Sago Health is now TriVoca Health.

Connect

Washington State Consumer Health Privacy Policy

1.1. Purpose 

The Washington State Consumer Health Privacy Policy (“Wash State Priv Policy”) of Health Insights, LLC d/b/a TriVoca Health , for people who are engaging with us or our digital platforms as “consumers” performing research for our clients in accordance with the Washington My Health My Data law (“the Law”). 

1.2. Policy 

Your privacy is important to us. 

It is TriVoca Health’s policy to respect your privacy and comply with the Law and any regulation enacted by Washington regarding any “consumer health data” information we may collect about you, including across our website and other sites we own and operate. 

In the event our site contains links to third-party sites and services, please be aware that we have no control over the content and policies of those sites and cannot accept responsibility or liability for their respective privacy practices. 

Our privacy policy aims to bring you all the necessary transparency for a positive and confident experience with our services. Additional information may be provided to you as necessary when you sign up for a particular product or service. You also should review TriVoca Health’s general privacy policy –  TriVoca Health Privacy Policy. 

 

1.2.1 What Information Do We Collect 

Information we collect falls into one of two categories: “voluntarily provided” information and “automatically collected” information. 

Voluntarily provided” information refers to any information you knowingly and actively provide us when using or participating in any of our services and promotions. 

Automatically collected” information refers to any information automatically sent by your devices while accessing our products and services. 

We only collect and use your personal health data information lawfully, fairly, and in a transparent manner. We systematically respect the principle of minimization, which implies collecting and processing only what is strictly necessary to achieve our legitimate objective. We do not aim any of our products or services directly at children under the national child age consent, and we do not knowingly collect personal health data information about children under the national child age consent. 

We process personal health data that we need in order to carry out our business. We only process such information in a way that is compatible with the purposes for which we collected it or subsequently authorized by the consumer data subject. We take reasonable steps to ensure that personal health data is reliable for its intended use, accurate, complete, and current. 

The information notice that is sent to you before any collection or processing details the applicable legal basis, which depends on the services you use and how you use them. This means we only collect and use your information on the following grounds: 

In order to respect your choice when we request consent from you: 

Personal information” means information that identifies or is reasonably capable of being associated or linked, directly or indirectly, with a particular consumer. It includes but is not limited to, data associated with a persistent unique identifier, such as a cookie ID, an IP address, a device identifier, or any other form of persistent unique identifier. Personal information does not include publicly available information and does not include de-identified data. For example, name, contact details, location, consumer options/preferences, video/audio recording. We may ask your consent for processing such information — for example, when you register an account or when you contact us via email, social media, or any similar technologies — which may include your name, your email, your phone/mobile number. When you contact us, you shall consent to your name and email address being used so we can respond to your inquiry. 

Participation in all market research projects is voluntary and based on consent. Respondents may opt out of any market research project, at any time. 

Personal information may also include “Sensitive information” or “Special categories of data” which is a subset of personal information that is given a higher level of protection. The types of sensitive information that we may collect about you include: 

  • Racial or ethnic origin 
  • Political opinions 
  • Religious or Philosophical beliefs 
  • Sexual orientation 
  • Sexual practices or sex life 
  • Medical or Health conditions 
  • Trade union membership 

 

We will obtain your affirmative express consent (opt-in) if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of your opt-in choice. We will also treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive. 

In addition, we ensure that strengthened security measures are applied to these data, in order to avoid any breach of confidentiality, integrity, and availability. 

A “Cookie” is a small piece of data that our website stores on your computer and accesses each time you visit. We use cookies to collect information about you and your activity across our site to understand how you use our site and to enable you to access and use our website. At all times, you may decline cookies from our site. 

Please refer to our Cookie Policyfor more information. 

You may withdraw your consent at any time using the platforms or facilities we provide; however, this will not affect any use of your information that has already taken place. 

While you may request that we delete your contact details at any time, we cannot recall any email we have already sent. If you have any further inquiries about how to withdraw your consent, please feel free to inquire using the details provided in the Contact Us section of this privacy policy. 

 

In order to comply with the law: 

In some cases, we may have a legal obligation to use or keep your personal information. Such cases may include (but are not limited to) court orders, criminal investigations, government requests, and regulatory obligations. If you have any further inquiries about how we retain personal information in order to comply with the law, please feel free to inquire using the details provided in the Contact Us section of this privacy policy. 

 

1.2.2 How Do We Ensure the Security of Your Personal Information 

Because we are ISO 27001 certified, we comply with high international standards for computer security and the protection of personal information. 

When we collect and process personal information, and while we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use, or modification. 

You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential. 

We comply with the Law that is applicable to us in respect of any data breach. 

1.2.3 How Long Do We Keep Your Personal Information 

We keep your personal information only for as long as we need to. This time period may depend on what we are using your information for, in accordance with this privacy policy. 

For example, if you have provided us with personal information as part of creating an account with us, we may retain this information for the duration your account exists on our system. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you. 

However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation (i) such as reporting of Incentive payments on a yearly basis to federal and/or state regulatory authorities pursuant to legal requirements or (ii) for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes. 

Except as otherwise permitted by law or regulation, we destroy or anonymize personal data after it no longer serves a purpose of processing as contemplated above and/or once a lawful basis for processing it ceases to exist. 

