Privacy Policy

Privacy Policy

Introduction

MatchRite Care, LLC (“MatchRite,” we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use, and safeguard your information. This Privacy Policy applies to individuals who access this website and our mobile application (collectively, “Sites”) and any of our online, and where required, offline services (collectively, “Services”). 

From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. Please review this Privacy Policy periodically. In addition, following a change to this Privacy Policy, we will opt-in all users (including all Medicare beneficiaries) to receive the updated Privacy Policy via their email of choice or a pop-up screen within our platform

For more information as to our use of cookies and other tracking technologies, please see our Cookie Policy. 

THIS SERVICE IS OFFERED FROM THE UNITED STATES (“US”). For individuals located outside of the US, please note that MatchRite is a US based company. If you use the Services, all information, including personal information, will be transferred to MatchRite in the US and as described in this Privacy Policy.

Note on HIPAA

As part of engaging with the Services, you may engage with the Services in a manner regulated by the Health Insurance Portability and Accountability Act (“HIPAA”), such as by providing protected health information (“PHI”) through the Services. This Privacy Policy is not intended for compliance with HIPAA, nor should you take such notice as a reflection of your rights under HIPAA. If you are a patient reviewing this Privacy Notice, please contact your provider for information regarding your medical records and/or HIPAA privacy disclosures. 

In certain circumstances, MatchRite is considered a business associate as that term is defined under HIPAA. In such circumstances, MatchRite enters into a business associate agreement (“BAA”) with covered entities which outlines its compliance obligations under HIPAA. 

This Privacy Policy covers the following topics: 

  1. Personal Data MatchRite Collects

  2. How MatchRite Uses Your Personal Data

  3. How MatchRite Shares Your Personal Data

  4. Consent Practices

  5. International Data Transfers

  6. Universal Opt-Out Mechanisms and “Do Not Track” Signals

  7. Security

  8. Third Party Links

  9. Children’s Privacy

  10. Your Personal Data and Your Rights – Europe and United Kingdom Only 

  11. Your Personal Data and Your Rights – United States Only 

  12. Retentions

  13. Accessibility 

  14. How to Contact Us

1. Personal Data MatchRite Collects

We collect personal data from you through your use of the Sites and Services. Personal data is information that is linked or reasonably linkable to an identified or identifiable individual. We collect the following types of personal data: 

Personal Data You Provide

Depending on how you interact with our Sites and Services, we will collect the following personal data that you voluntarily provide to us for the following purposes: 

  • Register as a Patient. If you register as a patient, you will provide us with your name, email address, veteran status, provider history, case management details, medical records, and other health data you choose to provide.

  • Compensating You. When you elect to provide information

  • Request a Provider Demo. If you are a provider and request a demo, you will provide us with your organization name, your name, email address, phone number, and any other information you choose to provide.

  • Request a Tribal or Government Demo. If you submit a request for a tribal or governmental demo, you will provide us with information about your tribe, agency, or organization, your name, email address, phone number, and any other information you choose to provide.

  • Request a Health Plan Demo. If you submit a request for a health plan demo, you will provide us with your name, email address, phone number, and any other information you choose to provide.

  • Request a Research Demo. If you submit a request for a research demo, you may submit your name, email address, phone number, and any other information you choose to provide.

  • Login to Your Health Plan Research Kit. To access your Research Kit content, you will provide your secure login credentials. 

  • Submit an Interview Request. To submit an interview request, you will provide your name, organization (if applicable), title within your organization, phone number, email address, and information about the interview.

  • Submit a Speaker Request. To submit a speaker request, you will provide your name, phone number, email address, organization (if applicable), title within your organization, information about event and speaking engagement.

  • Opt-in to Research. To receive invitations from providers seeking medical records for research, you will provide us with your name, email address, and medical records relevant to each respective study.

  • Contacting You. So that we can contact you regarding the Sites and Services, you may provide us with your email address. 

Certain jurisdictions differentiate special categories or sensitive data as personal information requiring more protection and scrutiny. Given the nature of the Services, personal information you provide may be considered sensitive or included in a special category of data depending on your jurisdiction. MatchRite will not collect special categories of data from you unless you have explicitly consented to provide that personal data to us. You may withdraw such consent at any time. Our consent process is described in more detail in Section 5. Consent Practices below. 

