Liazon Privacy Notice
Last updated: February 2021
In this Privacy Policy (“Policy”), we describe how Liazon, a Willis Towers Watson company
(“Liazon,” “We,” or “Us” or “Company”), collects, uses, and otherwise processes personal
information when providing our services. We use personal information to guide you in making
smart benefits decisions, generate your plan rates, and enroll you with the insurance carrier(s)
that you choose.
In this privacy notice, our use of the term “personal information” includes other similar terms
under applicable privacy laws—such as “personal data” and “personally identifiable
information.” In general, personal information includes any information that identifies, relates
to, describes, or is reasonably capable of being associated, or could reasonably be linked or
linkable with a particular individual or household, either directly or indirectly.
This Policy describes our practices in connection with information that we collect through the
online information portal (the “Site”), decision support tools and enrollment system, collectively
known as “the Marketplace,” or through computers and mobile devices, as well as through
HTML-formatted email messages that we send to you that link to this Privacy Notice
(collectively, the “Services”).
When providing the Services, Liazon acts as a “service provider” under applicable privacy and
data protection laws.
Personal Information We May Collect
The personal information that we collect and process will vary depending upon the
circumstances. We may collect or receive personal information directly from individuals,
(including but not limited to automatic collection of certain personal information related to the
use of our Site) and from third parties.
Third Party Information You Provide. As part of our Services, you may provide us or our
service providers with personal information relating to other people (such as your dependents or
beneficiaries). You represent that you have the authority and/or permission to provide us with
this information and to grant us authorization to use such information in accordance with this
Policy.
Protected Health Information. Certain information that relates to health or the provision of
healthcare may constitute Protected Health Information (“PHI”) under HIPAA (the Health
Insurance Portability and Accountability Act of 1996 and 45 C.F.R. parts 142 and 160-164, as
amended) and applicable state privacy laws. Entities that create or receive this information (such
as your health insurance provider) are subject to strict rules regarding how they can share this
information. If we collect, receive, use or disclose any PHI, we do so as a “business associate”
under HIPAA. As a business associate, our collection, use and disclosure of PHI is also subject
to our applicable business associate agreements with employers and/or carriers. We will treat
PHI that we collect or receive in compliance with all applicable state and federal laws and
regulations regarding the confidentiality of such information.
Information We Receive From Third Parties. We may receive certain information from third
parties, such as your employer and carriers.
- Employers: Employers provides us with certain personal information about eligible employees, such as: your name, address, Social Security Number, hire date, birth date, gender and information directly related to your employment. We use this information so that we can identify you and enroll you in your employee benefits.
- Carriers: Name, address, and other information related to eligibility of individuals under certain insurance programs or plans.
Information We Collect Directly. We also collect certain personal information directly from
users of our Site.
- Registration: When signing in as a registered user, you must provide us with your assigned username and password, and provide us with certain registration information including first name, last name, date of birth, Social Security number, phone number, and email. Additional personal information may be collected if you use single-sign-on (SSO) to authenticate into our systems.
- Eligibility and Enrollment: When shopping for benefits plans on the Marketplace, we will ask you to provide additional personal information, such as information related to whether you smoke, your expected health care utilization, any dependents that you may have, your attitudes toward risk and other factors that would influence your insurance and benefits preferences, and any other personal information required by a relevant carrier to enroll you in a particular plan of your choice.
- Other Information: You may be asked or have the option to submit additional information through the Site, where requested by your employer. We may also collect information from you in order to help you identify appropriate plans for you and your beneficiaries.
Information Collected Automatically. When you use our Site, we may also automatically
collect certain information about the use of our Site through cookies, web beacons and
other technologies, such as:
- Browser and device information
- Information collected through cookies and other technologies
- Demographic information and other information provided by you
- Aggregated information
Please see the section below regarding Cookies and Tracking for information on how this
information is collected and treated by Us.
Sources of Personal Information We Collect
We may collect your personal Information in a variety of ways, including:
- We collect the information that you directly provide to us as part of the Services (e.g., when you register with our Site).
- When you contact Us or request information about our Services.
- When we receive information about you from your employer.
