Privacy Policy

Effective Date: July 28, 2020

Cohere Health (Cohere”, “Company”, we”, “us” or “our”) respects the privacy of our visitors and users of our services, and we have prepared this Privacy Policy to demonstrate our commitment to protecting your privacy. The terms and conditions described in this Privacy Policy apply to our public website, www.coherehealth.com, including any content, functionality, and services offered on or through www.next.coherehealth.com (the “Website”). The policy also applies to other websites (public and password-restricted) controlled by the Company that link to the Website or post this Privacy Policy and when you contact us through the Website, via email or offline.

The Privacy Policy describes what Personal and other information the Company collects, how it is collected, how that information may be used, with whom it may be shared, and your choices about such uses and disclosures. However, the policy does not apply to information collected by any third-party websites, plug-ins or applications to which we provide links, to information provided to, or collected by, third-parties through cookies, web beacons, or other third-party technologies served during your visit to the Website.

By accessing the Website, you agree that your Personal Information will be treated as described in this Privacy Policy.

Personal Information

We use the term “Personal Information” to refer to information that, by itself or in combination, would permit someone to identify or contact you, such as your full name, address, telephone number, or email address. Personal Information does not include de-identified or aggregated information that, by itself, does not permit the identification of individual persons.

What Information We Collect and How we Collect It

As described below, we collect certain Personal and other Information when visitors access our Website and when Authorized Users access our password restricted CohereNext SaaS Platform.

Information We Collect Automatically — When accessing the Cohere Website, we may collect limited non-personal identifying information your browser makes available whenever you visit a website. This log information includes your IP address, browser type, browser language, type of device and the date and time of your query. We use this information to understand how people interact with our website. Upon your first visit to Cohere, a “cookie”, or small file containing a string of characters, may be sent to your computer that uniquely identifies your browser. Cohere may store user preferences in cookies and track user trends and search patterns. Most browsers are initially set up to accept cookies. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. (See the “Your Choices” section below for instructions on how to manage cookies.)

We also may collect information about any services you access or use, your interactions with content offered on the Website, and other online activity. For example, we may collect information about how many visitors visit a specific webpage, how long they stay on that page, and which hyperlinks, if any, they click on.

Information You Provide to Us – There may be instances where users voluntarily provide certain Personal Information to us, such as when you complete and send an online form requesting information, need a question answered or otherwise ask to be contacted. We may ask for you to provide your name, phone number, email address and company affiliation.

CohereNext SaaS Platform – Our CohereNext SaaS Platform is a password-restricted service provided under contract to physicians, medical practice groups and other clients that provide or support healthcare services to individual patients. By following the patient journey from initial presentation to post-operative care, the platform is intended to facilitate the prior authorization process so that patients have faster access to appropriate care and treatments. Clients will upload Protected Health Information (PHI) of patients onto the platform. Cohere’s access to PHI on the platform is governed by Business Associate Agreements with each client. Cohere does not solicit or collect Personal Information, PHI or other Sensitive or Special Categories of Personal Information directly from individuals, whether on the Website or otherwise, for posting and use on the platform.

These clients will identify to Cohere those employees, agents or other representatives (“Authorized Users”) who are to have access to and use the platform on their behalf. Authorized Users will be asked to provide minimal Personal Information to be gain access to the platform: first name, last name, title, affiliation, email address, and phone number. They also will be asked to establish an ID and unique password for their account on the platform.

Job Applicants — If you apply for a position with us via the Careers page on the Website, you will be asked to provide certain personal information to enable us to process your application: name, telephone, email address, resume and physical/mailing address. Our Careers page is supported by Greenhouse Software, which is an Authorized Service Provider. Greenhouse will collect certain of your personal information in order to provide this service on our behalf. Its privacy policy is available at: https://www.greenhouse.io/privacy-policy. Note that if you submit your job application information via email or regular mail, your included personal information will also be treated in accordance with this Privacy Policy.

Information from Other Sources – We may obtain information about you from publicly and commercially available sources, as permitted by law, which we may combine with other information we receive from or about you.

