Privacy Policy for this Website
Effective Date: September 1, 2020 Updated: February 2, 2021
CoFi, Inc., (referred to as “CoFi”, “we”, “our” or “us”) respects your privacy. CoFi recognizes the importance of protecting personal data we may collect from visitors to our website and any other individual or entity (“Users”, “you”, or “your”) who visit our websites and who use our platform. This Privacy Policy describes the types of Personal Data we collect through our payments products and services via our online presence, which include our main website at www.CoFimd.com, and other CoFi-related sites, applications, software, communications (“Services”) accessible on or by any top-level CoFi domain owned by us (each, a “Site” and collectively the “Sites”).
CoFi provides services utilizing the CoFi platform (our “Platform”) to our business customers (“Customers”). The Platform enables Customers to process payments submitted by their patients. This Privacy Policy addresses the types of Personal Data we collect about individuals who our Customers have authorized to use the Platform, such as their employees and staff, and also the types of information we collect about individuals who visit our website or contact us through the website.
When you visit the Sites or contact us through our website, we collect your Personal Data as the data controller. When we collect your Personal Data because our Customer has provided you with credentials to use our Platform, we collect your Personal Data as a service provider to the Customer and as a data processor. For more information about our role as a service provider to our Customers, please see the section titled “CoFi Customers” below.
This Privacy Policy describes how we use Personal Data, with whom we share it, your rights and choices, and how you can contact us about our privacy practices. This policy does not apply to third-party websites, products, or services, even if they link to our Services or Sites, and you should consider the privacy practices of those third-parties carefully.
Please familiarize yourself with our privacy practices and let us know if you have any questions. By using the Sites, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites.
If you have any questions or comments about this Privacy Policy, please submit a request to privacy@cofimd.com.
When This Privacy Policy Applies.
Our Privacy Policy applies to all of the Services offered by CoFi and its affiliates but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.
Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you, or other sites linked from our Services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our Services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.
Terms and Conditions.
By accessing or using the Sites in any manner, you also agree to be bound by CoFi’s Terms and Conditions (the “Agreement”), accepted at the time you create your CoFi user account. Please read the Agreement carefully. If you do not accept all of the terms and conditions contained in or incorporated by reference into the Agreement, you cannot use the Sites.
Information We Collect.
We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of Personal Data include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.
When you use our Services, we collect Personal Data in the following ways:
1. Information You Give to Us
• Website Visitors
You may choose to provide us with Personal Data about yourself, including your name, organization name, title, phone number and email address by completing forms on our website. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.
When you visit our website, we collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Services, such as creating or logging into your account, when you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited. We may also collect and process information about your actual location.
• Customer End User
If you are a User of the CoFi platform, you or your employer may provide your contact details, such as an email address, in order for you to access a CoFi account. As part of your business relationship with us, we may also receive financial and Personal Data about you or your company, such as your company’s bank account information and the SSN or EIN of the account administrator. For more information about the types of information we process in our role as a service provider to our Customers, please see the section titled “CoFi Customers” below.
2. Other Information We Obtain from Your Use of Our Services
Whether you are a visitor to our website, or an end user of our Platform, we collect additional information about you, including location data and device ID information. Our Sites and Services use cookies and similar technologies to collect this information. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience.
We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. These technologies record information about your use of our Sites, including:
• Browser and device data, such as IP address, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons and the language version of the Sites you are visiting;
• Usage data, such as time spent on the Sites, pages visited, links clicked, language preferences, and the pages that led or referred you to our Sites.
We also collect information about your online activities on websites and connected devices over time and across third-party websites, devices, apps and other online features and services. We use Google Analytics on our Sites to help us analyze your use of our Sites and diagnose technical issues.
To learn more about the cookies that may be served through our Sites and how you can control our use of cookies and third-party analytics, please see our Cookie Policy.
How We Use Personal Data.
a. Our products and services. We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data to facilitate the business relationships we have with our Customers and their Users, to comply with our legal obligations, and to pursue our legitimate business interests.
b. Marketing and events-related communications. We may send you email marketing communications about CoFi products and services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law. For example, when we collect your business contact details through our participation at trade shows or other events, we may use the information to follow-up with you regarding an event, send you information that you have requested on our products and services and, with your permission, include you on our marketing information campaigns.
c. Advertising. When you visit our Sites, we (and our service providers) may use Personal Data collected from you and your device to target advertisements for CoFi Services to you on our Sites and other sites you visit (“interest-based advertising”), where allowed by applicable law. For example, when you visit our Site, we will use cookies to identify your device and direct ads for our Services to you. You have choices and control over our cookies (or similar technologies) we use to advertise to you. Please see our Cookie Policy for more information. At present, there is no industry standard for recognizing Do Not Track browser signals, so we do not respond to them. We do not use, share, rent or sell the Personal Data of our Users’ Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site visitors.
We and our service providers may use IP addresses to understand the locations from which our Users are accessing the Services. Except where prohibited by applicable law or regulation, we may combine information collected through one source with information obtained through other resources. We also may supplement the information we collect with information obtained from third parties. We will treat any information that we combine with your Personal Data as Personal Data pursuant to this Privacy Policy.
We use information collected from cookies and other technologies, to improve your User experience and the overall quality of our services. We may use your Personal Data to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.
d. Non-Personal and Aggregate Site Use Information. CoFi may compile and share information collected through its website and platform in aggregated form or in de-identified form so that it cannot reasonably be used to identify an individual (“De-Identified Information”). We may disclose such De-Identified Information publicly and to third parties, for example, in public reports about exercise and activity. CoFi may also disclose De-Identified Information for general research purposes and in research collaborations with third parties, such as universities, hospitals or other laboratories to determine the prevalence of particular conditions among Users or to determine whether a User might be suitable for research or clinical trials. CoFi may also use De-Identified Information for commercial collaborations with private companies for purposes such as product design or enhancement of Services.
How We Disclose Personal Data.
CoFi does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data with trusted entities, as outlined below.
a. CoFi. We share Personal Data with other CoFi entities in order to provide our Services and for internal administration purposes.
b. Service providers. We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing services. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are located in the United States of America.
c. Business partners. We share Personal Data with third party business partners when this is necessary to provide our Services to our Users. Notably, this includes third party payment processing companies.
d. Our Users and third parties authorized by our Users. We share Personal Data with Users as necessary to maintain a User account and provide the Services. We share data with parties directly authorized by a User to receive Personal Data. The use of Personal Data by an authorized third party is subject to the third party’s privacy policy.
e. Corporate transactions. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share Personal Data with third parties in connection with such transaction. Any other entity which buys us or part of our business will have the right to continue to use your Personal Data, but only in the manner set out in this Privacy Policy unless you agree otherwise.
f. Compliance and harm prevention. We share Personal Data as we believe necessary: (i) to comply with applicable law, or payment method rules; (ii) to enforce our contractual rights; (iii) to protect the rights, privacy, safety and property of CoFi, you or others; and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.
Your Failure to Provide Personal Data.
Your provision of Personal Data is required in order to use certain parts of our Sites and Services. If you fail to provide such Personal Data, you may not be able to access and use our Services.
Your Rights and Choices.
You have choices regarding our use and disclosure of your Personal Data:
a. Opting out of receiving electronic communications from us. If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.
b. How you can see or change your account Personal Data. If you would like to review, correct, or update Personal Data that you have previously disclosed to us, you may do so by signing in to your CoFi account or by contacting CoFi.
c. Requests to Change or Delete Information. Whenever you use our Services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Data we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that Personal Data we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below. You may update or correct information about yourself by emailing us at privacy@CoFimd.com. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our contractual or legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes. We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.