Schedule a demo
GoWell Enrollment
Benefits enrollment automated from broker to employee.
ICHRA Advantage
Health insurance. Different.
GoWell Broker Portal
All your broker tools in one place.
Lunchtime webinars
Informative webinars for brokers and employers.
News & updates
Stay up to date with insurance industry best practices and trends.
Sign In
Get in touch
(833) 866-0004 or email

Privacy Policy

Last Updated:  10/2022 

This Privacy Policy explains how personal information is collected, used and disclosed by GoWell, Inc., dba GoWell Benefits and its subsidiaries (collectively, “GoWell ,” “we,” “us” or “our”) when users access our software (, including through our associated point-of-sale, on-line or mobile applications (the “Site”), for insurance benefits, financial, and other services (collectively, the “Services”). By accessing the Site or using the Services, you agree to Go Well’s collection, use and disclosure of your personal information as outlined in this Privacy Policy. [If you access our Services through your employer, or another entity (our “Customer”), please note that some of this data and your account may be controlled by the Customer and we process this data at their direction.  

1. Information We Collect and How We Collect it 

When you access our Site or use the Services, we collect and store certain information about you, including “personal information.” Personal information is information that, alone or in combination with other information in our possession, could be used to personally identify you. We collect the following categories of personal information and other information as described below. 

A. Information you provide 

Information You Provide Directly. We may collect or receive the following categories of personal information when you, your employer, or your employer’s designated administrator or broker or accountant access the Site, request to receive information about GoWell or its Services, create a Customer or User account, set up the User or the beneficiaries of that User, verify the User identity, use any of the Services, or otherwise communicate with us, including through customer support channels.  This includes: 

  • Identification Information, such as:  Name, mailing address, email address, phone number, birthdate, Social Security number, Taxpayer Identification number. 
  • Taxpayer Information, such as:  Federal Employer Identification Number (FEIN), Tax withholding selections, including how many dependents you have, jobs you’ve worked in a year, and your tax filing status. 
  • Health and Welfare Benefits Information, including: Identification information listed above for you and your dependents; insurance benefits elections; and health information that may be used to help an underwriter or carrier quote a policy. 
  • Insurance policy information, including plan numbers, benefits and coverage information, and premium amounts. 
  • Life events and conditions that impact benefits eligibility, including marital status, employment information, and illness or disability information. 
  • Financial Information, such as: Bank account and routing numbers, Bank account balance and transaction information. 
    • We may collect information, including personal information, that you voluntarily provide to us when you:  
      • participate in surveys 
      • register for, attend, or participate in conferences, webinars, or events 
      • provide us feedback or comment on our blogs or social media pages 
      • submit information to us so that we can assess potential business opportunities 
      • apply for a job position with us 

B. Information collected automatically 

We may automatically collect certain information when you access the Site or use the Services.  While we do not do this currently, we may collect information if it helps us protect your privacy and identity or for business purposes in furtherance of providing our services to you.   

This information could include: 

  • Communication Information, such as: audio, electronic, or visual information, which includes screen sharing views, any data in any files uploaded, emailed or otherwise provided by Customers, the contents of your communications with us, whether via email, social media, telephone or otherwise and inferences we may make from other Personal Information we collect. 

    We collect this information for the uses stated in this policy or to provide accommodations under applicable law including the Americans with Disabilities Act, or if self-service, or API connections are not available. 
    • Electronic & Online Identifiers (IDs), such as:  If on a mobile device: mobile carrier, device IDs, and mobile advertising IDs;  
      • If using a browser: operating system, browser type, and Internet Protocol (IP) address 
      • Internet Activity Information, such as: 
        • Your “log-in” and “log-out” information 
        • Pages you visit, links you click, and the content you view on the Site 
        • Single Sign-On Information (SSO) that allows us to verify your authorized access to the Services from another service you use and with which we partner, such as your email. 
        • We do not collect information using Tracking Technologies 
      • Third-party analytics tools, including: 
        • Google Analytics. For more information, visit Google Analytics’ Privacy Policy  
        • Used for Marketing, Sales and SEO tools for GoWell Benefits website (

We use Electronic and On-line Identifiers for the following purposes: 

  • when it is operationally necessary for us to provide you access to our Site or Services. This also includes tracking behavior in order to protect against irregular, fraudulent, or possibly illegal behavior on our Site or Services 
  • to assess the performance of how you and others use our Site and Services (for more information, read the Analytics section below) 
  • to enhance the functionality of our Site or Services. This includes identifying you when you sign into our Services and keeping track of your preferences, interests, or past items viewed 

Social Media Platforms. Our Services may contain social media buttons such as Facebook, LinkedIn, Twitter, and Instagram (that might include widgets such as the “share this” button or other interactive mini programs). These features may collect your IP address, which page you are visiting on our Services, and may set a cookie to enable the feature to function properly. Your interactions with these platforms are governed by the privacy policy of the company providing it.  

