Bright Plan Logo

Individuals & Families

For Organizations


Privacy Policy

Last modified on 04 Feb, 2022

Thank you for registering at or on the Bright Plan app (together, the “Site”). At Bright Plan, it is our policy to protect your information. We know that we have a lot of information about you and want to be sure that we use it the right way. Please read the following to learn more about our Privacy Policy.

By using or accessing the Services in any manner, regardless of whether you register or create an Account through the Services, you acknowledge that you accept the practices and policies outlined in this Privacy Policy, and you hereby consent that we will collect, use, and share your information in the following ways.

Remember that your use of Bright Plan’s Services is at all times subject to the Terms of Service, which incorporates this Privacy Policy. Any terms we use in this Privacy Policy without defining them have the definitions given to them in the Terms of Service.
What does this Privacy Policy cover?
This Privacy Policy covers our treatment of personally identifiable information (“Personal Information”) that we gather when you are accessing or using our Services, and to the treatment of personally identifiable information by our telemedicine partners, Bright Plan Medical Group, P.A., but not to the practices of other companies we don’t own or control, or people that we don’t manage. We gather various types of Personal Information from our users, as explained in more detail below, and we use this Personal Information in connection with our Services. In certain cases, we may also share some Personal Information with third parties, but only as described below.
How do we collect and use Personal Information?
We receive and store any information you knowingly provide to us. For example, when you enroll in one of our plans, you (or the applicable state or federal exchange, depending on how you enroll) provide us with some information about you, including your name, address, social security number, age, annual household income and if applicable, names and ages of your immediate family members. When you activate your Account or register on the Site, the information that we collect will be used to associate your Account with your plan enrollment information. Each member uses a unique username to access their Account information through or the Bright Plan mobile application; only you should use your username and the password you choose to log into your Account. Do not give this username and password to others. Bright Plan also maintains data that has been provided to us or uploaded to Bright Plan by you, our member, as well as our “Business Associates” (those vendors who perform work on our behalf for the purpose of payment, treatment, or healthcare operations - and who have written agreements with us that specifically indicate how they will protect your information). We maintain claims information, information about prior authorizations that you requested and any other information needed to provide you with the healthcare services that you need. In some cases, we may request additional consent from you if we think that there is other information that will help us better coordinate your care or better personalize it towards your needs.

If you have provided your contact information to us, we may store and use that information to contact you for marketing and promotional purposes by various means, including regular mail, email, telephone, including voicemail, or SMS/MMS (text message). You may receive messages about wellness programs or other programs sponsored by Bright Plan or its Business Associates. You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Information with that affiliated business only to the extent that it is related to such transaction or service. We have no control over the policies and practices of third party websites or businesses as to privacy or anything else, so if you choose to take part in any program or service relating to a Business Associate or affiliated business of ours, please review all such businesses’ or websites’ policies. We may receive confirmation when you open an email from us. This confirmation helps us make our communications with you more interesting and improve our services. To the extent permitted by law, and if you have provided your contact information to us, we may store and use that information to contact you about your care and benefits by various means, including regular mail, email, telephone including voicemail, or SMS/MMS (text message). By voluntarily opting to have text messages sent directly to your mobile phone you agree to our Text Messaging Terms and Conditions. We may also use your information to notify you about payment information and/or to communicate with you about your Account. You will have the ability to opt out of any marketing or advertising communications, but we may still send you communications relating to your Account for purposes important to the Services, such as password recovery or a payment reminder.

If you choose to use a bank account to make payments through the Services, we collect and store your bank account information. If you use a payment card to make payments through the Services, that information is collected and stored by our third party payment processing companies (the “Payment Processors”) which is currently razor pay and Stripe use and storage of that information is governed by the Payment Processor’s applicable terms of service and privacy policy. However, we may from time to time request and receive some of your financial information from our Payment Processor for the purposes of completing transactions you have initiated through the Services, enrolling you in discount, rebate, and other programs in which you elect to participate, protecting against or identifying possible fraudulent transactions, and otherwise as needed to manage our business.
Other information; "cookies" and "tags"
You should also be aware that when you use our Services, we collect certain “usage data,” such as the number of visitors we receive or what pages are visited most often. This data helps us to analyze and improve the usefulness of the information of our Services.

