Last Updated: February 22, 2022
This Statement explains how your personal information is collected, used, and disclosed by Luum and its subsidiaries and affiliated companies (” Luum” or “We”). This privacy statement (“Statement”) applies only to your use of the public marketing website, Luum.com (the “Site”) when you are not logged in This Statement does not apply to websites, applications, or services that display or link to different privacy statements, including individual instances of the Luum Commute Hub.
We collect and process personal information about you with your consent and/or as necessary to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
We collect information about you in various ways when you use our Site. We collect personal information you provide to us. For example, we collect your contact information you provide us on our Site.
When you visit our Site, some information is automatically collected. For example, when you visit our Site your computer’s operating system, Internet Protocol (IP) address, access times, browser type and language, and the website you visited before our site are logged automatically. We also collect information about your usage and activity on our Site.
Web Beacons. We may collect information using Web beacons. Web beacons are electronic images that may be used on our Site or in our emails. We use Web beacons to deliver cookies, count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon.
Analytics. Third parties who provide us with analytics services for the Site may also automatically collect some of the information described above, including, for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information. Please consult the respective privacy policies and statements of these third parties for more information, including how Google Analytics use this data.
USE OF INFORMATION WE COLLECT
We use personal information collected through our Site for purposes described in this Statement or disclosed to you on our Site. For example, we may use your information to:
- operate and improve our internal operations, systems, products, and the Site;
- understand you and your preferences to enhance your experience and enjoyment using our Site;
- respond to your comments and questions and provide customer service;
- provide and deliver products and services you request;
- communicate with you about products and services offered by Luum and our selected partners;
- link or combine information about you with other personal information we get from third parties, to help understand your needs and provide you with better and more personalized service; and
- protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
SHARING OF PERSONAL INFORMATION
We do not share your personal information with third parties other than as follows:
- with your consent;
- with third party vendors, consultants, and other service providers who work for us and need access to your information to do that work;
- in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.
We may also share aggregated or de-identified information.
SECURITY OF YOUR PERSONAL INFORMATION
Luum takes reasonable steps to help protect your personal information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
TRANSFERS OF YOUR PERSONAL INFORMATION
Personal information we collect may be stored and processed in your region, in the United States or in any other country where we or our affiliates, subsidiaries or service providers maintain facilities. We maintain primary data centers in the United States. We take steps designed to ensure that the data we collect under this Statement is processed according to the provisions of this Statement and applicable law wherever the data is located. When we transfer personal information from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection, we use a variety of legal mechanisms, including contracts, in an effort to help ensure your rights and protections.
STORAGE AND RETENTION OF YOUR PERSONAL INFORMATION
We retain your personal information for as long as necessary to provide services requested by you, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly. The criteria used to determine retention include:
- How long is the personal information needed to provide applicable services? This includes such things as maintaining and improving the performance of the Site, enabling system security measures, and maintaining appropriate business and financial records.
- Do users provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? In such cases, we may maintain the data until actively deleted by the user.
- Is the personal information of a sensitive type? If so, a shortened retention time may be appropriate.
- Are we subject to a legal, contractual, or similar obligation to retain the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data, or data that must be retained for the purposes of litigation.
YOUR INFORMATION CHOICES AND CHANGES
If you wish to ask for access, correction, or deletion of any of your personal information held by us or a change in the way we use your information (for which we reserve the right to charge you a fee, as permitted by applicable law), please contact us at firstname.lastname@example.org. However, we may decline requests that are unreasonable, prohibited by law, or are not required to be honored by applicable law.
You may opt out of receiving promotional emails from Luum by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations. You may also send requests about your contact preferences, changes to your information including requests to opt-out of sharing your personal information with third parties by emailing email@example.com.
Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Site.
Our third-party analytics and advertising partners may provide you with options to opt-out of certain information collection. To opt out of Google Analytics, you can download the Google Analytics Opt-out Browser Add-on.
There are many ways through which web browser signals and other similar mechanisms (for example, “Do Not Track”) can indicate your choice to disable tracking, and, while we and others give you choices described in this Statement, we do not currently honor these mechanisms.
YOUR EUROPEAN PRIVACY RIGHTS
We adhere to applicable data protection laws in the European Economic Area, which, if applicable to you, includes the following rights:
- If we are processing personal information based on your consent, you have a right to withdraw consent at any time for future processing;
- You have a right to request access to, rectification, or erasure of your personal information, or to transfer or receive a copy of your personal information in a usable format;
- You have a right to object to the processing of your personal information under certain circumstances; and
- You have a right to lodge a complaint with a data protection authority.
CHANGES TO THIS STATEMENT
Luum may change this Statement from time to time. If we make any changes to this Statement, we will change the “Last Updated” date above or by providing such notice about or obtaining consent to changes as may be required by applicable law.
If you have any questions or comments about this Notice or our other privacy notices, the ways in which we collect and use information, or choices and rights regarding personal information, please contact us at:
Toll-Free Phone: 1-866-629-6347
Mail: HealthEquity, Inc.
Attn: Privacy Officer
15 West Scenic Pointe Drive
Draper, UT 84020