In certain circumstances and if you have a patient or research account, you may use your account to access, correct, or view certain personal data we have collected, and which is associated with your account. Where you are unable to undergo such activities through your account or if you do not have a patient or research account, you may contact us at privacy@matchritecare.com

Personal Data as You Navigate the Sites

Companies frequently automatically collect certain personal data through your use of websites and a website’s use of cookies and other tracking technologies. Such information  can include the computer's IP address, domain name (e.g., .com, .gov, or .edu), software details, and information on pages visited is often saved in cookies so that the organization may develop and store user profiles of website visitors. If a website uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. When you use the Sites, we may also use cookies or similar technology to collect extra data, including:

  • Your IP address, which is a numerical code to identify your device, together with the country, region, or city where you are based.

  • Your geolocation data. Your IP address can be used to find information about the latitude, longitude, altitude of your device, its direction of travel, your GPS data, and data about connection with local Wi-Fi equipment.

  • Information on how you interact with our services. For example, the pages on the Sites you access, the frequency of access, and what you click on while on the Sites.

  • Your browsing history of the content you have visited on the Sites, including how you were referred to the Sites via other websites.

  • Details of your computer, mobile, TV, tablet, or other devices. For example, the unique device ID, unique vendor or advertising ID and browsers used to access our content.

To learn more about how we use cookies and to manage your cookie settings, please see our Cookie Policy. 

Personal Data We Collect About You from Other Sources

In some cases, we may receive personal data about you from other sources. This includes government entities, advertising networks, data brokers, operating systems and platforms, mailing list providers, social networks, and advertising and marketing partners.

2. How MatchRite Uses Your Personal Data

In addition to the purposes stated above, we may use all the personal data we collect in accordance with applicable law such as to: 

  • Provide the Sites and Services to you;

  • Provide certain, specific Services to you, as enumerated in this Privacy Notice or in other places on the Site/Services;

  • Process transactions or as may be necessary to support the operation of the Service, such as for billing, account maintenance, and record-keeping purposes;

  • Respond to your requests or inquiries;

  • Distribute communications relevant to your use of the Service, such as system updates or information about your use of the Service;

  • Maintain and improve our Sites and Services with customers or vendors;

  • Protect the security and integrity of our Sites and Services;

  • Investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Use, and to otherwise fulfill our legal obligations;

  • Monitor compliance with and enforce this Privacy Policy and any applicable agreements and policies;

  • Defend our legal rights and the rights of others; 

  • Fulfill any other purposes for which you provide it;

  • For any purpose that is reasonably necessary to or compatible with the original purpose for which we collected the personal data as disclosed to you; and

  • Comply with applicable law.  

3. How does MatchRite Share your Data with Third Party Processors

We may provide any of the described categories of Personal Data to MatchRite employees, consultants, affiliates or other businesses or persons for the purpose of processing such information on our behalf in order to provide the Service to you. To ensure that your Personal Data receives an adequate level of protection, we have put in place appropriate procedures with the or third paries service providers we share your Personal Data with to ensure that your Personal Data is treated by those service providers in a way that is consistent with and which respects the applicable laws on data security and privacy. Third parties receiving personal information may include:

  • Our affiliates and related companies;

  • Business partners, contractors, and channel partners, which are not considered affiliated companies.

  • Third-party vendors or service providers providing crucial services and necessary to provide the Service;

  • Third-party consultants for patient engagement, customer management platforms Certain third parties as described in Cookie Notice;

  • Government agencies or other parties in response to legal process or other requests, where permitted by law;

  • With other persons or third parties with whom you have requested that we share information.

Except as described above, we will not share your personal information with other, third-party companies for their commercial or marketing use without your consent or except as part of a specific program or feature for which you have the ability to opt-in or opt-out.

In addition, we may release personal information: (i) to the extent we have a good-faith belief that such action is necessary to comply with any applicable law; (ii) to enforce any provision of the Terms of Use, protect ourselves against any liability, defend ourselves against any claims, protect the rights, property and personal safety of any user, or protect the public welfare; (iii) when disclosure is required to maintain the security and integrity of the Service, or to protect any user’s security or the security of other persons, consistent with applicable laws (iv) to respond to a court order, subpoena, search warrant, or other legal process, to the extent permitted and as restricted by law; (v) in the event that we go through a business transition, such as a merger, divestiture, acquisition, liquidation or sale of all or a portion of our assets; or (vi) for an additional purpose that is directly related to the original purpose for which the personal data was collected.

