Castlight Health Privacy Policy

Last Updated June 16, 2017

At Castlight Health, Inc. (“Castlight”), our most important asset is our relationship with you. Castlight respects your privacy and takes Internet privacy very seriously. In this Privacy Policy, we would like to tell you what personal data we collect, what we use it for and when it may be disclosed.

By using or (including their subpages, collectively, “Castlight Health Corporate Websites”), you are agreeing to Castlight’s Terms of Service (which incorporates by reference this Privacy Policy) and to the practices described in this Privacy Policy, including consenting to the use and disclosure of certain information, including personal information provided to us as outlined in this Privacy Policy. This Privacy Policy only applies to the Castlight Health Corporate Websites.

This Privacy Policy describes how Castlight collects and uses the personal information you provide on the Castlight Health Corporate Websites or personal information we receive about you from third parties. It also describes the choices available to you regarding our use of your personal information.

If you have questions or complaints regarding our Privacy Policy or practices, please contact us at Castlight Health, Inc., 150 Spear Street, Suite 400, San Francisco, CA 94105, Attn: Chief Privacy Officer or or calling us at (888) 722-0483.

1. Collection of Information
  • We will not sell, share or rent personal information that is collected on the Castlight Health Corporate Websites in ways different than from what is disclosed in this Privacy Policy.

2. Information Collection, Use and Disclosure
  • Information Requests. If you wish to request more information about Castlight, you are required to provide contact information (for example, name and email address). This information will be used by Castlight to contact you about our services.
  • Communications. Certain communications (for example, requests for more information) are recorded and maintained by Castlight. Castlight considers these communications to be personal and private and will not use or disclose these communications except as provided for in this Privacy Policy, where required by law, or unless you agree to additional use and disclosure of such information.
  • Log Files. As is true of most websites, Castlight automatically collects and stores in log files the Internet Protocol (IP) address of the computer you are using; the name of the domain and host from which you access the Internet; the browser software you use and your operating system; the date and time you access the service; and the Internet address of the website from which you directly linked to Castlight. We may combine this automatically collected log information with other information we collect about you. Castlight uses this log file information to analyze trends, monitor service traffic and usage patterns for internal marketing and security purposes, and to help make the Castlight Health Corporate Websites more useful.
  • Information from Third Parties. We may receive information about you from third parties. For example, we may supplement the information we collect with outside records or third parties may provide information in connection with a business relationship.

  • Additionally, your information may also be used and disclosed as follows:

  • Survey you to evaluate and improve the Castlight service. If you participate, we will request certain personal information from you. Participation in these surveys is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information (such as name and business address). We use this information to improve the service accuracy and develop new products. We may use a third party service provider to conduct these surveys or fulfill any prizes associated with campaigns. We will not share the personal information you provide through a contest or survey with other third parties unless we give you prior notice and choice.
  • Locator information, which may include your name, email address, physical address, and/or other data that enables someone to personally identify you. Castlight and your Internet Access Provider may use locator information as is necessary to enforce any of the terms of the Castlight Terms of Service.
  • Provide access to gated areas of the Castlight Health Corporate Websites such as for webinars.
  • Operate the Castlight service.
  • Provide information as required by law.
  • Update you on the Castlight service and its benefits.

3. Disclosure of Information
  • Compliance with Laws. Castlight will not disclose personal information to third parties other than as provided for in this Privacy Policy, except when required to do so by law such as to comply with a subpoena or similar legal process, or you have otherwise consented to additional use or disclosure of the information. We may also disclose your personal information when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, and if Castlight is involved in a merger, acquisition, or sale of all or a portion of its assets. You will be notified via email and/or a prominent notice on the Castlight Health Corporate Websites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
  • Third Parties Websites. If you use Castlight to link to another website, you may decide to disclose personal information at that website. For example, you might provide your contact information to obtain an information packet from an organization. Please be aware that in contacting that website, or in providing information on that website, that third party may obtain personal information about you. This Privacy Policy does not apply when you leave Castlight and go to a third party website from Castlight. We encourage you to be aware when you leave our service and to read the privacy policy of each and every website that collects personal information.
  • Service Providers. We may provide your personal information to companies that provide services to help us with our business activities such as marketing. These companies are authorized to use your personal information only as necessary to provide these services to us.

4. Opting Out or Opting In to Specific Uses of Information
  • If your personal information changes, or if you no longer desire information regarding our service, you may correct, update, amend, or ask to have the information removed by emailing or Customer Support at, or by postal mail at Castlight Health, Inc., 150 Spear Street, Suite 400, San Francisco, CA 94105, Attn: Chief Privacy Officer. We will respond to your request within thirty (30) days.
  • Updates and Castlight Service Marketing. Castlight may provide service updates, tips or education, or may market the Castlight service to you as a potential user or if applicable to provide information about available benefits. Out of respect for your privacy, you will be able to opt-out of any such email communications at any time. You can expect to receive one to two emails per month from Castlight. To opt-out of Castlight email, please click the “unsubscribe” link at the bottom of any email or send an email with the subject line "Unsubscribe" to To opt-out of any text messages from Castlight, please reply with "unsubscribe" in your message.

5. Storage and Maintenance of Information
  • Castlight will store and maintain your personal information in accordance with this Privacy Policy. We will also retain your information as needed to provide you services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

6. Security
  • We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on the Castlight Health Corporate Websites, you can contact us at

7. Tracking Technologies
  • Technologies such as: cookies, beacons, tags and scripts and other storage technologies to collect or receive information are used by Castlight and our partners (including digital advertising partners such as Facebook and Google), affiliates, or analytics or service providers (such as webinar providers). These technologies (such as Google Analytics) are used in analyzing trends, providing measurement services, administering the Castlight Health Corporate Websites, tracking users’ movements around the Castlight Health Corporate Websites and elsewhere on the internet, marketing our service (including via targeted remarketing ads), and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. More specifically, Castlight uses Crazy Egg’s Analysis Service for our site to learn more about how visitors are interacting with publically available content. You can visit Crazy Egg’s privacy policy here and their opt-out feature at here.
  • Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use the Castlight Health Corporate Websites, but your ability to use some features or areas of such Websites may be limited. You may opt-out of our partners’ use of cookies by exercising your choice here and here. Additionally, you can find out more about how Google uses data here.
  • We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on the Corporate Health Corporate Websites or to display advertising based upon your web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
  • We partner with a third party to manage our advertising on other websites. Our third party partner may use technologies such as cookies to gather information about your activities on these other websites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here. Please note this does not opt you out of being served ads. You will continue to receive generic ads.
  • The Castlight Health Corporate Websites may include social media features, such as the Facebook Like button and widgets, such as the share this button or interactive mini-programs that run on such Websites. These social media features may collect your IP address, which page you are visiting on the Castlight Health Corporate Websites, and may set a cookie to enable such features to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Castlight Health Corporate Websites. Your interactions with such features are governed by the privacy policy of the company providing it.
  • Questions. If you have any questions about this Privacy Policy or the use of your information via Castlight, please contact us at

8. Changes to the Privacy Policy
  • Castlight will only use your personal information in the manner described in the Privacy Policy in effect when we collected the information from you. However, we reserve the right to change the terms of this Privacy Policy at any time by posting those changes on our service so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point, we decide to use personally identifiable information in a manner different from that stated at the time it was collected or if we make any material changes, we will document such change on the Castlight Health Corporate Websites. We urge you to check here for any updates to this Privacy Policy from time to time.