Mevian Medicare Privacy Notice

Mevian Medicare company, which according to the respective data protection laws applicable to you is responsible for the processing of your personal information (hereinafter referred to as “Mevian” or “we/us”) is committed to responsibly handling your personal information. This privacy notice explains how we collect, use, disclose, retain, and protect your personal information, and certain rights you may have relating to such use (the “Privacy Notice”). If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please feel free to reach out to our Data Privacy Officer using the details set forth at the end of this Privacy Notice. We reserve the right to change or modify any of the terms and conditions contained in this Privacy Notice, at any time and our sole discretion. To the extent permitted by law, any changes or modifications will be effective immediately upon posting of the revisions on our website(s) without further notice. Last revised: August 2022.


What type of Personal Information do we collect?

Personal information is data that can be used to identify you or that we can otherwise link to you (the “Personal Information”). We collect certain Personal Information that you voluntarily provide to us, for example when you communicate with us via email or other channels when you sign up for or ask us to send you newsletters or other materials when you sign up for an event when you buy our products or otherwise use one of your services. The Personal Information we collect includes, but is not limited to, your name, postal address, e-mail address, phone number, language preference, and business affiliations.

How do we use your Personal Information?
We use your Personal Information to offer you our products and provide you with and improve our services as well as for communication purposes, including sending you newsletters, and invitations, and maintaining our list of contacts.

You may also elect to receive text messages from us (for example, about promotional offers), by signing up for this service on our website. These messages may use information automatically collected based on your actions while on our sites and may prompt messaging. To offer this service, we collect and store the information you provide, including your telephone number or when you read a text message. You may opt out of receiving text messages at any time by texting “STOP” to our text or email messages.

Our basis for using your Personal Information.
When processing your Personal Information for the purposes described herein, we rely on your consent to this Privacy Notice, our legitimate interests in maintaining business relationships and communicating with you, and/or our performance of any contract or another ground for lawful processing of your Personal Information under the applicable laws and regulations.
How might we share your Personal Information?

We may disclose your Personal Information to the following parties for the following purposes:
On group companies, which may use it to:

  • provide joint content and services (e.g., customer support).
  • help detect, investigate, mitigate, and prevent potentially fraudulent and illegal acts or violations of our contracts and data security breaches.
  • provide you with personalized advertising.
  • improve products, sites, applications, services, tools, and marketing communications; and
  • send you marketing communications if you have consented to receive such communications or if otherwise permitted by the law.

Service providers and financial institutions partners are as follows:

  • third-party service providers, which help us to provide our services, provide payment processing services, assist us in providing customized advertising, assist us with the prevention, detection, mitigation, and investigation of potentially illegal acts, violations of our contracts, fraud, and/or security breaches, and assist us with bill collection and other business operations.
  • third-party financial institutions with which we partner to offer financial products to you, for them to provide joint content and services (such as registration, transactions, and customer support). These third-party financial institution partners will use your Personal Information to send you marketing communications only if you have requested their services.
  • third-party logistics providers with which we share delivery addresses, contact information, and shipment tracking information to facilitate the delivery of items purchased and other delivery-related communications; and
  • third-party providers of websites, applications, services, and tools that we cooperate with so that they advertise our products on their websites or in their applications, services, and tools. If we transfer Personal Information to third-party providers, this will be solely based on an agreement limiting the use by the third-party provider of such Personal Information to processing necessary to fulfill their contract with us and obligating the third-party provider to take security measures regarding such data. Third-party providers are not permitted to sell, lease, or in any other way transfer the Personal Information included in your listings to third parties.

Law enforcement, legal proceedings, and as authorized by law:

  • to comply with our legal requirements, enforce our contracts, respond to claims that a listing or other content violates the rights of others, or protect anyone’s rights, property, or safety.
  • to law enforcement or governmental agencies, or authorized third parties, in response to a verified request or legal process. We will only disclose the information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, user ID history, IP address, fraud complaints, bidding, and listing history.
  • to third parties involved in a legal proceeding, if they provide us with a subpoena, court order, or substantially similar legal basis, or we otherwise believe in good faith that the disclosure of the information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity; and
  • if a transaction fails, is put on hold, or is later invalidated, we may also provide the other user with details of the unsuccessful transaction.
  • to prevent, detect, mitigate, and investigate potentially illegal acts, fraud, and/or security breaches, and to assess and manage risk, including to alert you if fraudulent activities have been detected on your Mevian account.
  • to provide customer services, including to help service your account or resolve disputes (e.g., billing or transactional disputes).

