Privacy Policy

Last modified on: April 15, 2026

Lucie, Inc. Notice of Privacy Policy

Welcome to the website of Lucie, Inc. (fka INSXCloud, Inc.) (referred to herein as “Lucie”), a company that provides information and services to help you find, enroll in, and make the best use of your marketplace health insurance! Lucie is committed to protecting and respecting your privacy. This Privacy Notice describes how we collect, use, protect and share information about you that we obtain when you access and use our website, including when you register for an account, request a quote, or submit questions or feedback. The Privacy Notice also applies to information that we obtain when you communicate or interact with us outside of the website, including by e-mail, telephone and otherwise (together, the “Services”).

Lucie Commitment to Data Privacy Protection

At Lucie, we know how important your privacy is to you. We are committed to protecting any Personal Information that you provide us on this website according to applicable laws, regulations and accreditation standards and practices. We are constantly evaluating new administrative, technical, and physical safeguards for protecting your information. We urge you to read our Privacy Policy so that you will understand both our commitment to you and your privacy, and how you can participate in that commitment.

Please read this Privacy Notice carefully before you use our website or communicate with us. Changes to this Privacy Notice are discussed at the end of this document.

BY ACCESSING OR USING OUR WEBSITE/PLATFORM, OR COMMUNICATING WITH US OUTSIDE OF THE WEBSITE, YOU ACKNOWLEDGE THE TERMS OF THIS NOTICE AND AGREE TO BE BOUND AND ABIDE BY THE TERMS OF USE AS WELL AS ANY PRACTICES DESCRIBED IN THIS PRIVACY POLICY, WHICH MAY BE UPDATED AND AMENDED FROM TIME TO TIME. IF YOU DO NOT AGREE TO THE TERMS OR THIS PRIVACY POLICY, YOU MUST NOT ACCESS OR USE OUR WEBSITE OR OTHERWISE COMMUNICATE WITH US.

Health Information

In some circumstances, our collection and use of Personal Information is subject to the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”). Identifiable information we collect will be treated as Protected Health Information (“PHI”) and subject to HIPAA to the extent provided by law. The applicable Notice of Privacy Practices will apply and supersede this Notice in the event of any conflict. You can access your Notice of Privacy Practices by reaching out to your health plan.

The Information We Collect

Personal Information We Collect

We may collect information that describes or relates to you and is classified as Personal Information or Personal Data under applicable state laws (collectively, “Personal Information”).

Personal Information does not include:

Publicly available information as defined under applicable state laws
De-identified or aggregated information as defined under applicable state laws
Other information excluded from the applicable state laws, including but not limited to Personal Information governed by HIPAA

In the past 12 months, we may have collected these categories of Personal Information:

Direct and Personal Identifiers, such as name, email, user name and password, your mailing address, your tax identification number or social security number;
Demographic Information, such as date of birth and gender;
Commercial Information, such as transaction information and purchase history
Payment or Banking Information, such as payment card information, bank account number;
Internet or Electronic Network Activity, such as such as browsing history, interactions with our website, Internet Protocol (IP) address, timestamps, pages and endpoints accessed, Media Access Control (MAC) address; device and browser metadata (e.g., user agent, language), query parameters, and in limited cases, request payloads necessary to process your requests; (for more information, see the Cookies and Other Tracking Technologies section, below);
Geolocation Information such as device location:
Audio, Visual or Other Information such as call and video recordings;
Professional or Employment-Related Information such as place of employment and job title;
Inferences, such as conclusions that we develop about you using the data set forth above; and
Sensitive Personal Information, such as information listed above, like geolocation, your Social Security or Driver’s License number, your login and password information for certain Services, may also qualify as sensitive Personal Information.

The provision of the sensitive Personal Information listed above is voluntary. In certain instances, we will not be able to process your request for our Services without the requested sensitive Personal Information.

