Effective as of January 1, 2020
What We Do
Collection and Uses of Your Personal Information
Sources of Information
Categories of Information
Sharing Your Personal Information
Sale of Personal Information
Security
Retention of Personal Information
Your CCPA Rights
How to Contact Us
Updates to this Privacy Statement
WEX Health (collectively referred to as "we", "us") take its data protection responsibilities seriously. This CCPA Notice explains who we are, how we collect, use and share personal information about you, and your rights under the California Consumer Privacy Act ("CCPA"). It applies if we have collected information about you and you are a California consumer as defined by the law. We recommend that you read this CCPA Notice in full to ensure you are fully informed.
As described below, we collect personal information about consumers on behalf of our customers in connection with the provision of our software and services. We take measures to protect this personal information and limit the ways in which it is used and disclosed. Because we receive and collect data on behalf of our customers, our customers generally need to tell us when, with who, whether, and how we may disclose personal information.
For more information about the specific pieces of personal information we have collected about you in connection with HRA, FSA, HSA or similar accounts, or to request disclosure of that information, please contact your health plan or the bank at which you opened your HSA. For more information about the specific pieces of personal information we have collected about you in connection with COBRA health benefit continuation or health insurance premium billing, or to request disclosure of that information, please contact your COBRA administrator or health insurer.
WEX Health provides software and services to support the administration of health-related financial accounts, such as health savings accounts and flexible spending accounts. We also provide software and services to support the administration of COBRA health benefit continuation and health insurance premium billing. Our customers are health plans, insurance companies, third party administrators, banks, financial institutions, and similar organizations that work directly with employers and, in some instances, consumers, to offer health reimbursement accounts (HRAs), flexible spending accounts (FSAs), health savings accounts (HSAs), and similar accounts, as well as COBRA health benefit continuation and insurance premium billing. You can find out more about WEX Health on our website.
“Personal information” is any information that can be used to identify an individual, is capable of being associated with an individual, or could reasonably be linked with a particular individual or household, and may include name, address, email address, phone number, login information, or payment information.
We collect and use information about you if you are enrolled in a benefit plan administered by one of our customers or if you sign up for or open a health-related financial account with one of our customers.
WEX Health collects personal information from our customers, such as health plans, insurance companies, third party administrators, banks, financial institutions, and similar organizations. We also collect personal information when consumers or their employers provide it to us directly. We may collect personal information such as medical claims from you, your health insurer, or similar companies. We may collect payment card transaction data from merchants and banks. We may generate personal information in the course of providing our software and services (such as unique identifiers or payment card data), or when you use our software or services (such as data about how users interact with our web portals and software).
When you engage our services, we collect and use personal information which is necessary for the performance of those services. The majority of the personal information we collect and use to provide our services is supplied voluntarily by you, your employer, and our customers, and most of that personal information is available for you to review by accessing our software and services. Because of this, it will be generally obvious to you what personal information we collect and use. This information broadly falls into the following categories:
We use this information in the following ways and where we are satisfied that we have an appropriate legal basis to do so. These uses broadly fall into the following categories:
We may disclose your personal information with third parties for the purposes of operating our business, delivering, improving, and customizing our services, and for other legitimate purposes permitted by applicable law or otherwise with your consent.
We may share your personal information in the following ways with the following categories of third parties:
WEX Health does not sell personal information to third parties for a business or commercial purpose.
We intend to protect the personal information entrusted to us and treat it securely in accordance with this CCPA Notice. WEX Health implements reasonable physical, administrative, and technical safeguards designed to protect your information from unauthorized access, use, or disclosure. For example, we encrypt personal information in our systems and when we transmit such information over the Internet. We also contractually require that our suppliers protect such information from unauthorized access, use, and disclosure. The Internet, however, cannot be guaranteed to be 100% secure, and we cannot ensure or warrant the security of any personal information you provide to us.
We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this CCPA Notice. In some circumstances, we may store your personal information for longer periods of time, for instance if we are required to do so in accordance with legal, regulatory, tax, or accounting requirements. In specific circumstances, we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
WEX Health respects your rights in knowing what personal information we have about you and how that information is collected, used and shared. This CCPA Notice provides a description of the categories of personal information we collect and how that information is collected, used and shared. As a reminder, you should contact your health plan, health savings account bank, COBRA administrator, or health insurer to request any specific pieces of your personal information that we have collected or to request that any specific pieces be corrected or deleted. You have a right to designate an authorized agent to make a request on your behalf. If you request a change to or deletion of your personal information, please note that we may still need to retain certain information for recordkeeping purposes, and/or to provide our services as requested by our customer. Some of your information may also remain within our systems and other records where necessary for compliance with applicable law.
In addition, you have a right not to receive discriminatory treatment for the exercise of your privacy rights.
If you want to contact WEX Health about this notice or the information in it, you may contact us at 833-299-5095 or by submitting a request here: https://www.wexinc.com/wh/ccpa-request/.
We may amend this notice from time to time to keep it up to date with legal requirements and the way we operate our business. Please regularly check for the latest version of this notice. If we make significant changes to this CCPA Notice, we will seek to inform you by notice on our website or by email.