Privacy Policy
This Privacy Policy describes how Oak Street Health, LLC and its affiliates (“Oak Street Health”, “we” or “us”) may collect and use information about you through your interactions with us, including any website or mobile application that includes a link to this Privacy Policy (collectively, the “Services”). By using the Services, you agree to the terms of this Privacy Policy.
Privacy Policy Scope
To the extent that information collected through the Services is patient information, this information is governed by the Oak Street Health Notice of Privacy Practices and not this Privacy Policy. If you have any questions about which policy applies to information you have provided, please do not hesitate to contact us at [email protected] or toll-free at (888) 776‑4854. To the extent that there is any conflict between this Privacy Policy and that notice, the notice provided at that time should be reviewed by you and will control.
Who May Use the Services
Our websites and mobile applications are designed for general audience and not directed to children under the age of 13. We do not knowingly collect personal information online from any person we know to be under the age of 13.
Information We Collect
We want you to know what personal information we may collect about you. Some examples of the personal information we may collect about you include:
• Contact information including your name, address, email address, telephone number and certain personal device information
• Insurance information, such as your current health plan information
• Health information, including your current and past health conditions and medications
• Your password, if you create an account
• Demographic information, such as your age and date of birth, sex and/or gender
• Language preferences
• Information collected automatically through your device, such as web browser information, server log files, cookies, pixel tags and web beacons and other tracking information
• Images you provide to us (e.g. when you upload photos) or that are viewed or recorded on an in-clinic security camera
• Other information you provide to us
We collect your personal information when you:
• Sign up or create a personal profile with us
• Request products, services or information from us
• Sign up with or interact with our products or services, including our website experiences
• Participate in surveys or quizzes
• Call a phone number on our site
We may also automatically collect certain technical and device information. This may include your device’s physical location, internet protocol (IP) address, battery information, app activity, data usage, and malware information. This helps us identify you and your device to prevent fraud and data loss and keep our app secure. It may also help us customize your application or website experience. We also may track your activity on our Site, including pages visited, buttons or links clicked, emails opened, etc.
If you choose not to provide your personal information to us, we may not be able to provide you with requested products, services or information.
Use and Disclosure of Personal Information
We may use your personal information for a variety of reasons, including:
To respond to you. We use your personal information to deliver services and to respond to your requests. For instance, we may use your personal information to fulfill your order, contact you with information about your order, contact you about your application, send you email alerts, send you newsletters, and to provide you with related customer service.
To send marketing and administrative information to you. For example, we may use your personal information to send you account communications, legally required disclosures, and notifications of changes or updates to features of the Services. We may also offer other products and services that may be of interest to you.
To add to your experience. We may use your personal information to personalize your experience when interacting with us. We may present products and offers tailored to you. And we may use your details for our business purposes, along with data analysis, audits, fraud monitoring and prevention, and new product and service development. We may also use it to gauge the effectiveness of our campaigns, and to run and grow our business efforts.
For a sale or transfer of business assets. We may share or transfer your personal information to other parties if some or all of our business, assets or stock are sold, transferred or used as security. This includes in connection with any bankruptcy or similar proceeding.
To give information to our businesses. As allowed by law, we may give your personal information to our affiliated businesses or to our business partners. They may use it to send you marketing and other communications.
To respond to law enforcement officials or enforce our rights. We may share your personal information if required to do so by law enforcement officials or judicial authorities. We may also use or share your information including without court process, in matters involving claims of personal, public safety or in a litigation, where the information is pertinent. This may include use or sharing to allow us to pursue remedies or to limit the damages we may sustain. We may also use or share your information to enforce our terms and conditions, to protect our operations or those of any of our affiliates, or to protect our rights, privacy, safety or property and/or that of our affiliates, you or others.
To our service providers. We may disclose personal information to our service providers, who provide services such as website hosting, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
To look for security breaches. We may use and disclose personal information to investigate security breaches or otherwise work with authorities in a legal matter.
To use information that does not identify you. If information does not personally identify you (such as aggregate or deidentified information), we may use and share it for any purpose except as limited by applicable law. This includes information described in the “Cookies and other technologies” section. To the extent we are required to treat such information as personal information under applicable law, then we may use it for all the purposes we use and disclose personal information.
