Effective January 24th 2022
Our Privacy Policy has been updated.

NextGate is the global leader in identity modernization and data transformation in healthcare and is revolutionizing the consumer care journey by resolving isolated, unstructured health and lifestyle data and establishing a trusted, single identity across the continuum.

This Privacy Policy explains how NextGate and its affiliates (collectively “NextGate”, “we”, “us” or “our”) collect, use, and share your information through our products, content, features, technologies, functions, and all related websites, applications and services (collectively, our “Offerings”).
Our Offerings not only include solutions to the healthcare industry, but also include our OneDID™ consumer application.

This Policy is incorporated into and is a part of our [Website Terms of Use] as well as any Terms of Service applicable to an Offering that references this Privacy Policy. For California residents, additional disclosures may be found in our [California Privacy Disclosure].

Please take a moment to familiarize yourself with our privacy practices below, and [contact us] if you have any questions. Click on the links below to jump to specific sections:

  1. What this Policy Covers
  2. Changes
  3. Personal Information We Collect From You
  4. Information We Receive from Others About You
  5. Cookies and Similar Technologies
  6. How We Use Your Personal Information
  7. How We Share Your Personal Information
  8. Transfers of Personal Information Between Countries
  9. How Long We Keep Your Information
  10. Children
  11. Security
  12. Your Privacy Rights and Choices
  13. Contact Us

1. What this Policy Covers

Throughout this policy, we use the term “Personal Information” to describe information that can be associated with a specific person and can be used to identify that person. We do not consider Personal Information to include information that has been aggregated and/or anonymized so that it does not identify a specific user.

As a visitor or user of our Offerings, the collection, use and sharing of your Personal Information is subject to this Privacy Policy and other documents referenced in this Privacy Policy, as well as updates.

When using our Offerings, you may have the ability to connect with non-NextGate parties and share your Personal Information with them. NextGate’s Privacy Policy does not apply to how third parties define personal information or how they use it. We encourage you to read their privacy policies and know your privacy rights before interacting with them.
We also process Personal Information on behalf of our corporate clients who use our Offerings, including our corporate clients who you connect with when you use our Offerings. While there is a contract in place between us and our corporate client which sets out our data protection obligations, it is our corporate client who determines the use of that Personal Information. Please consult the corporate clients’ privacy policies and contact them if your Personal Information is being used by them and you wish to delete, amend, remove consent for processing, or take other action with respect to that information.

2. Changes

We periodically update this Privacy Policy as required by privacy laws and as our Offerings evolve. If we make significant changes to it, we will notify you through our Offerings, or by other means, to provide you the opportunity to review the changes before they become effective.

Your continued use of our Offerings after we publish or send a notice about our changes to this Privacy Policy means that the collection, use and sharing of your Personal Information is subject to the updated Privacy Policy, as of its effective date.

3. Personal Information We Collect From You

When you connect to our Offerings, contact us, or otherwise interact with NextGate, we collect a variety of information, including:

  • Account Information. Text-enabled cell number, mobile device ID, and other similar information.
  • Identifiers. Your name, email address, data of birth, and other demographic information.
  • Contact Information. Your name, email address, title, company affiliation, phone number or other contact information.
  • Log Information. We use log data, such as your Internet Protocol (“IP”) address, access times, browser type and language, Internet Service Provider (“ISP”), the web pages that you visit, the content you use and the URL of the web page you visited before navigating to the Offerings.
  • Device Information. Data from which your device could be identified, and information about you from your mobile device or computer (e.g., your device type, machine or mobile device identification number, geolocation information, time zone, language setting, browser type, and IP address).
  • Fraud Prevention Information. Data used to help identify and prevent fraud.
  • Biometric Information. Biometric Information you provide, such as your selfie, when using our OneDID app, which you may store as part of your credential and share with your service providers.
  • Usage Information. Data about your activity on and use of our Offerings, such as information about the applications and features you use, the sizes of the files or folders you upload, download, share or access while using the Offerings, performance and other diagnostic data, and generic information regarding the content you access and any actions taken in connection with the access and use of the Offerings.
  • Medical Information. Some Offerings include the collection of medical information, patient medical records, medical facility information, medical provider information, and other information that may be related to or necessary to healthcare that we collect to support the Offerings.
  • Other Information You Provide to Us. Details such as the content of your communications with NextGate, including when you complete any “contact us” forms or send us emails (e.g., professional or employment related information).
  • Other. We are improving our Offerings, which means we get new data and create new ways to use the data. Our Offerings are dynamic, and we may introduce new features, which require the collection of new information. If we collect materially different personal data or materially change how we collect, use or share your data, we will notify you and also modify this Privacy Policy.