4. Consent Practices

Sensitive Data or Special Categories

Some of the Personal Data we collect may be considered sensitive or fall under special categories depending on your jurisdiction. For example, medical information you provide when you register with the Services as a patient, or your status as a veteran, may be considered sensitive. Prior to providing this type of information, you will be prompted to consent to our collection and subsequent processing of such information. Patients will be prompted with such consent at the point of login to their secure account. Where you have provided us with consent to use your sensitive Personal Data, you can withdraw such consent at any time.

Where applicable, providers are expected to execute their own consent practices. Please contact your provider(s) with questions about their privacy consent practices. 

Selling and Sharing Activity

The nature of the Services involves certain processing activities that may be considered a “sale” or a “share” under certain privacy laws. We do not sell, rent, or otherwise disclose personal information collected by the Sites and Services to third parties in the ordinary course of business, unless we have obtained your consent and authorization to do so. You may withdraw your consent for selling and sharing at any time. 

Marketing Information

We engage a third-party marketing provider. Our marketing provider may retain your personal information to keep you apprised of recent product developments or new product and service offerings. Any personal information you provide will be stored on a secure, internal server accessible only by the marketing provider. We will not sell or share this information with any other company. 

In order for us to send direct marketing communications, and other related profiling that helps us offer you relevant products and services, including deciding whether to offer you certain products and services, we will collect your consent prior to sending you marketing communications consistent with applicable law in your jurisdiction. We will send marketing communications to you by SMS, email, phone, post, social media and other digital channels (for example, using Facebook Custom Audiences and Google Custom Match). At any time, you may request that your personal information be removed from our marketing records, at which point you will receive no further marketing communications from us. You can exercise your right to opt-out of these marketing communications in a variety of ways. For example, if you would like to opt-out of emails, you may do so through the “unsubscribe” link included in each of our marketing emails. If you would like to opt-out of SMS marketing communications, you can reply “STOP” to any SMS you receive from us. You may also contact us as described herein. When you unsubscribe from email marketing communications, please note that we will keep your email address to ensure that we do not send you any marketing in future.

5. International Data Transfers

We operate internationally and transfer information to the United States for the purposes described in this policy. The United States may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. Your Personal Data can be subject to access requests from governments, courts, or law enforcement in the United States according to the laws of the United States.  

For any transfers of Personal Data from the European Economic Area (EEA), Switzerland or the United Kingdom that we make to other entities as described in this Privacy Policy, we use appropriate safeguards to ensure for the lawful processing and transfer of the Personal Data, including, when appropriate, the use of standard contractual clauses approved by the European Commission. 

6. Universal Opt-Out Mechanisms and “Do Not Track” Signals

The Sites recognize the Global Privacy Control (“GPC”) signal. If you are using a browser setting or plug-in that sends an opt-out preference signal to each website you visit, we will treat that as a valid request to opt out. To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use. 

Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Sites do not currently interpret, respond to or alter their practices when they receive/it receives “Do Not Track” signals. 

7. Security 

We maintain security measures to protect the personal data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security. We are not responsible for any interception or interruption of any communications through the internet or for changes or unauthorized access to or losses or unauthorized use of data.

Users of the Service are responsible for maintaining the security of any password, username, or other form of authentication involved in obtaining access to password protected or secure areas of the Service. In order to protect you and your information, we may suspend your use of any of the Service, without notice, pending an investigation, if any breach of security is suspected. 

8. Third Party Links

The Sites and Services may contain links that will let you leave the Sites and access another website. For example, you may access your Veteran’s Affairs (VA) account or your Medicare account through the Sites. The Sites also contain links to social media platforms, such as LinkedIn, Facebook, and Twitter. Linked websites are not under our control. We accept no responsibility or liability for these other websites.

In addition, we may allow other companies, called third-party ad servers or ad networks, to serve advertisements within the Service. These third-party ad servers or ad networks use technology to send, directly to your device, the advertisements and links that appear on the Service. They automatically receive your device ID and IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or Web Beacons) to measure the effectiveness of their advertisements and to personalize the advertising content you see. You should consult the respective privacy policies of these third-party ad servers or ad networks for more information on their practices and for instructions on how to opt-out of certain practices. This Privacy Notice does not apply to them, and we cannot control their activities.

9. Children’s Privacy

The Sites and Services are not intended for children under 16 years of age. We do not knowingly collect, use, or disclose personal data from children under 16. 

