Parker is a healthcare company subject to HIPAA. Protected Health Information (PHI) is exempt from CCPA and is governed by our HIPAA Privacy Practices Statement. This Notice applies to personal information that is not PHI or that is collected outside of our HIPAA-covered functions.
1. Introduction
This California Privacy Notice supplements the Parker Health, Inc. Privacy Policy and applies solely to California residents (“consumers” or “you”). This Notice describes how Parker Health, Inc. and its affiliates and subsidiaries (collectively, “Parker,” “we,” “us,” or “our”) collect, use, disclose, and otherwise process personal information of California consumers.
Important note about health information. Parker is a healthcare company subject to the Health Insurance Portability and Accountability Act (HIPAA). Protected Health Information (PHI) covered by HIPAA is exempt from the CCPA under California Civil Code § 1798.145(c)(1)(A). This Notice applies to personal information that is not PHI or that is collected outside of our HIPAA-covered functions. For information about how we handle PHI, please see our HIPAA Privacy Practices Statement at parkerapex.com/legal/hipaa-notice.
Definitions. Unless otherwise defined in this Notice, capitalized terms have the meanings given to them in the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and implementing regulations.
2. Scope and Application
2.1 Who this Notice applies to
This Notice applies to California residents whose personal information we collect as a business under the CCPA.
2.2 What this Notice does NOT cover
- Protected Health Information (PHI) governed by HIPAA
- Personal information collected about individuals acting as employees, job applicants, contractors, or agents (covered by a separate workforce privacy notice)
- Personal information collected in a business-to-business context about representatives of other businesses
- Publicly available information lawfully made available from government records
- Deidentified or aggregated information that cannot reasonably be linked to you
2.3 Relationship to other policies
This Notice supplements our general Privacy Policy. Where there are conflicts between this Notice and our Privacy Policy regarding California consumers, this Notice controls.
3. Information We Collect
3.1 Categories of personal information collected
We have collected the following categories of personal information from California consumers within the last twelve (12) months:
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, Social Security number, driver's license number, passport number, or similar identifiers | Yes |
| B. Personal Information Categories Listed in Cal. Civ. Code § 1798.80(e) | Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state ID number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information | Yes |
| C. Protected Classification Characteristics | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information | Yes |
| D. Commercial Information | Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies | Yes |
| E. Biometric Information | Physiological, biological, or behavioral characteristics that can be used to establish individual identity, including fingerprints, faceprints, voiceprints, iris or retina scans, keystroke patterns, gait patterns, sleep / health / exercise data | Yes (limited to health monitoring data) |
| F. Internet or Network Activity | Browsing history, search history, information regarding interaction with websites, applications, or advertisements | Yes |
| G. Geolocation Data | Physical location or movements | Yes (if location services enabled) |
| H. Sensory Information | Audio, electronic, visual, thermal, olfactory, or similar information | Yes (customer service recordings, telehealth video) |
| I. Professional or Employment Information | Current or past job history, performance evaluations (for healthcare provider credentialing) | Yes (limited context) |
| J. Non-Public Education Information | Education records directly related to a student maintained by an educational institution or party acting on its behalf | No |
| K. Inferences | Profile reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, aptitudes | Yes |
| L. Sensitive Personal Information | See Section 7 below for detailed information | Yes |
3.2 Specific data elements collected
Account & contact information
- Name, username, password
- Email address, phone number
- Mailing address, billing address
- Date of birth, age
- Account preferences and settings
Health & medical information
- Health conditions, symptoms, diagnoses
- Medications and prescriptions
- Treatment information
- Medical history
- Lab results and test results
- Healthcare provider information
- Insurance information
- Health-related lifestyle information (diet, exercise, sleep)
Biometric & device data
- Data from wearable health devices
- Heart rate, blood pressure, glucose levels
- Sleep patterns, activity levels
- Device identifiers and settings
Usage & technical information
- IP address, device identifiers
- Browser type and version
- Operating system
- Pages viewed, links clicked
