California Privacy Notice (CCPA/CPRA)
Last updated: 5/27/2025
This notice supplements the MedicareGuideline Privacy Policy and applies only to California residents. It explains your rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together, the “CCPA/CPRA”). “Personal information” here includes “sensitive personal information” as defined in the statute.
At‑a‑Glance: Your Key Rights
- Know / Access – what data we hold and how we use it
- Delete – ask us to erase your data
- Correct – fix inaccurate data
- Opt‑Out – stop the sale or sharing of your data and limit sensitive‑data use
- Portability – get a copy in a portable format
- Automated Decision‑Making – opt out of significant automated decisions (when rules take effect)
- Non‑Discrimination – no penalty for exercising your rights
We honor browser‑level Global Privacy Control (GPC) signals as valid opt‑out and sensitive‑data‑limit requests. We do not knowingly sell or share personal information of anyone under 16 without opt‑in consent.
1. Detailed Description of Your Rights
| Right | What it means (plain language) | Response timeline* |
|---|---|---|
| Know / Access | Ask for the categories or specific pieces of personal information we collected, used, disclosed, sold, or shared in the past 12 months. | 45 days (may extend once for another 45 days) |
| Delete | Ask us to delete personal information we collected from you. | 45 days |
| Correct | Ask us to fix inaccurate personal information we hold. | 45 days |
| Opt‑Out of Sale or Sharing | Tell us not to sell or share your data for cross‑context behavioral ads. | 15 business days |
| Limit Use of Sensitive PI | Restrict use/disclosure of sensitive data (e.g., exact location, account log‑ins) to what is “necessary and proportionate.” | 15 business days |
| Opt‑Out of Automated Decisions | Opt out of significant automated decision‑making and learn about the logic used (effective when final regulations are issued). | Per CPPA regulations |
| Portability | Receive a copy of your personal information in a portable format. | 45 days |
| Non‑Discrimination | Receive equal service and pricing even when you exercise privacy rights (except for lawful loyalty or incentive programs). | – |
*We will confirm receipt of any request within 10 business days.
2. Categories of Personal Information Collected & Disclosed (Past 12 Months)
| Category (Cal. Civ. Code §1798.140) | Collected | Disclosed for a Business Purpose* | Sold / Shared** |
|---|---|---|---|
| Identifiers (e.g., name, postal address, IP, email, phone) | ✔︎ | ✔︎ | ✘ |
| Customer Records (e.g., policy or inquiry information) | ✔︎ | ✔︎ | ✘ |
| Protected Classification Traits (e.g., age, disability) | ✔︎ | ✔︎ | ✘ |
| Commercial Information (e.g., products or services requested) | ✔︎ | ✔︎ | ✘ |
| Internet / Network Activity (e.g., log‑files, page interactions) | ✔︎ | ✔︎ | ✘ |
| Geolocation (coarse, derived from IP) | ✔︎ | ✔︎ | ✘ |
| Audio / Visual Recordings (calls you initiate to us) | ✔︎ | ✔︎ | ✘ |
| Sensitive PI (account log‑ins, health‑plan selection data) | ✔︎ | ✔︎ | ✘ |
| Inferences (preferences inferred from your interactions) | ✔︎ | ✔︎ | ✘ |
* “Disclosed for a Business Purpose” means we may share data solely with trusted service providers (e.g., secure hosting or analytics vendors) who are contractually bound to use it only to operate, secure, or improve this Site and our one‑to‑one Medicare communications.
** “Sold” or “Shared” have the meanings in the CCPA/CPRA. MedicareGuideline has not sold or shared any personal information in the past 12 months and does not engage in cross‑context behavioral advertising.
We do not knowingly sell or share personal information of individuals under 16 years of age, and no partner list is applicable because your data is never transferred to third parties for their independent marketing.
3. Why We Collect, Use, and Disclose Your Information
We use personal information to:
- Provide, maintain, and improve our services
- Prevent fraud and ensure security
- Deliver and measure advertising and marketing
- Process transactions and customer support requests
- Perform analytics and research
- Comply with legal obligations
Sensitive personal information is used only for purposes the law calls “necessary and proportionate,” such as authentication and fraud prevention.
4. How to Exercise Your Rights
| Method | How to submit |
|---|---|
| Send a message to opt-out@medicareguideline.com with the subject line “Do Not Sell or Share” | |
| Universal Signal | Enable GPC or another state‑approved universal opt‑out mechanism in your browser |
When you (or your authorized agent) send a request, we will verify your identity by matching the information provided (e.g., name, email, phone, recent interactions) with our records. Authorized agents must present a signed authorization or power of attorney and may need to verify their own identity.
5. Data Retention
We keep personal information only as long as necessary for the purposes described above or as required by law. Specific retention periods are listed in our Data Retention Schedule (see the Privacy Policy or request a copy).
6. Financial Incentives & Loyalty Programs
Occasionally we may offer programs—e.g., a one‑time coupon for joining our newsletter. We will disclose:
- The material terms of the program
- The categories of personal information involved
- How the value of the incentive is reasonably related to the data provided
Participation is voluntary. You can withdraw at any time (for example, by clicking “unsubscribe” in marketing emails or contacting us through the channels in Section 4).
7. California “Shine the Light” (Civ. Code §1798.83)
Once per calendar year, California residents may request a list of third parties to whom we disclosed personal information for their direct‑marketing purposes. Send your written request to:
Attention: Privacy / Shine the Light
MedicareGuideline
2637 E Atlantic Blvd #12566
Pompano Beach, FL 33062
8. California Minors
If you are a California resident under 18 and a registered user, you may ask us to remove content you posted by emailing opt-out@medicareguideline.com with the subject “California Minor Content Removal.” Removal may not be comprehensive—for example, when another law requires retention or when the content has been re‑posted by others.
9. Delete Act (SB 362) Notice
Starting January 1, 2026, California residents may use the California Privacy Protection Agency’s Delete Request & Opt‑Out Platform (“DROP”) to request deletion of data held by data brokers. We will treat valid DROP submissions as CCPA/CPRA deletion requests.
10. Accessibility & Alternate Formats
If you need this notice in an alternate format (e.g., large print, Braille, audio), please email opt-out@medicareguideline.com.
11. Updates to This Notice
We may revise this notice from time to time. Material changes will be posted here at least 30 days before they take effect, and the “Last updated” date will be revised.
12. Contact Us
Email: opt-out@medicareguideline.com
Mail: 2637 E Atlantic Blvd #12566, Pompano Beach, FL 33062