Last Updated: May 24, 2018
This policy describes how Medicare Rights Center collects and uses data about you through this website.
In this policy, we use certain defined terms, such as “Personal Data,” “Data Subject,” “Usage” and “Cookie.” We capitalize these terms in this policy so that you can more easily identify when we are using them. We define each of those terms below.
Cookies are small piece of data stored in the User’s device that are used to track a User’s activity.
A Data Processor is a natural person, company, legal person, public administration or any other body, association or organization authorized by the Medicare Rights Center to process Personal Data.
A Data Subject is a legal or natural person to whom the Personal Data refers.
Medicare Rights Center
Medicare Rights Center, Inc. is a national, nonprofit consumer service organization that works to ensure access to affordable health care for older adults and people with disabilities through counseling and advocacy, educational programs and public policy initiatives. It is the organization that make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Site. In some contexts, Medicare Rights Center’s role is referred to as a “data controller.”
Personal Data is any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Usage Data is a kind of Personal Data that is collected automatically from this Site (or third-party services employed in this Site), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Site) and the details about the path followed within the Site with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The Site is the website www.medicarerights.org.
The User is you, the individual using this Site. In most situations, the User and Data Subject are the same, but if you are submitting Personal Data about another Data Subject, then the two are different.
Types of Personal Data Collected – Generally
Through this Site, Medicare Rights Center collects a variety of types of Personal Data, either by itself or through third parties. Some of this information is collected automatically, and some of it is collected when submitted by you, the User. In general, the types of information collected include: Usage Data, email address, ZIP/Postal code, first name, last name and profession.
If you provide the Site with Personal Data about third parties, you, the User, are responsible for ensuring that you have the right to provide this information and to allow it to be used by the Medicare Rights Center and its third party partners.
Medicare Rights Center Processing and Security
The Medicare Rights Center processes Personal Data using computers and/or IT-enabled tools. We have in place organizational and technical controls intended to limit access to Personal Data held by us to those who have a legitimate reason to access it for the purposes for which it was collected. For example, Personal Data may be accessible by those involved with the operation of the Site (such as for business administration, marketing, content generation, legal compliance and system administration) or by Data Processers appointed by the Medicare Rights Center (such as third-party technical service providers, mail carriers, hosting providers, IT companies and communications agencies).
The Medicare Rights Center tries to protect the security of Personal Data and takes measures to protect Personal Data against unauthorized access, disclosure, modification, or unauthorized destruction. No database or system is perfectly secure, however, so we cannot guarantee the security of Personal Data.
Information Collected by Third Parties
Some of the Personal Data collected through the Site is collected by third parties. Some of these third parties act as Data Processors at our request, some provide content that we either embed in the Site or that we link to through the site, and some provide advertising networks and other services in which the Site participates.
Examples of third party Data Processors that operate at the Medicare Rights Center’s request are third party hosting providers, Site developers and IT service providers. For those third parties, the Medicare Rights Center seeks to require them to comply with our privacy policies and practices, but we are not ultimately responsible for their practices. For a list of third party Data Processors authorized by the Medicare Rights Center to access and use Personal Data that we collect, feel free to contact us at the address below.
Place of Processing
The Medicare Rights Center processes Personal Data in the locations where its servers and IT systems are stored and in its third party Data Processor’s locations. The Medicare Rights Center’s servers and IT systems are in the United States, but the IT systems for third party Data Processors and other vendors may be outside the United States. For more information, please contact us at the address below.
The Medicare Rights Center keeps Personal Data for the time necessary to provide the service requested by the User, or stated by the purposes outlined in this document. Personal Data used for fundraising, marketing, and outreach purposes is held indefinitely. Personal Data related to financial transactions is held for a number of years. You can always request that we remove Personal Data that you provided from our systems. Please note that this request will not apply to third party content providers or advertising network providers, or to information that we are required to retain under applicable law, or related to financial transactions that we need to use to maintain our records.
How We Use Personal Data We Collect
The Medicare Rights Center uses the Personal Data it collects to allow it to provide its services, as well as for the following general purposes:
We will not sell, share, or trade the Personal Data of any Data Subject, which includes subscribers’ and donors’ names and personal information, with any other entity, nor send mailings on behalf of other organizations.
We may use the Personal Data for legal purposes, in Court or in the stages leading to possible legal action arising from improper use of this Site or the related services. We may also be required to disclose Personal Data by law enforcement, intelligence or legal authorities.
Data Subjects have the right, at any time, to know whether their Personal Data has been stored and can consult with us to:
Requests should be sent to the Data Controller at the contact information set out below.
Do Not Track
This Site does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
If you would like more information about the Medicate Rights Center’s collection, storage or use of Personal Data, feel free to contact us using the contact information below.
Medicare Rights Center
266 West 37th Street, 3rd Floor
New York, NY 10018