How we Collect your Personal Information

We collect your Personal Information in the following ways, pursuant to applicable law:

Directly From You, such as when you use our Services, register for an account, contact us, respond to a survey, sign up to receive emails, text messages, and/or postal mailings;
Through Our Use of Cookies and Other Tracking Technologies, such as when you visit our websites, use our mobile applications, open or click on emails we send you. We automatically collect certain information using technologies such as cookies, web server logs, and other data collection tools. For more information, please see the “Cookies and Other Tracking Technologies” section below.
From Our Third Party Partners, such as third parties that we have partnered with to provide you the Services that you have requested from us.
Other Sources, such as data analytics providers or publicly available sources.

How Personal Information May Be Used

We may use the Personal Information to:

Provide our products and Services to you, such as to create and manage your account, provide the website, process payments, respond to your requests, and provide related customer and technical support
Operate our website, including, without limitation, access management, payment processing, website administration, internal operations, troubleshooting, data analysis, testing, research, statistical and survey purposes;
Personalize your experience for our Services; provide you access to, and updates regarding offers available through our website via text message;
Provide you with information about products, services, and promotions, from us or third parties, that may interest you;
Protect and enforce our rights and the rights of other Users against unlawful activity, including identify theft and fraud, and other violations of our Terms of Use;
Protect and enforce our rights arising under any agreements entered into between you and us, including billing and collection;
Protect the integrity and maintain the security of our website, including secured areas of the website, website functionality, security monitoring, troubleshooting, and aggregate analytics.
Operate, evaluate, and improve our business, including conducting surveys and market research, developing new products, services, and promotions (such as, for example, special events, programs, offers, contests), analyzing and enhancing existing products, services, and promotions, managing our communications; performing accounting, auditing, and other internal functions;
Comply with laws and legal obligations, such as to enforce applicable legal requirements, relevant industry standards, contractual obligations, and our policies, including this Notice, and our Terms and Conditions.
Support Business Transfers. To consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping, and legal functions.

We may use Artificial Intelligence (AI) Technology when processing your Personal Information as described above. This may also involve de-identifying or anonymizing your Personal Information to train, optimize, ground or otherwise enhance our AI Technology, including disclosure to third parties who help us develop or provide the systems to enable the AI Technology.

We also may use the personal information we obtain in other ways for which we may provide specific notice at the time of collection or otherwise with your consent.

In addition, we may use your information as described in any notice provided at the time you provide the information and for any other purpose for which you may provide consent.

How Personal Information May Be Shared

We share Personal Information to operate our business and provide support for the Services, provide communications about our Services, respond and comply with legal requests. We will not sell or share your Personal Information with third parties for the third party’s own direct marketing purposes without your express consent.

We may share your Personal Information with:

Service Providers: These authorized third parties perform services on our behalf and provide products to Us. These may include, for example, cloud / IT services, data storage, sales, analytics, marketing, consultants, auditors and legal counsel. We require these Service Providers by contract to protect your Personal Information. Access by Service Providers is governed by Master Service Agreements (MSAs), Data Processing Agreements (DPAs), Non‑Disclosure Agreements (NDAs), and, where applicable, Business Associate Agreements (BAAs).
Affiliated Companies: We may disclose such Personal Information to subsidiaries, affiliates, or joint ventures as needed to provide our products and Services and in general to operate our Company. This may include:
- Organizations or entities on behalf of which we are providing the Website to you and/or on behalf of which you access or use the Website, such as your employer, and other companies associated with those organizations or entities in order to enable their systems to operate with the Website;
- Your employer(s), affinity group, and/or benefits administrators or consultants, if you are referred to the Website by such respective parties;
- If you are a licensed insurance agent, we may share your Personal Information with the designated administrator of your account, if you have an individual sub-account, regarding use of the Services by individual sub-accounts;
- Your licensed insurance agent, if applicable;
Authorized Third Parties: The Centers for Medicare & Medicaid Services (“CMS”) and Third Party Insurance Companies in order to obtain an eligibility determination for you, and to enroll you in health insurance plans offered on the federal healthcare exchange;
Corporate Transactions: A buyer or other successor in interest to Lucie, Inc. in the event of a merger, divestiture, restricting, reorganization, dissolution, liquidation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information is among the assets transferred;
Other third parties with your express consent for any purpose disclosed by us when you provide the Personal Information;
You, upon your written request.
Other Third Parties: We may disclose your Personal Information to legal, governmental, or judicial authorities, as instructed or required by those authorities or applicable laws, or in relation to a legal activity, such as in response to a subpoena or an investigation. We may also disclose such Personal Information if we believe disclosure is necessary to prevent physical, financial, or other harm, injury, or loss.
Other Disclosures Required by Law. We may disclose your Personal Information for legal reasons, such as to (a) follow laws, (b) enforce our agreements (c) prevent fraud or security issues (d) protect our company, our users and the public as permitted by law (e) handle legal claims and investigations and take action regarding possible illegal activities or a violation of our policies.

