Overview

Effective Date: 01 July 2025

Imagine 360, LLC and its affiliated companies, including Healthfirst by Imagine360, Imagine Health, LLC; Partners Direct Health, LLC; ELAP Services, LLC; Employee Benefit Management Services, LLC; miCare, LLC; miRX, LLC; SpringTide Health, LLC; Preferred Medical Claim Solutions, LLC and Upland Advocacy LLC (collectively, the “Company,” “we,” “us,” or “our”) respect your privacy and are committed to protecting it through the policies and practices described in this Privacy Policy (“Privacy Policy” or “Policy”).

The Policy explains our information practices, including how we collect, use, retain, and disclose information about you, including Personal Information, as defined below.

When Our Privacy Policy Applies

This Privacy Policy applies when we interact with brokers, clients, members, patients, and providers through our websites, mobile and/or web-based applications, or direct, offline interactions (collectively, the “Services”), to the extent that Personal Information is collected during those interactions. This occurs, for example, when you:

Visit our websites, which include without limitation: www.imagine360.com, www.imaginehealth.com, www.elapservices.com, hfbenefits.imagine360.com, www.partnersdirecthealth.com, www.uplandadvocacy.com, www.springtidehealth.com, www.ebms.com, mibenefits.ebms.com, www.micarehealthcenter.com, www.mirxpharmacy.com, mibenefits.imagine360.com, and www.pmcsonline.com (the “Websites”);
Communicate with us electronically, including via phone, email, text, and other forms of electronic messages, such as when you engage with us on social media; or
Interact with us offline, including by visiting one of our miCare facilities that provides healthcare services or attending any of our programs or events;
Access, use or otherwise engage with products and Services through channels where this Privacy Policy is posted.

This Privacy Policy also applies when we collect or process information in our role as a professional service provider for our commercial clients. This may occur, for example, when you provide your information to an employer who is a group client of ours, and pursuant to our contract with that client, your information is disclosed to us for a business purpose.

We collect and disclose Personal Information in two primary contexts. When we determine the purposes and means of processing your Personal Information, we are a “business” or “controller” pursuant to applicable data protection laws, such as the California Consumer Privacy Act of 2018, as amended (“CCPA”), and this Privacy Policy will apply. When we process Personal Information in our role as a professional services provider to our clients and business partners, we will process your information based on those parties’ instructions; when we act as a service provider to another business, that business’s privacy policy, and not this Privacy Policy, will generally apply.

Please note that our Websites may include links to other websites, plug-ins, services, social networks, and applications, which are operated and maintained by third parties. Clicking on those links or enabling those connections may allow the third party to collect, disclose, or otherwise use information about you. We do not control the privacy practices of external parties who are not our service providers, contractors, or otherwise contractually restricted to use data in accordance with our instructions. We encourage you to review the privacy policies of every website you visit.

This Privacy Policy is part of our Terms of Use, which together govern our relationship with you with respect to the Websites. By visiting our Websites or interacting with our products or Services, you acknowledge and consent to the collection, use, and disclosure of your information as described in this Privacy Policy. We may provide different or additional privacy notices in connection with certain activities, products, or services that we offer. Those additional notices may supplement or clarify our privacy practices or provide you with additional choices regarding your Personal Information. For example, when we collect, disclose, or use your Protected Health Information (PHI) at one of our miCare health facilities, we will provide you with a Notice of Privacy Practices pursuant to HIPAA.

This Privacy Policy may change from time to time (see Changes to This Privacy Policy by clicking on Section VII in the Navigation Pane). Your continued engagement with our Websites or Services after any such changes are made indicates that you accept and consent to them. We encourage you to review this Privacy Policy periodically for updates.

If you are a California resident, please review Section IV below titled “Your Privacy Rights and Choices; California Residents” for additional information regarding information collection practices provided pursuant to California law.

Table of Content

I. Collection of Personal Information

II. Use of Personal Information

III. Disclosures of Personal Information

IV. Your Privacy Rights and Choices; California Residents

V. Data Security and Retention

VI. Children’s Privacy

VII. Changes to this Privacy Policy

VIII. Contact Us

I. Collection of Personal Information

The information we collect about you, and how we collect, use, and disclose it depends on the nature of your relationship with us, your interactions with our products and Services, and the requirements of applicable law.

“Personal Information” in this Privacy Policy means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include anonymous, de-identified or aggregated data that is disassociated with a particular individual. Personal information also does not include publicly available information, such as information obtained from government records or information that has otherwise been lawfully made available to the public.