To combine information. We may combine information that does not personally identify you with personal information. If we do, we will treat the combined information as personal information for as long as it stays combined.
Cookies and other technologies enhance your user experience
Like many other websites and online services, we collect traffic and usage patterns. It helps us analyze and improve the services we provide you. We use cookies, Web server logs and similar technologies to do this.
We use this information for various purposes:
• Enhance web and mobile navigation
• Personalize your experience
• Understand how you use our Services
• Diagnose problems
• Measure the success of our marketing campaigns
• Deliver online content on services/products that may interest you
• Otherwise administer our Services
A “cookie” is a bit of data that we can send to your browser. It isn’t a computer program. It can’t get any data or personal information on your computer. Your browser software can be set to reject or accept cookies.
Collecting IP addresses is also a standard practice and is done automatically by many websites and apps. We use IP addresses to administer our Services, measure service levels and help diagnose server problems. Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses our Services, along with the time of the visit and the page(s) visited.
Our Services use tracking technologies to collect and record your activities and movements across our websites throughout your browsing session, including page hits, mouse movements, scrolling, typing, out-of-the-box errors and events, and API calls (“session data”). We use this information to provide us with analytics and to improve our products, services, and your experience. Such tracking may also include recorded sessions, which we may play back for these purposes. We may share session data with our vendors (which may change over time) for these purposes, who will use the session data solely on our behalf.
How We Protect Your Information
We understand that the security, integrity and confidentiality of your information are very important to you. And we want to protect it. Here’s how:
• We seek to use technical, administrative and physical security measures to protect your personal information from unauthorized access, disclosure, use or changes.
• We regularly review our security practices. We test our digital properties regularly to mimic attempts to breach our security. We also have robust disaster recovery plans in place. Despite our best efforts, though, note that no security measures are perfect or 100 percent secure.
How We Advertise to You
We may use third-party advertising companies to serve you our ads on other sites based on the web pages you may have visited or your online activity. These are known as interest-based or personalized ads. They may also be known as targeted ads.
Oak Street Health shows you these ads so you can see products and services that might interest you.
In order to serve up information related to our Services, the third-party companies may place or recognize a unique cookie on your browser (including through the use of pixel tags). We follow the guidelines of the Digital Advertising Alliance (DAA) Self-Regulatory Principles for Online Behavioral Advertising. These help you understand and have greater control over the ads you see based on your online behavior. The DAA has a web site where you can opt out from getting targeted ads from some or all of the companies in the program.
We may use analytics providers that use cookies, pixel tags and other, similar technologies to collect information about your use of the Services and your use of other websites and online services. Oak Street Health and these other parties use these details to understand your online activity. We also use it to deliver ads and web site content based on your interests.
This Privacy Policy doesn’t apply to, and we aren’t responsible for, the cookies or web beacons, or other tracking methods used by third parties. You can check out the privacy policies of these other companies to learn more.
Other websites and apps
The Services may contain links to, or otherwise make available, third-party websites, services, or other resources not operated by us or on our behalf (“Third-Party Services”). We aren’t responsible for the privacy practices, content or accuracy of the Third-Party Services. We also don’t review or endorse their content or the products or services they describe.
We are not responsible for the privacy or security of any information you provide to them or their handling of information. We recommend that you review the privacy policy of any third party to whom you provide personal information online.
In addition, we aren’t responsible for the information, collection, use, disclosure or security policies and practices of other organizations. These include companies such as Apple, Google, Microsoft, RIM, or any other app developer, app provider, operating system provider, wireless service provider, or device manufacturer.
California Shine the Light Law
If you are our customer and a California resident and wish to exercise your rights under the California Shine the Light Law, please contact the privacy office using the information below.
You can Email Us Your Questions
If you have any questions or concerns about this Privacy Policy, or the way your information is collected and used, please contact the Oak Street Health Privacy Office at [email protected] or toll-free at (888) 776‑4854.
Keep your information safe. Don’t email us information you consider confidential.
We May Update Our Privacy Policy
We may change this Privacy Policy. You can find the date changes were last made at the bottom of the page. Any changes become effective when we post the revised Privacy Policy. Your use of the Services following these changes means you accept the revised version.
Last update: July 17, 2024