1.2.4 Who Are the Recipients of Your Personal Information and Where Are They Located 

We may disclose personal information to: 

  • a parent, subsidiary, or affiliate of our company in order to provide product support 
  • third-party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, analytics, error loggers, debt collectors, maintenance or problem-solving providers, professional advisors, and payment systems operators 
  • our employees, contractors, and/or related entities in order to support the product 
  • our existing or potential agents or business partners in order to support the product 
  • credit reporting agencies, courts, tribunals, and regulatory authorities, in the event you fail to pay for goods or services we have provided to you 
  • courts, tribunals, regulatory authorities, and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise, or defend our legal rights 
  • third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you 
  • an entity that buys, or to which we transfer all or substantially all of our assets and business 

 

Third parties we currently use include: 

  • Google Analytics for product usage metrics (unless prohibited by national data protection authorities); Google Ads and LinkedIn Insights Tag to measure our marketing campaigns 
  • Google Cloud Natural Language for text sentiment and for image analytics (brand/logo recognition) Azure Application Insights for logging and troubleshooting user issues 
  • Azure Cognitive Services for image analytics and machine text translation 
  • Amazon web services for data storage, compute, and image processing 
  • Help Scout for managing and responding to customer support requests 
  • Twilio for video interview capabilities 
  • Rev for video transcription services 
  • Hotjar for product usage metrics 
  • Drift Chatbot to help site visitors to navigate and make decisions 
  • Marketo (our Automation tool) to record and process user-submitted information 
  • RepData, Imperium, IPQualityScore, RelevantID, and MaxMind to identify suspicious respondents, eliminate fraudsters and bad actors, and ensure accurate and high-value datasets 

 

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information. 

The personal information we collect is stored and/or processed in the United States, or where we or our partners, affiliates, and third-party providers maintain facilities. We do not store nor maintain a facility in the State of Washington. 

 

1.2.5 Which Are the Security Measures in Place? 

Access to private, sensitive, and confidential information, including your personal information, is restricted to authorized employees with legitimate business reasons. 

All employees are expected to always maintain the confidentiality of personal information, and failure to do so will result in appropriate disciplinary measures. 

We follow reasonable technical and management practices to help protect the confidentiality, security, and integrity of data stored on our system. While no computer system is completely secure, the measures implemented by our website reduce the likelihood of security problems to a level appropriate to the type of data involved. We employ physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of any personal contact information. We encrypt the transmission of sensitive information using secure socket layer technology (SSL). 

 

1.2.6 What Are Your Rights 

  • Access: You may request details of the personal information that we hold about you. We reserve the right to limit such access where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated. 
  • Your choice: By providing personal information to us, you understand we will collect, hold, use, and disclose your personal information in accordance with this privacy policy. You do not have to provide personal information to us, however, if you do not, it may affect your use of our website or the products and/or services offered on or through it. 
  • Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such a person’s consent to provide the personal information to us. 
  • Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. 
  • Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date. 
  • Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example processing transaction data), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services. Respondents are not discriminated against for their answers. Selection for participating in a study relies on research project objectives. Participation in studies is not related to any fees, and membership in our panel will also have no costs. 
  • Reporting Concerns: If you believe that we have violated a relevant data protection law and wish to make a report, please contact us at compliance@TriVoca.com and provide us with full details of your concern. We will promptly investigate your concern and, if substantiated, take corrective action. You also have the right to contact a regulatory body or data protection authority in relation to your concern. 

 

You have the right to choose (opt-out) whether your personal data is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you. If you wish to opt out, please contact compliance@TriVoca.com We will then explain the options available and comply with your request in accordance with the EU-U.S. Data Privacy Framework (DPF)  Principles and applicable laws. Please note that applicable laws allow certain exceptions to your ability to opt-out, such as where we are parties to a contract that is still being performed, where the law requires us to maintain information to claims or tax reports, or otherwise. In such cases, we will retain and continue to use your information only to the extent permitted or required by law. The above opt-out right doesn’t apply where the sharing of your personal data is with a third party who is acting as our agent (such as our service providers who perform services that help us to run our business). We won’t provide your personal data to a third party under these circumstances unless we have a contract in place with that third party that requires the third party, aligning with DPF Principles. 

 

Under applicable law, you also have the following rights: 

  • Downloading of Personal Information: We provide a means for you to be provided with the personal information you have shared through our site. Please contact us for more information. 
  • Restrict: You have the right to request that we restrict the processing of your personal information if (i) you are concerned about the accuracy of your personal information; (ii) you believe your personal information has been unlawfully processed; (iii) you need us to maintain the personal information solely for the purpose of a legal claim; or (iv) we are in the process of considering your objection in relation to processing on the basis of legitimate interests. 
  • Objecting to processing: You have the right to object to the processing of your personal information that is based on our legitimate interests or public interest. If this is done, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information. 
  • Data portability: You may have the right to request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or another easily readable machine format. You may also have the right to request that we transfer this personal information to a third party. 
  • Deletion: The data controller of a project may have a right to request that we delete the personal information we hold at any time, and we will take reasonable steps to delete personal information from our current records. If you ask us to delete your personal information, we will let you know how the deletion affects your use of our website or products and services. There may be exceptions to this right for specific legal reasons which, if applicable, we will set out for you in response to your request. If you terminate or delete your account, we will delete your personal information without undue delay. Please be aware that search engines and similar third parties may still retain copies of your personal information that has been made public at least once, like certain profile information and public comments, even after you have deleted the information from our services or deactivated your account. 

1.3 Contact Us 

For  questions regarding your privacy, you may contact us at compliance@TriVoca.com We will respond to your inquiry without undue delay, no later than one month of receipt.