Privacy Policy

1. Introduction

Med Concierge ("Med Concierge," "we," "us," or "our") is a trade name (DBA) of 1 World Insurance LLC, a licensed and appointed insurance agency. We operate the Med Concierge mobile application ("the App") and the website located at medconcierge.com (collectively, the "Services"). The App is a Medicare concierge service that helps members access their plan benefits, find in-network providers, manage medications, book transportation, and connect with their assigned licensed insurance agent.

This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our Services. By using the App or visiting our website, you agree to the practices described in this Privacy Policy.

IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SERVICES.

2. Information We Collect

2.1 Information You Provide to Us

When you register for or use our Services, you may provide us with the following information:

• Account Information — your name, date of birth, physical address, email address, and telephone number
• Medicare Information — your Medicare Beneficiary Identifier (MBI), Medicare ID number, and plan enrollment details (plan name, plan ID, contract number)
• Insurance Enrollment Data — Social Security Number (provided during plan enrollment applications only), plan elections, plan changes, and disenrollment requests
• Scope of Appointment (SOA) — documented consent to discuss specific Medicare plan types
• Medication Information — names of medications you enter for drug coverage lookup, including dosage and pharmacy preferences
• Provider Preferences — your current doctors, specialists, and preferred pharmacies
• Voice Input — spoken requests when you use the voice assistance feature to ask benefits questions
• Transportation Requests — pickup location, destination, and appointment details when booking rides

2.2 Information We Collect Automatically

When you use our Services, we automatically collect:

• Device Information — device type, model, operating system, app version, and unique device identifiers
• Usage Data — features accessed, pages viewed, actions taken within the App, session duration, and interaction patterns
• Push Notification Tokens — device tokens used to deliver push notifications for medication reminders, ride updates, and benefits alerts
• Location Data — your zip code or device location (GPS, Wi-Fi, or Bluetooth), used to find nearby in-network healthcare providers and facilitate ride booking
• Log Data — IP address, access times, browser type, and referring URLs when visiting our website
• Cookies and Similar Technologies — on our website, we use cookies, web beacons, and similar tracking technologies as described in Section 8

2.3 Information We Obtain from Third Parties

• CMS (Centers for Medicare & Medicaid Services) — publicly available plan benefit data, including copays, deductibles, premiums, allowances, and covered services for Medicare Advantage plans
• Insurance Carriers — plan enrollment verification and benefit details associated with your coverage
• Our Customer Relationship Management (CRM) System — your member profile, assigned agent, and plan information maintained by our agency

3. How We Use Your Information

We use the information we collect for the following purposes:

• Benefits Display — to retrieve and display your Medicare Advantage plan benefits, including copays, deductibles, out-of-pocket maximums, and supplemental benefits such as dental, vision, hearing, OTC allowances, and Part B giveback
• Medication Coverage Lookup — to check your drug coverage, including tier level, prior authorization requirements, quantity limits, step therapy, and estimated costs under your plan
• Provider Search — to search for in-network healthcare providers near your location
• Transportation — to facilitate ride booking to and from medical appointments
• Medication Reminders — to send push notifications reminding you to take your medications at scheduled times
• Agent Connection — to connect you with your assigned licensed insurance agent for personalized assistance with your plan
• Plan Enrollment and Servicing — to process enrollment applications, plan changes, and other transactions with insurance carriers on your behalf
• Voice Assistance — to process your spoken questions and provide spoken or displayed answers about your plan benefits
• Communications — to send you service-related messages via SMS, email, or push notification, including appointment reminders, ride confirmations, and important plan updates
• Service Improvement — to analyze usage patterns and improve the functionality, performance, and user experience of our Services
• Security and Fraud Prevention — to detect, investigate, and prevent unauthorized access, fraud, and other illegal activities
• Legal Compliance — to comply with applicable laws, regulations, court orders, and governmental requests

4. AI-Assisted Benefits Processing

Our Services use artificial intelligence technology provided by Anthropic (Claude AI) to extract and interpret benefit information from insurance carrier Summary of Benefits (SOB) documents. This processing is used to present your plan information in a clear, readable format within the App.

