Privacy Policy

Last Updated: 10/15/2021

This Privacy Policy explains how information about you is collected, used and disclosed by Illuminate Health, Inc. ( “Illuminate”, “we”, “us” or “our”). This Privacy Policy applies to information we collect when you use our website(s) that link to this privacy policy (“Sites”), mobile applications (“App”), communicate with us using the Sites or Apps, and other online products and services offered by us (collectively, the “Services”), or when you otherwise interact with us.

Please note we enter into agreements with employers sponsoring group health plans for their employees, health insurers, health care providers and other organizations (“Customer Organizations”) that govern our use of Protected Health Information and certain other information about you that we receive from or on behalf of the Customer Organizations (the “Customer Agreements”). This Privacy Policy supplements the Customer Agreements with the Customer Organizations. However, to the extent that this Privacy Policy conflicts with any applicable Customer Agreement, the Customer Agreement will control. If you use the Services as a plan member or patient of a Customer Organization and have questions about the treatment of your Protected Health Information, you should review the HIPAA Notice of Privacy Practices of the Customer Organization or contact the Customer Organization.

This Privacy Policy is incorporated into and made a part of the Terms of Use. Please review our Terms of Use because they govern your use of the Services and limit our liability to you. By using our Services, you agree that we may treat your information in the ways we describe in this Privacy Policy. If you do not agree with any term of this Privacy Policy or the Terms of Use, you may not use our Services.

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review the Privacy Policy whenever you access the Services or otherwise interact with us to stay informed about our information practices and the ways you can help protect your privacy.


Information You Provide to Us
We collect information you provide directly to us. For example, we collect information when you create an account, participate in any interactive features of the Services, fill out a form, request customer support or otherwise communicate with us. The types of information we may collect from you include:

  • Personal Information: Information that identifies you as an individual or relates to an identifiable person, which may include, for example, your name, email address, login credentials, postal address, phone number, and date of birth.
  • Device-Specific Information. Information about your device and your device’s operating system and browser information, including transaction information related to our Services, account contact information, device identification, product download identification, information about the way you use the Services (including administrative and user account contact information), device event information (such as errors, system activity, hardware settings, and the date or time of your request).
  • Protected Health Information: A subset of Personal Information that is protected by the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”). Your Personal Information is Protected Health Information if you are a health plan member or a patient of a Customer Organization that is a “covered entity” under HIPAA and we are a “business associate” of the Customer Organization under the Customer Agreement.
  • Prescription Data: Details about your prescriptions, which may include the prescription medication name and other product information when you scan a bar code, information about when you take your prescriptions, and other details.
  • Transaction Information: We may collect and store limited payment information from you, such as payment method and payment card information; however, we do not collect or store full payment card numbers and all transactions are processed by our third party payment processor.
  • Information About Others: The contact information of your prescribers, healthcare providers, caregivers, emergency contacts, and any dependents under your care.
  • Social Media Information. Information you make available to us on social media platforms (such as by clicking on a social media icon listed on our Sites, App, or Services), including your account ID, username, or other information included in your posts.
  • Tracking Between Parties, Apps, or Sites. When you visit or use our App, Sites, or Services, we and our partners may collect information about your online activities over time and across different sites to provide you Services. Our partners may place or recognize a unique cookie or other tracking technology on your browser (including the use of pixel tags). Where required by applicable law, we will rely on your consent prior to processing personal information from your device or computer for the purpose of tracking your interactions across Sites or Apps or between parties.
  • Other Information You Choose to Provide: We collect information you provide when you participate in a survey, contest, promotion or interactive area of the Services (such as our messaging features) or when you request technical or customer support.

If you are a healthcare provider, during registration you may be asked to provide information regarding your professional qualifications as well as other information.

Information We Collect When You Use the Services
When you access or use our Services, we automatically collect information about you, including:

  • Usage Information: We collect information about your activity on the Services. For example, we may collect information about:
    • how you interact with the Services, such as tracking the medications you take, any reported symptoms associated with such medications, and any content you view.
    • how you communicate with other users, and your healthcare providers while using the Services.  
  • Mobile Device Information: We collect information about the mobile device you use to access or use the Services, including the hardware model, operating system and version, unique device identifiers, mobile network information and information about your use of our Apps. With your consent, we may also access and collect information from certain native applications on your device (such as your device’s camera, photo album and phonebook applications) to facilitate your use of certain features of the Sites. For more information about how you can control the collection of location information and/or our access to other applications on your device, please see “Your Choices” below.
  • Log Information: We may collect log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Services.
  • Information Collected by Cookies and Other Tracking Technologies: We and our service providers may use various technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular and count visits. Web beacons are electronic images that may be used in our Services or emails and help deliver cookies, count visits and understand usage and campaign effectiveness. For more information about cookies, and how to disable them, please see “Your Choices” below.