We may also collect, or receive from third parties, information based on your IP address that provides us your geolocation data in order to identify relevant markets for users down to a ZIP code level of detail and to provide a better mobile experience. We do not store, sell, disclose or use this data to serve advertisements.

Like most commercial website owners, we may use what is known as “cookie” technology. A “cookie” is an element of data that a website can send to your browser when you link to that website. It is not a computer program and has no ability to read data residing on your computer or instruct it to perform any step or function. By assigning a unique data element to each visitor, the website is able to recognize repeat users, track usage patterns and better serve you when you return to that site. Our cookies do not extract other personal information about you, such as your name or address. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. We may also use what is known as “client-side page tagging,” which uses code on each page to write certain information about the page and the visitor to a log when a page is rendered by your web browser. This technique is also commonly used on commercial websites. “Tagging” does result in a JavaScript program running on your computer, but it is limited to providing information about the page that you are requesting and the configuration of your browser. It will not read any of your data files, or execute any additional programs. It does not extract any personal information about you, such as your name or address. You can prevent tagging by disabling JavaScript in your browser, but that may prevent you from using all of our Site’s functions. Because there is not yet a common understanding of how to interpret the “Do Not Track” signal, we do not currently respond to browser “Do Not Track” signals.
How do we share Personal Information?
We do not rent or sell your Personal Information in personally identifiable form to anyone. We may share your Personal Information with third parties as described in this section.

Bright Plan will not sell, license, transmit or disclose outside of Bright Plan the information you provide to us unless (a) expressly authorized by you, (b) necessary to enable our Business Associates to perform certain functions for us, or (c) required or permitted by law. In all cases, we will disclose the information consistent with applicable laws and regulations and we will require the recipient to protect the information and use it only for the purpose it was provided and as necessary to assist us. Bright Plan takes the Health Insurance Portability and Accountability Act of 1996 (HIPAA) seriously and provides appropriate safeguards to your protected health information (PHI) – this may include your name, address, social security number, email address, telephone number and certain claims data.

We may de-identify your Personal Information in accordance with applicable state and federal law, and provide that information to our partners. We may also provide aggregate usage information to our partners (or allow partners to collect that information from you), who may use such information to understand how often and in what ways people use our Services, so that they, too, can provide you with an optimal online experience. We disclose usage data for our non-member portal site to partners who may provide you with additional information on Bright Plan products and services.

We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.