Social Media — We may receive personal information about you from a social media platform if you connect to the Website through that service or platform. Social Media features or widgets may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. They are either hosted by a third party or hosted directly on our Website. This Privacy Policy does not apply to these features or social media companies. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.

How We Use Your Information

We may use Personal Information to:

• Deliver the products and services that you or our client has contracted for;
• Manage your account and provide you with customer support;
• To diagnose and prevent service or technology problems associated with the Website and the CohereNext SaaS Platform;
• Perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or other content offered on the Website or the CohereNext SaaS Platform;
• Respond to your inquiries’
• Communicate with you by email, postal mail, telephone, or mobile devices about new or other products or services we offer that may be of interest to you;
• Enforce our terms and conditions, including in this Privacy Policy; and
• Manage our business and perform functions as otherwise described to you at the time of collection of your information.

Anonymous and Aggregate Information – We reserve the right and discretion to create, use and disclose anonymous and aggregate information, i.e., information about specific individuals or groups of individuals from which personal identifiers have been removed and specific individuals cannot be identified.

How We Disclose Your Information

We may disclose Personal Information to the following parties:

• Affiliates –These may be subsidiaries or affiliates in the same group of companies as us. These companies will only use your personal information consistent with this Privacy Policy.
• Authorized Service Providers – These are third parties who provide a service to us. These third parties will only be allowed to use your Personal Information in accordance with our instructions and not for any other purposes. They are also required to keep your information confidential and secure.

• Buyers of our business – We may share Personal Information in connection with a substantial corporate transaction, such as the possible sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy. We may also need to share your Personal Information to permit us to pursue available remedies or limit damages we may sustain.
• Aggregated and Non-Personal Information — We may share aggregated or de-identified information with third parties, including service providers, advisors, advertisers and investors, for the purpose of conducting analytics regarding our Website and for general business analysis. We also may combine non-personal information we collect with additional non-personal information collected from other sources.

• With Your Consent – We may disclose your personal information to a third party if and when you give us express permission to do so.

Except as provided above, Cohere may only disclose Personal Information if Cohere believes in good faith belief that such action is reasonably necessary to: (1) comply with the law; (2) comply with legal process; (3) enforce this Privacy Policy or a contract; (4) to respond to claims that content violates the rights of third-parties; (5) to protect the interests of Cohere or others, or (6) for a compelled public purpose such as national security or public safety.

Cohere does not sell or trade Personal Information to third parties without your prior consent. If you decide that we should not use your Personal Information, please notify us and we will discontinue use.

Cohere’s Commitment to Accuracy and Security

The accuracy and security of Personal Information is important to Cohere. If you ask us to correct your Personal Information, we will attempt to correct such inaccuracies in a timely manner. Please contact us at help@coherehealth.com if you wish to know what Personal Information we may have collected about you and to confirm and correct it, if necessary.

Cohere is concerned with the security of your information and is committed to taking reasonable steps to protect it from unauthorized access and use. To that end, we have established the appropriate physical, electronic, and managerial policies and procedures to secure this information. We bind our employees to observe your privacy and confidentiality rights. Be advised, however, that the Internet is not 100% secure and no security system is perfect, and we cannot guarantee, and you should not expect, that your information will be secure in all circumstances.

For Authorized Users of the CohereNext SaaS Platform, you are requested not to provide your password to another person. We cannot be responsible for a data breach or other incident if a password is used by unauthorized persons. If you are no longer an Authorized User, please inform us so that we may close your account and delete your personal information.

All Sensitive Information we collect is protected by encryption software, both in transit and at rest. We also restrict access to Sensitive Information on our computers to employees who have a need to know the information. Cohere may receive Protected Health Information (PHI) subject to the Health Insurance Portability and Accountability Act (HIPAA). Cohere has implemented the required safeguards pursuant to HIPAA and the health and healthcare data consistent and in that event it will meet the requirements for protection of this information under the Health Insurance Portability and Accountability Act (HIPAA) and the HiTECH Act.

We will retain your Personal Information in active files or systems as long as needed to meet the purposes for which it was collected, to provide the services or products you or the associated merchant client requested, or as otherwise may be required by law.