C. Information collected from third parties 

We may collect and receive information about you, including personal information, from third parties, such as your employer, your employer’s benefits broker, accountant or service providers, financial institutions, credit bureaus, insurance carriers and third-party administrators, in addition toour service providers, for the purposes described in this Privacy Policy 

We may use PIOPAC Fidelity, a licensed bonded TPA and technology provider (“Piopac”) to collect information from financial institutions. By connecting your bank account using Piopac and agreeing to our terms of service, you acknowledge and agree that such information will be treated in accordance with Piopac’s Privacy Policy. 

We may use ECHO Health, Inc., a payment processor for the health and insurance industry (“ECHO”) to collect information from financial institutions.  By complying with our terms of service, we will share your bank account information with ECHO, and you acknowledge and agree that such information will be treated in accordance with ECHO’s Privacy Policy. 

2. How We Use Your Information 

We use information that we collect about you for the following purposes: 

To develop and provide you with the Site and Services, including to: 

  • operate the Site, manage accounts, and provide the Services 
  • determine your eligibility for our Services and our Carrier and Third-Party Product partners’ programs 
  • improve, personalize, and enable your use of the Site and Services  
  • develop new products and features 
  • To protect GoWell, our Users, and the public, and comply with applicable law, regulation, or legal process, including to: 
    • validate user information for fraud and risk detection purposes 
    • resolve disputes and protect the rights of users and third parties 
    • respond to legal process (such as subpoenas and court orders)  
    • monitor and enforce compliance with the applicable Terms of Service 
    • prevent or stop any activity that may be illegal, unethical, or legally actionable 
    • To operate our business, including to: 
      • process payment transactions 
      • manage and enforce contracts with you or with third parties 
      • manage our corporate governance, compliance and auditing practices 
      • generate anonymized or aggregated data  
  • To communicate with you as part of your use of Services, including to: 
    • respond to requests or questions you submit to our support staff  
    • send you surveys and get your feedback about the Services 
    • otherwise contact you with Services-related notices 
  • To advertise and market to our Customers such as Brokers, Carriers and Employers, including to: 
    • determine your eligibility for certain programs, events, and offers 
    • inform you of our or our partners’ products, services, features or promotions  
    • provide you with newsletters, articles, reports, and announcements  
    • develop “interest-based” or “personalized advertising,” including through cross-device tracking 
  • For any other purpose for which you, your employer, or your employer’s agent expressly authorize us to use your information. 

3. When and with Whom We Share Your Information 

We will only share your information with the categories of third parties listed below for the purposes described above in the “Use of Your Information” section, unless otherwise noted at the point of collection. 

  • Service Providers that have signed an agreement with us that limits how they use your information and promises to keep your information confidential. Examples include: 
    • banks, financial institutions, payment processors and credit bureaus 
    • companies or organizations that provide services such as website hosting (ex: Azure), customer management (ex: Hubspot) and customer service 
    • Business Partners with whom we jointly offer products or services. Examples include: 
      • insurance carriers and third-party administrators, for users of the Benefits Service. We will share your protected health information (as defined in 45 C.F.R. Part 160) only as is (i) authorized by you; (ii) necessary for us to provide you with the Benefits Service; and (iii) compliant with the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH”), as amended from time to time. 
      • third-party partners that provide services through our Site or Services, such as accounting software and commission systems), payroll companies, PEO companies and 401(k) management providers 
      • Some partners offer you their services through GoWell ’s Application Program Interface (API) or Software Development Kits (SDKs). For more information about GoWell ’s use of APIs and SDKs, please contact us.  
    • Government agencies, including taxing authorities and their authorized collectors, in the United States, only as necessary for us to provide you with the Services. 
    • Other parties under the circumstances described below: 
      • for legal reasons, including:  with companies that verify your identity for us and detect fraud, with legal and financial advisors, auditors, and examiners 
      • with companies that may acquire us, if we are involved in a merger, acquisition, or sale of assets. 
      • to comply with applicable law, regulation, or legal process, including to: 
      • comply with law enforcement or national security requests 
      • comply with legal process, such as a court order or subpoena (including in a country other than your home country)  
      • protect your, our, or others’ rights, property, or safety  
      • enforce our policies or contracts and collect amounts owed to us  
      • assist with an investigation or prosecution of suspected or actual illegal activity 
      • for any other purpose and to any other person with whom you, your employer, or your employer’s agent expressly authorize us to share your information. 

 4. Your Privacy Choices and Rights 

Your Privacy Choices. The privacy choices you may have about your personal information are determined by applicable law and are described below.  

Email and Text Messages. You can opt out of our promotional emails by using the unsubscribe link located at the bottom of our promotional emails, contacting us as described below, or visiting https://go.GoWell .com/pls-dont-leave-us.html. You can opt out of text messages from us by replying “STOP” or contacting us as described below. If you decide to opt-out, we may still send you non-promotional communications such as your payday emails and messages about your account related to your benefits choices as instructed by our Customers who may be your Employer. 

