PatientFi, LLC (“PatientFi,” “we,” “our,” and “us”) respects the privacy of our online customers and visitors to this web site (www.patientfi.com) and its affiliated pages (collectively, the “Site”). This Online Privacy Statement explains what information we collect when you visit or otherwise interact with the Site, how we use it, and when we may share it.
HOW WE COLLECT INFORMATION AND WHAT WE COLLECT
We collect and receive certain information about you when you visit the Site. What we receive, and how we receive it, in part depends on what you do when you visit the Site.
We collect personally-identifiable information (such as your name, address, or phone number) when you provide it to us. For example, if you request to receive offers and alerts or when you complete an online survey. In addition, our business partners and service providers may give us information about you. Please note that, except for limited instances where you choose to interact with us and provide us with your personally-identifiable information directly, you are not required to submit personally-identifiable information. You can browse the Site and review the content on the Site without having to submit such information.
If you originate a loan account with us, or one of our participating financial institutions (“Funding Partner”) or merchant (“Merchant”), either directly or through a Merchant or a third-party platform, we may collect the following types of information:
- Your applications and transactions for loans originated by Funding Partners and Merchants and serviced by us;
- Requests for pre-qualification for credit;
- Personal information including your name, date of birth, Social Security number, address, phone, email, and other similar information; and
- Financial information including bank account numbers, bank account details including routing numbers and similar information.
We may also automatically collect non personally-identifiable information about you when you visit the Site. The Site and some emails that we may send to you may also use common tracking tools like:
- Device Information: Information about your internet service provider, browser, operating system and device.
- Location Data: Information related to your location at the time of accessed our Site or Services.
PatientFi uses these tools and information to enable us to track and target the interests of our users to enhance the experience on and off our Site.
Your browser may enable you to block or (in the case of cookies) delete some of the means by which we automatically collect information when you visit the Site. You should refer to your browser about what options might be available to you.
We or our advertising service providers may use information about your activities on the Site (such as the pages that you visit and the key words that you use to search for content) to help determine what advertisements or offers might be of interest to you. These advertisements may be on the Site or on Third Party Sites. The use of information in this manner is referred to as “online behavioral advertising.” We believe that online behavioral advertising helps to provide you with more relevant advertising based on the websites that you visit.
You may opt-out of online behavioral advertising by following the instructions in the “Your Options” section of this Online Privacy Statement. Please note that opting out of online behavioral advertising will not stop you from receiving advertisements. However, the advertisements that you see may not be as relevant to you.
HOW WE USE THE INFORMATION WE COLLECT
Information that we collect about you and your web browsing behavior is used to optimize your online experience. Among other reasons, we may use the information that you provide or that we collect when you visit the Site to:
- Verify your identity and/or remember your personal settings or preferences when using the Site;
- To assess your creditworthiness when you apply for credit or to pre-qualify you for credit;
- To manage and service loans or other accounts or applications you have with us;
- Determine your interests and needs in order to recommend relevant products and services;
- Qualify you for products and services that you request and to process your transactions;
- Post advertising content on Third Party Sites, along with web beacons and pixel tags to provide information to us and to third parties about pages you visit after seeing our ads or offers;
- Analyze the quality and performance of our Site and marketing campaigns.
HOW WE SHARE THE INFORMATION WE COLLECT
We may share the personally-identifiable information that you provide to us or that we receive from our business partners and/or service providers with our service providers. For example, we share your email address with service providers who send emails on our behalf. We may also share non-personally-identifiable information with third parties who perform advertising services on our behalf and with companies that operate or analyze the Site. We do not authorize these third parties to use or disclose this information except as necessary to perform services for us or to comply with law. These third parties may not use the information that we provide to them to independently market to you unless you consent.
There may be other instances in which we may share either your personally-identifiable or non-personally-identifiable information with a third party. For example:
- To respond to a subpoena, warrant, court order or other official governmental actions that are served upon us, and then in conformity with their terms or as we are otherwise permitted or required by law;
- To respond to our regulators or other governmental authorities;
- To protect or defend PatientFi or any of its affiliates or subsidiaries, or their directors, officers, employees, agents, partners, or independent contractors in any legal proceeding;
- Where we suspect fraud or for other risk management purposes;
- As required or permitted by law; or
- As otherwise instructed or authorized by you.
To stop receiving promotional emails or text messages, follow the instructions in any promotional message you receive from PatientFi. If you receive a marketing e-mail from us relating to any offer or promotion and wish to be removed from future email solicitations, you will have the option to do so. If you opt out, the only future email communication you will receive from us will be (a) transactional or relationship messages, such as activity alerts and payment reminder messages; (b) in response to questions from you; or (c) to resolve any customer service issues you may have reported. If you need help accessing your information related to a service provided by one of our service providers or information held by your Funding Participant, we will assist you by referring you to the appropriate third party. Please contact us at firstname.lastname@example.org.
