Skip to main content

Aetna International Privacy Policy

Last Updated: March 11, 2025  

 

 

This Privacy Policy describe the types of personal information that Aetna Life Insurance Company and its subsidiaries and affiliated companies (“Business,” “we,” “our,” or “us”) collects from and about you, including through your interactions with us on Aetnainternational.com, on our Aetna International mobile application, or other locations where this Privacy Policy is posted. We refer to these collectively as the “Services.” By using the Services, you agree to the terms of this Privacy Policy. 

 

We may change this Privacy Policy. The “Last Updated” legend at the top of this page indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Your use of the Services following these changes means that you accept the revised Privacy Policy.

 

Who May Use the Services

 

We do not knowingly collect personal information online from any person we know to be under the age of 18 and instruct users under 18 not to send us any information to or through the Services without their parents’ consent.

 

The Services are designed for users from, and is controlled and operated by us from, the United States. By using the Services, you consent to the transfer of your information to the United States or storage of your information in the United States, which may have different data protection rules than those of your country. 

 

Data Controller

 

The data controller responsible for your data is Aetna International, located at 151 Farmington Avenue, Hartford CT 06105 or by emailing us at PrivacyInternational@CVSHealth.com. You can contact us with any questions or concerns about your data.

 

The Personal Information We Collect

 

We want you to understand how personal information you provide to us is collected and used. Personal information is any information that we can use to identify, locate, or contact you. We may collect and store your personal information when you provide it to us or to our service providers. Some examples of personal information we collect and when we collect it include:

 

  • Preferences: We collect your personal information when you indicate that you are interested in receiving information about our products or services, such as e-mail alerts, newsletters, and other notifications.

  • Interactions and Usage: We collect your interactions with our websites or mobile sites and how you use our sites, search terms, and pages you visit.

  • Registration: We collect your personal information when you register on the Services.

  • Transactions: We collect personal information from you when you enter into a transaction with us.

  • Payment (Billing) Information: For all orders, we may ask for credit card, bank account, or other information necessary to process a payment from you. We may also ask for your shipping information.

  • Storage: If you choose to create an online account, we will store billing and shipping information as a convenience to you for future purchases, and we will store information about your orders for order tracking and status retrieval purposes.

  • Contact Information: We collect personal information from users of the Services who are interested in receiving information about our products or services, e-mail alerts, newsletters, and other notifications.

  • Surveys: From time to time, we request information from you via surveys. Participation in these surveys is voluntary. We request that you not provide personal information, including health information, in your survey responses. You may contact us regarding any survey as set forth under "Contact Information," below.

  • Information from Your Health Plan or Employer: We receive certain personal information about you from your health plan or employer. If you have questions about the information your health plan or employer may have shared with us, please contact your health plan or your employer's human resources department.

     

Lawful Basis For Processing  

 

We process your personal data under the following lawful bases as defined by the General Data Protection Regulation (GDPR): 

 

Consent: We will process your personal data when you have given explicit consent for specific purposes. For example, when you subscribe to our newsletter, we will use your email address to send you updates and promotional content.

 

Contract: Processing is necessary for the performance of a contract to which you are a party. For instance, if you purchase a product from our website, we will use your personal data to process the payment and deliver the product to you.

 

Legal Obligation: We may process your personal data to comply with our legal obligations. For example, we are required to retain certain transaction records for tax and accounting purposes.

 

Legitimate Interests: Processing is necessary for our legitimate interests, provided these interests are not overridden by your rights and interests. For example, we may use your personal data to improve our services and enhance your user experience on our website.

 

Public Task: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

 

Vital Interests: Processing is necessary to protect your vital interests or those of another person. For example, in the case of a medical emergency, we may share your personal data with healthcare providers.

 

If you choose not to provide your personal information to us, we may not be able to provide you with the requested products, services or information.

 

If you submit any personal information relating to other people in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

 

We may combine the information collected from you through the Services with information we receive from and about you from other online and offline sources and use the combined information in accordance with this Privacy Policy. Our goal is to offer you content, advertisements, products, and services that are most likely to appeal to you.