We may also disclose your Personal Information to provide information, on a need-to-know basis, to future purchasers or merger partners of all or a portion of Mevian or any of our group companies.

How long do we keep your personal information?

We store your Personal Information only for as long as necessary for the purposes described above. How long we retain Personal Information can vary significantly based on the context of the services we provide and on our legal obligations. The following factors typically influence retention periods:

  • How long is the Personal Information needed to provide our services? This includes such things as maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most of our data retention periods.
  • Is the Personal Information sensitive? If so, a shortened retention time is generally appropriate.
  • Have you provided consent for a longer retention period? If so, we will retain data by your consent.
  • Are we subject to a legal, contractual, or similar obligation to retain your Personal Information? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or Personal Information retained for litigation.

After it is no longer necessary for us to retain your Personal Information, we will dispose of it securely according to our data retention and deletion policies.

Communication Tools
We may scan messages automatically and check for spam, viruses, phishing, and other malicious activity, illegal or prohibited content, or violations of this Privacy Notice or any other applicable policies.

You may register for our newsletter on the website by providing us with your e-mail address. The newsletter will keep you updated on our products, surveys, offers, and other promotional materials regularly.
When registering for our newsletter, you give us your consent to receive the newsletter regularly and that we collect and store the following information: your e-mail address, as well as your language and country preferences, used when registering for the newsletter. We use this information only to send you, our newsletters.

If you wish to unsubscribe from our newsletter, you can do so at any time by clicking on the “unsubscribe” link at the bottom of any newsletter that you receive. You may also contact our customer service via the Contact Us form. If you decide not to receive our newsletters, we may still send you service-related communications.

Newsletter tracking:
The newsletters contain so-called “web beacons”, which are retrieved from an external server when the email is opened. This call will initially collect technical information, such as details about your browser and operating system, as well as your IP address and the time of retrieval. In addition, based on your e-mail address, we can track whether and when you opened a newsletter and which links were clicked. The analysis of this information helps us to identify the reading habits of our users and to adapt our content to you or to send out different content based on the interests of our users.

Third-Party Social Media Platforms
We are also present on various social media platforms such as Facebook, Instagram, and Twitter. On these Mevian Medicare social media Pages, we publish and share various content with regards to our newest products, product recommendations, or other marketing material (“Mevian Medicare Social Media Pages”).

When using third-party social media platforms, kindly note that the operators of these social media platforms are considered data controllers, and as such their respective privacy policy applies.

You can always choose to communicate or interact with us directly via our Mevian Medicare social media Pages. In this case, we collect all information you provide to us directly, e.g., when you post or like something on our Mevian Medicare social media Pages or when you send us a direct message. In addition, we might access all information that is publicly available on your profile.

Operators of social media platforms use cookies and other tracking technologies to track the behavior of their users and share the data regarding Mevian Medicare social media Pages with us. Such data is shared only on an anonymized and statistical basis, meaning we have no access to personal data at all. We use such data to get a better understanding of the interests and the behavior of our Mevian Medicare Social Media Page users and improve our user experience and provide user-tailored content.

How do we protect your Personal Information?
We restrict the use and access to your Personal Information to those who have an absolute need-to-know to provide you with our services or access to our website and/or to communicate with you. We maintain appropriate technical, physical, and organizational measures to help protect your Personal Information from unauthorized access, disclosure, modification, loss, or destruction by applicable data protection and security laws.

When transferring Personal Information to countries not providing an adequate level of data protection, we use appropriate measures (such as the standard contractual clauses approved by the European Commission, which may be read here) to ensure a sufficient level of protection of your Personal Information. As with all online mediums, the storage and transmission of electronic information are unfortunately not always completely secure. Although we strive to protect your personal information, we cannot guarantee the security of information stored on our or our vendors’ servers or transmitted via email or through our website; you transmit personal information to us at your own risk.

Your Choices and Rights
We welcome your inquiries and comments. You have the right to know what Personal Information we process about you and may request a copy. You are also entitled to have incorrect or incomplete Personal Information about you corrected or completed and you may ask us to delete your Personal Information. You can also object to certain Personal Information about you being processed and request that processing be limited. Please note that the limitation or deletion of your Personal Information may mean that we will be unable to provide the services and information described above. You also have the right to receive your Personal Information in a machine-readable format and have the information transferred to another party responsible for data processing.

You also have the right to contact the data protection supervisory authority in your country of residence.

Third-Party Privacy Practices

This Privacy Notice addresses only our use and handling of Personal Information, which we collect from you in connection with providing you, our services. If you disclose your Personal Information to a third party or visit a third-party website via a link from our services, their privacy notices and practices will apply to any Personal Information you provide to them, or they collect from you.

