Welcome! We are Superbill, Inc. (“SuperBill”, “we”, “us”, or “our”), a company developing and operating technology-driven products and services to help patients obtain reimbursement(s) for valid healthcare claims and/or negotiate valid medical bills, when possible, to reduce their out-of-pocket expenses. This Privacy Notice explains how SuperBill collects, uses, discloses, and otherwise processes your information in connection with our website, www.thesuperbill.com (collectively, including any subdomain(s) and successor URL(s), the “Site”) and all related software and services (collectively, including the Site, the “Products and Services”). It does not address our privacy practices relating to SuperBill job applicants, employees and other personnel.
Please read this Privacy Notice carefully to understand our policies and practices regarding your information and how we will treat it. By visiting, accessing, or using our Products and Services, you acknowledge this Privacy Notice. This Privacy Notice is not a contract and does not create any legal rights or obligations.
Our corporate customers rely on our Products and Services to help them manage and process large amounts of data, which may include Personal Information. We refer to this type of data and personal information as “Customer Data.” When we process Customer Data, we generally act as a service provider. This means we process Customer Data on behalf of our corporate customers subject to restrictions set forth in our contracts with them.
SuperBill’s processing of Protected Health Information collected through the use of our Products and Services is done at the direction of our customers who are the “covered entity” or a business associate (as that term is defined by HIPAA), and is governed by the applicable business associate agreement between SuperBill and the covered entity and/or the business associate.
This Privacy Notice does not cover or address how we or our customers process Customer Data. In addition, we are generally not permitted to respond to individuals’ requests relating to Customer Data. As a result, we recommend referring to the privacy notice of the customer with which each individual has a relationship for information on how they engage service providers or business associates, like us, to process Customer Data on their behalf.
What is Personal Information?
When we use the term “Personal Information” in this Privacy Notice, we mean any information that may be used to identify an individual, such as your first and last name, age, date of birth, gender, postal address, email address, telephone number, other contact information, or other personally identifiable information under an applicable law. It does not include aggregated or deidentified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual. It is entirely your choice whether or not to provide Personal Information through SuperBill’s Products and Services. If you choose not to provide requested Personal Information, you may not be able to use certain features of SuperBill’s Products and Services.
Our Collection of Information
We collect Personal Information from and about users of SuperBill’s Products and Services, as well as other information related to the use of our Products and Services. Sometimes we collect information automatically when an individual interacts with our Products and Services, and sometimes, we collect information directly from an individual. At times, we may collect information about an individual from other sources and third parties, even before our first direct interaction.
Information Collected from Users of Our Products and Services
We may collect the following information submitted to us by users of our Products and Services.
- Contact Information, including name, email address, mailing address, company, phone number, newsletter preferences and communication preferences.
- Inquiry Information, including information provided in custom messages sent through the forms or contact information provided on our Products and Services.
- User Information, including name, email address, date of birth, health insurance information, medical bills, explanations of benefits and other health insurance documents, address, location, purchase history information, demographic information, job title, company, organization, employer, and any other Personal Information a user provides to us. We may also collect information through users’ use of our Products and Services, information about how our users use our Products and Services, and users’ actions on our Products and Services.
- Payment Information, including credit or debit card number, expiration date, security code, and billing address. Please note that we collect and process all Financial Information through third-party payment processing providers, including Square. As such, we do not retain or access any Personal Information in connection with your payments. Rather, all such information is provided directly by you to our third-party payment processors. Their use of your personal information is governed by their privacy notice. To view Square’s Privacy Notice, please click here.
- Survey Information, including information provided in any questions submitted through surveys, or content of any testimonials.
Personal Information Automatically Collected
As is true of most digital platforms, we and our third-party providers may also collect Personal Information from an individual’s device, browsing actions and website usage patterns automatically when visiting or interacting with our Products and Services, which may include log data (such as internet protocol (IP) address, operating system, browser type, browser id, the URL entered and the referring page/campaign, date/time of visit, the time spent on the Site and any errors that may occur during the visit to our Products and Services), analytics data (such as the electronic path taken to our Products and Services, through our Products and Services and when exiting our Products and Services, as well as usage and activity on our Products and Services) and location data (such as general geographic location based on the log data we or our third-party providers collect).
We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”) to automatically collect this Personal Information. For example, our Sites use Google Analytics, a web analytics service provided by Google LLC (“Google”), to collect and view reports about the traffic on our Products and Services. More information about the use of Google Analytics for these analytical and non-advertising purposes can be obtained by visiting Google’s Privacy Notice here and Google’s currently available opt-out options are available here.