 

Use and Disclosure of Personal Information

 

We use your personal information to respond to your requests, such as, to send you email alerts, send you newsletters, and to provide you with related customer service. We may also use your information to send marketing communications and administrative information to you.

 

We may use your personal information to personalize your experience with the Services and when interacting with us, including by presenting products and offers tailored to you, and for our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing our Services and new products and services, determining the effectiveness of our educational, awareness or promotional campaigns, and operating and expanding our business activities.

 

Third-Party Data Sharing (Who Do We Share Your Data With And Why)

 

In the event that the Services or some or all of our business, assets or stock are sold or transferred (including in connection with any bankruptcy or similar proceedings) or used as security, or to the extent we engage in business negotiations with third parties, personal information may be transferred to or shared with third parties as part of any such transaction or negotiation.

 

To the extent permitted by applicable law, we may provide personal information to our affiliated businesses or to our business partners, who may use it to send you marketing and other communications.

 

We may disclose personal information to our service providers, who provide services such as website hosting, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.

 

If we are requested by law enforcement officials or judicial authorities to provide personal information, we may do so. In matters involving claims of personal or public safety or in litigation where the information is pertinent (including to allow us to pursue available remedies or limit the damages that we may sustain), we may use or disclose personal information, including without court process. We may also use or disclose personal information to enforce our terms and conditions, to protect our operations or those of any of our affiliates, or to protect our rights, privacy, safety or property and/or that of our affiliates, you, or others.

 

We may use and disclose personal information to investigate security breaches or otherwise cooperate with authorities pursuant to a legal matter. We may use and disclose information that does not personally identify you (including the information described under "Cookies and Other Technologies," below) for any purpose, except to the extent limited by applicable law. If we are required to treat such information as personal information under applicable law, then we may use it for all the purposes for which we use and disclose personal information.

 

We may combine information that does not personally identify you with personal information. If we do, we will treat the combined information as personal information as long as it is combined.

 

Links

 

The Services may contain links to, or otherwise make available, third-party websites, services, or other resources not operated by us or on our behalf ("Third Party Services"). These links are provided as a convenience only and do not constitute an affiliation with, endorsement or sponsorship of the Third-Party Services.  

 

Any information you provide to such third parties is not subject to the terms of this Privacy Policy, and we are not responsible for the privacy or security of the information you provide to them or their handling of your information. We recommend that you review the privacy policy of any third party to whom you provide personal information online.

 

In addition, we are not responsible for the information collection, use, disclosure, or security policies and practices of other organizations, such as Apple, Google, Microsoft, RIM, or any other app developer, app provider, operating system provider, wireless service provider, or device manufacturer.

 

Information from Other Sources

 

We may obtain data provided by third parties.  For example, we may obtain information from companies to improve the accuracy of the information we have about you (e.g., adding your zip code to your address information). This improves our ability to contact you and increases the relevance of our offers and communications to you.

 

Security

 

We seek to use reasonable physical, technical, and administrative safeguards to protect personal information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately contact us in accordance with the "Contact Information" section below. We have a dedicated and vastly experienced Information Security team that deploys a full range of technical and Organizational Security measures to ensure robust security of data.

 

Cookies and Other Technologies

 

Like many other websites and online services, we collect information about the Services’ traffic and usage patterns through the use of cookies, web server logs, web beacons and other, similar technologies. Please view our Cookie Policy here for more information.  

 

Fraudulent Sites, Spam & Phishing

 

Please be aware that there may be fraudulent websites that illegally use the Business’s logos, and other aspects of the Business’s brand. The Business is in no way associated with any fraudulent websites. These sites may circulate their presence on the internet via spam email, or through fraudulent phishing practices.

 

These sites have not been authorized by the Business to use our name and we work aggressively to identify their source and have them shut down. If you are in receipt of this type of spam email, to help protect your privacy you should avoid replying to it or forwarding it to other people.

