Valenz Health Privacy Notice

Valenz Health and its affiliates ("Valenz," "we," "our," or "us") respect your privacy and are committed to safeguarding your personal information. This Privacy Notice explains how we collect, use, disclose, and protect your information. It applies to all individuals who use our websites, mobile applications, and services (collectively, "Services"), and it reflects our obligations under the Health Insurance Portability and Accountability Act (HIPAA), as well as federal and applicable state consumer privacy laws.

To request deletion of your data, go directly to How to Request Data Deletion.

 

Information We Collect

We collect personal information to provide our Services effectively. Categories of information we may collect include:

• Identifiers: Name, mailing address, email address, telephone number, date of birth
• Account Information: Username, password, and other registration data
• Health Information: Medical provider details, demographic data, and health-related information subject to HIPAA

• Technical Information: IP address, browser type, device ID, operating system, and browsing behavior such as pages visited and time spent on the site, collected automatically through your interaction with our Services.

 

Note: Our Services are not intended for children under 18. We do not knowingly collect personal data from children without verifiable parental consent. If we become aware of such data collection, we will delete it promptly.

How We Collect Information

We collect information:

• Directly from you (e.g., when you create an account, complete forms, upload documents, contact support, or interact with our programs).
• Automatically through cookies, web beacons, SDKs, and similar technologies when you use the Services (see Use of Cookies and Tracking Technologies).
• From third parties such as healthcare providers, payers/plan sponsors, and authorized service partners, where permitted by law and applicable contracts (including HIPAA).
• If our mobile applications request device permissions (e.g., notifications or camera for document upload), data obtained via those permissions is used only to provide the requested feature and as otherwise described in this Notice.

 

How We Use Your Information

We use your information to:

• Provide and manage our Services
• Communicate with you about your account, programs, or inquiries
• Improve and personalize user experience
• Conduct analytics and research
• Maintain system security and integrity
• Comply with legal, regulatory, and contractual obligations

 

We do not sell your personal information. We may share data with:

• Authorized service providers supporting our business operations
• Healthcare providers or payers as needed for care coordination
• Legal, regulatory, or public authorities as required by law
• Successor entities in the event of a merger, acquisition, or asset transfer
• Analytics and advertising partners in de-identified or aggregated form

 

All third-party partners are subject to strict confidentiality and data protection obligations.

 

HIPAA and Protected Health Information (PHI)

When we provide services as a business associate to covered entities under HIPAA, we may collect, use, and disclose Protected Health Information (PHI) as permitted by:

• Treatment: Coordination and management of healthcare and related services
• Payment: Activities related to billing and payment
• Healthcare Operations: Quality assessment, compliance, auditing, training
• Public Health and Safety: Required reporting or prevention
• Legal Requirements: As required by law or in response to legal process

 

We are required by law to:

• Maintain the privacy of PHI
• Provide this Notice of our privacy practices
• Abide by the terms of this Notice
• Notify you in the event of a breach involving unsecured PHI

 

Your HIPAA Rights Include:

• Request access to and copies of your PHI
• Request amendment of inaccurate or incomplete PHI
• Request restrictions on certain uses and disclosures
• Request confidential communication
• Receive an accounting of certain disclosures
• File a complaint with Valenz or the U.S. Department of Health and Human Services:

 

Online: https://ocrportal.hhs.gov

Phone: 1-800-368-1019 | TDD: 1-800-537-7697

Mail: 200 Independence Avenue, S.W., Room 509F, HHH Building, Washington, D.C. 20201

 

Use of Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to:

• Remember user preferences and settings
• Analyze website traffic and user interactions
• Support advertising and marketing efforts

 

You can manage cookie settings through your browser. Some functions may not work properly if cookies are disabled.

 

SDKs and Analytics Disclosure

Our applications may incorporate third-party SDKs and analytics tools to help us measure usage and performance, detect and prevent fraud, and improve user experience. (see Third-Party Data Protection & Contractual Commitments).

