Privacy Policy

Last Updated:
July 2026

Hesteon Solutions Inc. ("Hesteon", "we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, communicate with us, request information, schedule an appointment, use our online forms, receive marketing or service communications from us, or otherwise interact with us.

Hesteon currently markets insurance services to Massachusetts residents. Our website may be accessible from other locations, but our public marketing is focused on Massachusetts unless we clearly state otherwise.

This Privacy Policy may be updated from time to time. We encourage you to review this Privacy Policy periodically and to note the “Last updated” date above. If we make material changes to how we collect, use, or disclose personal information, we will provide notice where appropriate or required by law. If required by applicable law, we will obtain your consent before collecting, using, disclosing, or transferring personal information for a purpose that requires consent. If you do not agree with this Privacy Policy, please do not use our website or Services.

Scope

This Privacy Policy applies to personal information we collect or receive:

  • through websites that link to this Privacy Policy;
  • through online forms, appointment requests, personalized review pages, newsletter signups, feedback forms, chat features, and similar website features;
  • through phone calls, text messages, emails, postal mail, and other communications with us;
  • in connection with our marketing, business development, insurance education, appointment scheduling, customer service, and compliance activities; and
  • from insurers, service providers, lead sources, CRM or scheduling systems, and other third parties in connection with the services we provide.

This Privacy Policy does not apply to third-party websites, applications, services, or platforms that we do not control. If you click a link to a third-party website or use a third-party service, that third party’s privacy policy will apply to its collection and use of your information.

Some information collected in connection with insurance applications, policy servicing, carrier interactions, or health-related communications may also be subject to the Gramm-Leach-Bliley Act (GLBA), HIPAA where applicable, state insurance privacy laws, carrier requirements, or other privacy and security rules. Where those laws or requirements apply, we handle that information in accordance with those obligations as well as our general privacy and security practices.

Personal Information We Collect

The personal information we collect depends on how you interact with us.

Information you provide directly

We may collect information that you provide when you fill out a form, request a quote, schedule an appointment, ask a question, use a chat feature, subscribe to a newsletter, provide feedback, communicate with us, or otherwise use our services. This may include:

  • name, nickname, mailing address, email address, phone number, and preferred contact method;
  • date of birth, ZIP code, county, state, household or eligibility information, and other information needed to respond to Medicare or insurance-related requests;
  • appointment details, meeting location preferences, scheduling information, and notes you choose to provide;
  • information submitted through personalized review pages, code-entry pages, or direct-mail response pages, chat features, or similar website tools;
  • feedback, testimonials, survey responses, and other comments you provide;
  • communication preferences, including language preference and whether you consent to receive calls, texts, or emails; and
  • insurance-related information provided to us directly or through insurers, agencies, service providers, or CRM systems when we help you evaluate, apply for, enroll in, or service insurance coverage.

Information collected automatically

When you visit and interact with the Sites, we use cookies, log files, and other similar technologies to collect certain information automatically.

The specific types of information we may collect include:

  • Browser and device information, including your browser type, device type, operating system, software version, Internet Protocol (IP) address and/or other unique identifiers assigned to your device, and the location of your device.
  • Usage and interaction information, including the date and time of your visits(s) to our websites; the referring URL(s), and clickstream data (e.g., data about the areas or pages on the Sites you view and links you click).

With both cookies and other tracking technologies, the information we collect does not contain your name, address, telephone number, or email address. We do not generally link the information we collect through the use of cookies and tracking technologies to Personal information you submit. However, we reserve the right to use information collected in this manner to identify a website visitor if we reasonably believe it is necessary or advisable to enforce the policies of this website, to protect us or our clients, to prevent fraud, deception, or illegal activity, or to protect this website or its visitors.

First-Party Visit Logging

Our website may maintain first-party logs to help us monitor site performance, security, appointment activity, and compliance. These logs may include limited technical information such as IP address, approximate location derived from IP address, referring information, page requested, time of visit, and basic session information. These logs are used for internal business, security, troubleshooting, and compliance purposes. We do not sell this information.

Google Analytics

We may use Google Analytics to better understand how users interact on our websites. For information on Google Analytics' information handling practices and how you can control the use of information sent to Google, please visit https://policies.google.com/technologies/partner-sites. If you wish to prevent your information from being used by Google Analytics, Google has developed the Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout.

Google Signals and Personalized Ads

We may use Google Signals in Google Analytics to better understand how users interact with our website across different devices, if that feature is enabled and permitted by your consent preferences or applicable law. This feature allows the collection of aggregated, anonymized data from users who are signed into their Google accounts and have consented to personalized advertising. The data may include cross-device behavior, demographic information such as age and gender, and interests.