 

In addition to our official websites, the Business works with a number of third parties that host websites and micro-sites that provide information and services to our customers. If you are concerned that a website or an email may be fraudulent, please contact us by calling the number on the back of your Aetna Member ID Card with your concerns.

 

Data Subject Rights

 

You may have specific rights related to your Data depending on the applicable jurisdiction. This section applies only to data subjects (site users) based in the EEA, UK or Switzerland, who have certain rights under European data protection laws and regulations, as summarized below:

 

i. Request access to your Personal Data. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

 

ii. Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

 

iii. Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).

 

iv. Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation, which makes you want to object to processing on this ground.

 

v. Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data, for example if you want us to establish its accuracy or the reason for processing it.

 

vi. Request the transfer of your Personal Data to another party.

 

vii. Withdraw your consent at any time if your Personal Data is processed on the basis of consent. If you withdraw your consent, this will not affect the lawfulness of how we used your Personal Data before you withdrew consent.

 

viii. Lodge a complaint with a competent supervisory authority if you consider that the processing of your Personal Data infringes applicable law. We request that you contact us in the first instance so that we can respond to your complaint. The contact details are available here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

 

If you have any grievance or issue in respect of our handling or processing of your Personal Data, you have the right to lodge a complaint with your national data protection supervisory authority. If you have any grievance or issue in respect of our handling or processing of your Personal Data, you have the right to lodge a complaint with your data protection supervisory authority.Your rights will in each case be subject to the restrictions set out in applicable data protection laws. Further information on these rights, and the circumstances in which they may arise in connection with our processing of your Personal Data, can be obtained by contacting PrivacyInternational@CVSHealth.com.

 

Please contact PrivacyInternational@CVSHealth.com to exercise your rights, should they apply. In order to ensure compliance in the process of supporting your rights, we may require that you verify your identity as reasonably necessary, in line with privacy laws. Aetna International does not engage in profiling or automated decision making, so opting out of these practices is not applicable for users. Please also contact Aetna International at the email address provided to exercise those rights.

 

Your Choices and Access

 

You can take yourself off our email list by following the instructions contained in such emails.  If you opt out of receiving emails from us, we may still send you important administrative messages, from which you cannot opt out.

 

You can request the removal or modification of the personal information you have provided to us by calling the number on the back of your Aetna Member ID Card. For your protection, we may only implement requests with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity and obtain information on the context in which you provided your personal information before implementing your request. We will try to accommodate your request as soon as reasonably practicable.

 

You can stop all further collection of information by the Business’s mobile application by uninstalling the Business’s mobile application. You may use the standard uninstall process available as part of your mobile device or via the mobile application marketplace or network.

 

Note: If you uninstall the mobile application from your device, the Business’s unique identifier associated with your install and/or device might continue to be stored. If you re-install the application on the same device, the Business might be able to re-associate this identifier to your previous transactions and activities.

 

Retention of Your Data  

 

We may retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

 

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.

 

Your California Privacy Rights

 

If you are a member and a California resident, you may request that we provide you with certain information about the entities with which we have shared our customers' personal information for direct marketing purposes during the preceding calendar year. To do so, please write to us at ConsumerPrivacy@CVSHealth.com

 

If you are a plan sponsor representative or broker and a resident of California, additional information about the collection and use of your personal information as well as any applicable rights you may have under California law can be found at https://www.cvs.com/content/california-b2b-privacy-policy.  

 

Your Responsibility

 

By establishing a Services account, you agree that it is your responsibility to:

  • Authorize, monitor, and control access to and use of your Services account, User ID and password.

  • Promptly inform us of any need to deactivate a password or an account by calling the number on the back of your Aetna Member ID Card. 

     

Contact Information

 

If you have any questions about the content of this Privacy Policy, please contact the Aetna Privacy Office at the following address: 151 Farmington Avenue, Hartford CT 06105 or by emailing us at PrivacyInternational@CVSHealth.com. Aetna International has the benefit of a dedicated and very experienced Privacy team that are willing to answer any privacy and/ or data protection related queries that you may have.

We’re here to help!

Reach out to our dedicated team to help you navigate our international health care today!