Privacy Policy

Effective Date: May 20, 2026

Quick summary: We collect information you give us (name, contact info, basic health-related answers) to provide insurance quotes and coverage. We share it with the carriers and licensed agents needed to serve you. We don't sell your information. You have rights to access, correct, and delete it. Full details below.

📝 To customize before launch: Replace [Mailing Address], confirm the registered legal entity name, and have counsel review the HIPAA, GLBA, and CCPA sections against your actual data practices.

1. Who We Are

This Privacy Policy describes how Health Benefits Now ("we," "us," "our") collects, uses, and shares information about you when you visit healthbenefitsnow.com, submit a form, call us, or otherwise interact with us. Health Benefits Now is an independent insurance brokerage licensed in all 50 states.

2. Information We Collect

Information You Provide Directly

Identifying information: name, date of birth, gender, address, ZIP code
Contact information: phone number, email address
Health and insurance information: coverage type sought, current coverage status, household members to be covered, basic health questions (when applicable)
Financial information necessary to determine plan eligibility and pricing (e.g., household income for ACA subsidy determination)
Communications with our agents (recorded calls, chat transcripts, emails)
TCPA consent records (see TCPA Consent Disclosure)

Information We Collect Automatically

Device and browser information (IP address, browser type, operating system, device identifiers)
Usage data (pages visited, time spent, clicks, referring URL)
Cookies and similar tracking technologies (see Section 7)
Marketing attribution data (UTM parameters, Google Click ID, Meta Click ID)

Information We Receive From Third Parties

Insurance carriers and partners with whom we have a business relationship
Marketing partners and lead-generation services (only those with proper consent)
Public databases used to verify identity or licensing

3. How We Use Your Information

To provide insurance quotes and recommendations tailored to your needs
To process applications and enrollments with insurance carriers
To service your policies (claims, renewals, billing inquiries)
To communicate with you as authorized by your TCPA consent
To comply with legal, regulatory, and tax obligations (including Medicare CMS Marketing Guidelines, state insurance regulations, and HIPAA where applicable)
To detect and prevent fraud, security incidents, and abuse
To improve our website, services, and marketing

4. How We Share Your Information

We share your information with:

Insurance carriers and our partner brokers — to obtain quotes and complete enrollments. A current list is available at our Partners page.
Service providers acting on our behalf — including CRM platforms (e.g., HubSpot), dialer and call-center providers, analytics providers, hosting providers, and email service providers. These vendors are contractually required to protect your information and use it only for the purposes we specify.
Legal and regulatory authorities — when required by law, subpoena, or court order, or to protect our rights or the safety of others.
Successors in interest — in the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

We do not sell your personal information as that term is defined under the California Consumer Privacy Act (CCPA) or comparable state laws.

5. HIPAA and Health Information

Some of the information we collect — particularly information related to your health, prescriptions, and medical providers — may qualify as Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). When we receive PHI in connection with insurance enrollment, we treat it consistent with HIPAA's Privacy and Security Rules, including:

Limiting access to PHI to authorized personnel with a business need
Encrypting PHI in transit (TLS 1.2+) and at rest (AES-256 or equivalent)
Maintaining Business Associate Agreements with vendors who handle PHI on our behalf
Maintaining a Notice of Privacy Practices, available upon request

6. Gramm-Leach-Bliley Act (GLBA)

As a financial institution under the GLBA, we are required to inform you about our information-sharing practices. We do not disclose nonpublic personal information about you to nonaffiliated third parties, except as permitted by law (e.g., to process your insurance application, to service your account, or with your consent). We maintain physical, electronic, and procedural safeguards that comply with federal and state standards to protect your information.

7. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies for:

Necessary site functionality (session management, security)
Analytics (Google Analytics 4, HubSpot)
Advertising attribution and remarketing (Google Ads, Meta Pixel)

You can control cookies through your browser settings. Disabling cookies may limit some features of our site.

8. Your Rights

All Users

Access: Request a copy of the personal information we hold about you
Correction: Request that inaccurate information be corrected
Deletion: Request that we delete your information, subject to legal retention requirements
Opt-out of communications: See our TCPA Consent Disclosure for revocation procedures

California Residents (CCPA / CPRA)

Right to know what personal information we collect, use, disclose, and sell or share
Right to delete personal information (with exceptions)
Right to correct inaccurate personal information
Right to opt out of the sale or sharing of personal information (note: we do not sell)
Right to limit use of sensitive personal information
Right to non-discrimination for exercising these rights

Other State Privacy Laws

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), and other states with comprehensive privacy laws have similar rights. To exercise any of these rights, contact us using the information in Section 11.

9. Data Retention

We retain your personal information for as long as necessary to provide our services and to comply with legal obligations. Specifically:

Active customer records: for the duration of the policy plus seven (7) years
TCPA consent records: at least four (4) years after the last contact
Marketing leads who do not enroll: typically two (2) years, then deleted or anonymized
Recorded calls: per applicable state law and CMS Medicare retention requirements (generally 10 years for Medicare-related calls)

10. Security

We implement industry-standard administrative, physical, and technical safeguards to protect your information, including TLS encryption in transit, encryption at rest, access controls, multi-factor authentication for staff, logging and monitoring, and regular security assessments. No system can guarantee absolute security; we encourage you to use strong passwords and protect your account credentials.

11. Contact Us

To exercise your rights or ask questions about this policy, contact:

Health Benefits Now
Attn: Privacy Officer
[Mailing Address]
Phone: (888) 711-7894
Email: privacy@healthbenefitsnow.com

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Effective Date" above and, where required by law, by direct notice to you.