Cookies and Other Tracking Technologies

When you view one of our websites, we may store some data on your computer in the form of a "cookie" to automatically recognize your device the next time you visit. Cookies can help us in many ways, for example, by allowing us to tailor a website to better match your interests.

We may use the following tracking technologies on our websites: HTTP cookies (session and persistent), local storage, and standard server logs (including IP address and request metadata). We minimize the including of Personal Information in technical logs and do not intentionally store sensitive data (e.g., passwords, payment card numbers, or PHI) in logs. Where limited, Personal Information is incidentally present in logs to process your request, access is restricted and retention is limited as described in this Privacy Policy.

Tracking tool information is used for internal security, operations, performance measurement, and aggregate analytics; it is not used to identify individual users or for behavioral profiling.

There are two types of cookies: single session (temporary) and multi-session (persistent). Session cookies last only as long as your Web browser is open. Once you close your browser, the cookie disappears. Persistent cookies are stored on your computer for longer periods.

Session Cookies: We use session cookies for technical purposes such as to allow better navigation through our site. These cookies let our server know that you are continuing a visit to our site.
Persistent Cookies: We use persistent cookies to understand the differences between new and returning Lucie website visitors. Persistent cookies remain on your computer between visits to our site until they expire.

How to Opt Out or Disable Cookies

If you do not wish to receive cookies, please configure your Internet browser to erase all cookies from your computer's hard drive, block all cookies or to receive a warning before a cookie is stored. If you configure your browser to opt out of cookies, you will still have access to all information and resources on Lucie. Depending on your browser configuration, if you opt out of non-essential cookies, marketing and analytics cookies will cease. Necessary cookies and operational logging (e.g., IP address collection for security, fraud prevention, and site functionality) may continue.

Cookie preferences set on Lucie only apply to the Lucie website. You must set cookie preferences on any third party websites that are linked to or from Lucie.

IP Addresses

We collect and log the IP address of all visitors to our websites. An IP address is a number automatically assigned to your computer whenever you access the Internet. IP addresses allow computers and servers to recognize and communicate with one another.

We collect IP address information so that we can properly administer our systems and gather aggregate information about how our site is being used, including the pages visitors are viewing. This aggregate information is not shared outside of Lucie. To maintain your anonymity, we do not associate IP addresses with records containing Personal Information.

We will use IP address information, however, to personally identify you in order to enforce our legal rights or when required to do so by law enforcement authorities.

Aggregated Data

Data that is not yet aggregated is retained by us only temporarily and is automatically deleted or anonymized once aggregation is complete. Aggregated data is stored in accordance with our record retention policy discussed below under Record Retention.

We may aggregate or anonymize Non‑Personal Information such as truncated or masked IP addresses, device/browser metadata (e.g., browser type, OS, device category, screen resolution), and traffic statistics (e.g., page views, session counts, referral sources, navigation paths, time spent) for analytics, performance optimization, and security monitoring.