- We may also receive information from third parties about your medical and health care expense history (to the extent you have consented to the sharing of such information with us). For the avoidance of doubt, the information that you provide to such third parties shall be governed by the third party’s privacy notice; whereas the information that we may receive from third parties shall be governed by this Policy.
Use of Personal Information
We may use personal information:
- As permitted under the contract for services with our clients (your employer);
- To respond to your inquiries and fulfill your requests, including to enroll you with the insurance carrier(s) that you choose;
- To generate your plan rates;
- To recommend the best insurance coverage for you;
- If allowed by your employer, to send you notices or marketing communications (for example, in the form of e-mails, mailings, and the like) regarding products or services you are receiving or We think you may be interested in receiving;
- For Our internal business operations, such as improving or modifying our Services, developing new features and services, identifying errors, and as necessary in support of our internal business operations that are ancillary to the Services;
- As We believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations, assets and Services or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
- For auditing, reporting, corporate governance, and internal operations: including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business.
- To retain or hire another service provider or subcontractor.
- For any other purposes disclosed at the time the information is collected or to which you consent.
Disclosure of Your Personal Information
We may disclose personal information for the following reasons:
- To the carrier and vendor partners that you have selected or requested more information about, to allow them to provide you with services through the Marketplace. Use of your personal information by our carrier and vendor partners is governed by their respective privacy policies and not this Policy.
- To your employer. We may share information with your employer, including your demographic information (name, address, etc.), smoking status, dependent information, beneficiary information, benefits elections, and information collected where we indicate that question responses will be shared with your employer (such as on the “Additional Questions” page).
- To our affiliates for the purposes described in this Policy.
- To our third-party service providers who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing and other services.
- To identify you to anyone to whom you send messages through the Services.
- To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations, assets and Services or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
Aggregate and De-identified Information. We may share aggregate or de-identified information,
which does not identify and is not linked or linkable to a particular individual with third parties
for research, marketing, analytics and other purposes.
Cookies
Our website may use first-party and third-party cookies and similar technology to gather device and
usage information when users visit the website. We use the information for security purposes, to
facilitate navigation, to display information more effectively, to personalize your experience while
using the website, and to recognize your computer to assist your use of the website. We also gather
statistical information about use of the website to improve design and functionality and understand
how the website is used. We do not use advertising cookies on the website.
There are different types of cookies, for example:
- Cookies transferred directly by Willis Towers Watson or the website vendor ('first party cookies') and cookies transferred on our behalf, for example by our data analytics companies ('third party cookies')
- Cookies which endure for different periods of time, including those that only last only as long as your browser is open ('session cookies'). Session cookies are deleted automatically from your device once you close your browser. Other cookies are 'permanent cookies', meaning that they remain on your device after your browser is closed. For example, permanent cookies recognize your device when you open your browser and browse the internet again.
Below we explain the different types of cookies and similar technologies that may be used on the Sites.
Where we use third party cookies, we provide a link to the third party's cookie policy.
Strictly Necessary Cookies. Strictly necessary cookies enable you to navigate the Sites and to use their
services and features. Without these necessary cookies, the Sites will not perform as smoothly for you as
we would like them to and we may not be able to provide the Sites or certain services or features.
Functional Cookies. Functional cookies enable the website to provide enhanced functionality
and personalization. They allow us to see the overall patterns of usage on the Sites. We use the
information to analyze traffic on and improve the Sites. They may be set by us or by third party
providers whose services we have added to our pages. Without these cookies, some or all of these
services may not function properly.
Performance Cookies. Performance cookies allow us to count visits and traffic sources so we can
measure and improve the performance of our site. They help us to know which pages are the most and
least popular and see how visitors move around the site. All information these cookies collect is
aggregated and therefore anonymous. Without these cookies, we will not know when users have visited
our site and will not be able to monitor its performance.