- Time spent on pages
- Referring / exit pages
- Search queries
Financial information
- Payment card information (tokenized)
- Billing information
- Transaction history
- Insurance payment information
Communications
- Customer service inquiries
- Survey responses
- Telehealth session recordings (with consent)
- Messages sent through our platforms
3.3 Sources of personal information
Directly from you
- Account registration and profile creation
- Forms you complete
- Health assessments and questionnaires
- Purchases and transactions
- Customer service interactions
- Telehealth appointments
- Emails, calls, and messages you send us
Automatically from your devices
- Cookies and similar tracking technologies
- Web server logs
- Mobile applications
- Connected health devices and wearables
From third parties
- Healthcare providers and facilities
- Health insurance companies
- Pharmacy benefit managers
- Laboratory service providers
- Employers (if provided through workplace wellness program)
- Business partners and service providers
- Data analytics providers
- Marketing partners
- Social media platforms (if you connect accounts)
- Public databases and government agencies
From our affiliates and subsidiaries
- Shared across the Parker family of companies for coordinated care and services
4. How We Use Personal Information
4.1 Business and commercial purposes
Healthcare services & operations
- Providing healthcare services, telehealth, and related products
- Care coordination and case management
- Treatment planning and recommendations
- Medication management and adherence monitoring
- Disease management programs
- Population health management
- Quality improvement and outcomes measurement
- Healthcare operations as permitted by HIPAA (where applicable)
Account & service management
- Creating and managing your account
- Processing registrations and enrollments
- Authenticating your identity
- Providing customer support
- Responding to inquiries and requests
- Communicating about your account and services
- Sending service updates and notifications
Transactions & billing
- Processing payments and transactions
- Managing subscriptions and renewals
- Billing and collections
- Insurance claims processing
- Payment card processing (via third-party processors)
- Detecting and preventing fraud
Product & service improvement
- Understanding how our services are used
- Developing new products, services, and features
- Improving existing products and services
- Conducting research and analytics
- Testing and quality assurance
- User experience optimization
Personalization
- Customizing content and recommendations
- Tailoring health and wellness programs
- Personalizing communications
- Remembering preferences and settings
- Creating inferences about health interests and needs
Marketing & communications
- Sending promotional materials (with consent where required)
- Marketing our services and special offers
- Administering promotions, contests, and surveys
- Measuring marketing effectiveness
- Market research
Legal & compliance
- Complying with legal obligations
- Responding to legal requests and court orders
- Enforcing our terms and policies
- Protecting our rights and property
- Preventing fraud, abuse, and security incidents
- Complying with HIPAA, FDA, and other healthcare regulations
Security & safety
- Detecting and preventing security incidents
- Protecting against malicious, deceptive, or illegal activity
- Debugging and repairing errors
- Maintaining system security and integrity
- Verifying identity and preventing unauthorized access
Business operations
- Auditing interactions and transactions
- Internal research and analytics
- Short-term transient use (e.g., displaying search results)
- Managing business relationships
- Mergers, acquisitions, or asset sales
- Corporate governance
4.2 No sale of sensitive personal information
5. How We Share Personal Information
5.1 Categories of third parties
Service providers & contractors
- Cloud hosting and data storage providers
- Payment processors and financial institutions
- Customer service and support platforms
- Marketing and advertising services
- Analytics and data analysis services
- IT security and infrastructure services
- Communication platforms (email, SMS)
- Survey and research providers
Healthcare-related entities
- Healthcare providers and medical professionals
- Hospitals, clinics, and medical facilities
- Laboratories and diagnostic centers
- Pharmacies and pharmacy benefit managers
- Health insurance companies and payers
- Medical device and equipment providers
- Care coordination entities
Business partners
- Employers (for workplace wellness programs)
- Health plan sponsors
- Wellness program administrators
- Technology integration partners
- Joint marketing partners (with consent)
Affiliates & subsidiaries
- Other companies in the Parker family for coordinated services
Professional advisors
- Attorneys, accountants, and consultants
- Auditors and compliance advisors
Government & legal entities
- Law enforcement and regulatory agencies
- Courts and legal authorities
- Government health agencies (as required)