Important:

• AI-assisted processing is used solely to extract and organize plan benefit data — it does not make coverage decisions, deny claims, or determine your eligibility for any benefit
• The benefits information displayed in the App is for informational purposes only and may not reflect the most current or complete terms of your coverage
• Always refer to your official Evidence of Coverage (EOC) document or contact your insurance carrier directly for definitive coverage details
• We do not use AI to profile you, make automated decisions about your care, or determine your insurance premiums

5. Information Shared with Insurance Carriers

As a licensed and appointed insurance agency, we share your personal information with the insurance carriers whose products you have enrolled in or are seeking to enroll in. This sharing is a necessary and standard part of how licensed insurance agents service your policies. Information shared with carriers includes:

• Your name, date of birth, address, phone number, and email address
• Your Social Security Number (for enrollment applications only)
• Your Medicare Beneficiary Identifier (MBI) and Medicare ID
• Plan elections, enrollment applications, plan changes, and disenrollment requests
• Scope of Appointment (SOA) documentation
• Health-related information relevant to enrollment, including current medications, physicians, and pharmacy preferences
• Our agency information (National Producer Number, agency ID) associated with your account

By using our Services or enrolling in a plan through Med Concierge, you consent to the sharing of your personal information with the applicable insurance carrier(s) for the purposes of enrollment, policy servicing, and benefits administration. Insurance carriers receiving your information are governed by their own privacy policies and are subject to federal regulations, including the Health Insurance Portability and Accountability Act (HIPAA).

6. Disclosure to Third-Party Service Providers

We engage third-party service providers to operate our Services. Each provider receives only the minimum information necessary to perform its function.

We do not sell your personal information to any third party.

We may also disclose your information:

• When required by law, regulation, subpoena, court order, or governmental request
• To protect the rights, safety, or property of Med Concierge, our users, or the public
• In connection with a merger, acquisition, sale of assets, or bankruptcy, in which case you will be notified via email and/or prominent notice on our website

6.1 Transportation Provider Data Sharing

When you book a ride through the App, we share your name, phone number, and pickup/drop-off locations with the transportation provider to facilitate your trip. We do not share your health information, plan details, medication data, or the reason for your appointment with transportation providers. Transportation providers are contractually prohibited from using your information for any purpose other than completing your ride.

6.2 Third-Party Service Providers

We use the following third-party service providers to deliver our Services:

• Anthropic (Claude AI) — to power AI-assisted benefits processing (see Section 4)
• Google Maps Platform — to locate nearby providers and pharmacies using de-identified location data
• Twilio — to deliver SMS messages (see Section 11)
• Sentry — for application error monitoring; all personal and health information is scrubbed before transmission
• Expo Push Notification Service — to deliver medication reminders and plan notifications
• Google Fonts — to load web fonts on our website; this may send your IP address to Google

7. Assigned Agent Access

Your account is associated with a licensed, appointed insurance agent who can assist you with your plan. Your assigned agent may view:

• Your name, contact information, and date of birth
• Your Medicare plan name, plan ID, and carrier
• Your assigned benefits and coverage details
• Communications history related to your account

Agents are licensed insurance professionals bound by state and federal regulations governing the handling of consumer information. Agent access is limited to the information necessary to service your account and is subject to our internal data access policies.

8. Cookies, Tracking, and Website Analytics

When you visit our website (medconcierge.com), we may use cookies, web beacons, and similar technologies to:

• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Improve our website functionality and user experience

A cookie is a small data file stored on your device by your browser. You can configure your browser to refuse cookies or alert you when cookies are sent. If you disable cookies, some website features may not function properly.

We do not support Do Not Track (DNT) browser signals at this time.

We do not use cookies or tracking technologies within the mobile App for advertising or cross-site tracking purposes.

9. Location-Based Services

Certain features of the App require access to your location:

• Provider Search — to find in-network doctors, specialists, and pharmacies near you
• Ride Booking — to set your pickup location for transportation

You may enable or disable location services through your device settings at any time. If you disable location services, provider search and ride booking features may be limited.

Location data is not stored beyond your active session unless required to complete a pending ride booking. We do not use your location data for advertising purposes.

10. Push Notifications

The App may send push notifications for:

• Medication reminders at your scheduled times
• Ride booking confirmations and driver arrival alerts
• Important plan updates or benefit changes
• Service announcements

You can enable or disable push notifications at any time through your device settings (Settings > Notifications > Med Concierge). Disabling push notifications will prevent you from receiving medication reminders and ride alerts.

We do not send marketing or promotional push notifications without your separate, explicit consent.

11. SMS and Text Messaging (TCPA Compliance)

By providing your phone number and opting in to text messaging, you consent to receive SMS messages from Med Concierge related to your account, including:

• Account verification codes
• Appointment and medication reminders
• Ride booking confirmations
• Plan-related service notifications

Message frequency varies based on your account activity. Message and data rates may apply.

