Sydney Community Privacy Notice for California Residents
Last Updated: October 15, 2020
This Sydney Community Privacy Notice for California Residents for Sydney Community, the mobile service
("Application") operated by CareMarket, Inc. ("CareMarket, Inc.," "we" or "us"), applies to individuals who live
in the State of California and whose data is subject to the California Consumer Privacy Act of 2018 (CCPA). Below
describes what information CareMarket collects that is subject to the CCPA, your rights under the CCPA, and how
you can enforce those rights under the CCPA. Any terms defined in the CCPA have the same meaning when used here.
Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with,
or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal
Information").
Personal Information does not include:
Publicly available information lawfully made available from government records.
Deidentified or aggregated consumer information.
Information excluded from the CCPA's scope, like:
health or medical information covered by the Health Insurance Portability and Accountability Act of 1996
(HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting
Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the
Driver's Privacy Protection Act of 1994.
If certain types of information are exempt from CCPA, and therefore this policy, other CareMarket or third party
privacy policies may apply. CareMarket has collected the following categories of Personal Information from its
consumers within the last twelve (12) months:
Examples
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol
address, email address, account name, Social Security number, driver's license number, passport
number, or other similar identifiers.
Collected
Yes
Examples
Information that is protected against security breaches such as: name, signature, Social Security
number, physical characteristics or description, address, telephone number, passport number,
driver's license or state identification card number, insurance policy number, education,
employment, employment history, bank account number, credit card number, debit card number, or any
other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories may not be
subject to all the rights under the CCPA.
Collected
Yes
Examples
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed,
marital status, medical condition, physical or mental disability, sex (including gender, gender
identity, gender expression, pregnancy or childbirth and related medical conditions), sexual
orientation, veteran or military status, genetic information (including familial genetic
information).
Collected
Yes
Examples
Records of personal property, products or services purchased, obtained, or considered, or other
purchasing or consuming histories or tendencies.
Collected
No
Examples
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
Collected
Yes
Examples
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Collected
Yes
Examples
Physical location or movements.
Collected
Yes
Examples
Audio, electronic, visual, thermal, olfactory, or similar information.
Collected
No
Examples
Current or past job history or performance evaluations.
Collected
No
Examples
Current or past job history or performance evaluations.
Collected
No
Examples
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Collected
Yes
We generally do not collect additional categories of personal information or use the personal information we
collected for significantly different or meaningfully unrelated purposes without providing you notice.
Where We Obtain Personal Information
We obtain the categories of personal information listed above from the following categories of sources:
Directly from you or your devices. For example, from forms you complete on our Application.
Indirectly from you. For example, from observing your actions on our Application.
Other users of our services.
Affiliates, including health plans that we support.
Internet service providers.
Government entities.
Operating systems and platforms.
Business partners. For example, pharmacy benefit managers or providers.
Publicly accessible sources. For example, National Provider Identifier.
Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following business and
commercial purposes:
Fulfilling or meeting the reason you provided the information. For example, if you share personal information
in order to connect with or receive health information from Communities, including other users of Communities
and/or educational content.
Providing you with information, products or services that you request from us.
Providing you with email alerts, event registrations and other notices concerning our services, or news that
may be of interest to you.
Sending you text messages or push notifications.
Marketing purposes, such as developing and providing promotional and advertising materials that may be
useful, relevant, valuable or otherwise of interest to you.
De-identifying and aggregating information collected through our services and using it for any lawful
purpose.
Responding to trust and safety issues that may arise.
Carrying out our obligations and enforce our rights arising from any contracts or other terms entered into
between you and CareMarket, including billing, or as may be required by applicable laws and regulations or
requested by any judicial process or governmental agency.
Auditing related to a current interaction with you and concurrent transactions, including, but not limited
to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and
auditing compliance with this specification and other standards.
Personalizing your experience on our services, such as presenting tailored content.
Undertaking activities to verify or maintain the quality or safety of our services, and to improve, upgrade,
or enhance our services.
For testing, research, analysis, and product development, including the development of data models and
algorithms, and for demonstration purposes.
Auditing related to a current interaction with you and concurrent transactions, including, but not limited
to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and
auditing compliance with this specification and other standards.
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and
prosecuting those responsible for that activity.
Debugging to identify and repair errors that impair existing intended functionality.
Short-term, transient use.
Contracting with service providers to perform services on our behalf or on their behalf, including
maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions,
verifying customer information, processing payments, providing financing, Poviding advertising or marketing
services, providing analytic services, or providing similar services on behalf of the business or service
provider.
Otherwise enabling or effecting, directly or indirectly, a commercial transaction.
For other purposes for which we provide specific notice at the time the information is collected.
