Privacy Policy

We Keep Your Information Safe

Effective date: June 9, 2023

Capital District Physicians’ Health Plan, Inc., CDPHP Universal Benefits, Inc.®, and Capital District Physicians' Healthcare Network, Inc. on behalf of itself and its affiliates (“CDPHP”, “us”, “we”, “Company” or “our”) committed to protecting the privacy of all visitors to the CDPHP website. Information is the foundation of our ability to provide quality service and it is most important that CDPHP has your confidence and trust.

CDPHP operates certain online and/or mobile services, offline services and software applications, including but not limited to mobile applications and website, www.cdphp.com (collectively, the “Service”).

This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. We may make changes to this policy without prior notice by posting the revised policy on this website.

Types of Data Collected

Personal Data

In general, CDPHP does not collect any personally identifiable information from users of the Service unless it is knowingly and voluntarily submitted by you.  We may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). We collect Personal Data on the website: (1) Member, employer, provider and broker portals, (2) electronic newsletter signup, (3) employment applications, (4) appointment request forms, (5) email CDPHP form. Personally identifiable information may include, but is not limited to: (1) First and last name, (2) home or other physical address, (3) Email address, (4) Telephone and/or mobile phone number, (5) Social Security number, (6) Bank, credit, or debit card account number, (7) Account Registration information, and (8) Claims information.

Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.  When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Location Data

We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to provide features of our Service, to improve and customize our Service.  You can enable or disable location services when you use our Service at any time, through your device settings.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.  Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.  Examples of Cookies we use include, Session Cookies to operate our Service, Preference Cookies to remember your preferences and various settings, and Security Cookies for security purposes.

Use of Data

Company may use the collected data for various purposes, including, but not limited to:

  • To provide and maintain or notify you about changes to our Service

  • To deliver a product or service

  • To allow you to participate in interactive features of our Service when you choose to do so

  • To provide customer support

  • To gather analysis or valuable information so that we can improve our Service

  • To monitor the usage of our Service

  • To detect, prevent and address technical issues

  • To provide you with news, special offers and general information related to health-care benefits or services unless you have opted not to receive such information.

  • To provide CDPHP third party Business Associates your information for health-related benefits or services unless you have opted not to receive such information.

  • As required, based on a good faith determination by CDPHP, by law or regulation, or in response to a valid request by public authorities (e.g., a court or a government agency)

  • To protect and defend the rights or property of CDPHP, to prevent or investigate possible wrongdoing in connection with the Service, to protect the personal safety of users of the  Service or the public, to protect against legal liability

Security of Data

The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.  To send a secure and confidential e-mail communication to CDPHP, you must login to the Secure Member Site. Please note that any other e-mail functionality on the CDPHP.com outside of the Secure Member Site does not provide a secure and confidential means of communication.

California Online Privacy Protection Act (CalOPPA)

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.  You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.  In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information, please contact us. California residents who provide Personal Information to us may request changes to her/her/their Personal Information by contacting us directly and CDPHP will evaluate the request.

Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.  These third party may have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service, including, but not limited to: 

  • Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.

  • Firebase

Firebase is analytics service provided by Google Inc. You can review Firebase’s key security and privacy information: https://firebase.google.com/support/privacy#firebase_support_for_gdpr_and_ccpa

You may opt-out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy?hl=en.

We also encourage you to review Google’s policy for safeguarding your data: https://support.google.com/analytics/answer/6004245. For more information on what type of information Firebase collects, please visit please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.

Behavioral Remarketing

Company uses remarketing services to advertise to you on third party websites after you visited our Service. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service.  Third party services We use include, but are not limited to:

  • Google AdWords

Google AdWords remarketing service is provided by Google Inc.

You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads.

Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en.

  • Bing Ads Remarketing

Bing Ads remarketing service is provided by Microsoft Inc.

You can opt-out of Bing Ads remarketing by visiting: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads.

You can learn more about the privacy practices and policies of Microsoft by visiting their Privacy Policy page: https://privacy.microsoft.com/en-us/PrivacyStatement.

  • Twitter

Twitter remarketing service is provided by Twitter Inc.

You can opt-out of Twitter’s interest-based ads by following their instructions: https://support.twitter.com/articles/20170405.

You can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy.

  • Meta Products

Meta Products includes Facebook and Instagram. You can learn more about Meta Products by visiting this page: https://www.facebook.com/help/1561485474074139?ref=cookies

You can learn more about interest-based advertising from Facebook and view their privacy policy by visiting this page: https://www.facebook.com/privacy/policy . For Instagram, you can view their privacy policy by visiting this page: https://privacycenter.instagram.com/policy

To opt-out of Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217.

Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out of Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.

For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/about/privacy/previous

  • LinkedIn

You can opt-out of LinkedIn Sponsored Messaging remarketing by visiting: https://www.linkedin.com/help/linkedin/answer/62649/opt-out-of-sponsored-messaging?lang=en.

You can learn more about the privacy practices and policies of LinkedIn by visiting their Privacy Policy page: https://www.linkedin.com/legal/privacy-policy.

Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Links to Other Sites

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit.  We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 13.  We do not knowingly collect personally identifiable information from anyone under the age of 13 without parental consent. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.  You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy or if you want more information about our privacy practices, please contact the CDPHP privacy official at (518) 641-5261.