• To opt out of text messages, reply STOP to any message
• For help, reply HELP or contact us at support@medconcierge.com
• Text messaging opt-in data and consent will NOT be shared with any third parties

We use Twilio to deliver SMS messages. Twilio processes your phone number and message content solely for delivery purposes and is contractually prohibited from using your data for any other purpose.

12. Health Information

The App accesses and displays health plan benefit information and medication coverage details associated with your Medicare Advantage plan. Med Concierge maintains full HIPAA compliance. We implement administrative, technical, and physical safeguards to protect your health-related information:

• Administrative safeguards — role-based access controls, staff training, and internal data handling policies
• Technical safeguards — encryption in transit (TLS/SSL) and at rest, secure authentication, and regular security assessments
• Physical safeguards — secure hosting infrastructure with access controls

We do not use your health-related information for marketing purposes unrelated to your plan benefits. Your medication information is used solely to provide you with drug coverage and cost information under your current plan.

13. Data Retention

We retain your personal information for the following periods:

• Account data — retained while your account is active and for 30 days following a deletion request, to allow for account recovery
• Plan benefit data — sourced from CMS public data and carrier documents, refreshed annually during the plan year cycle
• Voice input — processed in real time to answer your question and is not stored after your session ends
• Medication search history — retained for the duration of your session to provide context for follow-up questions; not persisted after you close the App
• Ride booking records — retained for 12 months for customer service and dispute resolution purposes
• SMS/communication logs — retained for 12 months for compliance and quality assurance purposes

When we no longer need your personal information, we securely dispose of it using industry-standard data destruction methods.

14. Data Security

We implement a variety of security measures to protect your personal information, including:

• SSL/TLS encryption for all data in transit
• Encryption at rest for stored personal data
• Token-based authentication for API access
• Regular security assessments and monitoring
• Access controls limiting employee and system access to personal data on a need-to-know basis

Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. If we become aware of a security breach affecting your personal information, we will notify you promptly in accordance with applicable law.

15. Your Privacy Rights

Depending on your state of residence, you may have the following rights regarding your personal information:

• Right of Access — request a copy of the personal information we hold about you
• Right to Correction — request correction of inaccurate or incomplete personal information
• Right to Deletion — request deletion of your personal information ("right to be forgotten"), subject to legal and regulatory retention requirements
• Right to Opt Out — opt out of the sale of your personal information (note: we do not sell your personal information)
• Right to Data Portability — request a copy of your data in a portable, machine-readable format
• Right to Withdraw Consent — withdraw your consent to data processing at any time, without affecting the lawfulness of processing conducted prior to withdrawal
• Right to Non-Discrimination — we will not discriminate against you for exercising any of your privacy rights

California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at support@medconcierge.com.

Florida Residents

Florida residents may have additional rights under applicable Florida privacy laws. To exercise your rights, contact us using the information in Section 21.

To exercise any of these rights, contact us at:

Email: support@medconcierge.com
Mail: Med Concierge, 800 Corporate Dr Suite 610, Fort Lauderdale, FL 33334

We will respond to your request within 30 days (or within the timeframe required by applicable law). We may need to verify your identity before processing your request.

16. Children's Privacy

Our Services are intended for individuals 18 years of age and older. We do not knowingly collect personal information from children under 13 years of age. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@medconcierge.com.

17. Biometric Data

If you use biometric authentication (such as Face ID or fingerprint) to access the App, this data is processed and stored entirely on your device by your operating system. Med Concierge does not collect, store, receive, or have access to your biometric data. We only receive a confirmation of successful authentication from your device.

18. International Transfers

Our Services are intended for use within the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those of your country. By using our Services from outside the United States, you consent to the transfer of your information to the United States.

We advise users outside the United States not to provide personal information through our Services.

19. Insurance Carrier Trademarks

All insurance carrier names, logos, plan names, and trademarks displayed within the App are the property of their respective owners and are used solely for the purpose of identifying your enrolled plan. Med Concierge is not endorsed by, sponsored by, or affiliated with any insurance carrier. The display of carrier information does not imply any partnership or endorsement beyond our standard agent appointment relationship.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending a notification through the App
• Sending an email to the address associated with your account (for material changes)

Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of those changes. We encourage you to review this policy periodically.

21. How to Contact Us

If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how we handle your personal information, please contact us:

22. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the State of Florida, without regard to its conflict of law principles. Any disputes arising from this Privacy Policy shall be resolved in the courts of Broward County, Florida.