FinThrive Privacy Policy

Last Updated: September 13, 2024

Download printable PDF of this policy 

This general FinThrive Privacy Policy (“Privacy Policy”) provides information on our privacy practices. Whether you are new to FinThrive or a long-time partner, please take the time to review our policy. This Privacy Policy also informs you of any rights that you may have with respect to our use of your personal information.

This Privacy Policy reflects the information practices of FinThrive, Inc. and its affiliates and subsidiaries (collectively referred to as “Company”, “FinThrive”, “us”, “our” or “we”).

Our Privacy Policy can change over time, for example, to comply with legal requirements or to meet changing business needs. The most up-to-date version can always be found on our website, and updates will be reflected by the Last Updated date at the top of this Privacy Policy. By using our websites, services or by interacting with the Company, you accept the terms of this Privacy Policy.

1. Scope

As used in this Privacy Policy, “personal information” means information that identifies, links to, or reasonably links to, an identified individual or to an identifiable individual. Personal information does not include publicly available information, de-identified or aggregate data.

This Privacy Policy applies to the collection, use or disclosure of personal information by FinThrive related to the following (collectively, “consumers” or “you”).

• visitors and users of our website at FinThrive.com or other sites that link to this Privacy Policy (collectively referred to as the “Sites”)

• attendees of events, such as industry conferences, where FinThrive is represented

• customers and prospective customers and their representatives

• suppliers and business partners and their representatives

• recipients or subscribers to FinThrive’s communications

• visitors to FinThrive facilities

The Privacy Policy does not apply to the following activities:

• Personal information collected about you by FinThrive customers which may include, but are not necessarily limited to, healthcare facilities, providers or payers. Our customers are responsible for their own personal information collection and processing practices, including when customers use FinThrive technology solutions to collect or process your personal information.

• Personal information you provide on third-party sites not controlled by FinThrive. We may provide links to other websites, social networks, or other features for your convenience and information. These sites may have their own privacy statements or policies in place, which we recommend you review if you visit any linked websites. We are not responsible for the content of linked third-party sites or any use of the sites.

• Personal information processed by FinThrive as a Business Associate, Service Provider, Processor, or Contractor. Personal information made available to FinThrive in these instances is governed by federal data protection regulations, for example the Health Insurance Portability and Accountability Act (“HIPAA”) or state privacy laws, and its use and disclosure is limited by our written agreements with our customers.

• Personal information made available to FinThrive as an authorized Reseller of certain regulated data. Some of our products and services include regulated data and is only made available to entities with a permissible purpose to receive it (as defined in the Fair Credit Reporting Act or “FCRA”) or entities with a permitted use under Title V of the Gramm-Leach-Bliley Act or “GLBA” and is not subject to certain data privacy rights and processing limitations imposed by state privacy laws.

• Personal information collected by FinThrive as part of an employee-employer relationship, including applicants and candidates for employment with FinThrive. FinThrive maintains separate notices for our use of personal information in these instances. Job applicants or candidates for employment can view the relevant notice in our Privacy Resources page on our website.

2. Information That We Collect

From you directly: 

• When you visit our website or otherwise interact with the company online (e.g. through publicly available sites such as social media networks), you choose how much information to provide directly to us. On the website, information is typically submitted via forms or requests for contact. Information submitted may include personal information such as name, business or personal email address, phone number, and job level. On social media, any posts or comments you make may reveal personal information to us.

• When you visit us at a conference, industry event or similar, we may collect contact information such as your name, business or personal email address, and phone number. We may also collect information such as the solutions you are interested in learning more about.

• When acting in the role of an employee or representative of one of our customers, service providers or other third-party with whom we do business, we may collect your contact information such as your name, phone number, business email address and work address.

• When you interact with us in person, via video or audio conference or online, we may collect information about your preferences, behaviors, other interests, or any other information you choose to include in your messages, responses, online forums or communities, our support portal, advisory council, focus groups, user groups, surveys, etc.

• When you participate in one of our webinars, podcasts, or similar as a presenter, we may record your voice and image, but only with notice and your consent.

• As a user of one of our technology solutions, whether those sold to customers or used to facilitate interactions with our suppliers or service providers, we collect personal information such as your name, email address, and user login credentials.

• When you subscribe to our communications (e.g. newsletters or online publications), we collect your email address used to register as well as your name, job level and/or area of interest.