Mobile Notifications. We may send you push notifications through SMS text messages or through our mobile app as instructed by our Customer.  You can opt out from receiving push notifications by changing the settings on your mobile device. 

“Do Not Track.” Do Not Track (“DNT”) is a privacy setting you can set on some web browsers that signals to websites like ours that you don’t want your online activities to be tracked. At this time, we do not respond to DNT signals sent to us by your web browser. 

You may stop us from personalizing our advertisements to you on some mobile applications by following the instructions for Android, iOS, and others. You may also opt out of receiving targeted ads from advertising partners that participate in self-regulatory programs, such as the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada.  

 5. Important Information 

Security and Storage of Personal Information 

We employ administrative, physical, and technical measures designed to protect your information from unauthorized access and to comply with applicable privacy laws in the states and countries in which we operate. Our data is encrypted at rest and in transit. All data is stored in Microsoft Azure databases, with recommended Microsoft update patches.  The system is monitored by Microsoft Defender. Customer data is compartmentalized, and access is restricted to Customer administrators and authorized users, which may include GoWell employees.  Your personal information will be kept on our servers or on those of our service providers and only those employees that require it for the purposes of their duties will have access to your personal information.  GoWell manages access to data through security groups and permissions.   Your personal information will be kept for as long as required by law or regulation and will be deleted by bulk manual deletion from the servers after the time has expired or per agreements with our Customers.   We have also implemented controls which require our third-party service providers and partners to have appropriate safeguards to protect your personal information.  However, despite these efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed to prevent any interception or other type of misuse. We also depend on you to protect your information. If you become aware of any breach of security or privacy, please notify us immediately. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure. 

Deletion and Modification of Personal Information  

You as a user can request to delete information on the active website, but it may limit your access to healthcare and other benefits.   You have the ability to modify your personal information through the GoWell portal using your login credentials.   

Users who wish to delete their data should email for requests.   

Action will be taken within 35 days of such request.   GoWell will retain your data for 7 years and will batch delete all such information at the expiration of the retention period.  Such information if requested for deletion may be removed from an active website but retained in archive for compliance and regulatory purposes.  

The data controller will generally not have the ability to process a user’s personal information.  This is limited to authorized users related to those accounts including brokers, administrators, employers and insurance companies.    GoWell does not port information technically, however, if a user elects to carry coverage forward with COBRA, or an employer chooses another broker as its authorized user, information may be transferred or exported and imported through a csv file upload  

International Data Transfers 

All information processed by GoWell, or our service providers may be transferred, processed, or stored anywhere in the world, including in countries that may have data protection laws that are different from the laws where you live. Your information may be accessible to the courts, law enforcement, and national security authorities of the United States. We endeavor to safeguard your information consistent with the requirements of applicable laws.  

Links to Other Sites 

This Privacy Policy only covers the privacy practices of GoWell. It does not apply to the practices of third-party websites, services, or applications, including those Customers and Partners we have integrated with, including Brokers, Carriers, or your Employers.  Third-party services handle your information in accordance with their own practices and privacy policies. We are not responsible for their policies, practices, or handling of your information. 

Our Policy Toward Children 

The Service is not directed to children under 13. However, if a child under the age of 13 is a dependent on a benefits plan covered by the Benefits Service, we may collect information about the child (solely as needed to provide the Benefits Service) from the child’s parent or legal guardian, or from insurance carriers and third-party administrators.  

Verifiable Consumer Requests 

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. In order to verify your request, we will ask you to provide your name, email address, and certain other pieces of identifying information. Once you have submitted this information and any necessary supporting documentation, we will confirm the information by reviewing it against GoWell ’s records. To designate an authorized agent, please contact us as set forth below. 

Changes to this Privacy Policy 

Any information that we collect is subject to the Privacy Policy in effect at the time such information is collected. We may, however, modify and revise our Privacy Policy from time to time. If we make any material changes to this policy, we will notify you of such changes by posting them on the Site, informing you through the Services, or sending you an email or other notification, and we will indicate when such changes will become effective. By continuing to access or use the Site or the Services after those changes become effective, you agree to be bound by the revised policy. 

Contact Information 

If you have any questions about our privacy practices or this Privacy Policy, or to exercise your privacy rights as detailed in this Privacy Policy, please contact us at: 


Attn: Privacy Program Director 


Some states in the United States and some countries outside the United States provide you with specific rights to access, modify, and delete your personal information. Some states and countries also have rules and obligations for GoWell to follow about how we communicate privacy-related information to you. This privacy policy is designed to comply with the various state and country requirements and will be updated periodically to try to meet the laws where we have a significant presence. We recognize, however, that states and countries enact new laws, or change their laws, in the privacy area frequently.