Decisely Privacy Policy

We at Decisely Insurance Services (“Decisely”, “us”, “we”, or “our”) know you care about how your personal information is used and shared, and we take your privacy seriously.

Last Updated: 10/10/2025

Decisely Privacy Policy

At Decisely Insurance Services (“Decisely,” “we,” “us,” or “our”), we know you care about how your personal information is used and shared. We take your privacy seriously. This Privacy Policy explains what information we collect, how we use it, how we share it, and the rights available to you under applicable laws, including the California Consumer Privacy Act (as amended by the CPRA) and other U.S. state privacy laws.

By using our websites, products, or services (the “Services”), you agree to the practices described in this Privacy Policy. Use of our Services is also subject to our Terms of Use.

1. Information We Collect

We collect a variety of personal information from you and/or your employer to provide and administer our Services, including:

  • Identifiers: Name, username, social security number, physical address, date of birth, email address, phone number.
  • Protected Class Information: Age, citizenship, race, marital status, medical condition, disability, sex/gender (including identity/expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran status.
  • Commercial Information: Direct deposit information, benefit elections, contribution amounts.
  • Internet or Electronic Network Activity: Cookies, IP address, browsing history, device identifiers, operating system, browser type, referring URL, website interactions.
  • Professional/Employment Information: Hire/termination date, job title, work location, salary, dependent details, group benefit plan choices, carrier information, group number(s), premium amounts, provider codes, employee contribution of premium, employee classification, insurance coverage dates, security access level.
  • Sensitive Personal Information: Social Security number, precise financial account details, health and medical information.

2. Notice at Collection

The table below summarizes the categories of personal information we collect, why we use it, and whether we sell or share it:

Category Examples Purpose of Collection/Use Sold or Shared?
Identifiers Name, SSN, email, phone Provide and administer services; validate identity; fraud prevention; compliance No
Protected Class Information Age, race, marital status, gender, disability Benefits enrollment and administration; legal compliance No
Commercial Information Direct deposit, benefit plan elections Process transactions; manage payroll/benefits No
Internet Activity Cookies, IP, browsing history Website functionality, analytics, marketing No
Professional Information Job title, hire date, salary, dependents Administer benefits; compliance reporting No
Sensitive Personal Information SSN, health information, precise financial data Administer benefits; legal/contractual compliance No (limited to permitted uses)

We do not collect additional categories of personal information without providing notice.

3. How We Use Your Information

We use collected personal information to:

  • Administer and deliver our Services.
  • Provide customer service and support.
  • Validate user information for fraud and risk detection.
  • Prevent, detect, and address security incidents or illegal activity.
  • Comply with legal and regulatory obligations.
  • Manage our business operations, including payment processing, contract enforcement, manage our corporate governance, compliance, and auditing.
  • Recruit employees (if you apply for a job with us).
  • Internal marketing.
  • Determine eligibility for the Services and partner programs.
  • Improve, analyze, and develop our Services and user experience.
  • Generate anonymized or aggregated data for internal reporting.

We do not make important decisions about you—such as your employment, benefits, or finances—based only on automated systems or algorithms without human involvement.

Marketing Activities

We may use your personal information to contact you about our products, services, promotions, newsletters, and other marketing activities in accordance with applicable law. You may opt out of receiving these promotional communications at any time by clicking the unsubscribe link in our emails or contacting support@decisely.com.

If you opt out, we may still send you non-promotional communications related to your use of the Services or our ongoing business relationship with you.

4. Legal Basis for Processing Personal Information

Some privacy laws outside the United States, such as the European Union’s General Data Protection Regulation (GDPR), require us to identify the lawful basis for processing personal information. While U.S. state laws generally do not require this, we provide the following for transparency and to demonstrate our commitment to global compliance:

  • Consent: We may process your personal information when you have given us clear permission to do so, such as when you sign up for marketing communications.
  • Contractual Necessity: We may process personal information to perform a contra
  • Legal Obligation: We may process personal information to comply with laws, regulations, subpoenas, or other legal processes.
  • Legitimate Interests: We may process personal information when it is reasonably necessary to achieve our legitimate business purposes (such as improving services, ensuring security, or preventing fraud), provided those interests are not outweighed by your rights and interests.

If you are located in the EU, UK, or another jurisdiction that requires it, you may contact us at support@decisely.com to learn more about how we balance our legitimate interests with your privacy rights.

5. Cookies and Tracking

We use cookies and similar technologies to recognize your browser or device and understand how our Services are used.

  • Essential Cookies: Required for site functionality and login.
  • Performance Cookies: Monitor usage patterns to improve user experience.
  • Functionality Cookies: Remember your settings and preferences.
  • Marketing Cookies: Support targeted advertising.

You may adjust your browser settings to refuse cookies, though some Services may not function properly without them.

Do Not Track

Some web browsers and devices include a “Do Not Track” (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Currently, we do not respond to browser DNT signals. However, where required by law, we honor legally recognized universal opt-out mechanisms that communicate your privacy choices (such as Global Privacy Control signals).

6. How We Share Information

We do not rent or sell your personal information. We share it only as necessary to operate our business and deliver our Services.