We cannot guarantee the privacy or security of your Personal Information once you provide it to a third party and we encourage you to evaluate the privacy and security policies of your trading partner before entering a transaction and choosing to share your Personal Information. This is true even where the third parties to whom you disclose Personal Information are bidders, buyers, or sellers on our site.

Cookies are small text files that are downloaded to your device by visiting our website or opening our marketing-related emails. A cookie will usually contain the name of the website from which the cookie has come, the “lifetime” of the cookie (i.e., how long it will remain on your device), and a value, which is usually a randomly generated unique number. Cookies (including third-party cookies such as tracking technologies provided by Google Analytics) are in particular used to ensure and improve the functionality of the website or for general marketing purposes by providing information on the interaction of unique browser-device pairs with the website (such as several sessions, page views, clicks and eCommerce interactions and time spent), statistical information on interaction with the website (including referrals thereto, the popularity of certain content, accessing users’ categories, markets, regions, languages, demographics, browser and device types, and similar information), or statistical information on interaction with our marketing emails (such as if they have been opened or forwarded or links have been clicked on). Cookies are also used to provide you with personalized advertising on third-party websites and/or apps for your specific interests.

Third-party service providers such as Google etc. may track your use of our website, combine this information with information from other websites you have visited (and which they also track) and use the such combined information for their purposes. If you have registered with the respective service providers, they may be able to identify you. In these instances, their processing of your Personal Information will be governed by their privacy policies.

Most internet browsers are initially set up to automatically accept cookies. You may change your browser settings to delete and block cookies. By continuing to use our website without changing your settings (or using the add-on, as applicable) you consent to our and our third-party service providers use of cookies. If you would like more information about cookies, we can recommend and as helpful resources. Both websites also provide instructions on how to reject cookies if you would like to do so.

Additional Information for Individuals Whose Personal Data are subject to the GDPR or the UK GDPR
Residents of the European Economic Area (“EEA”) and the United Kingdom (“UK” and such residents of either, “EEA/UK Residents”) have certain rights concerning their data under the General Data Protection Regulation (EU) 2016/679 (“GDPR”) or the UK General Data Protection Regulation (i.e., the GDPR as implemented into UK law, the “UK GDPR”), as applicable and as further described in this section. If you are an EEA/UK Resident and do not agree with our use of your data as outlined in this Privacy Notice, you should not submit your data to us. However, if you do not submit certain personal data to us, or if you exercise your rights to prevent us from using such personal data, you should be aware that we may not be able to do business with you.

For applicable data privacy legislation, Mevian Medicare is a “controller” of EEA/UK Residents’ data. We transfer, use, store and/or otherwise process your data outside of the EEA or the UK, primarily in the U.S., and the laws of the U.S. and certain other destination countries may not offer the same standard of protection for personal data as countries within the EEA or UK. EEA/UK Residents’ data also may be processed by staff operating outside the EEA or UK who work for us or for one of our vendors (for example, those who supply support services to us).

In cases of cross-border transfers to countries outside of the EEA or UK, as applicable, if your data will be processed in a country with laws that may not be equivalent to, or as protective as, the laws of your home country, we will take appropriate steps, by applicable laws, to require or maintain an adequate level of protection and security for your data. For additional information regarding such steps, please contact us using the details set forth at the end of this Privacy Notice.

We do not expect to process “sensitive” or “special” categories of personal data under the GDPR or UK GDPR. “Special” or “sensitive” categories of personal data include, among other things, data concerning your health, revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or concerning your sexual orientation. However, if we were to process such personal data, we would do so only where we have asked for your explicit consent, or otherwise where this is necessary for the establishment, exercise, or defense of legal claims, or as otherwise may be permitted under applicable laws.

Under certain circumstances, by law, you have the right to:

  • request access to your data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.
  • request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate personal data we hold about you corrected.
  • object to the processing of your data where we are relying on a legitimate interest (or that of a third party) and there is something about your situation which makes you want to object to processing on this ground. You may also have the right to object to where we are processing your data for direct marketing purposes.
  • request erasure of your data. This enables you to ask us to delete or remove your data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your data where you have exercised your right to object to processing (see above).
  • request the restriction of processing of your data. This enables you to ask us to suspend the processing of personal data about you, for example, if you want us to establish its accuracy or the reason for processing it; and/or
  • request the transfer of your data to another party in a machine-readable, commonly used, and structured format.