• When you visit one of our facilities, we may collect a photo, your full name, signature, email address, phone number and other relevant information as part of our visitor registration process.

Information collected passively:

• When you visit our website, we use cookies and other tracking technologies that collect your personal information such as an online identifier or information about your interaction with the website. You have the ability to manage your cookie preferences on our site (see section 6 below for more information).

• If you are user of our technology solutions (customers), we may also collect information on your use of our technology solutions, including logs of your activity within the solution, how you navigate within the solution or similar user analytics.

From third parties:

• We may obtain your personal information, including name, contact information or other identifying information, from other sources such as data and analytics providers, social networks, consumer reporting agencies, our customers, vendors, service providers who collect information on our behalf, government agencies or other publicly available sources. 
  
  

3. Use of Personal Information 

We may use the personal information collected about you for the following purposes:  

• To provide, administer and communicate with you about our technology solutions, services, events, surveys and promotions (including by sending you marketing communications) or to market our solutions (e.g. your customer references or testimonials, provided only with your consent).

• To facilitate and personalize your experience with our Sites and/or technology solutions and to administer those Sites and technology solutions.

• To determine and manage the effectiveness of our advertising and marketing, for example by engaging in surveys or research to understand our customer-base, conduct analysis of product adoption, evaluate customer success and user behaviors within our solutions.

• To enable you to do business with us, for example, by conducting sales meetings, customer implementation projects, vendor onboarding, contracting processes, or related administrative activities for our customer and vendor management.  

• To process, evaluate and respond to your requests, inquiries, or support cases.

• To evaluate, grow and improve our business (including activities such as developing new products and services, enhancing current products or services, market research, quality assessment and improvement activities, cost studies, data aggregation and analytics, customer reference program, advisory councils, etc.).

• To carry out our obligations and enforce our rights arising from any contracts entered into between us and you.

• To protect and secure our Sites, technology solutions, data, assets, network, and business operations, and to detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal.

• To comply with legal process, such as warrants, subpoenas, court orders, and lawful regulatory or law enforcement requests and to comply with legal, regulatory compliance, or contractual obligations.

• To conduct general business operations such as accounting, recordkeeping, compliance activities and audits.

• To defend the interests of the Company or employees in threatened or actual legal proceedings, investigations or inquiries.

• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by FinThrive is among the assets transferred.

4. Disclosure of Personal Information 

We may disclose personal information to the following third parties for a business purpose:

• Third-party service providers or contractors we engage to provide services to us, or on behalf of, the Company such as information technology partners, contractors provided by staffing agencies, auditors, accountants, marketing consultants.

• In the case of customer reference data, testimonials or other customer stories related to our solutions, to other customers or prospective customers, but only with prior consent from you.

• Relevant third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).

• As required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or meet a compliance obligation or respond to government requests, including public and government authorities outside your country of residence, for national security and/or law enforcement purposes.

When third parties are given access to, or receive, personal information, we take appropriate contractual, technical and organizational measures designed to ensure that personal information is processed only to the extent that such processing is necessary, consistent with this Privacy Policy, and in accordance with applicable laws or regulations. For example, when we disclose personal information for a business purpose to a Service Provider, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.  

5. Sale or Sharing of Personal Information

• The Company does not sell personal information in exchange for any monetary consideration.
• We do share personal information with third-party partners who provide targeted advertising and/or cross-context behavioral advertising, and data analytics through cookies and other tracking technologies on our website.

6. Cookies and other Tracking Technologies 

We and our third-party partners (such as advertising and analytics providers) use cookies, web beacons, pixels, internet tags, and other similar tracking technologies to gather information when you interact with our websites. Some tracking technologies help us maintain the security of our websites and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties to use tracking technologies on our websites for analytics and advertising, including to help manage and display advertisements and to tailor advertisements to your interests. The third parties use their technology to provide advertising about products and services tailored to your interests which may appear either on our websites or on other websites.

What is a cookie?

A cookie is a text file that contains small amounts of data downloaded to your device when you visit a website. A cookie is sent back to the website on each subsequent visit or to another website that recognizes that cookie. Cookies enable a website to recognize your computer, mobile, or other device. As with most other websites, we place cookies on your device to understand more about your visit and help us enhance your experience. You can find more information about cookies at: https://cookiepedia.co.uk/.