Corporate transaction parties
- Parties involved in mergers, acquisitions, or asset sales
- Due diligence advisors and potential buyers
Other users
- When you participate in public forums or communities (limited information only)
5.2 Disclosure for business purposes
In the preceding twelve (12) months, we have disclosed the following categories of personal information for business purposes:
- Category A — Identifiers: All categories of third parties listed above
- Category B — California Customer Records: Healthcare entities, service providers, professional advisors
- Category C — Protected Classifications: Healthcare entities (as necessary for care), service providers
- Category D — Commercial Information: Service providers, payment processors
- Category E — Biometric Information: Healthcare providers, service providers (health data platforms)
- Category F — Internet Activity: Analytics providers, service providers
- Category G — Geolocation Data: Service providers, healthcare providers (if relevant to care)
- Category H — Sensory Information: Healthcare providers, service providers (telehealth platforms)
- Category I — Professional Information: Healthcare credentialing entities
- Category K — Inferences: Healthcare providers, service providers
- Category L — Sensitive Personal Information: Healthcare entities, service providers (with appropriate safeguards)
5.3 No sale of personal information to third parties
We do not “sell” personal information in the traditional sense (i.e., exchange for monetary consideration). However, under the CCPA's broad definition of “sale,” certain data sharing practices may be considered a sale or sharing for cross-context behavioral advertising. See Section 6 for details.
6. Sale and Sharing of Personal Information
6.1 CCPA definitions
- “Sale” means sharing personal information with third parties for monetary or other valuable consideration.
- “Sharing” means disclosing personal information to third parties for cross-context behavioral advertising.
6.2 Our practices
Advertising and analytics.We use third-party advertising and analytics services that may collect information about your online activities over time and across different websites or applications. Under the CCPA's broad definitions, this may constitute “sharing” for cross-context behavioral advertising.
Categories potentially “shared” in the preceding twelve (12) months for cross-context behavioral advertising:
- Identifiers (online identifiers, IP addresses, device IDs)
- Internet or Network Activity Information
- Geolocation Data (general location, not precise)
- Inferences
Third parties this information may have been shared with:
- Advertising networks and platforms
- Social media companies
- Analytics providers
- Marketing technology companies
6.3 Your right to opt out
You have the right to opt out of the sale or sharing of your personal information.
- Online opt-out: visit parkerapex.com/do-not-sell
- Email: send to californiaprivacy@parkerapex.com with the subject line “Do Not Sell or Share My Personal Information.”
- Postal mail: Parker Health, Inc., Attn: California Privacy Rights, 818 18th St NW, Suite 810, Washington DC 20006
- Cookie settings: adjust your cookie preferences through our cookie banner or settings.
- Global Privacy Control (GPC): we recognize GPC signals — enable GPC in your browser settings.
6.4 We do not sell sensitive personal information
6.5 We do not sell information of minors
We do not sell or share personal information of consumers we know are under 16 years of age.
7. Sensitive Personal Information
7.1 Categories collected
Under CCPA § 1798.140(ae), “sensitive personal information” includes specific types of personal information. We collect and use the following categories:
| Sensitive Category | Collected | Purpose of Use |
|---|---|---|
| Social Security, driver's license, state ID, or passport number | Yes | Identity verification, compliance, fraud prevention |
| Account log-in, financial account, debit/credit card number + access credentials | Yes | Account access, payment processing |
| Precise geolocation | Yes | Location-based services (if enabled), emergency services |
| Racial or ethnic origin, religious or philosophical beliefs, or union membership | Limited | Healthcare quality metrics, cultural competency (only when voluntarily provided) |
| Contents of mail, email, and text messages (where Parker is not the intended recipient) | No | — |
| Genetic data | Limited | Genetic testing services (separate consent required) |
| Biometric information for unique identification | No | — |
| Health information | Yes | Healthcare services, treatment, care coordination |
| Sex life or sexual orientation information | Limited | Relevant healthcare services (only when necessary) |
7.2 Use of sensitive personal information
We use sensitive personal information only for the following purposes permitted by CCPA § 1798.121:
- Performing services or providing goods reasonably expected by an average consumer who requests those goods or services — including providing healthcare services, processing payments, and account management.
