Articles in this section

Human API Privacy Policy

Avatar
Delaney
  • Updated
Follow

Health Data Solutions Privacy Notice

Last Updated: May 6, 2025 

 

About This Privacy Notice

HumanAPI Inc. (“Human API,” “we,” “us,” “our”), a LexisNexis Risk Solutions business, is providing this Health Data Solutions Privacy Notice (“Notice”) regarding your personal information, or equivalent or corresponding terms as defined by applicable data privacy laws, including the California Consumer Privacy Act (“CCPA"), Colorado Privacy Act, Connecticut Data Privacy Act, Delaware Personal Data Privacy Act, Iowa Consumer Data Protection Act, Montana Consumer Data Privacy Act, Nebraska Data Privacy Act, New Hampshire Data Privacy Act, New Jersey Data Privacy Act, Oregon Consumer Privacy Act, Texas Data Privacy and Security Act, Utah Consumer Privacy Act and Virginia Consumer Data Protection Act, and any applicable respective implementing regulations (“U.S. Consumer Privacy Laws”).  Terms used but not defined shall have the meanings ascribed to them in the applicable U.S. Consumer Privacy Laws. This Notice supplements and incorporates the Human API Consumer Health Data Privacy Notice (applicable to Washington and Nevada), the LexisNexis Risk Solutions Privacy Policy and U.S. Consumer Privacy Notice, and applies solely to consumers in states with U.S. Consumer Privacy Laws, except as otherwise noted.  This Notice does not apply to personal information that we process as a service provider on behalf of our customers or that we collect from job applicants, contractors or employees.     

 

Categories of Personal Information Collected, Processed, and Disclosed

Human API collects, and have collected in the preceding 12 months, the following categories of personal information:

  • Personal identifiers such as a real name, alias, postal address, telephone or mobile contact number, unique personal identifier, email address, account name, and other similar identifiers;
  • Individual health conditions, treatment, diseases, or diagnosis;
  • Social, psychological, behavioral, and medical interventions;
  • Health-related surgeries or procedures;
  • Use or purchase of prescribed medication;
  • Bodily functions, vital signs, symptoms, or measurements of the categories of personal information list herein;
  • Diagnoses or diagnostic testing, treatment, or medication;
  • Gender-affirming care information;
  • Reproductive or sexual health information;
  • Biometric data;
  • Genetic data;
  • Data that identifies a consumer seeking healthcare services or supplies; and
  • Information that we derive or extrapolate from data that is not personal information and then use to associate to an individual to the categories of personal information listed herein.

 

Purposes for Collecting Personal Information

We use your personal information to provide our services to you including to support life insurance underwriting, if applicable, for statistical purposes, and to improve our products and services.

 

Life Insurance Underwriting

For consumers of any U.S. state, if you are utilizing Human API for the purposes of life insurance underwriting, your personal information may be transferred to our affiliate LexisNexis Risk Solutions Inc. (“LexisNexis”) for purposes of the underwriting and the requirements of the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq. (“FCRA”) will apply to your data.  The rights you have under the FCRA include the right to receive a copy of the data maintained in your file, correction of any inaccuracies, and a re-investigation.  LexisNexis will use your personal information for purposes of generating a score or other information that may be used by an insurance carrier in its determination of whether to extend a life insurance policy.  LexisNexis may share certain personal information such as your name, email address, phone number (if you supply it), and score with insurance companies (“Insurance Providers”) in order to provide you with a quote for insurance coverage, for insurance programs, including but not limited to the underwriting of insurance under 15 U.S.C. § 1681-1681y, and for related purposes as described in such Insurance Providers' own privacy policies.  The Insurance Providers may provide your information to their own service providers in order to generate a quote and other information relevant to insurance policies, and the Insurance Providers may use the information to contact you directly regarding their insurance products.

 

Sources of Personal Information

We may collect personal information from different sources, as described in our Privacy Policy, and as provided below:

  • Directly from you;
  • Collected from a device associated with you;
  • Collected from another solution or asset where you have authorized that solution or asset to provide us with your data or have authorized us to obtain it from them;
  • Collected from a clinical data network, healthcare provider, or other third party where you have authorized that party to provide us with your data or have authorized us to obtain it from them.

 

Disclosures of Personal Information

We may disclose your information to provide the services you have requested and to our affiliates, including LexisNexis Risk Solutions Inc., and service providers for these uses.

We may also disclose personal information as permitted by law, such as with your consent, to prevent, detect against, or respond to security incidents, identity theft, fraud harassment, malicious or deceptive activities, or any activity that is illegal under state or federal law, to preserve the integrity of our systems, or to investigate, report or prosecute those responsible for any such action that is illegal under state or federal law. 

We do not sell your personal information within the scope of the application of the U.S. Privacy Laws. 

 

We do not share for purposes of cross-context behavioral advertising or targeted advertising your personal information within the scope of the application of the U.S. Privacy Laws. Cookies may otherwise be used as outlined in the LexisNexis Risk Solutions Cookie Policy[RG3] . 

 

We retain your personal information for as long as necessary to provide our services and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, and enforcing our agreements. The criteria used to determine retention periods includes the legal limitation of liability period, agreed contractual provisions, applicable regulatory requirements, and industry standards.

 

We will not unlawfully discriminate against because you exercise any of your rights under the U.S. Consumer Privacy Laws.

We do not offer financial incentives or price or service differences to consumers in exchange for the retention or sale of a consumer’s personal information.

 

Your Privacy Rights

  • Right to Access. You have the right to confirm whether we process your personal information, access a copy of that data, and to obtain information about how we process that data. 
  • Right to Delete. You have the right to request that we delete your personal information.
  • Right of Correction. You have the right to ask that correct inaccuracies in the personal information that we collect.  In some instances, the data may be deleted instead of being corrected.
  • Right to Withdraw Consent. If we are processing your personal information with your consent, you have the right to withdraw that consent. 

 

You may exercise the rights above by contacting us using the details provided in the Contact section below.

You may be required to submit proof of your identity for certain of these requests to be processed. Such information may include your First Name, Last Name, Street Address, City, Zip, and Date of Birth and either your Social Security Number or your Driver’s License Number and State. This information will be used only for the purposes of verifying your identity and processing your request. We may not be able to comply with your request if we are unable to confirm your identity or to connect the information you submit in your request with personal information in our possession.

 

Authorized Agents

You may designate an authorized agent to make a request on your behalf subject to proof of identity and written authorization as required under the U.S. Consumer Privacy Laws, as applicable. Requests made through an authorized agent should be made by contacting us using the details provided in the Contact section below. As part of our verification process, we may request that the agent provide, as applicable, proof concerning his or her status as an authorized agent. In addition, we may require that you verify your identity as described above or confirm that you provided the agent permission to submit the request.

 

De-identified Information

Where we maintain or use de-identified data, we will continue to maintain and use the de-identified data only in a de-identified fashion and will not attempt to re-identify the data

 

Appeal

If we refuse to act on your request within a reasonable period after you have received notice of the refusal you have the right to file an appeal. You may file an appeal by contacting us using the details provided in the Contact section below.

 

Changes

We will update this Notice from time to time. Any changes will be posted on this page with an updated revision date.

 

Contact

You may make a FCRA rights request described above through our U.S. Consumer Privacy Homepage.

If you have any questions, comments, complaints or requests regarding this privacy policy or our processing of your information, please email us at help@humanapi.co or contact us at:

 

HumanAPI Inc.

1000 Alderman Drive

Alpharetta, GA 30005

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk