Web and mobile privacy statement

This Privacy Statement describes our practices in connection with information we collect through Applications that contain a link to this Privacy Statement.

We are not responsible for the privacy practices of any third party service providers (such as Internet Service Providers (“ISPs”) or cloud service providers) or other third parties operating websites or applications to which the Applications link.  The inclusion of a link on an Aetna Application does not imply that Aetna endorses, or otherwise monitors the privacy practices of that linked third party website or application.

We may collect two basic types of information: Personal Information and Non-Personally Identifiable Information.

By “Personal Information,” we mean data that is unique to an individual, such as a name, address, social security number, e-mail address, telephone number, and certain personal device information, as described below.

By “Non-Personally-Identifiable Information,” we mean information that does not identify you personally, but can provide us with usage data, either individually or in the aggregate. Non-Personally Identifiable Information may include demographic information, aggregated information, certain information collected automatically through your device such as web browser information, server log files, cookie technology, pixel tags or beacons, and other technologies, and other non-personally identifiable information collected by us or provided by you.

We acquire Personal Information when you voluntarily register or create a personal profile with us, or request products, services, or information from us. 

We may also automatically collect certain personal device information – such as physical location, IP address, battery information, application activity, data usage, accelerometer data, and malware information – to authenticate you and/or your personal device for purposes of Application security and to help prevent fraud and data loss.

In some cases, and in all cases where required by law or regulation, you will be able to update the information that you provide to us either by sending us an e-mail or, where you have established personal profiles with us, by updating your profile online. Please refer to the specific place in the Application where data is collected for more information.

We may use Personal Information for the following purposes:  

• Verifying your identity so that we can be sure that all of our communications with you are secure and confidential, for Application security, and to help prevent fraud and data loss;
• Responding to inquiries or requests from you;
• Delivering web-based products and services to you, such as our health risk assessment.
• To send you marketing and promotional communications that we believe may be of interest to you, if permitted by law.

If you are using this Application to enroll in a health plan, or to access information and services related to your health plan, please refer to your “Notices of Privacy Practices” which is available to you via a link on this Application.  These notices describes how Aetna may use and disclose your personal health and financial information when administering your benefits, and explains your legal rights.  If you receive benefits through a group health insurance plan, your employer will be able to tell you if your plan is insured or self-funded. If your plan is self-funded, you may want to ask for a copy of your employer’s privacy notice. You should read this notice before enrolling in a particular plan.

Except in connection with the sale, transfer, merger, consolidation or other transaction involving all or part of our company, we will not sell, license or otherwise transfer any rights to your personal information to any third party unless expressly authorized by you.

We may transmit or disclose your Personal Information to third parties for the following purposes.  In all cases we will require the recipient to protect the information and use it only for the purpose it was provided.

• If required by law, such as pursuant to a subpoena, regulatory oversight, or other legal process;
• To enable Aetna contractors or vendors to perform certain services for us, including, but not limited to, Application maintenance and performance improvement tasks.

This Application will not knowingly collect personally-identifiable information from minors under the age of thirteen (13) without their parents’ consent.

When you visit or use our Applications, we collect certain Non-Personally-Identifiable Information and aggregate information about you. This data helps us to analyze and improve the usefulness of the information and services we provide through our Applications. Because Non-Personally Identifiable Information does not personally identify you, we may use and disclose such information for any purpose permitted by law, including: 

• We may automatically collect certain web browser information. Web browsers collect and store information about the type of device and operating system you are using to access our Applications, as well as your device’s media access control (“MAC”) address for facilitating network communications. Accessing this information helps us to establish a secure and consistent connection to you and to customize experience and content when you use our Applications.
• "Cookie" technology. A "cookie" is an element of data that we can send to your browser when you link to our Applications. It is not a computer program and has no ability to read data residing on your computer or instruct it to perform any step or function. By assigning a unique data element to each visitor, our Applications are able to recognize repeat users, track usage patterns and better serve you when you return at a later time. The cookie does not extract Personal Information.
• Client-side page tagging. This technology uses code on each web page to write certain information about the page and the visitor to a log when a page is rendered to you by our Applications. "Tagging" does result in a JavaScript program running in your browser, but it is limited to providing information about the page that you are requesting and the configuration of your browser. It will not read any of your data files, nor execute any additional programs. It does not extract any Personal Information about you. You can prevent tagging by disabling JavaScript in your browser, but that may prevent you from using all of our Applications’ functions.
• Tracking pixels or beacons. These techniques use electronic files to track your navigation of our Applications, your completion of transactions and other browsing behavior.
• IP Address: When you subscribe to an Internet Service Provider (ISP), your computing device is assigned an IP Address. We may track and store this address to help us manage security, monitor usage volume and patterns, and to customize experience and content when you use our Applications.

