By accessing this web site, you agree to be bound by the terms and conditions below. If you do not agree to the terms and conditions below, do not access this web site or any pages thereof.
HealthEquity, Inc. ("HealthEquity", "we", "our") is an Internal Revenue Service ("IRS") authorized, non-bank trustee ("NBT") operating as the custodian of health savings accounts ("HSAs"). The IRS NBT Authorization Letter is available online (see Quick Links box at https://healthequity.com/legal). HealthEquity is also a third-party administrator of other tax favored health plans and services. We do not provide medical advice, diagnosis, or treatment. Information obtained from HealthEquity licensors and from the HealthEquity web site, including text, tools and services, is for your personal informational purposes only and should not in any case replace professional medical advice. If you have a question regarding a medical condition, you should seek advice and treatment from a qualified health care professional. If you have a medical emergency, call 911 immediately.
Copyrights in the page content or display screens, and in the information and material within including their arrangement, are owned by HealthEquity, Inc. unless otherwise indicated. No information or content except as otherwise expressly stated herein, may be copied, transmitted, displayed, performed, distributed, or otherwise used in whole or in part in any manner without HealthEquity's prior written consent, except to the extent permitted by the Copyright Act of 1976, as amended, and then, only for your personal nonbusiness use.
The information, services, products, data, and materials contained in this web site are provided on an "as is" basis without warranty and HealthEquity, to the maximum extent permitted by law, does not assume responsibility or guarantee the accuracy, timeliness, or completeness of the content. The content is provided to enhance your understanding and is for illustrative purposes only—use the information at your own risk. Content may contain explicit health and/or medical materials. If you find these materials offensive, do not use this web site.
These Terms of Use shall be governed by, and construed and enforced in accordance with the laws of the Utah (excluding conflicts of law principles). By using this web site, you agree to submit to the exclusive personal jurisdiction and venue of the federal and state courts located in Salt Lake County, Utah, with respect to all matters.
Unauthorized use of HealthEquity's web site(s) and systems, including but not limited to unauthorized entry, misuse of passwords, or misuse of any information posted to a site, is strictly prohibited.
HealthEquity reserves the right to update these Terms of Use at any time. Continued use of the HealthEquity web site and/or services, signifies your acceptance of any changes.
HealthEquity does not warrant the accuracy, adequacy, or completeness of the information and materials contained herein. HealthEquity disclaims all warranties and representations of any kind with regard to the web site, including any implied warranties of merchantability or fitness for any particular purpose. Under no circumstance will HealthEquity be liable for any indirect, consequential, incidental, special, punitive, or exemplary damages arising out of any use of or inability to use the web site or any portion thereof, regardless of whether HealthEquity has been apprised of the likelihood of such damages occurring and regardless of the form of action, whether in contract, warranty, tort (including negligence). strict liability, or otherwise.
At HealthEquity, protecting your privacy and security is our top priority. We understand the importance of security when managing your financial information online and over the phone. HealthEquity will never ask for your login password through email or phone call, but we may use your secret question and answer to authenticate you on a phone call. We will never utilize an automated voice response system when contacting you. Some tips to prevent fraud and identity theft include:
Your privacy is important to us. As part of providing our services to you, you understand that we will obtain personal information about you. We take the responsibility of maintaining the confidentiality of this information seriously. This privacy notice is provided so that you will be aware of the measures we take to protect your privacy. It also describes information we collect and how we use this information to conduct our business. We do not sell our customer lists or individual customer information. By using our site you consent to terms of this Privacy Statement, including your consent to our use and disclosure of information about you in the manner described in this Privacy Statement.
The following is a nonexhaustive list of information we collect about you in order to provide services to you:
We retain your personal information in order to provide products and services and may, from time to time, provide such information to nonaffiliated third party service providers to perform services for or functions on behalf of us, to effect, administer, or enforce transactions authorized by you; for example,
We may also exchange information with reputable reference sources or reporting agencies for risk management, and verification, in order to maximize the accuracy, and security of your personal information. Only information needed to service your account or protect against fraud will be used or provided, in accordance with standard industry practice, unless we are required or allowed to do so by law. We will not market additional products or services to you if you advise us that you do not wish for us to do so.
In addition, we will collect and store the following:
The information can come from one or more of the following sources:
We have developed policies and procedures to keep your personal information confidential and secure. We restrict access to those employees and other persons who must use that information to provide services on our behalf. We maintain physical, electronic and procedural safeguards, in compliance with applicable laws, regulations and industry standards, to protect the confidentiality of the personal information we obtain.
We require our service providers to maintain the same level of confidentiality and security that we do. We continually update and improve our security standards and procedures to help protect against anyone gaining unauthorized access to your confidential information and to prevent fraud.
We collect and use the information you provide us online to respond to your needs, service your accounts, and provide online transaction services. We do not collect personally identifiable information about you unless you voluntarily provide us with that information through email or online applications.