To manage cookies, an individual may change their browser settings to: (i) notify them when they receive a cookie, so the individual can choose whether or not to accept it; (ii) disable existing cookies; or (iii) automatically reject cookies. Please note that doing so may negatively impact an individual’s experience using our Site, as some features and offerings may not work properly or at all. Depending on an individual’s device and operating system, the individual may not be able to delete or block all cookies. In addition, if an individual wants to reject cookies across all browsers and devices, the individual will need to do so on each browser on each device they actively use. An individual may also set their email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether they have accessed our email and performed certain functions with it.
Personal Information from Third Parties
We also obtain Personal Information from third parties, which we often combine with Personal Information we collect either automatically or directly from an individual.
We may receive the same categories of Personal Information as described above from the following third parties:
- Social Media: When an individual interacts with our Products and Services through various social media networks, such as when someone logs in through a social network (e.g., Google), “Likes” us on Facebook or follows us or shares our content on Google, Facebook, Twitter, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network, and may include username, name, email address, and profile picture. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services.
- Service Providers: Our service providers that perform services solely on our behalf, such as our survey, marketing, and payment processing service providers, collect Personal Information and often share some or all of this information with us in connection with the facilitation of our services.
- Information Service Providers: We may from time to time obtain information from third-party information providers to correct or supplement Personal Information we collect. For example, we may obtain updated contact information from third-party information providers to reconnect with an individual.
- Publicly Available Sources: We collect Personal Information about individuals that we do not otherwise have, such as contact information, employment-related information, and interest-in-services information, from publicly available sources. We may combine this information with the information we collect from an individual directly. We use this information to contact individuals, to send advertising or promotional materials, to provide the Products or Services, to improve or personalize the Products and Services, and to better understand the demographics of the individuals with whom we interact.
We may aggregate, de-identify and/or anonymize any information collected through the Products and Services so that such information is no longer reasonably capable of being associated with you. We may use aggregated or anonymized information for any purpose, including for research and marketing purposes, and we may also share such information for any purpose with any third parties, at our discretion.
Third Party Data Collection and Online Advertising
We display targeted advertising to individuals through social media platforms, such as Facebook, Twitter, Instagram, LinkedIn and other social media forums. These companies have interest-based advertising programs that allow us to direct advertisements to individuals who have shown interest in our services while those individuals are on the social media platform, or to groups of other individuals who share similar traits, such as likely commercial interests and demographics. We may share a unique identifier, such as a hashed email address, with these platform providers or they may collect information from our website visitors through a first-party pixel, in order to direct targeted advertising to an individual or to a custom audience on the social media platform. These advertisements are governed by the privacy policies of those social media companies that provide them. If an individual does not want to receive targeted ads on their social networks, they may be able to adjust their advertising preferences through their settings on those networks.
Our Use of Information
We may use Personal Information, as well as information related to your use of our Products and Services that we collect to:
- Fulfill or meet the reason the information was provided, such as to fulfill our contractual obligations, to deliver the Products and Services an individual has requested, and to process transactions;
- Manage our organization and its day-to-day operations;
- Process billing and payment for our products and services;
- Communicate with individuals, including via email, text message, social media and/or telephone calls;
- Request individuals to complete surveys about our organization, organizations we partner with, and our Products and Services;
- Market our Products and Services to individuals, including through email;
- Administer improve and personalize our Products and Services, including by recognizing an individual and remembering their information when they return to our Site;
- Facilitate customer benefits and services, including customer support through our command center services;
- Identify and analyze how individuals use our Products and Services;
- Conduct research and analytics on our customer base and our Products and Services;
- Improve and customize our Products and Services to address the needs and interests of our customer base and other individuals we interact with;
- Test, enhance, update and monitor our Products and Services, or diagnose or fix technology problems;
- Help maintain the safety, security and integrity of our property and our Products and Services, technology assets and business;
- Defend, protect or enforce our rights or applicable contracts and agreements;
- Prevent, investigate or provide notice of fraud or unlawful or criminal activity; and
- Comply with legal obligations.
Where an individual chooses to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide additional privacy disclosures where the scope of the inquiry/request and/or Personal Information we require fall outside the scope of this Privacy Notice. In that case, the additional privacy disclosures will govern how we may process the information provided at that time.
Our Disclosure of Information
We disclose information in the following ways:
- Affiliates. We may share Personal Information, as well as information related to users’ use of our Products and Services, with other companies owned or controlled by SuperBill, and other companies owned by or under common ownership as SuperBill, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns, particularly when we collaborate in providing our Products and Services.
- Providers: If an individual gives us the name and/or contact information of their Provider, then we may share Personal Information about the individual with their Provider. This may include, but is not limited to, details regarding the individual’s health insurance coverage and health insurance claims we have submitted on behalf of the individual.