All cookies on our website fall into one of these four categories:

• Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
• Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
• Functional Cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
• Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

How long do cookies last and how do I manage cookies?

A cookie can either be a “session” cookie or a “persistent” cookie. Session cookies exist only for so long as you are visiting the applicable website and are typically deleted within thirty (30) minutes or removed when you exit your web browser, whichever is longer.

Persistent cookies exist for a set period of time, for example, up to two (2) years. Each time you visit a website that has implemented a persistent cookie, the persistent cookie is renewed, and that cookie will remain active until its predetermined expiration date. You can restrict or block cookies that are set by the Site (or any other site on the Internet) by adjusting your browser settings.

When you visit our Site, you are notified of the use of cookies. You can change your cookie preferences at any time in our Privacy Preference Center by clicking the cookie icon on the lower left side of our Site. This is also where you can view the cookies we use, which are listed under each cookie category.

You may visit https://cookiepedia.co.uk/ to obtain more information regarding cookies, how to adjust the cookie settings on various browsers, and how to delete cookies from your computer. Find out how to manage cookies on popular browsers below:

• Google Chrome: Google Chrome Support
• Microsoft Edge: Microsoft Edge Support
• Mozilla Firefox: Firefox Support
• Microsoft Internet Explorer: Internet Explorer Support

Please be aware that restricting certain cookies may restrict the functionality or features of the Site. You may not be able to decline or refuse Strictly Necessary Cookies, which are required to make the Site work properly.

7. Retention of Information

The Company maintains a Records Retention Policy that outlines our practices for retention of business-related information. We are subject to certain legal and regulatory requirements to retain certain information for a defined period of time. Absent a specific requirement to retain personal information based on the retention schedule, a contractual obligation, litigation hold or other legitimate business purpose, the Company deletes information when it is no longer necessary for the proper operation of the Company.

8. How We Protect Your Information

We believe privacy and security must go together. We maintain an Information Security Program with administrative (policies, standards, and processes), physical, and technical controls designed to protect the security and confidentiality of your information both online and offline. We also hold our service providers and other third parties with whom we may share information to confidentiality and security standards. However, while we take precautions, there are inherent risks and limitations to any security program and therefore we cannot guarantee absolute security of your information. Please do your part by keeping any passwords to our systems secure, changing them often and taking other reasonable steps when communicating or sharing personal information with us.

9. Children’s Privacy

Our technology solutions and Sites are not intended for, nor targeted to, children under the age of 16, and we do not knowingly collect personal information from children under that age for the purposes described in this Privacy Policy.  If we become aware that we have inadvertently collected personal information from anyone under the age of 16, we will delete the information from our records.

10. Communication Choices

Every marketing email from FinThrive contains instructions on how to opt-out of receiving further communications. To change your email subscription status or opt-out of FinThrive’s marketing communications, please follow the instructions indicated. We will comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages.

Likewise, if you are a representative of a customer or FinThrive business partner with whom we do business, you may update your contact information and preferences with us through your account at any time.  If you need assistance, please reach out to us at the “Contact Us” information below.

11. State Privacy Laws and Your Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), regarding your personal data.  To review the Notice and a description of your rights, please click on the link below:

California

12. How Many California Consumer Privacy Act Requests Did We Fulfill Last Year?

The table below details the number of requests received by FinThrive, which includes but is not limited to those received by its subsidiaries TSG Holdco, LLC and FinThrive Healthcare, Inc., from California residents under the California Consumer Privacy Act (CCPA) in 2023. A request is received when a consumer or their agent submits a request to FinThrive via one of the methods described in our Privacy Policy.  A request may be denied if the consumer submitted a request but did not complete steps to enable us to verify their identity, or their identity could not otherwise be verified. A request submitted by an authorized agent may be denied if the agent did not provide sufficient documentation to allow us to determine that the agent was authorized by the consumer to submit the request.

*This reflects the number of requests we were unable to fulfill due to the following reasons:

1. The requestor did not complete the necessary steps to verify their identity.
2. We were otherwise unable to verify the identity of the requestor.
3. An agent did not provide sufficient documentation to allow us to determine that they were authorized to make the request.
4. There was a valid exemption under the CCPA.

13. Contact Us

If you have any questions or comments about this Privacy Policy, please contact us at privacy@finthrive.com. 

Download printable PDF of this policy