myCigna Mobile Application Privacy Notice

Our Information Practices 

Personal Information We Collect 

We may collect information that describes or relates to you and is classified as Personal Information or Personal Data under applicable state laws (collectively, “Personal Information”). Personal Information does not include: 

• Publicly available information as defined under applicable state laws.
• De-identified or aggregated information as defined under applicable state laws.
• Other information excluded from the applicable state laws, including but not limited to Personal Information governed by HIPAA or the Gramm Leach Bliley Act. 

In the past 12 months, we may have collected the following categories of Personal Information: 

• Identifiers such as name, contact information, online identifiers, and government-issued ID numbers;
• Characteristics of Protected Classifications under state or federal law such as age and medical conditions;
• Commercial Information such as transaction information and purchase history;
• Internet or Network Activity Information such as browsing history, device ID, Internet Protocol (IP) address, Media Access Control (MAC) address; operating system and version; Internet browser type and version (for more information, see the SDKs and Other Technologies section, below);
• Geolocation Data such as device location;
• Audio, Electronic, Visual and Similar Information such as call and video recordings; and
• Professional or Employment-Related Information such as place of employment and job title. 

We may collect this Personal Information directly from you and automatically when you use our Services. We also may collect this Personal Information from our affiliates, vendors, joint marketing partners, and social media platforms.   

It is voluntary for you to provide us with the Personal Information that we collect directly from you. However, we may not be able to provide all the Services we offer if we do not receive this Personal Information. 

How We Use Personal Information 

To the extent we collect your Personal Information as described above, we may use your Personal Information for the following purposes:  

• Services and Support. To provide and operate our Services, communicate with you about your use of the Services, provide you with information about our Services, including information about health care, health related services, resources and benefits that will help you manage your health; sending administrative information to you, such as changes to our terms, conditions, and policies; provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, process your payments and claims, communicate with you about the Services, complete transactions, and provide quotes;
• Customization and Personalization. To tailor content we may send or display on the Services, including to offer location customization and personalized help and instructions, and to otherwise personalize your experiences;
• Marketing and Advertising. For marketing and advertising purposes. For example, to send you information about our Services, such as offers, promotions, newsletters and other marketing content, as well as any other information that you sign up to receive. We also may use certain information we collect to manage and improve our advertising campaigns so that we can better reach people with relevant content;
• Analytics and Improvement. To better understand how users access and use the Services, and our other products and offerings, and for other research and analytical purposes, such as to evaluate and improve our Services and business operations, to develop services and features, and for internal quality control and training purposes;
• Research and Surveys. To administer surveys and questionnaires, such as for market research or member satisfaction purposes;
• Infrastructure. To maintain our facilities and infrastructure and undertake quality and safety assurance measures;
• Authentication. To authenticate or confirm your identity;   
• Security and Protection of Rights. To protect the Services and our business operations; to protect our rights or those of our stakeholders; to prevent and detect fraud, unauthorized activities and access, and other misuse; conduct risk and security control and monitoring; where we believe necessary, to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms of Use as well as any additional terms specific to the site;
• Compliance and Legal Process. To comply with the law and our legal obligations, to respond to legal process and related to legal proceedings;
• General Business and Operational Support. To consider and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and related to the administration of our general business, accounting, auditing, compliance, recordkeeping, and legal functions; and
• Business Transfers. To consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping, and legal functions. 

We retain the Personal Information we collect as long reasonably necessary for the purposes described above or otherwise disclosed to you at the time of collection. For example, we will retain your account data for as long as you have an active account with us, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, or comply with our legal obligations. 

How We Disclose Personal Information 

To the extent we collect your Personal Information as described above, we may disclose Personal Information for the following purposes:  

• Operating the Services and Providing Related Support. To provide and operate our Services, communicate with you about your use of the Services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, and for similar service and support purposes.   
• Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your Personal Information with lenders, auditors, and third-party advisors, including attorneys and consultants.   
• In Response to Legal Process. We may disclose your Personal Information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
• To Protect You, Ourselves, and Others. We disclose your Personal Information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Notice, or as evidence in litigation in which we are involved. 

We may disclose the Personal Information that we collect for the purposes described above with the following parties:   

• Vendors. We may disclose Personal Information we collect to our service providers or agents who perform functions on our behalf. These may include, for example, IT service providers, help desk, payment processors, analytics providers, consultants, auditors, and legal counsel.   
• Our Affiliates. We may disclose Personal Information we collect to our affiliates or subsidiaries.   
• Our Business Customers. Any Personal Information that we collect and process on behalf of a business client will be disclosed as directed by that business customer.
• Government or Public Authorities. We may disclose Personal Information to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request, (b) to enforce our agreements, policies, and terms of service, (c) to protect the security or integrity of our Services, (d) to protect the property, rights, and safety of us, our users, or the public from harm or illegal activities, (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.  

SDKs and Other Tracking Technologies  

We may use tracking mechanisms to track information about your use of our app, and to provide, customize, evaluate, and improve our app. 

SDKs 

Software Development Kits (shorten as SDKs) are programming packages that allow us to develop our Services. Certain SDKs allow us to track and measure certain data about the way users interact with our mobile apps. Below are descriptions of the types of SDKs we use on our Services. 

• Third-Party Analytics. We use SDKs, which are operated by third-party companies, to evaluate usage of our Services. These third-party analytics companies collect usage data about our Services to provide us with reports and metrics that help us evaluate usage of our Services, improve our Services, and enhance performance and user experiences.
• Session Replay. We use session replay technologies so we can diagnose problems with our Services and identify areas for improvement. The data collected by this technology is not accessible by or shared with third parties or service providers. 

Changes to this Privacy Notice  

The Notice is current as of the date set forth above. We may change, update, or modify this Notice from time to time, so please be sure to check back periodically. We will post any updates to this Notice here. If we make any changes to this Notice that materially affect our practices regarding our use of the Personal Information we previously collected, we will endeavor to provide you with notice, such as by posting prominent notice on our website or the app homepage. 

Links to Third-Party Websites  

Our Services may contain links to unaffiliated websites. Any access to and use of such linked websites is not governed by this Privacy Notice, but instead is governed by the privacy policies of those websites. We are not responsible for the information practices of such websites, including their collection of your Personal Information. You should review the privacy policies and terms for any third parties before proceeding to those websites or using those features. 

Our Online Privacy Notice for Children  

Our Services are designed for a general audience and are not directed to children under the age of 13. We do not knowingly collect Personal Information online from any person we know to be under the age of 13. If we discover that a child under 13 has provided us with information, we will delete such information from our systems. If you believe we have impermissibly collected Personal Information from someone under the age of 13, please contact us using the information below. 

Contacting Us  

If you have any questions about this Privacy Notice please contact us by email at PrivacyOffice@Cigna.com or call us toll-free at 1.800.234.4077.