You are not required to provide your Personal Information. However, if you choose not to do so, in many cases we will not be able to provide you with our Offerings or respond to your requests.

4. Information We Receive From Others About You

We receive Personal Information about you from other sources, which we sometimes combine with Personal Information we collect either automatically or directly from you, to provide our Offerings and assist us in security and fraud prevention.

  • Individuals. We may collect data about you from other individuals — for example, your professional colleagues at other organizations.
  • At Your Direction. You may direct other individuals or third parties to share data with NextGate.
  • Partners. We may receive Personal Information about you when you use the service of our corporate clients, marketing, and vendor partners. We may also validate the information you provide — for example, when creating a oneDID™ account, with a third party for security, for fraud-prevention purposes, or to validate your phone number or email address.
  • Personal Information or other data collected online may also be combined with information you provide to us through other sources (e.g., in conjunction with events such as trade shows, training seminars, and conferences). Where permitted by applicable law, other information gathered from publicly available information such as from government records, social media platforms and other published sources may be used or added to the data you provide.

5. Cookies and Similar Technologies

Like many services, we use cookies, pixels, local storage, and software development kits (“SDKs”) to remember things about you so that we can provide you with a better experience.

Cookies are small data files stored on your browser or device. They may be served by the entity that operates the website you are visiting (“first-party cookies”) or by other companies (“third-party cookies”). We describe how we gather and use information from cookies or similar technologies for our websites in our [Cookie Policy]. Visit the “[Cookie Preferences]” link in the bottom footer of the NextGate.com homepage to exercise your cookie preferences for our website.

Pixels are small images on a web page or in an email. Pixels collect information about your browser or device and can set cookies.

Local storage allows data to be stored locally on your browser or device and includes HTML5 local storage and browser cache.

SDKs are blocks of code provided by our partners that may be installed in our mobile applications. SDKs help us understand how you interact with our mobile applications and collect certain information about the device and network you use to access the application.

Below are the ways that we and our partners use these technologies on our mobile applications.




To help us remember your settings and preferences, like your preferred language or the country you are in, so that we can provide you with a more personalized experience.

Authentication and Security

To log you into the Services; enable us to show you your account data; and help us keep your data and the Services safe and secure.

Service Features and Performance

To provide you with functionality and optimize the performance of the Services.

Analytics and Research

To help us understand how you are using the Services so that we can make them better, faster, and safer.

For more information about the tracking technologies used in a mobile application, please review the information on the app store page and the content available in the mobile application itself, such as in the settings.

6. How We Use Your Personal Information

We use your Personal Information only when we have a valid legal basis to do so. Depending on the circumstance, we may rely on your consent or the fact that the processing is necessary to fulfill a contract with you, protect your vital interests or those of other persons, or to comply with law. We may also process your Personal Information where we believe it is in our or others’ legitimate interests, taking into consideration your interests, rights, and expectations.

  • Provide Our Services. We collect Personal Information necessary to provide our Offerings, for example, to personalize or improve our offerings, for internal purposes such as auditing or data analysis, or for troubleshooting.
  • Communicate with You. To respond to you (e.g., reach out to you about your transactions or account, market our Offerings, provide other relevant information, or request information or feedback).
  • Security and Fraud Prevention. To prevent fraud, including to protect individuals, employees, and NextGate for the benefit of all our users.
  • Comply with Law. To comply with applicable law — for example, to satisfy tax or reporting obligations, or to comply with a lawful governmental request.
  • Where we obtain your consent. We may use your Personal Information for any other purpose with your specific consent.
  • Business and Official Communications. We use the information we collect or receive from you to communicate directly with you in relation to our other services and technologies. We may also use the information to send you service-related notices, such as account verifications, technical and security notices, and billing or invoicing information. From time to time, we use your Personal Information to send important notices, such as changes to our terms, conditions, and policies. Because this information is important to your interaction with us, you may not opt out of receiving these important notices.

7. How We Share Your Personal Information

We share your Personal Information as described below.

  • Authorized third party vendors and service providers. We share Personal Information with certain authorized and vetted contractors, subcontractors, third party vendors, and service providers who help us run and protect our business. This includes sending emails, conducting business analytics, marketing, and data processing.
  • Substantial corporate transactions. We may share Personal Information in connection with a substantial corporate transaction (e.g., a merger, consolidation, reorganization, financing, change or control or acquisition of all or a portion of our business by another company or third party, asset sale, initial public offering) or in the unlikely event of bankruptcy or similar proceeding.
  • Legal purposes. We disclose Personal Information to respond to subpoenas, court orders, legal process, law-enforcement requests, legal claims, or government inquiries and to protect and defend the rights, interests, safety, and security of NextGate, users, or the public.
  • With your consent. We share Personal Information for any other purposes disclosed to you with your consent.
  • When you connect with third parties. Some of our Offerings provide you with opportunities to connect with third parties and their applications or services. If you choose to enable or authorize a connection, NextGate and the third party will exchange your Personal Information, and any information collected related to the Offerings used, and such third parties may contact you directly as necessary.