Categories of Third Parties With Whom We May Share Personal Information
Category of Third Party Purpose of Sharing Examples
Employers, Insurance Carriers, Benefits Providers, and Brokers To enroll you in benefits programs and manage your benefits Your employer, health or dental insurance carrier, benefits broker
Service Providers and Contractors To host systems, provide IT support, secure our infrastructure, manage communications, or deliver customer support Cloud hosting providers, data centers, chat support platforms, email/SMS providers
Analytics and Marketing Providers To improve our website functionality, measure performance, and provide marketing communications (in compliance with law) Web analytics tools, performance monitoring services
Legal and Regulatory Authorities To comply with laws, regulations, subpoenas, or court orders; to defend legal claims; or to cooperate with regulators State regulators, courts, law enforcement
Fraud Prevention and Security Partners To investigate, prevent, or act regarding suspected fraud, threats to safety, or security incidents Security monitoring vendors, fraud detection services
Corporate Transaction Partners In connection with financing, insurance, mergers, acquisitions, restructuring, or sale of assets Prospective buyers, investors, insurers
HIPAA-Covered Business Associates To process health-related data under applicable Business Associate Agreements Third-party administrators, healthcare service partners
Others With Your Consent When you, your employer, or authorized representative direct us to share your information Authorized third parties explicitly approved by you or your employer

When sharing information, we require third parties to maintain appropriate safeguards and use personal information only for permitted purposes.

7. Your Privacy Rights

Depending on your location, you may have rights regarding your personal information, including:

  • Access – Request details about what we collect and how we use it.
  • Correction – Ask us to fix inaccurate information.
  • Deletion – Request deletion of personal information, subject to exceptions.
  • Portability – Request a copy of your information in portable form.
  • Objection/Restriction – Limit or object to certain processing activities.
  • Complaint – File a complaint with a supervisory authority.

Contact us at support@decisely.com to exercise your rights. Requests are subject to verification. We will not discriminate against you for exercising your rights.

8. U.S. State Privacy Rights

Residents of certain U.S. states—including California, Virginia, Colorado, Connecticut, Utah, Oregon, Montana, and Delaware—have specific rights regarding their personal information.

Your Privacy Rights

Depending on your state of residence, you may have the right to:

  • Access and Portability: Know and obtain a copy of the personal information we collect, use, and disclose about you.
  • Correction and Deletion: Request correction of inaccuracies or deletion of your personal information, subject to legal exceptions.
  • Opt-Out: Direct us not to sell or share your personal information or use it for targeted advertising or certain profiling activities.
  • Sensitive Information: Limit or withdraw consent to the use or disclosure of sensitive personal information (such as Social Security numbers or health data).
  • Appeal: Appeal our decision if we decline to act on your privacy request.
  • Non-Discrimination: Exercise your rights without discrimination.
How to Exercise These Rights

You may submit a verifiable privacy request by:

Authorized agents may act on your behalf with written authorization. We confirm requests within 10 business days and respond within 45 days (extendable to 90 with notice), consistent with applicable law.

Our Practices
  • Decisely does not sell or share personal information for targeted or cross-context behavioral advertising.
  • We process sensitive personal information only as necessary to provide our Services (for example, administering benefits) or with your consent, where required by law.
  • We honor legally recognized universal opt-out mechanisms, such as Global Privacy Control (GPC) signals, where applicable.
  • This Policy applies to consumers acting in a personal or household capacity and does not apply to information collected in an employment or business context.
  • We do not sell or share personal information of consumers under 18 years of age.
  • Certain personal data may be exempt where protected under laws such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), or employment privacy laws.

9. Data Retention

We retain personal information as long as necessary to provide Services, comply with contracts or legal obligations, resolve disputes, and enforce agreements. Anonymous or aggregated information may be retained indefinitely.

10. International Transfers

We store personal information on servers located in the United States. However, to provide our Services, we may transfer personal information to other countries outside of the United States for the purposes described in this Privacy Policy.

When we transfer personal information internationally, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable law. We will not transfer personal information to an organization or a country unless there are adequate controls in place to protect the security, confidentiality, and integrity of your data and other personal information.

These safeguards may include contractual protections such as Standard Contractual Clauses, reliance on adequacy decisions issued by relevant authorities, or other lawful transfer mechanisms.

11. Security of Personal Information

We use reasonable physical, electronic, and organizational safeguards to protect the confidentiality, integrity, and availability of personal information. Our security program includes, among other measures:

  • Encryption: Sensitive information is encrypted during transmission, and stored data is protected in accordance with industry standards.
  • Access Controls: Access to personal information is limited to authorized personnel with a business need, subject to authentication and monitoring.
  • Training & Awareness: Our employees receive ongoing training on privacy, security, and data protection responsibilities.
  • Monitoring & Incident Response: We maintain procedures to detect, investigate, and respond to potential security incidents.
  • Data Management: Personal information is stored, backed up, and disposed of securely, following applicable standards and policies.
  • Business Continuity: We maintain contingency and recovery plans to help ensure data and services remain available in the event of disruption.

While we strive to protect your information, no method of transmission over the internet or method of storage is completely secure. We encourage you to do your part by keeping your account credentials confidential and signing out when using shared devices.

12. Children’s Privacy

Our Services are not directed to children under 13, and we do not knowingly collect information from them. We may collect information about dependents under 18 only as provided by their parent or guardian for benefits administration. If we learn we have collected personal data from a child under 13, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via our website or email. Continued use of our Services after updates constitutes acceptance of the revised Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Decisely Insurance Services, LLC
12735 Morris Road, Suite 350
Alpharetta, Georgia 30004
Email: support@decisely.com