In addition to personal information, we may sell or disclose patient and/or member information that has been deidentified as permitted by law. To the extent we sell or share such deidentified patient and/or member information, we do so pursuant to one of the deidentification methodologies described in Section 164.514(b)(1) or (b)(2) of Title 45 of the Code of Federal Regulations, commonly known as the HIPAA expert determination method and the HIPAA safe harbor method, respectively.

The security, integrity, and confidentiality of your information are extremely important to us. We have implemented technical, administrative and physical security measures that are designed to protect your information from unauthorized access, disclosure, use and modification. We regularly review our security practices to consider appropriate new technology and methods. We also periodically subject our Applications to simulated intrusion tests and have developed comprehensive disaster recovery plans. However, please be aware that despite our best efforts, no security measures are perfect or impenetrable.

Aetna does not serve third-party advertising on its Applications. However, we do engage online advertising service providers to serve ads on other sites, based on web pages you may have visited or your search engine activity. For more information or to opt out of interest-based ads, please review our interest-based ads policy. Currently, our Applications do not respond to “Do Not Track” signals from browsers.

See our interest-based ads policy

Aetna’s third-party service provider, Neustar, uses a variety of technologies to assess how our sites or mobile applications are used, to help us personalize your experience and to help us deliver advertising, including online content, tailored to your interests.

Our service provider may also create and store linkages between and among household or individual level identifiers such as Cookies, mobile advertising IDs, hashed email addresses and/or other persistent IDs that have been assigned to a unique but de-identified user. This process is sometimes called “cross device linking,” which is a technique used to predict or determine a likely association or relationship between two or more devices such as smartphones, tablets, desktop computers, etc. These de-identified linkages are not stored or merged with personal information about you. 

Our service provider will honor your preferences regarding cross device linking.  You can opt out of cross device linking on our service provider’s website.  

Opt out of Neustar cross device linking and advertising

We welcome your comments or questions about our Applications and have provided email boxes for that purpose. We will share your comments and questions with our customer service representatives and those employees most capable of addressing your questions and concerns.

Please note that your email, like most, if not all, non-encrypted Internet email communications, may be accessed and viewed by other Internet users, without your knowledge and permission, while in transit to us. For that reason, to protect your privacy, please do not use email to communicate information to us that you consider confidential. If you wish, you may contact us instead via telephone at the numbers provided at various locations on our Applications or, in the case of our health plan members, at the Member Services toll-free number that appears on your ID card.

There are some locations on our Applications where we have made special provisions for a more secure environment in which we can exchange information with you. At each of these locations, we will provide you with appropriate instructions.

From time to time, our Applications may provide links to other websites or applications, not owned or controlled by Aetna, that we think might be useful or of interest to you. We cannot, however, be responsible for the privacy practices used by other website owners or the content or accuracy of those other websites. Links to various non-Aetna websites or applications do not constitute or imply endorsement by Aetna of these websites or applications, any products or services described on these sites, or of any other material contained in them.

We may also provide links to other websites or mobile applications that are controlled by an Aetna-owned company, but that operate independently of the Applications. Privacy policies applicable to those sites and applications will appear on those sites and applications and may differ from this Aetna Privacy Statement.

Aetna may change this Privacy Statement from time to time; when updates are made, the version date (located at the bottom of this Privacy Statement) will also be updated to reflect that a revision occurred. We encourage you to periodically reread this Privacy Statement to see if there have been any changes that may affect you. This Privacy Statement is not intended to and does not create any contractual or other legal rights in or on behalf of any party.