Other than your permission to allow us to share your information with these third parties and related disclaimers in this Privacy Policy, this Privacy Policy does not apply to your use of those third party applications and services, and NextGate is not responsible for how those third parties collect, use and disclose your information. Remember that you are responsible for reviewing the privacy policies of those third parties before connecting your NextGate account to them.

8. Transfers of Personal Information Between Countries

NextGate operates or obtains data hosting services for our clients primarily from the United States of America (USA) and our data collection and processing activities take place predominantly in the USA. If personal data collected outside the USA is transferred internationally, NextGate will rely on legally-provided mechanisms to lawfully transfer data across borders, as required under relevant data protection laws. Where appropriate, We may also rely on your consent for the transfer of your personal data for processing outside of your own country. Countries where we process data may have laws which are different from, and potentially not as protective as, the laws of your own country. By providing us with your Information, you acknowledge any such transfer, storage or use.

9. How Long We Keep Your Information

NextGate retains your Personal Information we collect from you for as long as the information is relevant to our business purposes. We will retain your Personal Information for as long as needed to fulfill the purpose for which we collected it and for a reasonable period thereafter in order to comply with audit, contractual, or legal requirements, or where we have a legitimate interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain Personal Information preserved in automatically generated computer back up or archival copies generated in the ordinary course of our information technology systems procedures.

Information you have shared with others may remain visible to them after you close your account with us or delete the information since we are not the controller of that information.

10. Children

Our Offerings are not for use by children under the age of 18 or the equivalent as specified by law in your jurisdiction (“Child” or “Children”). We might offer consumer applications which permit authorized guardians such as parents or conservators to set up and use accounts for their Children. We do not knowingly collect Personal Information from Children without the consent of the authorized guardian. If we learn that we collected or received Personal Information from a Child without authorized guardian consent, we will delete that information.

If you set up an account for your Child, you expressly consent to the Child’s information being used as described in this Privacy Policy and the Terms of Use. If you are an authorized guardian you may authorize and/or have access to your Child’s account and your Child’s account will be linked to your account. Each authorized guardian agrees that a Child’s account may also be linked to the account of another authorized guardian with the same rights to access and communicate through the Child’s account.

If you are under 18, do not use or provide any information to NextGate or through any of its Offerings, including your name, address, telephone number, email address, or any screen name or username you may use.

11. Security

We recognize that your privacy is important to you, and therefore take security measures which are designed to keep your Personal Information and content confidential. We use appropriate technical, physical, and organizational security measures to safeguard your information across our computer systems, website and offices (e.g., we regularly monitor our systems for possible vulnerabilities and attacks). These safeguards (e.g., encryption) vary based on the sensitivity of the information that we collect and store. Visit our homepage for industry certification information.

12. Your Privacy Rights and Choices

We respect your ability to know, access, correct, transfer, restrict the processing of, and delete your Personal Information. You may have other privacy rights depending on the data protection laws which apply to you. If you choose to exercise these privacy rights, you have the right not to be treated in a discriminatory way nor to receive a lesser degree of service from us. NextGate does not sell your data including as “sale” is defined in Nevada and California.

There may be situations where we cannot grant your request — for example, if you ask us to delete your transaction data and NextGate is legally obligated to keep a record of that transaction to comply with law. We may also decline to grant a request where doing so would undermine our legitimate use of data for anti-fraud and security purposes, such as when you request deletion of an account that is being investigated for security concerns. Other reasons your privacy request may be denied are if it jeopardizes the privacy of others, is frivolous or vexatious, or would be extremely impractical.

To exercise your privacy rights and choices, or to contact our Data Protection Officer, you may contact us at [URL link to the Privacy Inquiry Form]. We will use reasonable efforts to promptly update your Personal Information and choices, or investigate and respond to you. You also have the right to go directly to your local data protection authority, but we encourage you to contact us so that we may resolve your concerns directly as best and as promptly as we can.

And remember, you can manage some of your oneDID™ Personal Information directly in your account settings at any time by logging in to your account.

13. Contact Us About Privacy Questions

If you have questions or concerns about this Privacy Policy or would like to contact our Data Protection Officer, please contact us at [URL link to the Privacy Inquiry Form]. At NextGate, your feedback pertaining to your privacy and our Offerings is important to us.

NextGate Solutions, Inc., 3579 E. Foothill Blvd. Suite 587, Pasadena, California, USA, 91107