- Preventing, detecting, and investigating security incidents — fraud prevention, identity verification, protecting against unauthorized access.
- Resisting malicious, deceptive, fraudulent, or illegal actions and prosecuting those responsible.
- Ensuring physical safety of natural persons — emergency response, public health and safety.
- Short-term, transient use, including non-personalized advertising shown during your current interaction.
- Performing services on behalf of Parker — customer service, order fulfillment, verifying customer information, providing analytics, internal research for improving services.
- Verifying or maintaining quality or safety, and improving, upgrading, or enhancing our services.
- Collecting or processing sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about you.
- Purposes that do not infer characteristics about you (as defined in CCPA regulations).
7.3 Your right to limit use of sensitive personal information
You have the right to limit our use and disclosure of your sensitive personal information to only the permitted purposes listed above.
However, because we already limit our use of sensitive personal information to these permitted purposes, exercising this right will not change how we handle your sensitive personal information.
To exercise this right: email californiaprivacy@parkerapex.com or use the online request form.
7.4 Special note about health information
Most health information we collect is Protected Health Information (PHI) governed by HIPAA, which is exempt from CCPA. For information about how we use and disclose PHI, please see our HIPAA Privacy Practices Statement.
Health information collected outside of HIPAA-covered functions (e.g., wellness app data not connected to treatment) is sensitive personal information under CCPA and is subject to the protections described in this Notice.
8. Your California Privacy Rights
As a California consumer, you have the following rights under the CCPA:
8.1 Right to know
You have the right to request that we disclose what personal information we have collected about you, including:
- Categories of personal information collected
- Specific pieces of personal information collected
- Categories of sources from which we collected personal information
- Our business or commercial purposes for collecting, selling, or sharing personal information
- Categories of third parties to whom we disclose personal information
- Categories of personal information disclosed for a business purpose
- Categories of personal information sold or shared (if any) and the categories of third parties to whom sold or shared
Timeframe: you may request information about the preceding 12 months. Frequency: twice within a 12-month period.
8.2 Right to delete
You have the right to request that we delete personal information we collected from you, subject to certain exceptions. We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the information, provide a good or service requested, or reasonably anticipated within our ongoing business relationship.
- Detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible.
- Debug products to identify and repair errors.
- Exercise free speech, ensure another consumer's right to exercise free speech, or exercise another right provided by law.
- Comply with the California Electronic Communications Privacy Act.
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest.
- Enable solely internal uses reasonably aligned with consumer expectations.
- Comply with a legal obligation, including healthcare record retention requirements.
- Make other internal and lawful uses compatible with the context in which you provided the information.
8.3 Right to correct
You have the right to request that we correct inaccurate personal information we maintain about you. We will use commercially reasonable efforts, consider the nature of the information and purposes of processing, and may ask you to provide documentation supporting the correction.
8.4 Right to opt out of sale / sharing
You have the right to opt out of the sale or sharing of your personal information. See Section 6.3 for details.
8.5 Right to limit use of sensitive personal information
You have the right to limit our use and disclosure of your sensitive personal information to specified permitted purposes. See Section 7.3.
8.6 Right to non-discrimination
You have the right not to receive discriminatory treatment for exercising your CCPA rights. See Section 12.
8.7 Right to opt-in for minors
If you are between 13 and 16 years of age, you have the right to opt-in to the sale or sharing of your personal information. If you are under 13, your parent or guardian must opt-in on your behalf. We do not knowingly sell or share personal information of minors under 16.
9. How to Exercise Your Rights
9.1 Methods to submit requests
- Online request form: parkerapex.com/privacy-rights
- Email: californiaprivacy@parkerapex.com
- Postal mail: Parker Health, Inc., Attn: California Privacy Rights, 818 18th St NW, Suite 810, Washington DC 20006
- In-person: visit any Parker service location and speak with a privacy representative
9.2 Information required for requests
Minimum information:
- Full name
- Email address or phone number
- Sufficient detail to identify you in our systems
For Right to Know requests: specific categories or pieces of information requested; time period (up to 12 months).