If we combine or connect anonymous or de-identified information with Personal Information so that it directly or indirectly identifies an individual, or so that we may use the information to draw inferences about an individual, we treat the combined information as Personal Information and, where applicable, as Sensitive Personal Information.

Information Collected through Direct Interactions with You

You may provide your Personal Information to us in a variety of ways, including, without limitation, when you request information from us on the Websites, sign-up to receive our communications, or engage with us to procure our products or Services, such as our health plan solutions or financial advocacy services.

The categories of Personal Information we may have collected from you within the last twelve (12) months include:

Identifiers and Contact Information, such as your name, home or mailing address, email address, telephone number, username, Social Security Number, or other government-issued identifiers.
Customer Records and Commercial Information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, as well as information related to your transactions with us, such as your payment history.
Demographic Information, which may include protected classification characteristics under state and federal law, such as gender or age.
Financial and Billing Information, such as name, billing address, financial account information, bank statements, and tax documents.
Geolocation Data, such as time, physical location, or movement (related to your use of or access to a device, application, or network controlled by the Company) when you visit the Websites.
Account Information, such as email address or username and password to access our online miBenefits portal.
Health Information, including medical records, prescription information, health insurance and claims information, physician notes, or other information concerning your medical diagnosis, condition, or treatment.
Audio, Electronic, or Visual Information, such as audio recordings when you call us, video surveillance when you visit our physical locations, and the contents of your written communications to us, including email.
User Contributions, such as when you disclose information about yourself on the Company’s social media pages. We may collect the information you provide in such submissions, including any Personal Information, and use it in accordance with this Privacy Policy. Please note that if you choose to submit content online, including reviews, on our Websites or other websites’ public forums such as discussion boards or similar platforms, such content will be considered “public” and will not be subject to the protections described in this Privacy Policy.

Inferences drawn from other Personal Information, such as your preferences and other behavioral characteristics gathered through Website analytics.
Sensitive Personal Information. Several data privacy laws in the U.S. define Sensitive Personal Information to include certain identifiers described as Personal Information above, such as Social Security numbers and complete online access credentials. Sensitive Personal Information often also includes characteristics that are considered protected classifications under the law, precise geolocation, and the contents of email and other communications, if the Company is not the intended recipient of the communications. We do not generally collect Sensitive Personal Information other than for the operational or business purposes described in this Privacy Policy. When Sensitive Personal Information is collected, we may use it to provide and support our Services, comply with our legal obligations, respond to subpoenas or other legal processes, or defend against legal claims.

Information Collected Through the Use of Cookies or Website Tracking Technologies

Device, Internet and Network Activity Information

Device, Internet, and Network Activity Information we collect may include:

Device Data, such as information about the computer, phone, tablet, or other device you use to access our Websites. Depending on the device used, the information collected may include your IP address (or proxy server), device and application identification numbers, location, device and/or browser type, hardware model, internet service provider and/or mobile carrier, operating system, mobile platform, and system configuration information.
Log and Usage Data, including service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Websites, and which we record in log files. Depending on how you interact with the Websites, log and usage data collected may include information about your activity on our Websites (such as the date/time stamps associated with your usage, pages, and files viewed, searches, views, and other actions or selections you make), device event information (such as system activity, error reports (or “crash dumps”) and hardware settings.
Cookies and Other Tracking Technologies, A cookie is a small text file that may be placed on your computer when you visit a website or click on a URL. There are two types of cookies that may be used: a session cookie and a persistent cookie. A single-session cookie is held temporarily in your computer’s memory during only a single visit to a website to personalize user experience, to determine ways to improve the site, its content, and services offered through the site. A single-session cookie disappears from your hard drive when you close your browser. A persistent cookie is entered by your web browser into the “Cookies” folder on your computer and remains in this folder after you close your browser. It may be used by your browser on your next visit to a website unless or until it is deleted or set to expire.

We use cookies and other tracking technologies such as pixels and web beacons to improve the functionality of our Websites and enhance your online engagement experience. These technologies may collect your browser type, IP address, device type and unique device identifiers, network information, operating system details, and website interactions, such as the website pages visited, time spent on each page, and search history. They may also collect the language your system uses and the country and time zone where your device is located. Some of the technologies we use on our Websites are strictly necessary for the Websites’ functionality. Others improve functionality but are not strictly necessary. For example, we use Google Analytics to measure and improve the functionality and content on our Websites as well as the effectiveness of our marketing campaigns.