The security of Personal Information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the Personal Information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security or confidentiality. If you have any questions about security on the Service, you can contact us email@example.com.
However, you also have a significant role in maintaining the security of your information. For example, you should ensure that you have up-to-date antiviral and anti-malware software installed on your computer. You are also in control of the information that you share with PatientFi, either directly or indirectly. If you are uncomfortable with sharing your personally-identifiable information with us, the easiest option is not to do so. However, you understand that if you do not share such information with us, we may be unable to assist you with certain transactions.
Additionally, if you found information about PatientFi on a Third Party Site — such as a social media site like Facebook, LinkedIn, or Twitter — you understand that if you share information about you on such a Third Party Site that it will not be governed by this Online Privacy Statement and, depending on the Third Party Site, may be visible to all users of that Third Party Site. You should review the privacy policies and practices of Third Party Sites before providing information to them.
PERSONAL INFORMATION OF CHILDREN
The Site, and the products and services described on the Site, are intended for use by individuals who are at least 13 years old. If you are under the age of 13 you should not be visiting the Site. We do not knowingly collect or retain personal information from children under the age of 13. If you are under the age of 13 and are visiting or otherwise using the Site you are advised not to disclose or provide any personally-identifiable information on the Site.
IF YOU ACCESS THE SITE FROM OUTSIDE THE UNITED STATES
If you reside outside the United States you understand and agree that any information you provide to us on the Site will be transferred from the country of your residence or location at the time it was provided to the United States. If you do not want your personally-identifiable information to be transferred to the United States do not provide that information to us. By providing us with your information you consent to the transfer of your information to the United States.
CHANGES TO THE ONLINE PRIVACY STATEMENT
We may make changes to this Online Privacy Statement at any time and without notice to you. It is your responsibility to review this Online Privacy Statement from time to time understand whether any changes have been made. If you use the Site following any update to this Online Privacy Statement it constitutes your acceptance of the modifications.
REVIEWING INFORMATION WE HAVE COLLECTED ABOUT YOU
If you would like to review or correct any Personally Identifiable Information we have retained about you in our active databases, please contact us at firstname.lastname@example.org.
You may limit when we may share information about you. You may exercise one or more of your opt-out choices described. Contact us at email@example.com or write to Us at PatientFi, LLC Attn: Opt-Out, 530 Technology Drive, Ste 350, Irvine, California 92618. If you write to us, please include your account number, contact phone number, and full name on the account. If you have a joint account, your opt-out applies to every person on the account. If you have multiple accounts with us, you must opt-out separately for each account.
PatientFi is not an entity that is covered by the Health Insurance Portability and Accountability Act (“HIPAA”). The HIPAA privacy rules apply to health plans, health care clearinghouses, to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of Health and Human Services has adopted standards under HIPAA (the “covered entities”) and their service providers (“business associates”). This means that the information that you provide to PatientFi is not protected by the HIPAA privacy rules and regulations. You may not submit or otherwise make available any protected health information (as that term is defined under HIPAA) to PatientFi.
In the event that we are acquired by or merged with a third-party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer or assign Personal Information in connection with the foregoing events.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or call us toll-free at 1-866-734-5979.
California Consumer Privacy Act. The California Consumer Privacy Act (“CCPA”) provides California residents with the right to receive certain disclosures regarding the collection, use, and sharing of “Personal Information,” as well as the right to know/access, delete, and limit sharing of Personal Information. The CCPA defines “Personal Information” to mean “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered public information (e.g., it is made available by a government entity) or covered by a specific federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.
You have the right to know the categories of personal information PatientFi has collected, disclosed, or sold about its consumers within the last twelve (12) months. The chart below offers a comprehensive overview of the types of personal information we collect, with whom it is shared, and for what purpose.