10. Your Personal Data and Your Rights – Europe and the United Kingdom Only

If you are in a country in the European Economic Area (EEA) or in the United Kingdom, you are entitled to the following explanation of the legal bases we rely on to process your Personal Data and a description of your privacy rights.

Legal Bases for Processing Your Personal Data

The legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. Possible legal bases include:

  • Consent

  • Legitimate Interests

  • To Perform a Contract

  • To Enable Us to Comply with a Legal Obligation

  • Necessary for the Exercise or Defense of Legal Claims

If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data for any specific processing activity, please contact us using the “How to Contact Us” section herein.

Your Rights

  • Access, update, or delete your Personal Data. 

  • Rectify Your Personal Data. 

  • Restrict Our Use of Your Personal Data. You have the right to ask us to place a restriction on our use of your Personal Data if one of the following applies to you: 1. You contest the accuracy of the information that we hold about you, while we verify its accuracy; 2. We have used your information unlawfully, but you request us to restrict its use instead of erasing it; 3. We no longer need the information for the purpose for which we collected it, but you need it to deal with a legal claim; or 4. You have objected to us using your information, while we check whether our legitimate grounds override your right to object.

  • Object to Our Use of Your Personal Data. You have the right to object to our use of your Personal Data where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us).

  • Withdraw Consent. 

Please note, even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims, or detecting fraudulent activities. We will retain information in accordance with the “How Long Is Your Personal Data Kept” section below.

If you do exercise a valid right to have your Personal Data deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).

To exercise any of these rights, please contact us as described in the “How to Contact Us” section below.

Make a Complaint

If you have any concerns or complaints regarding our processing of your Personal Data, please contact us as described in the “How to Contact Us” section below and we will do our best to answer any question and resolve any complaint to your satisfaction.

If, for whatever reason, you feel we do not meet the standards you expect of us, you are also entitled to make a complaint to your local supervisory authority:

How Long Is Your Personal Data Kept?

We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collect it and as set out in this Privacy Policy and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us.

11. Your Personal Data and Your Rights – United States Only (Including California) 

United States Privacy Laws

Depending on the state in which you reside, your state may have privacy legislation that regulates how businesses collect and process your personal information. However, MatchRite may not be subject to such United States privacy laws and certain processing activity that MatchRite conducts may be subject to certain exemptions (such as for HIPAA-regulated data) to the extent United States privacy laws do apply. 

By using the Services, you acknowledge that MatchRite may not be subject the particular privacy law in your state or jurisdiction. While MatchRite recognizes the application of these laws in certain, limited circumstances, by using the service you further acknowledge that you may not be able to avail yourself of all privacy rights under the privacy laws in your state.

For United States residents, if applicable, your privacy rights may include (if you are a California resident, please see our “Notice to California Residents” section below):

  • The right to confirm whether or not we are processing your personal data and to access such personal data;

  • The right to obtain a copy of your personal data that we collected from and/or about you in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another controller without hindrance, where the processing is carried out by automated means;

  • The right to delete personal data that we collected from and/or about you, subject to certain exceptions;

  • The right to correct inaccurate personal data that we maintain about you, subject to certain exceptions;

  • The right, if applicable, to opt out of the processing of your personal data for purposes of (1) targeted advertising; (2) the “sale” of your personal data (as that term is defined by applicable law); and (3) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you;

  • If we are required by applicable law to obtain your consent to process sensitive personal data, the right to withdraw your consent; and

  • The right not to receive discriminatory treatment by us for the exercise of your privacy rights.

Depending on how the applicable privacy law defines a “sale,” we may sell personal data to third parties. For instance, if you are a resident of Colorado or Connecticut, our use of cookies and tracking technologies constitutes a sale of personal data to third-party advertisers. We also use cookies and other tracking technologies to display advertisements about our products to you on nonaffiliated websites, applications, and online services. This is “targeted advertising” under applicable privacy laws. We do not use personal data for profiling in furtherance of decisions that produce legal or similarly significant effects concerning individuals.

To exercise your rights, please submit a request through our interactive webform available here or by calling us at [insert toll-free telephone number. If legally required, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the individual on whose behalf you are making such request. To do so, we will ask you to verify data points based on information we have in our records. If you are submitting a request on behalf of another individual, please use the same contact methods described above. If we refuse to take action regarding your request, you may appeal our decision by replying to the email you received from us in response to your request.