If you want to exercise any of these rights, then please contact us using the details set forth at the end of this Privacy Notice. The various rights are not absolute, and each is subject to certain exceptions or qualifications. For example, if you wish to withdraw your consent or object to processing, it might still be that we use your data for other lawful purposes, such as the fulfillment of a legal or contractual requirement.

We will respond to your request within one month of receipt of your request. In some cases, we may not be able to fulfill your request to exercise the right before this date and may need to request more time. Where we cannot provide a full response to you for any reason, we will let you know about this in our initial reply to your request.

The personal data we hold about you must be accurate and current. Please keep us informed if your data changes during your business relationship with us.

You will not have to pay a fee to access your data (or to exercise any of the other above-listed rights). In some cases, we may charge a reasonable fee if your access request is unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.

To access your data (or to exercise any of the other above-listed rights), we may need to request specific information from you to help us confirm your identity and ensure your right to access the personal data (or to exercise any of your other above-listed rights). This is another appropriate security measure designed to ensure that personal data is not disclosed to any person who has no right to receive it.

If you wish to request further information about any of the above-listed rights, or if you are unhappy with how we have handled your data, please contact us using the details set forth at the end of this Privacy Notice. If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with the GDPR, UK GDPR, or other applicable data privacy legislation, you can make a complaint to the supervisory authority in your country.

Privacy Notice: Privacy Notice for US Customers
For customers residing in the USA:

Further to Mevian Medicare’s rights as outlined in the Privacy Notice, Mevian Medicare reserves the right to send you marketing communications by direct mail. In addition, we might share, sell, or exchange your personal information with other marketers for their marketing or commercial purposes or we might receive your personal information from other marketers for our marketing or commercial purposes.

As a part of our commitment to your privacy, Mevian Medicare supports and adheres to the guidelines and practices adopted by the Direct Marketing Association’s “Privacy Promise to American Consumers.” We have agreed to (1) provide customers with notice of their ability to opt-out of information rental, sale, or exchange with other marketers; (2) honor customers’ requests not to share their contact information with other marketers; and (3) honor customers’ requests not to receive mail, telephone, or other solicitations from Mevian Medicare.

You have privacy rights for the information we process about you. You can choose to opt out of third-party sharing or selling and object to our use of your Personal Information for online behavioral marketing and advertising purposes, delete your personal information, or access your personal information. To do so contact us using the details set forth at the end of this Privacy Notice.

Additional Information for Individuals Whose Personal Data is subject to the CCPA
Residents of the state of California have certain rights concerning their personal information under the California Consumer Privacy Act of 2018 (“CCPA”) as further described in this section. For this section, “personal information” has the meaning given to such a term in the CCPA. Please note that the rights under the CCPA do not apply to (i) Mevian Medicare personnel or job applicants seeking opportunities at Mevian Medicare or (ii) personnel working on behalf of business partners with whom we are conducting business.

Under certain circumstances, under the CCPA you may have the right to:

  • request that we disclose, free of charge, the categories, and specific pieces of personal information we collect about you (and, if applicable, sell or otherwise disclose to a third party and the categories of such third parties), the sources from which such personal information was collected, and the business purpose for collecting, selling, or disclosing such personal information.
  • choose the sale of your personal information.
  • request that we delete the personal information we have collected about you.

For the CCPA, “selling” information broadly means scenarios where we have shared personal information with partners in exchange for valuable consideration. We may share your personal information with third-party data cooperatives that assist us with direct mailing to customers and potential customers and, in exchange for this data, these co-op databases provide us with lookalike data from other consumers, which we use for marketing, advertising, and audience measurement purposes. This is considered a “sale” in the context of the CCPA. To opt-out of these “sales”, please click Do Not Sell My Personal Information.

We will not discriminate against any California resident who exercises the rights outlined in this section.

You have the right to appoint an authorized agent to exercise these rights on your behalf. If you want to exercise any of these rights or have your authorized agent exercise any of these rights on your behalf, then please contact us using the details set forth at the end of this Privacy Notice. To exercise any of these rights, we may need to request specific information from you or your authorized agent to help us confirm your identity and ensure your right to exercise these rights.

These rights are not absolute, and each is subject to certain exceptions or qualifications. For example, if you are currently an investor in one of our funds and you request that we delete the personal information we have collected about you, the CCPA permits us to deny such a request and retain your personal information to the extent necessary to manage the applicable fund and our business relationship with you in connection with that fund.

For consumers with disabilities who need to access this Privacy Notice in an alternative format, please contact us using the details set forth at the end of this Privacy Notice.

Contact Us

Should you have any questions or concerns relating to this Privacy Notice or the processing of Personal Information we hold about you, please contact us:
By email: [email protected]