|Category||Examples||Collected [YES/NO]||Source of Collection||Purpose for Collection||Third Parties to Whom Disclosed|
|Personal identifiers||A real name, alias, postal address, online identifier, application ID, Internet Protocol address, email address, Social Security number, driver’s license number, and passport number.||YES||Directly from merchant or merchant’s representative. From credit reports received from credit bureaus.||To underwrite merchants and facilitate their involvement with PatientFi. To run credit reports, sanctions and other prohibited persons checks (e.g., OFAC),and criminal background checks to validate merchants.||To our Funding Partners. To our sub-servicers. To law enforcement to comply with a court order or governmental regulations, or in the course of litigation. To third parties for fraud prevention and data security purposes.|
|Personal information categories listed in the California Customer Records statute||A name, postal address, date of birth, signature, Social Security number, telephone number, driver’s license or state identification card number, employment, employment history, bank account number, credit card number, debit card number, and PatientFi account number.||YES||Directly from merchant or merchant’s representative. From credit reports received from credit bureaus.||To underwrite merchants and facilitate their involvement with PatientFi. To run credit reports, sanctions and other prohibited persons checks (e.g., OFAC), and criminal background checks to validate merchants.||To our Funding Partners. To lending and leasing platform providers. To our sub-servicers. To law enforcement to comply with a court order or governmental regulations, or in the course of litigation. To third parties for fraud prevention and data security purposes.|
|Protected classification characteristics under California or federal law||Age (40 years or older), national origin, citizenship, marital status, medical condition, physical or mental disability, sex veteran or military status.||YES||Directly from merchant or merchant’s representative. From credit reports received from credit bureaus.||To underwrite merchants and facilitate their involvement with PatientFi. To run credit reports, sanctions and other prohibited persons checks (e.g., OFAC), and criminal background checks to validate merchants.||To law enforcement to comply with a court order or governmental regulations, or in the course of litigation. To third parties for fraud prevention and data security purposes. To our sub-servicers.|
|Commercial information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES||To underwrite merchants and facilitate their involvement with PatientFi. To run credit reports and criminal background checks to validate merchants.||To our Funding Partners. To our sub-servicers.|
|Internet or other similar network activity||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES||Indirectly from merchant or merchant’s representative by monitoring behavior.||To underwrite merchants and facilitate their involvement with PatientFi.||To law enforcement to comply with a court order or governmental regulations, or in the course of litigation. To third parties for fraud prevention and data security purposes.|
|Geolocation data||Physical location or movements.||YES||Indirectly from merchant or merchant’s representative by monitoring behavior.||To underwrite merchants and facilitate their involvement with PatientFi.||To third parties for fraud prevention and data security purposes.|
|Sensory data||Audio recordings of phone calls.||YES||Directly from merchant or merchant’s representative.||To facilitate involvement with PatientFi.||To our Funding Partners. To government agencies. To our sub-servicers.|
|Professional or employment-related information||Current or past job history.||YES||Directly from merchant or merchant’s representative.||To underwrite merchants and facilitate their involvement with PatientFi.||To our Funding Partners. To our sub-servicers.|
You have the right to request that PatientFi disclose certain information to you about Our collection, use, disclosure and sale of your personal information over the past twelve (12) months. Once We receive and confirm your request, to the extent you have requested them, we will disclose to you:
- The categories of personal information we collected about you;
- The categories of sources for the personal information we collected about you;
- Our business or commercial purpose for collecting that personal information;
- The categories of third parties with whom we share that personal information;
- The specific pieces of personal information we have collected about you (also called a data portability request);
- If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained; and
- Sales, identifying the personal information categories that each category of recipient purchased.
SALE OF INFORMATION
PatientFi does not sell personal information within the meaning of the CCPA.
RIGHT TO REQUEST DELETION OF INFORMATION
You have the right to request that PatientFi delete any of your personal information that We have collected from you and maintain, subject to certain exceptions. Once we receive and confirm your request, we will delete, de-identify, or aggregate your personal information, unless retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, take actions reasonably anticipated within the context of our business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
EXERCISING YOUR RIGHTS TO KNOW AND DELETION
To exercise your rights please contact us at email@example.com or call us toll free at 1-866-734-5979. In order to submit a consumer/merchant right to know or deletion request, a consumer/merchant need only provide PatientFi with his or her name and email. We will then remit any requested information or deletion confirmation to the mailing address or email address we have on file for that customer/merchant as those addresses are already verified. If a consumer/merchant would like to receive a response to his or her request at a different mailing or email address, the consumer will need to provide Us two to three pieces of personal information, depending on the sensitivity of the information requested, in order to verify the identity of the consumer. Only you, or someone legally authorized to act on your behalf (i.e., your authorized agent), may make a request related to your personal information. An authorized agent is someone acting on your behalf and PatientFi may ask that an agent provide verification that he or she is acting on behalf of a customer.
PatientFi will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not do the following because you exercise your rights under the CCPA:
- Deny you services.
- Charge you different prices or rates for services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of services.
- Suggest that you may receive a different price or rate for services or a different level or quality of services.
Postal Address: 530 Technology Drive, Suite 350, Irvine, California 92618
Last Updated: 9/1/22
©PatientFi, LLC 2022