The categories of cookies and other technologies we may use on our Websites include:

Essential/Strictly Necessary Cookies. These cookies are necessary for the Websites to function properly. They help improve visitor experience, make the site easier for you to use and facilitate provision of requested online services and transmission of communications over a network.
Functional Cookies. These cookies are not essential for the Websites to function properly but they allow our Websites to remember a visitor’s preferences and personalize a visitor’s website experience.
Performance & Analytics Cookies. These cookies are used to gather statistical data on how visitors use the Websites, such as which webpages are visited most frequently, so that we can determine how the Websites are performing and make improvements to its functionality and performance.
Marketing Cookies. These cookies may be placed on the Websites by us or our third-party marketing partners. They may collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Additionally, some companies may use the information collected through cookies to deliver targeted ads on our behalf or on behalf of other companies. We are not responsible for the functioning of cookies and other technologies used and placed by third parties on your device.

To manage your cookie preferences and opt-out of any sale or sharing of your Personal Information that may occur via the Websites, contact us using the information provided in the Contact Us section by clicking on Section VIII in the Navigation Pane. Please note that the Websites are not currently configured to respond to web browser signals and other global privacy control (GPC) mechanisms.

Most browsers are set up to accept cookies. You may reject or delete cookies by adjusting your browser preferences at any time; however, this may limit your ability to use all of the features on our Websites or otherwise affect the appearance of certain webpages. You may opt out of any category of cookies except for those that are strictly necessary, as they are deployed to ensure the proper functioning of our Websites.

Please note that opting out of cookies may be browser or device specific.

Other Technologies. Pages of our Websites and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to analyze website activity. For example, we may use web beacons to count users who have visited a page or opened an email and for other related Website statistics (for example, recording the popularity of certain Website content and verifying system and server integrity). We may also collect different types of information from website technologies to improve the quality of our Websites and Services.

Information Provided by Other Sources

We may receive Personal Information about you from certain external parties such as:

Employers who use our products and services to administer employee benefits programs;
Insurance brokers, who assist with managing the relationship between individual plan members and our group clients (i.e., employers);
Healthcare providers with whom we partner to offer health plan solutions;
Third-party plan administrators who create the eligibility files we use to validate and communicate with patients of miRx and miCare;
Legal guardians or other authorized persons acting on behalf of patients;
Data analytics providers;
Marketing or advertising service providers; or
Vendors that provide services on our behalf.

We may supplement the information that you provide to us with information that we receive or obtain from other sources, such as our affiliated businesses, service providers, and publicly available sources.

II. Use of Personal Information

We use your Personal Information for our business purposes, including to provide and improve the Websites, products, and Services we make available to you, to respond to your inquiries and requests, to prevent fraud and other criminal activity, for marketing purposes, and for other purposes of which we may inform you in this Privacy Policy or other notice provided when the information is collected.

For example, we may use your Personal Information as permitted or required by law:

To fulfill or meet the purpose(s) for which you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or Services, we will use that information to contact you regarding your inquiry. We may also save your information to facilitate new services offered to or requested by you.
To present our Websites and their contents to you;
To provide you with information, products, or Services that you request from us;
To carry out our obligations and defend or enforce our legal rights arising from any contracts entered into between you and us;
To administer a health benefit plan including, but not limited to, payment and health care operations;
To notify you about changes to our Websites or any products or Services we offer or provide;
To manage interest-based advertisements on behalf of the Company;
To help diagnose problems with, administer, and operate the Websites;
To compile statistical data for analysis, research, optimization, performance, and development; or
For any other purpose with your consent or as permitted or required by law.

III. Disclosures of Your Information

We will only disclose your Personal Information to third parties as outlined in this Privacy Policy or otherwise required by law. Some of our business processes are supported by Service Providers, which are vendors that are contractually restricted from utilizing the Personal Information we provide to them for purposes other than those specifically instructed by us.

We may disclose your Personal Information to the following categories of recipients:

Via miBenefits and other benefits manager portals to:
- Employer group clients;
- Healthcare providers; and
- Business partners, including insurance brokers
Affiliates
Service Providers
Collection Agencies
Law enforcement agencies or judicial officials
Parties to litigation involving the Company
Parties to a business transfer, sale, or merger involving the Company
Advertising companies and social media platforms

Other Disclosures Permitted or Required by Law

We may disclose your Personal Information for the following additional purposes, where permitted or required by law:

To other members of our Company (including affiliates and individuals outside of your home state) for the purposes set out in this Privacy Policy or as necessary to process your requests.
To comply with our legal obligations or other valid legal processes such as search warrants, subpoenas, or court orders. When we disclose your Personal Information to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum Personal Information necessary to accomplish the purpose of the request.
To protect our legal rights and property, including the safety of our premises.
During emergency situations or where necessary to protect the safety of persons or property.
To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted Personal Information.
For additional purposes with your consent where such consent is required by law.