Notice to Nevada Residents

Nevada law allows Nevada residents to opt-out of the sale of certain types of personal information. Subject to a number of exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. If you are a Nevada resident and our processing of your Personal Data constitutes a sale under Nevada law, you may submit a verified request to opt-out of such sales. Opt-out requests may be sent to privacy@matchrite.com

Notice to California Residents

The California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (“CCPA”), requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, sale, sharing, and retention of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this section does not apply to you and you should not rely on it.

The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information or lawfully obtained, truthful information that is a matter of public concern. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”

If you are a California resident and a current or former employee, job applicant, or independent contractor of ours, please see our privacy notice available here for more information on our collection and use of your Personal Information in that capacity. 

Notice at Collection of Personal Information

We currently collect and, in the 12 months prior to the Last Updated Date of this Privacy Policy, have collected the following categories of Personal Information:

  • Identifiers (name, alias, postal address, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, other similar identifiers)

  • Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; customer number, unique pseudonym or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device)

  • Personal information described in California’s Customer Records statute (California Civil Code § 1798.80(e)) (signature, physical characteristics or description, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information [if yes, specify], medical information, or health insurance information as well as the categories listed in “Identifiers” category above)

  • Characteristics of protected classifications under California or federal law (race, color, sex/gender (including pregnancy, childbirth, breastfeeding and/or related medical conditions), sexual orientation, gender identity/expression, age (40 and older), religion (including religious dress and grooming practices), national origin, ancestry, disability (mental and physical including HIV/AIDS, cancer, and genetic characteristics), citizenship status, genetic information, marital status, medical condition (genetic characteristics, cancer or a record or history of cancer), military or veteran status, political affiliations or activities, status as a victim of domestic violence, assault or stalking, request for family care leave, request for leave for an employee’s own serious health condition, request for pregnancy disability leave, and retaliation for reporting patient abuse in tax-supported institutions)

  • Commercial information (records of personal property, products or services purchased, obtained or considered; other purchasing or consuming histories or tendencies; or other commercial information [if yes, specify])

  • Biometric information (imagery of iris, imagery of retina, fingerprint, imagery of face, imagery of hand, imagery of palm, vein patterns, voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health or exercise data that contain identifying information)

  • Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application or advertisement)

  • Geolocation data

  • Audio, electronic, visual, thermal, olfactory, or similar information 

  • Professional or employment-related information (including employment history)

  • Education information

  • Inferences drawn from above information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes 

  • Sensitive Personal Information (Personal Information that reveals a consumer’s Social Security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; genetic data; or the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication. The processing of biometric information for the purpose of uniquely identifying a consumer. Personal information collected and analyzed concerning a consumer’s health. Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.)

We collect Personal Information directly from California residents and from government entities. We do not collect all categories of Personal Information from each source.

In addition to the purposes stated above in the section “How MatchRite Uses Your Personal Data” we currently collect and have collected the above categories of Personal Information for the following business or commercial purposes:

  • Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards

  • Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes

  • Debugging to identify and repair errors that impair existing intended functionality

  • Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of your current interaction with us, provided that your Personal Information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience outside the current interaction with us

  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services

  • Providing advertising and marketing services, except for cross-context behavioral advertising, to you provided that, for the purpose of advertising and marketing, our service providers and/or contractors shall not combine the Personal Information of opted-out consumers that the service provider or contractor receives from us, or on our behalf with Personal Information that the service provider or contractor receives from, or on behalf of, another person or persons or collects from its own interaction with you

  • Undertaking internal research for technological development and demonstration

  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us

  • Advancing our commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction

Sale, Sharing, and Disclosure of Personal Information

The following table identifies the categories of Personal Information that we sold or shared to third parties in the 12 months preceding the Last Updated Date of this Privacy Policy and, for each category, the category[ies] of third parties to whom we sold or shared Personal Information:

Category of Personal Information

Categories of Third Parties


We sold or shared Personal Information to third parties for the following business or commercial purposes:

  • [Complete using business and commercial purposes from above.]

The following table identifies the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding the [Effective Date/Last Updated Date] of this Privacy Policy and, for each category, the category[ies] of recipients to whom we disclosed Personal Information:  

Category of Personal Information

Categories of Recipients


We disclosed Personal Information for the following business or commercial purposes:

  • [Complete using business and commercial purposes from above.]