We may also use service providers to help measure website performance and effectiveness in aggregate; we do not use aggregated data for individualized targeting or behavioral advertising.

Security of Your Personal Information

The security of your Personal Information is very important to Lucie. We use physical, electronic, and administrative safeguards that are designed to protect your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. In addition, Lucie uses standard security protocols and mechanisms to exchange the transmission of Personal Information. When you enter sensitive Personal Information on our site, we encrypt it using secure socket layer (SSL) technology.

Lucie configures its website tracking tools to enhance your privacy through data-minimization, user choice, and access-limiting controls. Specifically:

Honoring Browser Privacy Signals:

The website is configured to respect standard browser privacy signals to limit tracking behavior where supported.

Data Minimization:

Tracking tools are configured to collect only the minimum data necessary to support website performance, security monitoring, and analytics. The organization does not use tracking tools to collect sensitive personal data such as passwords, payment information, or Protected Health Information.

IP Address Handling:

IP addresses collected by tracking tools are truncated, masked, or otherwise limited where feasible to reduce identifiability and prevent unnecessary retention of precise location data.

Retention Limits:

Logged tracking data is retained only for a defined, limited period consistent with operational, security, and compliance requirements, after which it is securely deleted or anonymized.

Role-Based Access Controls:

Access to tracking and analytics data is restricted to authorized personnel with a defined business need, enforced through role-based access controls and administrative authentication.

Use Limitation:

Tracking information is used solely for internal operational purposes such as system performance monitoring, fraud detection, security auditing, and compliance oversight. Tracking data is not sold or used to directly or indirectly benefit other clients.

These configuration controls ensure that website tracking is privacy-protective, proportionate, and aligned with CMS expectations for transparency, minimization, and user protection.

Lucie stores tracking and log data within the continental United States.

Since no system can guarantee complete security of your information, should your Personal Information be acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Lucie will notify you by e-mail, fax, or U.S. mail. Lucie will give you notice promptly, consistent with the reasonable needs of law enforcement and/or Lucie to determine the scope of the breach and to investigate and restore the integrity of the data system.

Registered users must use a unique username to access their account. Do not give this username and password to others. You must prevent unauthorized access to your Account and Personal Information by selecting and protecting your username and password and/or other sign-on mechanism appropriately and limiting access to your computer or device and browser.

Please note that you are responsible for protecting your password(s) and for the security of information that you transmit to us over the Internet.

Privacy Controls

We apply data minimization, role-based access controls, defined retention limits, and IP truncation or masking where feasible. We honor standard browser privacy signals (such as Do Not Track) where supported to limit non-essential tracking.

Sensitive Information

We ask that you not send us, and you not share any sensitive Personal Information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) on Lucie.

Children

Lucie sites are intended to be used by persons who are aged 18 and older. It is not intended for or designed to attract people under the age of 18. If you are under 18 years of age, you are not permitted to register for an account or otherwise submit any Personal Information to us, including your name, address, or e-mail address. By registering for an account or submitting any Personal Information to us, you represent and warrant that you are 18 years of age or older.

If we discover that we have received any Personal Information directly from a child under the age of 18, we will suspend the associated account and remove that information from our database as soon as possible. By registering for an account or otherwise submitting any Personal Information to us, you represent and warrant that you are 18 years of age or older. This restriction does not apply to information collected from a parent or legal guardian who provides information regarding a dependent child under the age of 18 in connection with a health insurance application or other related purpose.

Links to Other Web Sites

Lucie Web sites may contain links to other websites and services, including those of third-party insurance providers and advertisers. Please note that these links are provided for your convenience and information, and the websites and services may operate independently from us and have their own privacy policies or notices, which we strongly suggest you review. This Privacy Notice applies to Lucie, Inc. and our websites only. We do not accept any responsibility or liability for the policies or practices of any third parties. If you choose to access any websites or services linked from our website, please check the applicable policies before you use or submit any personal data to such website or service.