IV. Your Privacy Rights and Choices; California Residents

For purposes of this section, we follow the language of the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act, to describe a consumer’s rights under the CCPA and other comprehensive U.S. state data privacy laws, as applicable (collectively, “State Consumer Data Privacy Laws”).

State Consumer Data Privacy Laws may provide their respective state residents with all or some of the following rights:

A Right to Request to Access Information. You may have the right to request access to your Personal Information and, where technically feasible, a copy of your Personal Information. You may also have the right to obtain information about how we process or disclose your Personal Information.
A Right to Request Review and Correction of Information. You may have the right to request that we correct any inaccurate or incomplete Personal Information we have about you.
A Right to Request Deletion of Information. You may have the right to request that we delete your Personal Information. Please note that we may not be able to delete certain information depending on legal exceptions or obligations. Please see the Data Security and Retention section below for more information about why we may retain your information.
A Right to Limit the Use of Sensitive Personal Information. You may have the right to restrict how we use your Sensitive Personal Information. For example, you may request that we not use your information for the purpose of inferring characteristics about you.
A Right to Revoke Consent. You may have the right to withdraw your prior consent to certain processing of your Personal Information, such as the sharing of your Personal Information with third parties who are not our service providers.
A Right to Opt-Out of Marketing Communications. You may request that we not use your Personal Information to send you certain emails or other marketing communications. You may also unsubscribe from receiving marketing emails from us by clicking on the “Unsubscribe” link found in those emails. Please note you may not be able to opt out of all communications, as we may need to send you information related to our products and services.
A Right to Opt-Out of Selling or Sharing Data for Cross-Contextual Behavior Advertising. You may request to opt out of the “sale” or “sharing” of Personal Information for cross-contextual behavioral advertising purposes. Cross-contextual behavioral or targeted advertising is advertising based on information collected about you from non-affiliated websites, applications, or services. To opt out of any sales of your Personal Information or sharing of your Personal Information for cross-contextual behavioral advertising, contact us using the information provided in the Contact Us section by clicking on Section VIII in the Navigation Pane.
A Right to Non-Discrimination. Unless permitted by law, we will not deny you goods or services; charge (or suggest you may receive) different prices for goods or services, including through granting discounts or other benefits, or provide (or suggest you may receive) a different level or quality of goods or services for exercising your privacy rights and choices. However, we may offer you certain financial incentives that can result in different prices, rates, or quality levels. Any permitted financial incentive we offer will reasonably relate to the value of your Personal Information and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. Currently, we do not provide any financial incentives in exchange for Personal Information.

Exercising Your Rights

To exercise the rights described above, please contact us at or call us at 833-837-7639. To protect your Personal Information, we may ask you to provide additional information to verify your identity and authority to submit your request. You may also submit a request to exercise your rights through an authorized agent, in which case your agent must present signed written permission to act on your behalf. You may be required to independently verify your identity with us and confirm that you have provided the agent with authorization to act on your behalf.

The table below and paragraph that follows regarding Sensitive Personal Information provide notice of our information practices in relation to California consumers during the preceding 12 months. Certain uses or disclosures described below may constitute a “sale” or sharing of Personal Information as defined in the CCPA.