We use the following cookies for our site:
| Cookie Name |
Cookie Type |
Description or Purpose |
Persistent or Session |
1st or 3rd Party Cookie |
| LoginTokenV1 |
Strictly Necessary |
This cookie holds the username that is typed in on the login page. It is used as a reference for the entire MFA login process. |
Persistent |
First Party |
| SessionId |
Strictly Necessary |
Holds a unique key to get the signed-in user's session as required by the portal framework. |
Persistent |
First Party |
| .LZN_PORTAL_AUTH |
Strictly Necessary |
Holds a unique key to get the signed in user's authorization as required by the portal framework. |
Persistent |
First Party |
| LoginToken |
Strictly Necessary |
Same as LoginTokenV1. |
Persistent |
First Party |
| _ga |
Performance |
This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. |
Persistent |
First Party |
| _gid |
Performance |
This cookie name is associated with Google Universal Analytics. |
Persistent |
First Party |
| JSESSIONID |
Performance |
This domain is controlled by New Relic, which provides a platform for monitoring the performance of web and mobile applications. |
Persistent |
Third Party |
| showWarnings_18BEE06CE877E512BD3A345496A95A10 |
Functionality |
Used to show user warnings during Life Event workflow. |
Session |
First Party |
| SsoInboundLogoutUrl |
Functionality |
Sets the logout url specified in the SSO Inbound profile for the consumer who entered the portal via an SSO connection. This cookie only stores a url that is used to send the consumer back to where their organization configured them to go after an SSO logout. |
Persistent |
First Party |
| languageculture_18BEE06CE877E512BD3A345496A95A10 |
Functionality |
Sets users preferred language. |
Session |
Third Party |
You can control the way in which cookies are used by altering your browser settings. You may refuse to
accept cookies by activating the setting on your browser that allows you to reject cookies. Information
about the procedure to follow to enable or disable cookies can be found on your Internet browser
provider's website via your help screen.
To find out more about cookies, including how to see what cookies have been set and how to manage
and delete them, visit www.aboutcookies.org, www.allaboutcookies.org, or www.youronlinechoices.eu.
Pixel tags and other similar technologies. Pixel tags (also known as web beacons and clear GIFs)
may be used in connection with some websites to, among other things, track the actions of users
of the website (including email recipients), measure the success of our marketing campaigns and
compile statistics about usage of the website and response rates. We and our service providers
may also use pixel tags in HTML emails to you and our customers, to help us track email
response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Log files. Most browsers collect certain information, such as your IP address, device type, screen
resolution, operating system version and internet browser type and version. This information is
gathered automatically and stored in log files.
Third Party Analytics Tools. Our Site uses automated devices and applications operated by third
parties (e.g., Google Analytics), which use cookies and similar technologies to collect and
analyze information about use of the Site and report on activities and trends.
Do-Not-Track signals. Please note that our Site does not recognize or respond to any signal
which your browser might transmit through the so-called 'Do Not Track' feature your browser
might have. If you wish to disable cookies on our Site, you should not rely on any 'Do Not Track'
feature your browser might have.
Third Party Services
We may include links in the Services to third-party companies, such as carriers, health and
wellness providers or other service providers. When you access those links or utilize those
products or services, you will be leaving the Services and your usage of those third party sites
will not be governed by this Privacy Notice, but by the privacy policies of such third party.
Information About Children
The Services are not directed at children under the age of 13, and we request that they not
provide personal information through the Services.
Please note that we do collect information about dependent children as it pertains to their
benefits coverage.
How We Protect Your Information
We seek to use organizational, technical and administrative measures to protect personal
information within our organization. Unfortunately, no data transmission or storage system can
be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no
longer secure (for example, if you feel that the security of your account has been compromised)
please immediately notify us in accordance with the "How to Contact Us" section below.
Choices and Access
If you would like to review, correct, update, suppress or delete personal information that you
have previously provided to us, you may contact us at the address below.
In your request, please make clear what personal information you would like to have changed,
whether you would like to have your personal information suppressed from our database or
otherwise let us know what limitations you would like to put on our use of your personal
information. For your protection, we may only implement requests with respect to the personal
information associated with the particular email address that you use to send us your request, and
we may need to verify your identity before implementing your request. We will try to comply
with your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to
complete any transactions that you began prior to requesting a change or deletion. There may
also be residual information that will remain within our databases and other records, which will
not be removed.
Changes to This Policy
This Policy is effective as of the date stated at the top of this Policy. We reserve the right to
revise and update this Policy from time to time. By accessing the Site or using the Services after
we make any such changes to this Policy, you are deemed to have accepted such changes.
Please refer back to this Policy on a regular basis.