Retention and Deletion

Lucie retains different categories of data for different periods. Account and service records are retained for ten years and as required to provide services and comply with law. Technical and tracking logs are retained only for limited operational, security, and compliance periods and are then deleted or anonymized, as detailed above.

At the end of the retention period, Lucie will delete your Personal Information in a manner designed to ensure that it cannot be reconstructed or read.

Changes to This Notice

We reserve the right to change the terms of this Notice of Privacy as necessary and to make the new notice effective for all Personal Information maintained by us. All changes to this Privacy Notice will be reflected on this page and the Effective Date will be stated at the top of this Privacy Notice. Unless stated otherwise, our current Privacy Notice applies to all Personal Information that we have about you.

You should regularly check this page for any changes to this Privacy Notice. Lucie, Inc. will always post new versions of the Privacy Notice on the website. In the event that an amendment materially alters your rights or obligations, we may notify you of the amendment, such as by posting a notification to the home page of the website, or sending a notification to you at the address we have on file for you, if any.

Your continued use of the website or communication with us after the updated Privacy Notice has been posted (or any other indication of your consent) will constitute your acknowledgment of the updated Privacy Notice.

You may obtain a copy of the current notice from www.Luciehealthcom, or by mailing a request to the Lucie Privacy Officer listed below.

Access, Corrections, and Profile Updates

You may request to review, correct, update, opt-out, or otherwise modify your Personal Information that you have previously provided to us through the Services.

If you need help from us to make an update, please make clear what Personal Information you would like to have changed, whether you would like to opt-out of certain communications, or otherwise let us know what restrictions you are requesting from us.

While the majority of questions and issues related to access can be handled quickly, complex requests may take more research and time. In such cases, issues will be addressed, or you will be contacted regarding the nature of the problem and appropriate next steps, within thirty days.

Updating your Account Information

If you have registered for the Services, you may be able to add, update, or delete certain Personal Information in your Account. When you update Personal Information, we may need to maintain a copy of the unrevised or deleted information for our records. Registered users may change their password and update their Personal Information that they provide to us, such as address and contact information.

Communications Options

Email: Each marketing email we send to you contains an unsubscribe link so that you can opt out of receiving future commercial emails from Us. If you do not wish to receive additional marketing emails from Us, click the unsubscribe link and follow the instructions to unsubscribe your email address. If you have unsubscribed but continue to receive email from Us, contact us. Unsubscribe requests may take up to 7 - 10 days to process. You will have the ability to opt out of any marketing communications, but we may still need to send you communications relating to your Account for purposes important to the Services, such as password recovery or a payment reminder.

Email, like all non-encrypted Internet email communications, may be accessed and viewed by other Internet users, without your knowledge and permission, while in transit to us. For that reason, to protect your privacy, please do not use email to communicate information to us that you consider confidential. If you wish, you may contact us instead by telephone.

SMS / MMS: By voluntarily opting to have text messages sent directly to your mobile phone you agree to our Text Messaging Terms and Conditions. We may also use your information to notify you about payment information and/or to communicate with you about your Account. You will have the ability to opt out of any marketing communications, but we may still send you communications relating to your Account for purposes important to the Services, such as password recovery or a payment reminder. We use a service provider to send SMS / MMS. We do not sell/share your information to any third parties as part of these services, nor does our service provider.

Requests and/or Complaint process

If you have a question, complaint, request to inspect/amend records, or if you believe your privacy rights have been violated, you may contact the Lucie Privacy Officer via email at privacy@luciehealth.com or postal mail at:

Lucie, Inc. Privacy Officer

4040 Embassy Parkway, Suite 270 Akron,

OH 44333

You can also contact the Secretary of the U.S. Department of Health and Human Services, 200 Independence Ave, S.W., Washington, D.C. 20201. Call (202) 619-0257 (or toll free (877) 696-6775) or go to the website of the Office for Civil Rights, www.hhs.gov/ocr/hipaa.