We do not receive personally identifiable information through Google Signals. All data is anonymized and used in accordance with Google’s Advertising Features Policy, which is available at https://support.google.com/analytics/answer/2700409.

If you would like to opt out of Google Analytics Advertising Features, you can do so by visiting https://adssettings.google.com/ or by installing the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout.

Information We Receive from Third Parties

We may receive personal information from third parties, including insurance carriers, lead providers, CRM and scheduling platforms, service providers, business partners, publicly available sources, and individuals who refer you to us or ask us to contact you. The information may include contact details, eligibility or demographic information, lead source information, consent records, insurance-related information, and communication history.

If we help you evaluate, apply for, obtain, or service insurance coverage, we may receive information back from insurers or related service providers, such as policy status, effective date, premium, plan details, payment status, application status, or other information needed to provide service and maintain records.

How We Use Personal Information

We may use personal information to:

  • respond to your inquiries and requests;
  • provide Medicare, insurance, and senior-resource information;
  • schedule, confirm, prepare for, and follow up on appointments;
  • evaluate insurance options and help with applications, enrollment, servicing, renewals, or plan reviews;
  • communicate with you by phone, text, email, postal mail, or other channels, consistent with your preferences and applicable law;
  • send newsletters, educational materials, reminders, and service-related communications;
  • maintain records, document consent, manage customer relationships, and support compliance obligations;
  • operate, secure, troubleshoot, and improve our website and services;
  • measure website usage and improve content when analytics is enabled with appropriate controls;
  • detect, prevent, and respond to fraud, unauthorized activity, security incidents, or misuse of our website or services;
  • comply with laws, regulations, carrier requirements, contracts, audits, legal process, and regulatory requests; and
  • carry out other purposes that we disclose to you or that are reasonably related to the services you request.

How We Disclose Personal Information

We may disclose personal information as needed for the purposes described in this Privacy Policy, including to:

  • insurance carriers, agencies, brokers, field marketing organizations, and related insurance or financial service providers when needed to provide information, quotes, applications, enrollment support, policy service, or related services;
  • CRM, scheduling, email, text messaging, phone, hosting, security, data storage, document management, website, analytics, and technology service providers;
  • professional advisors, compliance consultants, auditors, attorneys, accountants, and similar advisors;
  • government agencies, regulators, law enforcement, courts, or other parties when required or permitted by law, regulation, subpoena, legal process, or carrier/compliance requirements;
  • third parties involved in a business transaction, such as a merger, sale, reorganization, or transfer of some or all of our business or assets; and
  • other parties with your consent or at your direction.

We may disclose aggregated or de-identified information that does not reasonably identify you. We do not sell personal information. We may use analytics tools, advertising pixels, cookies, tags, and similar technologies, such as Google Analytics, Google Tag Manager, Google Signals, Google Ads, Meta Pixel, or similar services, to understand website activity, measure marketing effectiveness, improve our website and services, and support our business and marketing efforts.

Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, or destruction. These safeguards may include access controls, password protections, encryption where appropriate, secure hosting, vendor controls, training, logging, and procedures for responding to security incidents.

No method of transmission or storage is completely secure. You should avoid sending highly sensitive information through general website forms, email, text message, or chat unless we specifically instruct you to do so through a secure method.

Data Retention

We retain personal information for as long as reasonably necessary to provide services, maintain business and compliance records, respond to inquiries, resolve disputes, comply with legal or regulatory obligations, meet carrier or contract requirements, and protect our rights. Retention periods vary depending on the type of information and the reason it was collected.

Third-Party Links and Services

Our website may link to third-party websites, resources, insurers, government agencies, social media platforms, or other services that we do not control. Those third parties have their own privacy policies and practices. We are not responsible for the privacy practices, security, or content of third-party websites or services.

Minors

The Services are not designed for individuals under the age of 18, and we do not knowingly solicit or collect personal information from individuals under the age of 18. If we gain actual knowledge that we have collected or received personal information relating to anyone under the age of 18, we will take reasonable steps to delete it.

Children’s Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act). We do not knowingly collect personal information from anyone under 13 years of age. Our website, products, and services are directed to adults and are not intended for children under 13.

Correcting Personal Information

You can correct or update certain personal information you have provided to us by contacting us at the phone number or email address listed on this website. You may also contact us to update your communication preferences.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our information practices, technology, services, or legal requirements. The “Last updated” date at the top of this Privacy Policy indicates when it was last revised. Unless otherwise stated, the current version applies to personal information under our control.

Contact Us

If you have questions, requests, or concerns about this Privacy Policy or our information handling practices, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.