For Right to Delete requests: confirmation that you want deletion; specific categories of information to delete (if not all).
For Right to Correct requests: specific information you believe is inaccurate; correct information; documentation supporting the correction (if applicable).
9.3 Response timeframe
- Initial response: within 10 business days of receipt.
- Complete response: within 45 days of receipt. If we need more time, we may take an additional 45 days (90 days total) and will notify you.
- Urgent requests: if you need faster processing due to health or safety concerns, please indicate this in your request.
9.4 How we deliver information
For Right to Know requests we will provide information by mail by default; you may request electronic delivery. For specific pieces of personal information we will use a secure method. For other requests we will confirm by email or your preferred method, with detailed information about actions taken.
9.5 Fees
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine a request is excessive we will notify you and explain why, may charge a reasonable cost-based fee, and you may withdraw your request before any fee is charged.
10. Verification Process
10.1 Why we verify
We must verify your identity before responding to requests to protect your privacy and security, prevent unauthorized access, comply with CCPA requirements, and prevent fraud.
10.2 Verification requirements
For Right to Know requests (categories)
- Match at least two data points we have on file (e.g., name + email, name + phone)
- Confirm account access (if you have an account)
For Right to Know requests (specific pieces)
- Match at least three data points we have on file
- Signed declaration under penalty of perjury that you are the consumer
- May require additional documentation (e.g., government ID)
For Right to Delete requests
- Match at least two data points for low-risk deletions
- Match at least three data points for high-risk deletions
- Signed declaration for sensitive information
For Right to Correct requests
- Match at least two data points
- Provide documentation supporting the correction
10.3 Verification methods
For account holders: log in to your account; provide account credentials; respond to security questions; confirm email or phone via verification code.
For non-account holders: provide identifying information; match information to our records; submit government-issued ID (for high-risk requests); sign declaration under penalty of perjury.
Additional verification for highly sensitive requests may include notarized declaration, additional documentation, phone verification, or multi-factor authentication.
10.4 If we cannot verify
If we cannot verify your identity we will notify you, explain why verification failed, provide instructions on how to provide additional information, and may offer alternative methods. If verification remains impossible we may deny the request and explain our reasons. If we can verify some but not all information, we may provide a partial response.
10.5 Use of verification information
Information collected for verification will be used only to verify your identity, will not be used for other purposes, will not be retained longer than necessary, and will not be disclosed except as required by law.
11. Authorized Agents
11.1 Using an authorized agent
You may designate an authorized agent to make requests on your behalf. An authorized agent may be a natural person or business entity, someone you have given written permission to act on your behalf, someone registered with the California Secretary of State to act on your behalf, or someone authorized under a power of attorney pursuant to California Probate Code sections 4000–4465.
11.2 Requirements for authorized agent requests
The authorized agent must:
- Provide proof of authorization to act on your behalf.
- Submit a valid power of attorney OR written permission signed by you.
- Provide their own identity verification.
- Provide your identity verification (in most cases).
11.3 Direct verification may still be required
Even with an authorized agent, we may require you to directly verify your identity, directly confirm you gave the agent permission to submit the request, or contact you to confirm the request. This additional verification protects you from unauthorized access to your information.
11.4 Denying authorized agent requests
We may deny a request from an authorized agent if the agent cannot provide proof of authorization, we cannot verify your identity or the agent's authority, we have a reasonable suspicion of fraud, or the agent fails to cooperate with verification processes.
11.5 Submitting authorized agent requests
Authorized agents should clearly identify themselves as an authorized agent in the initial request, submit all required documentation with the initial request, use the same submission methods described in Section 9.1, and include both the consumer's information and the agent's contact information.
12. Non-Discrimination
12.1 Your rights
You have the right not to receive discriminatory treatment by us for exercising your CCPA privacy rights. We will not deny you goods or services, charge you different prices or rates, provide a different level or quality of goods or services, or suggest that you may receive a different price or quality for exercising your rights.