Information We Collect From Other Sources
We may obtain information from other sources and use it as contemplated herein, including to provide the Services to and otherwise communicate with you. For example, we may receive Prescription Data and other Personal Information from healthcare providers (e.g., pharmacy, clinic, doctor, etc.), provided that you have specifically authorized such healthcare provider, in writing, to share your information with us. We may also collect information about you when you post content to our pages or feeds on third party social media sites, or if you use credentials (e.g., username and password) from a third party site to create or log into your Illuminate account.


We may use information about you for various purposes, including to:

  • Provide, maintain and improve our Services;
  • Provide and deliver the products and services you request, and send you related information,
  • Send you technical notices, updates, security alerts and support and administrative messages;
  • Respond to your comments, questions and requests and provide customer service;
  • Communicate with you and, through our advertising partners, potential clients and users about products, services, offers, promotions, rewards, and events offered by Illuminate and others, and provide information we think will be of interest to you and such potential clients or users;
  • Monitor and analyze trends, usage and activities in connection with our Services;
  • Conduct research and measurement activities;
  • Detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of Illuminate and others;
  • Carry out legal responsibilities, such as those required to comply with legal or regulatory requirements; respond to law enforcement agencies, courts, or other government authorities; or to protect the rights, safety, and property of Illuminate, you, or others; and
  • Carry out any other purpose for which the information was collected.

Illuminate is based in the United States and the information we collect is governed by U.S. law. By accessing or using the Services or otherwise providing information to us, you consent to the processing and transfer of information in and to the U.S. and other countries, where you may not have the same rights as you do under local law. Where this is the case, we will take appropriate measures to protect information about you in accordance with this Privacy Policy.


We may share information about you as follows or as otherwise described in this Privacy Policy:

  • With vendors, consultants and other service providers who need access to such information to carry out work on our behalf;
  • In response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation or legal process;
  • When you participate in the interactive areas of the Services or interact with us on third party social media sites, certain information that you provide may be displayed publicly, such as your name, photos and other information you choose to provide;
  • With individuals involved in your care, such as parents, guardians and other caregivers who you designate to receive access to your account;
  • If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of Illuminate or others;
  • In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;
  • Between and among Illuminate and its current and future parents, affiliates, subsidiaries and other companies under common control and ownership; and
  • With your consent or at your direction.

We may also sell or share aggregated or de-identified information, which cannot reasonably be used to identify you.

Community and Other Public Forums

Illuminate may provide community areas, such as chat rooms, online discussion boards, and other public forums on the Services where users can share with one another information about their similar interests or medical conditions. All community areas are open to the public, and should not be considered private.

Any information you share on our communities areas, including chat rooms, online discussion boards, or other public forums on the Services will be made available to other users, and may be used by others in ways we cannot control or predict. You should think carefully before posting any Personal Information, or any other information which you do not intend to keep private.


Our Services may contain links to other web sites. Other web sites may also reference or link to our Services. These other web sites are not controlled by Illuminate. We encourage our users to be aware when they leave our Services to read the privacy policies of each and every web site that collects personally identifiable information. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other web sites or mobile applications. Visiting these other web sites is at your own risk. Please note that if you use the “Share” function available from the Illuminate, which will lead you to a separate web site or service governed by another party’s privacy policy and terms.


Our Sites, App, and Services are intended for users ages 18 and over. We do not knowingly collect information from children. If we discover that we have inadvertently collected information from anyone younger than the age of 18, we will delete that information.


Illuminate takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction.

Safeguards Provided

We implement and maintain organizational, technical, and administrative security measures designed to safeguard the information we process within our organization against unauthorized access, destruction, loss, alteration, or misuse. These measures are aimed at providing on-going integrity and confidentiality for your personal information. We evaluate and update these measures on an ongoing basis. Your information is only accessible to personnel who need access to the information to perform their duties. However, while we take precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.

Information Retention

We retain your personal information for as long as we have a relationship with you, subject to applicable law and regulation. When deciding how long to keep your personal information, we consider our legal and regulatory obligations and internal personal information management policies. For example, we retain records to investigate or defend against potential legal claims or where required by law. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law. 


Account Information

You may update, correct or delete information about you at any time by logging into your online account, emailing us at or calling us at (312) 605-2390. If you wish to delete or deactivate your account, please email us at but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time.

Native Applications on Mobile Device

Some features of our Apps may require access to certain native applications on your mobile device, such as the camera and photo storage applications (e.g., to take and upload photos) and the phonebook application (e.g., to send invitations to try the Services, or to chat with your contacts via the Services). If you decide to use these features, we will ask you for your consent prior to accessing the applications and collecting information. Note that you can revoke your consent at any time by changing the settings on your device.

Push Notifications

With your consent, we may send promotional and non-promotional push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device or within our Apps. Additionally, we use the Apps to send medication reminders and other related notifications to you. These messages are opt-out by default and your receipt of these messages may be customized within the Apps.

Notice Concerning Do Not Track

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals.


If you have any questions about Illuminate’s privacy practices, please contact us at: (312) 605-2390 or


DM_US 89281649-4.104681.0011