We have not sold or shared Personal Information in the twelve (12) months preceding the Last Updated Date of this Privacy Policy. We did not disclose Personal Information for a business or commercial purpose in the twelve (12) months preceding the Last Updated Date of this Privacy Policy. We do not knowingly collect or sell or share the Personal Information of consumers under 16 years of age. We do not collect or process sensitive Personal Information for the purpose of inferring characteristics about individuals and, consequently, do not collect sensitive Personal Information or use it for purposes other than those allowed by the CCPA and its regulations. 

Your Rights. If you are a California resident, you have the following rights with respect to your Personal Information:

  1. The right to know what Personal Information we have collected about you, including the categories of Personal Information, the categories of sources from which we collected Personal Information, the business or commercial purpose for collecting, selling or sharing Personal Information (if applicable), the categories of third parties to whom we disclose Personal Information (if applicable), and the specific pieces of Personal Information we collected about you;

  2. The right to delete Personal Information that we collected from you, subject to certain exceptions;

  3. The right to correct inaccurate Personal Information that we maintain about you;

  4. If we sell or share Personal Information, the right to opt out of the sale or sharing;

  5. If we use or disclose sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations, the right to limit our use or disclosure; and

  6. The right not to receive discriminatory treatment by us for the exercise of privacy rights the CCPA confers. 

How to Submit a Request to Know, Delete, and/or Correct. You may submit a request to know, delete, and/or correct by emailing us at ________] or by calling us toll free at 1-800-_______. You also may submit a request to know by [a designated email address, a form submitted in person, a form submitted through the mail.

If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, and if the request is not subject to an exemption or exception, we will require additional information to verify your authority to act on behalf of the California resident.

Our Process for Verifying a Request to Know, Delete, and/or Correct

If we determine that your request is subject to an exemption or exception, we will notify you of our determination. If we determine that your request is not subject to an exemption or exception, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request. We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure, deletion, or correction as applicable. To do so, we will ask you to verify data points based on information we have in our records concerning you.

Right to Opt Out of Sale or Sharing of Personal Information

If you are a California resident, you may have the right to direct us to stop selling or sharing your Personal Information. You may submit a request to opt out of sales or sharing through our interactive webform available by clicking here. You also may submit a request by [toll-free phone number, a designated email address, a form submitted in person, a form submitted through the mail, and user-enabled privacy controls, such as a browser plugin or privacy setting or other mechanism, that communicate or signal the consumer’s choice to opt-out of the sale of their personal information.] If you have enabled privacy controls on your browser (such as a plugin), we will also treat that as a valid request to opt out. Please see the “Universal Opt-Out Mechanisms” section above for more information.

Right to Limit Use and Disclosure of Sensitive Personal Information

California residents have the right to limit our use or disclosure of their sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations. You may submit a request to limit our use or disclosure of your sensitive Personal Information through our interactive webform available by clicking here.

Notice of Financial Incentive

From time to time, you may have the opportunity to provide Personal Information in exchange for compensation. For example, you may be invited to provide your medical records to participate in a research study, in which case you will receive reasonable compensation. Categories of Personal Information that we may collect for such incentive may vary depending on the research study or provider applicable at the time. You will be informed of the compensation prior to providing your Personal Information.

Participating in any research study or other program through the Services is completely voluntary. You have the right to withdraw from this incentive at any time. If you wish to withdraw from participating in any incentive program, you may submit such a request at any time by emailing us at privacy@matchrite.com.

How the Financial Incentive is Reasonably Related to the Value of Your Personal Information

The financial incentive or price difference is reasonably related to the value provided by your Personal Information. We take into consideration, without limitation, the anticipated revenue generated from such information, the anticipated expenses which we might incur in the collection, storage, and use of such information, and the anticipated expenses which we might incur related to the offer, provision, and imposition of any financial incentive or price difference. Based on this analysis, the value of your Personal Information that allows us to make these offers and financial incentives is the value of the offer itself.

Shine the Light Law

We do not disclose personal information obtained through our Sites or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.]

12. Retention 

We retain your Personal Information for as long as necessary to fulfill the purposes for which we collect it, such as to provide you with the service you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us. For all data and records obtained, used, and stored by us, we:

  • Carry out periodical reviews of the data retained, checking purpose, continued validity, accuracy, and requirement to retain.

  • Establish periodical reviews of data retained.

  • Establish and verify retention periods for the data, with special consideration given to the requirements of the Company, the type of personal data the purpose of processing, the lawful basis for processing, and the categories of data subjects.

13. Accessibility 

We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.

14. How to Contact Us. You may contact us with questions about this Privacy Policy via email to privacy@matchritecare.com