While visitors to our web site(s) remain anonymous, we do occasionally utilize "cookies" to provide a more valuable experience. Such cookies are used only to enhance the customer's experience. We do not use cookies for marketing purposes. (A cookie is a small text file sent by a Web server and stored on your hard drive in your browser. Cookies cannot "read" information about you from your computer or be used to "steal" information about you; cookies do not carry viruses and are not programs that can perform functions on your computer. Most browsers will allow you to disable cookies, or can be set to notify you when you receive a cookie, thus giving you the opportunity to decide whether or not to accept it.) If you choose to disable cookies certain functionality on the website may be impaired or may not work at all.
To access certain online services, you will need a User ID and a Password. This information may either be provided to you or you will be allowed to choose your own. The User ID and Password are designed to protect you by confirming your identity to our computer network systems, and are to be kept confidential. Our employees do not have access to your password. It is very important that you not share this information or allow a computer to "remember" your password, particularly if you are using a computer with public access such as one located in a library. For additional security, you may be required to change your password from time to time.
Depending on the type of account, the account holder may grant the authority to someone else to use the account (such as a spouse, dependent, or a legal representative). The account holder is at all times responsible for the transactions those authorized individuals made. Those authorized users will have access to the account balance if they are properly authenticated by our system. The account holder should inform those individuals that he/she can see ALL of the transactions those individuals made, and therefore, should have no expectations of privacy.
Depending on the type of account, the account holder may grant the authority to someone else to access the account information, including all transaction history. This authority is different from the right to use the account. If the account holder grants authority to access the account, once we authenticate the individual's identity, that individual will have full access to the account information, just like the account holder.
Information provided via our web portal is submitted within a secure session. These sessions utilize Transport Layer Security (TLS, formerly known as SSL) technology in order to ensure that the information is encrypted while in transit. Your browser must be able to support this technology in order to use our web services.
E-mail, by nature, is not secure and may be intercepted and viewed by others. Therefore, you should refrain from sending email that contains any confidential or private information, such as your member ID, your social security, or credit card number. We will not send you any email that contains confidential information that would allow identity theft (such as SSN) or contains protected information (such as your health information).
If you have an HSA, and your account balance exceeds a certain minimum (normally $7,500, but varies depending on how your account was established), you will be eligible to use our web-only investment advisor services offered by HealthEquity Advisors, LLC, a wholly owned company of HealthEquity, Inc. If you choose to use HealthEquity Advisors, LLC services, your consent to make all account information contained in HealthEquity, Inc.'s system available to HealthEquity Advisors, LLC, and further authorize the use of those information to provide you with the services. Finally, in order for HealthEquity Advisors, LLC to provide you with meaningful information, you will be asked to provide complete and accurate financial information not contained in our system. If you provide such information, you are consenting to the use of the information as described in HealthEquity Advisors, LLC user/services agreement.
If you open or maintain an HSA through or in association with an employer, health plan, health insurance company, benefits administrator, benefits aggregator, or other entity, or those operating on behalf of such entities (each, an "Agent"), we may disclose HSA information, including but not limited to personally identifiable information, to your Agent related to the opening and maintenance of your HSA, and to ensure the security of our network and services, to protect against or prevent potential fraud or unauthorized transactions, or as otherwise permitted or required by law. When your Agent notifies us that your association with the Agent has been terminated, we will cease disclosing your information to that Agent, with a reasonable time for us to act on such notification.
If your Agent is subject to any rules of the U.S. Securities and Exchange Commission ("SEC") that may indirectly or directly require the Agent of monitor your beneficial ownership of securities issued by clients of the Agent, we may disclose to your Agent the fact that you have or have not invested in securities through your HSA, the value of your ownership interest in such securities, detail regarding your transactions in such securities, and any other information that the Agent reasonably requests for purposes of facilitating its compliance with such SEC rules, unless you opt out of such sharing. To opt out, contact Member Services. Note that this opt-out only extends to the sharing described in this paragraph.
Your Agent, retirement plan, or 401k recordkeeper, as part of a service offering, may have set up the capability whereby you can access the Agent's, retirement plan's, 401k recordkeeper's, or another third party's website from our website without the need to enter your login credentials to access the third party's website. This is often called "single sign on". You may see a disclosure on our website that alerts you when you are leaving our website and accessing the website of the third party. If you have questions about this arrangement, please contact your Agent, retirement plan, or 401k recordkeeper.
Your Agent, retirement plan, or 401k recordkeeper, as part of a service offering and for your convenience, may have enabled functionality that would permit you to view your HSA information on the Agent's, retirement plan's, 401k recordkeeper's, or another third party's website or for other purposes that support the data sharing arrangement. If you have such an arrangement, we will share the information defined in the arrangement (such as account balance or investment information) that is necessary to provide the service with your Agent, retirement plan, 401k recordkeeper or another third party, which may be stored on their servers or systems. We are not responsible for the privacy and security practices of your Agent or another third party, and do not control their use or further disclosure of HSA information.