To respond to law enforcement requests and as required by applicable law, court order, or governmental
regulations.
As described to you when collecting your personal information or as otherwise set forth in the CCPA.
Sharing Personal Information
We may disclose your personal information to a third party for a business or commercial purpose. When we disclose
personal information for a business purpose, we enter a contract that describes the purpose and requires the
recipient to both keep that personal information confidential and not use it for any purpose except performing the
contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a
business purpose:
Category A: Identifiers
Category B: California Customer Records
Category C: Protected classification characteristics under California or federal law
Category E: Biometric information
Category F: Internet history
Category G: Geolocation Data
Category K: Inferences drawn from other personal information
In the preceding twelve (12) months, CareMarket has not disclosed personal information for a commercial purpose.
However, for California residents, the California Consumer Privacy Act (CCPA) defines "selling" personal
information to include providing it to a third party in exchange for money or valuable services. We may in the
future disclose data in any of the categories above to certain third parties for commercial purposes, in our
products and services or in exchange for valuable services, such as advertising or social media engagement
services, which may constitute a "sale" under the CCPA." Pursuant to our Privacy Notice, we share your information
with the following categories of third parties for a commercial purpose:
ISPs : Internet service providers
Analytics Providers
Government: Government entities
OS/Platform Provider: Operating systems and platforms
Affiliates
Vendors: Vendors and service providers
Integrated Third Parties: Third parties integrated into our services
Third Parties as Legally Required: Third parties as required by law and similar disclosures
Third Parties in Merger/Acquisition: Third parties in connection with a merger, sale, or
asset transfer
Third Parties with Consent: Other third parties for whom we have obtained your permission to
disclose your Personal Information
For avoidance of doubt, we do not sell health information subject to HIPAA without your express authorization. If
you give us such an authorization, you may revoke it in writing at any time. Your revocation will not affect any
use or disclosure permitted by your authorization while it was in effect.
Your Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section
describes your CCPA rights and explains how to exercise those rights.
"VERIFIABLE CONSUMER REQUEST"
To exercise your rights to access or delete your personal information under the CCPA, you must submit a
"verifiable consumer request." Only you, or a person registered with the California Secretary of State that you
authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You
may also make a verifiable consumer request on behalf of your minor child.
A verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected
personal information or an
authorized representative
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to
it
If we cannot verify your identity or authority to make the request, we will not be able to fulfill your request.
The information provided for verification will only be used for that purpose.
AUTHORIZING AN AGENT
To authorize an agent to make a request to know, delete or opt-out request on your behalf, please send a written
authorization signed by you and the authorized agent to us via the contact information below.
PROCESSING FEES
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive,
repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made
that decision and provide you with a cost estimate before completing your request.
PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS
In some circumstances, you may opt out of the sale of your Personal Information. If you are 16 years of age or
older, you have the right to direct us to not sell your personal information at any time (the "right to opt-out").
We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we
receive affirmative authorization (the "right to opt-in") from either the consumer who is between 13 and 16 years
of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal
information sales may opt-out of future sales at any time. We may ask for information from you to verify your
identity and help ensure your request does not infringe upon the rights of others, for example, an individual who
has not opted out but has a similar name as you.
To exercise the right to opt-out, you (or your authorized representative) may submit a request by following the
instruction under contact information below.
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize the
sale of your personal information. However, you may change your mind and opt back in to personal information sales
at any time by visiting our Application and sending us a message.
We will only use personal information provided in an opt-out request to review and comply with the request.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we
will not:
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other
benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality
of goods or services.
We may offer you certain financial incentives such as discounted prices, rates, or quality levels. Any permitted
financial incentive we offer will reasonably relate to your personal information's value and contain written terms
that describe the program's material aspects. Participation in a financial incentive program requires your prior
opt in consent, which you may revoke at any time.
"Shine the Light"
California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Application that are
California residents to request certain information regarding our disclosure of personal information to third
parties for their direct marketing purposes. To make such a request, please send us an electronic message through
our website or write us at our address listed below.
Changes to Our CA Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this
privacy notice, we will post the updated notice on the Website and update the notice's effective date.
Your continued use of our Application following the posting of changes constitutes your acceptance of such
changes.
Contact Information
You can contact CareMarket with your questions, comments, rights requests, and other CCPA-related inquiries by
contacting your participating company, email us at communitytechnicalsupport@anthem.com or at the
following address: 220 Virginia Ave, Indianapolis, IN 46204.
If you believe your personal information was accessed without permission, please contact CareMarket by the means
listed above.
Effective Date
This Privacy Notice for California Residents is effective 10/15/2020. Certain rights granted by the CCPA will not
be effective until 1/1/2021.