Categories of Personal Information Collected	Business Purpose of Collection and Use	Categories of Personal Information Recipients
Identifiers, Contact Information, and Government Identification (name and contact details such as your email address, mailing address, phone number, government identification numbers, account username and password, and social media handles).	Providing and maintaining our Services, including health plan solutions, financial advocacy assistance, and where applicable, medical services Communicating with you and providing support to members and patients, as applicable Improving website experience To facilitate our business operations in relation to the Services we provide to you To comply with the law For marketing and business analytics	Group Clients (Employer Health Plans) Brokers Partners Healthcare Providers Service Providers Marketing Partners Law enforcement, public and government authorities, and other entities as necessary to comply with the law, support investigations, and protect the rights and properties of our business
Financial Information (payment card or bank account details, bank statements, billing histories, invoicing, and tax information (e.g., W2)).	Providing and maintaining our Services, including financial advocacy assistance To provide proof of income when applying for financial assistance Communicating with you and providing support to members and participants, as applicable To facilitate our business operations in relation to the Services we provide to you To comply with the law	Service Providers Collection Agencies
Device, Internet or Network Activity Information (device information, including your browser type and language, IP address, device type, unique device identifiers, mobile network information and operating system, and website interactions, such as the pages visited on the website, time spent on each page, whether you’ve clicked on a hyperlink and search queries).	Improving website experience For digital marketing and business analytics Maintaining the security and functionality of our Websites Troubleshooting, internal analytics, and reporting for our Websites Data incident detection Debugging and repair of technical systems	Group Clients (Employer Health Plans) Broker Partners Healthcare Providers Service Providers Data analytics providers, such as Google Social media companies such as Meta and LinkedIn Marketing Partners Law enforcement, public and government authorities, and other entities as necessary to comply with the law, support investigations, and protect the rights and properties of our business
Inferences (preferences, such as which Services or product interest you).	Providing and maintaining our Services Communicating with you and providing support as requested Improving website experience	Service providers Marketing partners Data analytics providers, such as Google Social media companies such as Meta and LinkedIn
Demographic Information (your gender, age, and health information, which may be considered Sensitive Personal Information and include protected characteristics under state and federal law).	Providing and maintaining our Services, including the provision of plan services and review of claims submitted for medical bill relief. Improving website experience To facilitate our business operations in relation to the Services we provide to you To comply with the law	Group Clients (Employer Health Plans) Brokers Partner Healthcare Providers Service Providers Collection Agencies
General Geolocation Data (such as your general location based on your ZIP code or IP address).	Providing and maintaining our Services Improving website experience To facilitate our business operations in relation to the Services we provide to you Communicating with you	Group Clients (Employer Health Plans) Brokers Partner Healthcare Providers Service Providers
Sensitive Personal Information (such as your Social Security, driver’s license, state identification card, passport number, or certain information in the content of your written communications with us).	To facilitate our business and operations in relation to the Services we provide to you For the provision of medical services and continuity of care, where applicable For identification purposes when referring patients to other medical providers	Group Clients (Employer Health Plans) Brokers Partner Healthcare Providers Service Providers

Sensitive Personal Information. We do not use or disclose Sensitive Personal Information for purposes other than those specified in Section 7027(m) of the implementing regulations of the CCPA. When Sensitive Personal Information is collected, it is only used for business purposes described in this Privacy Policy.

V. Data Security and Retention

Maintaining the security of the data we collect, including Personal Information, is very important to us. We maintain reasonable administrative, technical, and physical safeguards to protect the confidentiality, integrity, and accessibility of Personal Information.

However, no method of Internet transmission or electronic storage is 100% secure or error free. As such, we cannot guarantee the security of information transmitted to our Websites or information systems via the Internet.

Except as otherwise permitted or required by applicable law or regulation, we will only retain your Personal Information for as long as necessary to fulfill the purposes for which we collected it, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. The criteria used to determine the applicable retention period for your information includes the length of time we have an ongoing relationship with you and provide products or services to you, and whether there is a legal obligation to which we are subject that requires us to retain your information.

VI. Children’s Privacy

We prioritize the protection of children and their privacy. We do not knowingly share or sell Personal Information of consumers under 16 years of age. We also do not intend to collect Personal Information from anyone we know to be under the age of 16, except as permitted by law while providing our products and Services. If we learn that we have unknowingly collected or received Personal Information from a child under 16, we will make reasonable efforts to delete such information from our records. If you believe that we might have collected information from or about a child under 16, we ask that a parent or guardian contact us at privacynotice@imagine360.com.

VII. Changes to the Privacy Policy

Please review the Effective Date at the top of this page to determine when this Privacy Policy was last revised.

From time to time, we may modify this Privacy Policy. We will provide clear and conspicuous notice of any material changes and post a new Privacy Policy on this page when modifications are made. We encourage you periodically to check this page for updates.

VIII. Contact Us

If you have any questions about this Privacy Policy or our collection and use of your information, please contact us via email at privacynotice@imagine360.com, via phone toll-free at 833-837-7639, or via U.S. mail at the following address:

Imagine 360, LLC

ATTN: Privacy Officer

1550 Liberty Ridge Drive, Suite 330

Wayne, PA 19087

We aim to respond to general privacy inquiries within 45 days or as otherwise required by law. Requests to opt-out from our marketing materials will be processed within 10 business days.

Individuals with disabilities who are unable to meaningfully access our Privacy Policy online may contact us to inquire about obtaining a copy of our policy in a more accessible format. You may also choose to download a PDF version of this Privacy Policy via the link at the top of this page.

16/07/2025, 20:15:24