12.2 Permissible differences
We may offer financial incentives for the collection, sale, or deletion of your personal information, provided the incentive is reasonably related to the value of your personal information, we provide notice and obtain your opt-in consent, and the terms are clearly explained. We may charge different prices or provide different levels of quality if the difference is reasonably related to the value provided by your personal information and is permitted under CCPA regulations.
12.3 Current financial incentive programs
If we implement such programs in the future we will provide separate notice, obtain your opt-in consent, explain the material terms, and you may opt-out at any time.
12.4 Reporting discrimination
If you believe we have discriminated against you for exercising your privacy rights, contact us at californiaprivacy@parkerapex.com, file a complaint with the California Attorney General at oag.ca.gov, or pursue legal action where applicable.
13. Retention of Personal Information
13.1 Retention criteria
We retain personal information only as long as necessary for the purposes for which it was collected, legal/regulatory/contractual obligations, resolving disputes and enforcing agreements, and legitimate business purposes.
13.2 Retention periods by category
| Category | Retention |
|---|---|
| Account information — active accounts | Duration of relationship |
| Account information — closed accounts | 2–7 years depending on legal requirements |
| Marketing contacts | Until you opt out or 3 years of inactivity |
| Health records & PHI | Minimum 6 years from date of creation or last use (HIPAA); 7–10 years or longer as required by state law; minors: until age of majority + 6–10 years |
| Mental health records | May require longer retention |
| Financial & billing records | 7 years for tax and audit purposes |
| Payment card information | Deleted or tokenized immediately after processing |
| Insurance claims | 6–10 years depending on requirements |
| Customer service records | 3–5 years |
| Recorded calls | 1–3 years unless required for legal matters |
| Chat transcripts | 3 years |
| Web logs | 1–2 years |
| Analytics data | 2–3 years (aggregated data may be kept indefinitely) |
| Cookie data | As specified in Cookie Policy (typically 6–24 months) |
| Suppression lists (opt-outs) | Maintained indefinitely to honor opt-out |
| Provider credentialing | 7 years after end of relationship |
| Background checks | As required by healthcare regulations |
| Records related to legal matters | Duration of matter + 7 years |
| Regulatory compliance records | As required by law (often 6–10 years) |
13.3 Deletion methods
When personal information reaches the end of its retention period: secure deletion of electronic records using industry-standard methods; shredding of physical records; deidentification or aggregation where appropriate; return or destruction as required by contract.
13.4 Extended retention
We may retain personal information longer than stated periods if required by law or regulation, necessary for litigation or government investigation, necessary to protect rights/property/safety, required under contract, you request extended retention, or needed to complete ongoing transactions.
13.5 Checking retention
To inquire about retention of your specific personal information, submit a Right to Know request (Section 9) or contact californiaprivacy@parkerapex.com.
14. California Shine the Light Law
14.1 Civil Code Section 1798.83
California Civil Code Section 1798.83 (the “Shine the Light” law) permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
14.2 Our practice
We do not share personal information with third parties for their own direct marketing purposes without your consent. If our practices change, we will update this Notice and provide opt-out options as required.
14.3 Shine the Light requests
To make a Shine the Light request, email californiaprivacy@parkerapex.com with the subject “Shine the Light Request” and include your name, mailing address, and that you are a California resident. We will respond within 30 days.
15. Children's Privacy
15.1 Age restrictions
Parker Web Sites and Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13 without verifiable parental consent. For children ages 13–17, we require parental or guardian consent for certain activities and information collection.
15.2 Parental rights
If you are a parent or guardian of a California minor (under 18) you have the right to: access personal information we have collected from your child; request deletion of your child's personal information; refuse further collection or use of your child's information; object to the sale or sharing of your child's information (we do not sell or share minors' information).
Minors under 16: we do not sell or share personal information of minors we know are under 16 years of age without affirmative opt-in consent.
15.3 Teen privacy
California minors under 18 have the right to request removal of content they posted publicly on our Services. To request removal: email californiaprivacy@parkerapex.com with subject “Minor Content Removal Request” and specify the content to be removed. Removal does not ensure complete deletion if the content has been shared, copied, or stored by others.