- Health Insurance Claim Management Service Providers: We may share Personal Information with third parties who assist us in submitting, tracking, processing, and managing the claims that you submit through our Products and Services.
- Medical Bill Negotiation Service Providers: We may share Personal Information with third parties who assist us in negotiating medical bills that users submit through our Products and Services.
- Survey Service Providers: We may share Personal Information with third parties who assist us in delivering our survey offerings and processing the responses.
- Marketing Service Providers: We may coordinate and share Personal Information with our marketing service providers in order to communicate with individuals about our Products and Services we make available.
- Customer Service and Communication Service Providers: We may share Personal Information provided to us by individuals that submit inquiries with third parties who assist us in providing our customer services and facilitating our communications with these individuals.
- Other Service Providers: In addition to the third parties identified above, we engage other third-party service providers that perform business or operational services for us or on our behalf, such as user onboarding, website hosting, mobile application development, infrastructure provisioning, IT services, analytics services, administrative services, payment processing, and recruiting. We may share Personal, Financial, and Protected Health Information, as well as information related to users’ use of our Products and Services, with these service providers.
- Other Business as Needed to Provide Services: We may share Personal Information, as well as information related to users’ use of our Products and Services, with third parties that an individual engages with through our Products and Services or as needed to fulfill a request or transaction.
- Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose Personal Information, as well as information related to users’ use of our Products and Services, to a third party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal, Financial, and Information, as well as information related to users’ use of our Products and Services, may also be disclosed in the event of insolvency, bankruptcy or receivership.
- Legal Obligations and Rights: We may disclose Personal Information, as well as information related to users’ use of our Products and Services, to third parties, such as legal advisors and law enforcement:
- in connection with the establishment, exercise, or defense of legal claims;
- to comply with laws or to respond to lawful requests and legal process;
- to protect our rights and property and the rights and property of others, including to enforce our agreements and policies;
- to detect, suppress, or prevent fraud;
- to protect the health and safety of us and others; or
- as otherwise required by applicable law.
- Otherwise with Consent or Direction: We may disclose Personal Information, as well as information related to users’ use of our Products and Services, about an individual to certain other third parties or publicly with their consent or direction. For example, with an individual’s consent or direction we may post their testimonial on our Sites or service-related publications.
We may choose or be required by law to provide different or additional disclosures relating to the processing of Personal Information about residents of certain regions.
- Nevada: For residents of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. Please contact us at email@example.com to submit such a request.
- California: For residents of California, California’s “Shine the Light” law (Civil Code Section § 1798.83) provides certain rights to California residents that have an established business relationship with us with regard to the disclosure of certain types of Personal Information to third parties for their direct marketing purposes. To opt out of having an individual’s Personal Information disclosed to third parties for their direct marketing purposes, please contact firstname.lastname@example.org and provide the individual’s contact information to be added to our suppression list.
Control Over Your Information
Individuals may control their information in the following ways:
- How to Control Email Communications Preferences. Stop receiving promotional email communications from us by clicking on the “unsubscribe link” provided in such communications. Individuals may not opt-out of communications related to our Products and Services (e.g., account verification, transactional communications, changes/updates to features of our Products and Services, technical and security notices).
- Modifying or Deleting Information. If an individual has any questions about reviewing, modifying, or deleting their information, contact us directly at email@example.com. We may not be able to modify or delete an individual’s information in all circumstances.
Children’s Personal Information
Our Products and Services are not directed to, and we do not intend to, or knowingly, collect or solicit Personal Information from children under the age of 13. If an individual is under the age of 13, they should not use our Products and Services or otherwise provide us with any Personal Information either directly or by other means. If a child under the age of 13 has provided Personal Information to us, we encourage the child’s parent or guardian to contact us to request that we remove the Personal Information from our systems. If we learn that any Personal Information we collect has been provided by a child under the age of 13, we will promptly delete that Personal Information.
Links to Third-Party Websites or Services
Our Products and Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any Personal Information practices of third-party websites and online services or the practices of other third parties. To learn about the Personal Information practices of third parties, please visit their respective Privacy Policies.
Updates to This Privacy Notice
We may revise and update this Privacy Notice from time to time at our sole discretion. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. Your continued use of our Products and Services following the posting of a revised Privacy Notice means that you acknowledge the changes. You are expected to check this Privacy Notice from time to time – we recommend you check our Privacy Notice each time you access our Products and Services – so you are aware of any changes. All changes to this Privacy Notice shall be effective from the date of publication unless otherwise provided.
For any questions or requests in connection with this Privacy Notice or other privacy-related matters, please send an email to firstname.lastname@example.org.