 

Sharing of Information

We do not sell your personal information. We may share data with:

• Authorized service providers supporting our business operations
• Healthcare providers or payers as needed for care coordination
• Legal, regulatory, or public authorities as required by law
• Successor entities in the event of a merger, acquisition, or asset transfer
• Analytics and advertising partners in de-identified or aggregated form

 

Third-Party Data Protection

All third-party partners are subject to strict confidentiality and data protection obligations. Any third party with whom we share user data, including analytics tools, advertising networks (if used), third-party SDK providers, and any parent, subsidiary, or other related entities that access user data, must provide the same or equivalent protection for user data as described in this Privacy Notice and as required by applicable guidelines and laws.

 

State-Specific Privacy Rights

Residents of certain U.S. states have specific privacy rights under their respective state laws. Depending on your state of residence, you may have the right to:

• Access your personal data
• Correct inaccurate personal data
• Delete your personal data (with certain legal exceptions)
• Obtain a copy of your personal data in a portable format
• Opt out of the sale of personal data, targeted advertising, or profiling

 

California (CCPA/CPRA):

• Right to know what personal data is collected, used, and shared
• Right to delete personal data
• Right to opt out of the sale or sharing of personal data
• Right to correct inaccurate information
• Right to limit use of sensitive personal data
• Right not to be discriminated against for exercising rights
• May use an authorized agent to submit a request
• Must be provided notice at collection

 

Colorado, Virginia, Connecticut:

• Rights to access, correct, delete, and obtain a copy of personal data
• Right to data portability
• Right to opt out of targeted advertising, sale of personal data, and profiling
• Right to appeal a denial of a privacy rights request

 

Utah, Iowa:

• Right to access and delete personal data
• Right to opt out of targeted advertising and the sale of personal data

 

Texas, Oregon:

• Rights to access, correct, delete, and export personal data
• Right to opt out of targeted advertising and the sale of personal data

 

Montana:

• Rights to access, correct, delete, and obtain a copy of personal data
• Right to opt out of targeted advertising and data sales

 

Indiana – Effective January 1, 2026:

• Rights to access, correct, delete, and obtain a copy of personal data
• Right to opt out of targeted advertising and profiling

 

You may designate an authorized agent to act on your behalf for CCPA-related requests. We will require the agent to provide proof of authorization and identity.

If your request is denied, you have the right to appeal by contacting us at privacy@valenzhealth.com. If your appeal is unsuccessful, you may contact your state attorney general for further review.

To exercise any of your privacy rights, or to file an appeal, email privacy@valenzhealth.com. We may require you to verify your identity before fulfilling your request.

We retain personal data only as long as necessary for the purposes outlined in this Notice, unless a longer retention period is required by law. Our retention policy considers legal obligations, the nature of the data, and the purposes for which it was collected.

 

Data Security

We maintain technical, physical, and administrative safeguards to protect your personal information. These include:

• Data encryption
• Access controls
• Employee training
• Regular system monitoring

 

While we take steps to protect your information, no method of transmission or storage is 100% secure.

 

Deletion Requests

When you request deletion, we will delete or de-identify the personal data we are not legally required to keep and will instruct our processors to do the same. We will confirm completion consistent with applicable timelines.

 

How to Request Data Deletion

To request deletion of your personal data:

1. Email privacy@valenzhealth.com with the subject line “Data Deletion Request.”
2. Include your full name, the email tied to your account, and a brief statement confirming you want your data deleted.
3. We may request additional information to verify your identity and protect your account.
4. Upon verification, we will delete or de-identify data that we are not legally required to retain and notify you when complete. If we need more time as permitted by law, we will let you know.

 

Changes to This Privacy Notice

We may update this Privacy Notice periodically. Changes will be posted on our website with a revised effective date. Your continued use of the Services constitutes acceptance of the revised policy.

 

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice, please contact:

Email:  privacy@valenzhealth.com
Mailing Address: 22601 N. 19^th Avenue, Suite 131, Phoenix, AZ 85027

 

This Privacy Notice supersedes previous privacy policies issued by Valenz or Healthcare Bluebook.