We at Level take your privacy seriously. We know that we have a lot of information about you and want to be sure that we use it the right way. Please read the following to learn more about how we collect, use, and handle your Personal Information when you use our websites, software, and other services (“Services”).
By using or accessing our Services, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent to our collection, usage, and sharing of your personally identifiable information (“Personal Information”) in the following ways. Your use of the Services is also subject to the Level Terms of Service available at level.com/legal/terms.
When you interact with our Services, you may choose to provide personal health information, or we may receive health information about you from or on behalf of health care providers and related healthcare specialists, professionals, or organizations (“Providers”). We are committed to maintaining the confidentiality of your personal health information, and under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), we must take measures to protect the privacy of the protected health information (“PHI”) that we receive from Providers. HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. We may only use and disclose your PHI in compliance with HIPAA and the agreements that we have in place with Providers and others.
Information You Provide. We collect the content and other information you provide when you use our Services, including information like your name, email address, date of birth, medical information, or social security number, or document uploads like receipts, when you submit them to us. Certain information may be required to register with us or to take advantage of some of our features. To the extent that you disclose to us any personal information of another individual, you represent that you have obtained such individual’s consent for the disclosure of such personal information, as well as the processing of the same in accordance with the terms of this Policy. You may also choose to provide feedback on our Services or contact us for support, and we will keep a record of that communication.
Information Provided About You. If your employer uses Level to administer benefits (in which case, you’re a “Member”), we may receive information about you from Providers, your employer, or other third parties involved in providing the Services to you. We maintain claims information, information about prior authorizations that you requested and any other information needed to provide you with the healthcare services that you need. We also receive information about everyone using our Services, and their online activities on and off our websites and apps, from third-party partners, such as analytics from Google.
Things You Do. We collect information about how you use our Services or otherwise interact with us. For example, we log the websites you visit before or after our websites and whether you have opened or forwarded our emails.
Device Information. We collect information from or about the computers, phones, or other devices you use to access the Services, depending on the permissions you’ve granted. Here are some examples of the device information we may collect:
Cookies and Other Technologies. We use technologies like cookies and pixel tags in our Services and third party services. For example, cookies help us with things like understanding how you are interacting with our Services, and improving them based on that information. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time, which may limit your ability to use the Services. To find out more about “Do Not Track,” you can visit www.allaboutdnt.com.
Under 13. We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us personal information, please contact us.
Provision of the Services. We use the information we collect to provide, maintain, protect and improve the Services, to develop new ones, and to protect Level and our users. We may also use this information to better provide our Services to you, such as showing relevant Provider options.
Contact. We use your information to send you marketing communications, communicate with you about our Services and let you know about our policies and terms. We also use your information to respond to you when you contact us. If you do not want to receive communications from us, please indicate your preference by contacting us at legal@level.com.
Cookies and Other Technologies. We use information collected from cookies and other technologies, like pixel tags, to improve your user experience and the overall quality of our Services.
Retention. We'll retain information for as long as we need it for the uses described above, or as required by law. We may also keep aggregated data about your Service usage even if we deprecate the Site.
Security. We take reasonable measures, including administrative, technical, and physical safeguards, to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. Nevertheless, the internet is not a 100% secure environment, and we cannot guarantee absolute security of the transmission or storage of your information.
To Provide the Services. You may choose to use our Services to interact with people or organizations other than Level (“Third Parties”), such as Providers or Members. We will share information about you with Third Parties, but only to the extent reasonably necessary to provide the Services.
Others Working for Level. Level uses certain trusted third parties (for example, providers of cloud-based storage and processing services) to help us provide, improve, protect, and promote our Services. These third parties will access your information only to perform tasks on our behalf in compliance with this Privacy Policy, and we'll remain responsible for their handling of your information per our instructions. If these third parties access your PHI, they are known as “Business Associates,” and they have written agreements with us that specifically indicate that they will protect your information in accordance with this Privacy Policy.
With Your Consent. We may request your consent to share personal information about you with additional third parties. In some cases, we may request additional consent from you if we think that there is other information that will help us better coordinate your care or better personalize the Services to fit your needs.
Law & Order. We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of Level or our users; or (d) protect Level's property rights.
Aggregated and Non-Personal Information. We may also share with third parties information in a manner that has been de-identified or anonymized in accordance with applicable laws, for example, information that has been aggregated with other records.
Account Settings. Through your account settings, you may access, and, in some cases, edit or delete certain profile information you’ve provided to us. When you update information, however, we may maintain a copy of the unrevised information in our records. The information you can view, update, and delete may change as the Services change.
Deletion. You may request deletion of your account by contacting us. Some information may remain in our records after your deletion of that information from your account. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally and only as permitted by law.
We may revise this Privacy Policy from time to time, and will post the most current version on the Site. If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal.
If you have questions or concerns about Level, our Services and privacy, contact us at legal@level.com.
Last updated: May 25, 2021