For more information about our privacy practices as they relate to HSAs, and as required by the Gramm-Leach-Bliley Act ("GLBA"), please refer to the HealthEquity Notice of Privacy Practices available online (see Quick Links box at https://healthequity.com/legal).
For California and Vermont residents, the information sharing practices described above are in accordance with federal law. California and Vermont law places additional restrictions on sharing information about their residents, and our policies comply with such restrictions.
California Civil Code Section 1798.83 permits you, if you are a California resident, to request certain information regarding disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an e-mail to legal@healthequity.com or write us at Privacy Officer, HealthEquity, Inc., 15 W Scenic Pointe Drive, Suite 100, Draper, UT 84020.
Cal. Bus. And Prof. Code Section 22575 also requires us to notify you how we deal with the "Do Not Track" settings in your browser. Currently, HealthEquity's system does not respond to the Do Not Track settings.
This California Privacy Notice is intended to supplement our Privacy Policy available here and applies solely to visitors, users, and others who are California residents ("consumers" or "you").
To understand our privacy practices, you should refer to both our Privacy Policy here and this supplemental notice.
The California Consumer Privacy Act ("CCPA") is intended to apply to personal information we collect in the course of our business. This notice does not apply to our products that are excepted from CCPA, such as those that are subject to HIPAA or Gramm-Leach-Bliley. In addition, some of the requirements of CCPA do not go into effect until January 1, 2021 for products and services that are related to employee benefit plans.
The CCPA defines "Personal information" as information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer or device.
Below are the categories of Personal Information and the CCPA Information that we may collect, as permitted by law:
Category | Examples of Information We Collect |
---|---|
A. Identifiers. | Real name, postal address, email address, account numbers. |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | Name, address, email address, account number, health insurance information |
C. Protected classification characteristics under California or federal law. | Age, marital status, medical condition, gender, veteran or military status |
D. Commercial information. | Products or services purchased, consumer history |
E. Biometric information. | Medical information related to claims for reimbursement |
F. Internet or other similar network activity. | Browsing and search history, use of apps or website |
G. Geolocation data. | Physical location, such as location of website access |
H. Sensory data. | Audio recordings of calls, medical information related to claims for reimbursement. |
I. Professional or employment-related information. | Employer and employment history |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Where applicable, student information related to eligibility for benefits |
K. Inferences drawn from other personal information. | Profile based on preferences, such as website opt-ins or claims for reimbursement |
The CCPA information we collect comes directly from you when you inquire about our products and services via our website or by telephone or when you file a claim for reimbursement or view our website; from your employer (where applicable) where your employer is providing benefits; and from third parties that assist us in providing these benefits.
We may use or disclose the personal information listed above for the following purposes, as permitted by CCPA and other applicable law:
We do not sell your CCPA information.
Please see our Privacy Policy here
In the future, where the CCPA applies to the product or service we offer, you may have the right to request access, data portability, and deletion rights.
We will not discriminate against you for exercising your CCPA rights.
We reserve the right to amend this privacy notice at our discretion and at any time.
You may be able to request this notice in another language where we provide such notices in the ordinary course of business or in an alternative format if you have a disability. Please see our contact information below to request an alternative format.
If you have any questions or comments about this notice, our Privacy Policy, the ways in which we collect and use your information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Phone: 1-866-346-5800
Email: Privacy@healthequity.com
Postal Address: HEALTHEQUITY, INC.
Attn: Privacy Officer
15 West Scenic Pointe Drive
Draper, UT 84020
Nevada law requires that we also provide Nevada residents with the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E Washington St., Suite 3900, Las Vegas, NV 89101; phone: 702.486.3132; e-mail: BCPINFO@ag.state.nv.us.
We hope our Privacy Notice will help you understand how we collect and share information. If you have any questions, please contact us. We are required by federal and state law to provide you with a copy of our Privacy Notice every twelve months. We reserve the right to change this Privacy Notice, in whole or in part, by providing notice in accordance with applicable law.
The General Data Protection Regulation ("GDPR") is an EU data protection and privacy regulation. Our services are outside the scope of GDPR as we are not processing data of HSA owners residing in the EU, we do not target EU residents with our services or products, do not envision our services or products being used by EU residents (e.g., HSAs are only tax advantaged in the U.S.), and do not monitor the behavior of EU residents.
This privacy statement applies to HealthEquity, Inc. and its subsidiaries, including but not limited to HealthEquity Advisors, LLC., unless otherwise indicated.
Legal notices (such as divorce subpoenas, garnishment notices, etc.) should be sent to our registered agent for service of process:
Registered Agent Solutions, Inc.
2005 East 2700 South Ste 200
Salt Lake City, UT 84109
https://secure.utah.gov/bes/details.html?entity=5578753-0143
Follow us