15.4 Reporting underage users
If you believe we have inadvertently collected information from a child under 13, contact californiaprivacy@parkerapex.com and we will promptly delete the information.
16. Changes to This Notice
We reserve the right to update or modify this California Privacy Notice at any time to reflect changes in our information practices, California privacy laws, services we offer, and technologies we use.
For material changes we will provide prominent notice on our website, may send email notification, and will update the Effective Date at the top of this Notice. For non-material changes we will update the Effective Date and changes become effective upon posting.
Continued use of Parker Web Sites after changes are posted constitutes your acceptance of the updated Notice. If you do not agree to changes, you should discontinue use and may request deletion of your personal information.
The current version is always available at parkerapex.com/legal/california-privacy. Upon request, we can provide copies of previous versions of this Notice — contact californiaprivacy@parkerapex.com.
17. Contact Information
17.1 California privacy inquiries
- Email: californiaprivacy@parkerapex.com
- Online request form: parkerapex.com/privacy-rights
- Postal mail: Parker Health, Inc., Attn: California Privacy Rights Officer, 818 18th St NW, Suite 810, Washington DC 20006
17.2 Other inquiries
- General privacy: privacy@parkerapex.com
- Data Protection Officer (GDPR): dpo@parkerapex.com
- HIPAA Privacy Officer: hipaa.privacy@parkerapex.com
- Security incidents: security@parkerapex.com
- Accessibility: accessibility@parkerapex.com
17.3 California Attorney General
To file a complaint with California regulators: California Attorney General's Office, Consumer Privacy Section. Website: oag.ca.gov. Phone: (916) 210-6276. Address: Office of the Attorney General, ATTN: Privacy Unit, 1300 I Street, Sacramento, CA 95814.
Appendix A — California Privacy Rights Summary
| Right | What it means | How to exercise |
|---|---|---|
| Right to Know | Request information about what personal information we collect, use, and share | Submit request via online form, email, or phone |
| Right to Delete | Request deletion of your personal information (with certain exceptions) | Submit request via online form, email, or phone |
| Right to Correct | Request correction of inaccurate personal information | Submit request via online form, email, or phone |
| Right to Opt-Out | Opt out of sale/sharing of personal information | Visit Do Not Sell page, email, phone, or use GPC |
| Right to Limit Use of Sensitive Info | Limit use of sensitive personal information | Submit request (though we already limit to permitted uses) |
| Right to Non-Discrimination | Not be discriminated against for exercising rights | Automatic — report violations if they occur |
Appendix B — Personal Information Collection Table
Detailed 12-month collection summary:
| Category | Collected | Used | Disclosed for Business Purpose | Sold/Shared |
|---|---|---|---|---|
| A. Identifiers | Yes | Yes | Yes | Shared (advertising identifiers only) |
| B. CA Customer Records | Yes | Yes | Yes | No |
| C. Protected Classifications | Yes | Yes | Yes | No |
| D. Commercial Information | Yes | Yes | Yes | No |
| E. Biometric Information | Yes | Yes | Yes | No |
| F. Internet Activity | Yes | Yes | Yes | Shared (for analytics/advertising) |
| G. Geolocation | Yes | Yes | Yes | Shared (general location only) |
| H. Sensory Information | Yes | Yes | Yes | No |
| I. Professional Information | Yes | Yes | Yes | No |
| J. Education Information | No | — | — | — |
| K. Inferences | Yes | Yes | Yes | Shared (for advertising) |
| L. Sensitive Personal Information | Yes | Yes | Yes | No |
Notes. “Sold/Shared” refers to the CCPA definition, primarily related to advertising and analytics. We do not sell/share health information, financial information, or government identifiers. Most sharing is limited to advertising identifiers and usage data for advertising optimization. You can opt out of sale/sharing at any time.
This California Privacy Notice is effective February 15, 2026 and supersedes all previous California privacy notices. © 2026 Parker Health, Inc. All rights reserved.