We may retain your information as needed for business purposes. Notwithstanding any provision to the contrary, we will retain, access, use and disclose your information as we believe is necessary to comply with our legal obligations, resolve disputes, enforce our Terms of Service and other agreements, or to protect the rights, property or safety of Bright Plan, our employees, our users or others. For more information about our privacy practices, including what information is provided to our Business Associates for payment, treatment and healthcare operations purposes, please see our Notice of Privacy Practices.
Children under 18
Our Site and Services are not intended to be used by children under 18 years old. You represent and warrant that you are at least 18 years of age. If you are under age 18, you may not use the Site or Services. We do not knowingly collect Personal Information from, or target our Site or Services to, children under the age 18. We understand that there may be exceptions to this rule including, but not limited to, children who are emancipated. If we discover that the Site is being used inappropriately, we may disable the user ID so that the individual may no longer access our Site.
Your email
We welcome your comments or questions about our Site and Services. You can email your comments to our customer service center at We will share your comments and questions with our customer service representatives and those employees most capable of addressing your questions and concerns. Please note that your email, like all non-encrypted Internet email communications, may be accessed and viewed by other Internet users, without your knowledge and permission, while in transit to us. For that reason, to protect your privacy, please do not use email to communicate information to us that you consider confidential. If you wish, you may contact us instead by telephone at +91 (80) 4616 3819.
How can you stop receiving emails?
Each marketing email we send to you contains an unsubscribe link through which you may easily opt-out of receiving future commercial emails from us. If you do not wish to receive additional commercial emails from Bright Plan, simply click the unsubscribe link and follow the instructions to unsubscribe your email address. If you have unsubscribed but continue to receive email from us or from one of our customers, you may report this to us by emailing at Please note that unsubscribe requests may take up to 7 - 10 days to process. You will have the ability to opt out of any marketing or advertising communications, but we may still send you communications relating to your Account for purposes important to the Services, such as password recovery or a payment reminder.
Linking to other sites
From time to time, Bright Plan may provide links to other websites that we think might be useful or interesting – these are not owned or controlled by Bright Plan and may be subject to separate terms and conditions and privacy policies. While we try to be proactive and ensure that appropriate protections are in place, we cannot be responsible for the privacy practices used by other website owners or the content or accuracy of those other websites. Links to various non-Bright Plan websites do not constitute or imply endorsement by Bright Plan of these websites, any products or services described on these sites, or of any other material contained in them.
Bright Plan has adopted and adheres to stringent security standards designed to protect non-public personal information at against accidental or unauthorized access or disclosure. Among the safeguards that Bright Plan has developed for this Site are administrative, physical and technical barriers that together form a protective firewall around the information stored at this Site. We are committed to being HIPAA compliant and ensuring that our Business Associates meet the same standards. We periodically subject our Site to simulated intrusion tests and have developed comprehensive disaster recovery plans. We also review Business Associates privacy and security policies on a regular basis.

For registered users, your Account is protected by a password for your privacy and security. You must prevent unauthorized access to your Account and Personal Information by selecting and protecting your password and/or other sign-on mechanism appropriately and limiting access to your computer or device and browser. We endeavor to protect the privacy of your Account and other Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
What Personal Information can I access?
In some cases, registered users will be able to change their password and update the information that they provide to us, such as address, contact information and health information, by going to the settings page of their Account at in other cases, registered users may need to contact the appropriate state or federal health insurance exchange to update their information. Registered and unregistered users can access and delete cookies through their web browser settings.

The information you can view, update, and delete may change as the Services change. If you have any questions about viewing or updating information we have on file about you, please contact us at
What choices do I have?
You can use certain features of the Services without registering, thereby limiting the types of information that we collect. You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.

If you have registered for the Services, you may be able to add, update, or delete information in your Account as explained above. When you update information, however, we may maintain a copy of the unrevised information in our records. You may request deletion of your Account by calling us at Some or all of your information may remain in our records after your deletion of such information from your Account. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete your Account, but not in a manner that would identify you personally.
Changes to this Privacy Policy
Bright Plan may change this Privacy Policy from time to time. When updates are made, the Privacy Policy version date will also be updated to reflect that a revision occurred. Your use of our Site and/or Services after such revisions are first posted will mean you acknowledge and agree to be bound by those revisions. We encourage you to periodically reread this Privacy Policy to see if there have been any changes that may affect you. This Privacy Policy is not intended to and does not create any contractual or other legal rights in or on behalf of any party.

Have any queries on the policy?

If you have any questions or concerns about the privacy policy please contact us.
HSR Layout, Bengaluru

BrightPlan White logo

BrightPlan provides Comprehensive health plans for everyone, at a tiny monthly cost, for a brighter tomorrow. We're ourselves not an insurance company.

© 2022. All rights reserved

BrightPlan is a Bangalore headquartered Health Management Organization (HMO) that offers day-to-day healthcare benefits like OPD care through a monthly subscription plan, and we're not an insurance provider. We aim to reduce your financial strain due to unanticipated healthcare expenses even if it's a simpler healthcare need unlike a health insurance which covers you only when you're hospitalized or admitted.