to us via email or over the Internet.
- How do we store and encrypt your data?
Your data is stored at secure locations that use encryption to protect your data when stored on these computer servers or when storing it with a third party. Your data is also encrypted while it is being transmitted.
- Access to other data
None of our technologies will request access to other device data or applications, such as your phone’s camera, photos or contacts.
- COPPA (Children Online Privacy Protection Act)
We do not offer subscriptions or services to individuals under 18 years of age. No one under the age of 18 may provide any information to or on the Site. We do not knowingly collect personally identifiable information or PHI from individuals under 18. If you are under 18, do not use or provide any information on this Site or on or through any of its features, do not register on this Site, use any of the features of this Site, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. By using the Site, you represent that you are at least 18 years old. You also represent, by accessing or using the Site, that you are of legal age to enter into legal agreements.
- Your Privacy Rights, Choices and Disclosures
General. This section is subject to specific disclosures on privacy rights set forth below. We are committed to facilitate the exercise of your rights granted by the laws of your jurisdiction, which may include the right to request the correction, modification or deletion of your personal information and the right to opt out of the sale of your personal information (as applicable). We will do our best to honor your requests subject to any legal and contractual obligations. If you would like to make a request, please contact us using the contact information set forth at the end of this policy.
Consent to be Contacted or Unsubscribe. When you visit our website(s) and/or online solutions, complete online forms, or request to receive electronic communications, SMS (mobile) texts or emails from us, you are offered the “right to be contacted” should you choose to be contacted further or communicated to by us for webinar notifications, new resources, news, technical support requests, etc. At any time following your initial request, you can update and/or consent to be included in any additional outreach efforts by contacting us directly at (855) 405-7619 or submitting an online request.
You also can UNSUBSCRIBE or request to have your information removed to no longer participate in any communications by Bloom Insurance Agency LLC and its businesses or associations by clicking on our unsubscribe link here.
Some non-marketing communications may not be subject to a general opt-out, such as communications about events you have registered for, disclosures to comply with legal requirements, and other support-related information.
While we work to ensure “unsubscribe” requests are completed promptly, should we encounter any potential technical or other business issues, we respectfully commit that your change will be implemented within 10 business days or less. Again, please contact us with any concerns or questions about this process.
As noted in greater detail in Section 1(A) above, You may be able to disable Cookies through your browser settings, but if you delete or disable Cookies, you may experience interruptions or limited functionality in certain areas of the Site.
California “Shine the Light” Information-Sharing Disclosure: California residents may request a list of all third parties with respect to which we have disclosed any information about you for direct marketing purposes and the categories of information disclosed. If you are a California resident and want such a list, please send us a written request by email to email@example.com with “California Shine The Light Rights” in the subject line.
California Do Not Track Disclosure: We do not respond to Do Not Track browser settings. At this time, there is no worldwide uniform or consistent industry standard or definition for responding to, processing, or communicating Do Not Track signals. Thus, our Online Services are unable to respond to Do Not Track Signals.
California Consumer Privacy Act (CCPA) Disclosures. Under CCPA, California residents have the right to request:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose of collecting or selling personal information;
- The categories of third parties with whom we share or sell personal information;
- The categories of personal information about you that we have sold; and
- The specific pieces of personal information we have collected about you.
Additionally, you have the right to request deletion of your personal information, the right to opt out of the sale of your information (if applicable) and the right not to be discriminated against for exercising any of your CCPA rights.
|Personal Information Category||Source of Personal Information||Purpose for Collecting the Personal Information||To whom we disclose the Personal Information|
|Identifiers such as a name, address, unique personal identifier, email, phone number||Information you provide to us; Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
|Protected Classifications under California and federal law, including gender, age and citizenship.||Information you provide to us; Information we receive from third parties||See Sections 1 and 2 above||See Section 3 above|
|Commercial information such as records of products or services purchased, obtained, or considered||Information you provide to us; Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
|Biometric information||We do not collect this information|
|Internet or other electronic network activity information, including browsing history and search history.||Information you provide to us; Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
|Geolocation data that is sufficient to identify a precise physical location.||Information you provide to us; Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
|Sensory data, such as audio, electronic, visual, or other similar information.||Information you provide to us. Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
|Professional; Professional or employment-related information||Information you provide to us; information received from third parties||See Sections 1 and 2 above||See Section 3 above|
|Education Information||Information you provide to us; information received from third parties||See Sections 1 and 2 above||See Section 3 above|
|Inferences about preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||Information you provide to us; Information we collect automatically||See Sections 1 and 2 above||See Section 3 above|
We do not sell your personal information for monetary consideration, and personal information may be provided to service providers, including the Applicant Provider and health plans, under Section 1798.140(t)(2)(A) of the CCPA. In the event that the use of third-party cookies constitutes a “sale” under CCPA, you may opt out of the use of such cookies. Please see Section 1(A) above for more information.
Our contact information is listed at the bottom of this policy. If you would like to make a CCPA request, we will ask for your name and email address. If your name and email address are insufficient to verify your identity and assess your privacy request, we may need to ask for additional information. You may also designate an authorized agent to make a CCPA privacy request.
- Users Outside the United States
The Site is controlled and operated from the United States and is directed to users in the United States. If you are an individual from the European Union, Canada or any other jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from United States laws, please be advised that we may store the information we collect in the United States which is not deemed an “adequate jurisdiction” by the European regulatory authorities.
- Links to Other Sites
We will hold your personal information on our systems for as long as is necessary to perform the relevant processing activity for that information, or as long as is set out in any relevant contract you hold with us. The relevant retention period is determined on a case-by-case basis because it depends on things like the nature of the data, why it is collected, why it is processed, and any relevant legal or operational retention needs. We may also be required to hold some types of information to fulfill legal purposes. We review our retention periods for personal information on a regular basis. When the relevant processing activity has been completed, we may destroy your data, or alternatively anonymize the data, such that the data is not personally identifiable.
Please note that none of our technologies will request access to other device data or applications, such as your phone’s camera, photos, or contacts. None of our technologies share any data with your social media accounts, like Facebook. If you receive any correspondence that appears to be us and asking for that information, please contact us immediately at firstname.lastname@example.org or by phone at (855) 405-7619.
- Contact Us
Bloom Insurance Agency LLC
1801 S. Liberty Dr.
Bloomington, IN 47403