External Links

Cohere’s website may provide links to third-party websites. Even if the third-party is affiliated with Cohere through a business partnership or otherwise, Cohere is not responsible for the content, privacy policies, or practices of such external links. External links are provided for convenience only and access to these links is at your own risk.

Your Choices

We strive to provide you with appropriate choices regarding the Personal Information you provide to us. We have created the following mechanisms to provide you choices and control over your information.

Other Uses — We will not collect, use, or disclose your Personal Information in any ways or for any purposes that are materially different from those set forth herein. However, if we wish to do so in the future, we will obtain your consent first, and offer you the choice to opt-out of such proposed collection, use, or disclosure.

Promotional or Marketing Messages – If we send you promotional or marketing messages, you will be able to opt out of receiving our marketing or promotional email communications by using the “Unsubscribe” feature at the bottom of each email from us or by requesting to opt out by emailing us at help@coherehealth.com. Please note that you cannot opt out of receiving transactional communications from us regarding services you request, your account with us or other transactional or administrative issues.

Cookies — You have the ability to disable or opt-out of certain cookies by going to the Cookie Preferences of your browser. Also, you can find out more information about how to change your browser cookie settings at www.allaboutcookies.org. If you choose to disable cookies or opt out, please note that you may not be able to sign in or use some of the features offered by the Website.

Google Analytics – We use Google Analytics to help us manage and improve the Website. Google provides a Browser Add-On that allows you to opt-out by downloading and installing the add-on for your web browser, available at https://tools.google.com/dlpage/gaoptout.

International Privacy Disclaimer

Cohere is located in the United States. If you are visiting our Website and/or the CohereNext SaaS Platform, from outside the United States, please be aware and understand that your information will be transferred to, stored, and processed in the United States where our servers are located and operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. We take reasonable measures to ensure that your personal information remains secure. By accessing our Website and using our services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy. Note also that your personal information may be available to the US Government or its agencies under legal process in the United States.

Children

The Website and the CohereNext SaaS Platform are intended to be used exclusively by persons 18 years and older. We do not knowingly collect Personal or other information received from persons under 18 years of age. If you are under 18, you should not provide your Personal Information to us. If you believe that we might have any Personal Information received from a child under 13, please contact us at the details at help@coherehealth.com so that we may delete it.

Note, however, that we may receive Personal Information, including Protected Health Information, from physicians, medical practice groups and other clients about patients under their care who may be under 18, including patients younger than 13 years old, which Personal Information may be posted on the CohereNext SaaS Platform. This Personal Information is not subject to the notice and consent requirements of the Children’s Online Privacy Protection Act (COPPA).

California Privacy Rights

Pursuant to California’s “Shine The Light law (California Statute § 1798.983), California residents are entitled, once a year and free of charge, to request the disclosure of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year, if any. You may request this information by contacting us at help@coherehealth.com and indicate in the email subject line, “California Shine The Light Request.” Please include your mailing address and email address with your request.

Do Not Track

Some web browsers and devices allow you to broadcast a preference that your activities online not be “tracked.” At this time, the Website does not honor “do not track” signals.

Confidentiality and Non-Disclosure Agreements

Nothing in this Privacy Policy shall detract from the rights and obligations of the parties to any non-disclosure or similar agreement that Cohere or any of the Cohere family of companies have entered into with any customer or other third-party.

Updates to our Privacy Policy

The Cohere Privacy Policy is subject to change at any time, without prior notice and we encourage you to review this policy regularly for any changes. When we post changes to this Privacy Policy, we will revise the “Effective Date” at the top of the policy. By continuing to use our Website after we modify this Privacy Policy, you accept the new version of the Privacy Policy. If you do not agree to the changes, you should not continue to use the Website and should instead contact us by emailing us at help@coherehealth.com. How to Contact Us

If you have questions or comments regarding our Privacy Policy, or any issue relating to how we collect, use or disclose personal information, or if you would like us to update information we have about you or your preferences, please contact us as indicated below.

Email us at: help@coherehealth.com

Write to us at:

Cohere Health
226 Causeway Street, Suite 403
Boston, MA 02114