Plan: Plan shall mean a combination of My Secure Advantage™ Benefits available to
a Covered Member.
Named Member: Named Member shall mean the individual who is enrolled in the Plan.
Covered Member: Covered Member shall mean others who are covered by a Named Member’s
Plan.
Self-Paying Member: A Self-Paying Member has voluntary chosen to enroll in a Plan under
a self-pay arrangement with the Plan Administrator.
Membership Fee: A Membership Fee is the payment made to the Plan Administrator by a
Self-Paying Member or by a Plan Sponsor on behalf of a Member for access to Benefits
under a My Secure Advantage™ Plan.
Member: Named Member and Covered Member, collectively.
Plan Sponsor: Plan Sponsor shall mean an organization, such as an employer, who has
entered into a separate agreement with the Plan Administrator to provide certain Members
with access to a Plan.
Plan Sponsor Agreement: Plan Sponsor Agreement is the agreement between a Plan Sponsor
and the Plan Administrator that describes the Benefits provided to Members thru the Plan
purchased by the Plan Sponsor.
Plan Administrator: Plan Administrator shall mean My Secure Advantage, Inc., which is
located at 3001 Lava Ridge Court, Suite 250, Roseville, CA 95661.
Money Coach: Money Coach shall mean certain professional individuals who are employees
of the Plan Administrator and who collectively provide the financial services described
in these Terms and Conditions.
Benefits: Benefits shall mean the features of the My Secure Advantage™ Program.
Examples of Benefits as described in these Terms and Conditions are: Financial Coaching,
ID Theft Monitoring/Fraud Resolution, MY SECURE ADVANTAGE™ Website, and Legal/
Mediation referrals.
Third Party Provider: Third Party Provider shall mean all Attorneys, Accountants,
Mediators, and certain other professional individuals who have agreed to offer their
services to Members for a discounted fee. Members may choose to access Third Party
Provider services at the Member’s discretion and under a separate agreement between
Third Party Provider and the Member.
Descriptions/Exclusions/Conditions
Plan Benefits
There may be several Self-Paying Member Plans and each Self-Paying Member will
receive a description of the Benefits available through their Plan at the time
of enrollment. Self-Paying Members can also contact the Plan Administrator for a
description of the Benefits provided by their Plan.
The Plan Administrator reserves the right to change the Benefits associated with
a Self-Paying Member’s Plan at any time and will provide the Member with at
least 30 days advance notice before implementing the change.
The specific Benefits available to a Member through a Plan provided by a Plan
Sponsor are defined by a unique Plan Sponsor Agreement. Members who have access
to a Plan provided by a Plan Sponsor should contact their Plan Sponsor for a
description of their Benefits. The Benefits provided by a Plan Sponsor may
change at any time as dictated by the Plan Sponsor Agreement.
Benefits are described in Section C below.
Term
For Self-Paying Members, the Plan is funded by the Member and coverage begins on
the day that a payment from the Self-Paying Member is received by the Plan
Administrator. Coverage will continue on a month-to-month basis and will end
when terminated by the Plan Administrator or the Self-Paying Member.
The term and termination provisions of a Plan provided by a Plan Sponsor is
defined in the Plan Sponsor Agreement.
Cancellation
Cancellation of Self-Paying Member’s Plan: The Plan Administrator, in its sole
discretion, reserves the right to cancel a Self-Paying Member’s Plan for any
reason,
including either fraud or non-payment of Membership Fees. The Self-Paying Member
may
cancel their Plan at any time by giving written notice to the Plan
Administrator.
Cancellation provisions for a Plan provided by a Plan Sponsor are defined in the
Plan Sponsor Agreement.
Professional Judgment of the Money Coach or Fraud Resolution Specialist: The Plan
Administrator will in no way influence or attempt to affect the rendering of services by
a Money Coach or FRS. The Money Coach and FRS will provide objective and independent
financial coaching and ID theft recovery advice to the best of his or her ability. In
addition, if the Money Coach or FRS makes the decision that it is not in the best
interests of Plan Administrator to advise/pursue a matter/claim on behalf of the member,
then all services may be immediately terminated in the sole discretion of the Money
Coach or FRS.
Professional Judgment of a Third-Party Provider: The Third-Party Provider has the sole
right to determine (in his or her professional judgment) whether or not a claim or
defense under any Benefit constitutes a frivolous or otherwise unmeritorious claim or
defense. This includes decisions to appeal any judgment or decision. Further:
The Third- Party Provider reserves the right to make independent professional
judgments regarding the presentation of same.
The Plan Administrator will in no way influence or attempt to affect the
rendering of eligible services by a Third-Party Provider.
Any errors and omissions of a Third-Party Provider are his or her sole
responsibility. No such liability will be assumed or incurred by either the Plan
Administrator or the Plan Sponsor.
Membership Fees
For Members with access to a Plan provided by a Plan Sponsor, Membership Fees
for this Plan are paid by the Member’s Plan Sponsor and are governed by the Plan
Sponsor Agreement.
Membership fees for a Self-Paying Member Plan are paid by the Member and are
governed by the conditions of Section C of these Terms and Conditions.
Excluded Costs: Fines, court costs, penalties, expert witness fees, bonds, bail bonds,
fees established by state statute and other such out-of-pocket expenses are not covered
by the benefits described in this Agreement. Any such costs will need to be paid by the
Named Member and Covered Member under the terms of the Attorney or Accountant or
Mediator-Client Contract described in Section 9 below.
Attorney or Accountant or Mediator-Client Contract: All legal and accounting services
shall be subject to terms of an Attorney or Accountant or Mediator-Client Contract to be
executed by the Member prior to the time services are rendered. Said contract shall
require payments by the Member to the Third-Party Provider for any anticipated
out-of-pocket costs, plus a retainer that covers all reasonably anticipated legal
services not covered by the Agreement. Appropriate dollar amounts for said retainer and
any anticipated out-of-pocket costs shall be determined by the Third-Party Provider (in
his or her sole discretion). The Member will not be eligible to receive his or her
requested benefit unless and until such payments have been made.
Exclusions Applicable to all Plans - the following financial or legal matters and
services are specifically excluded from coverage under any of the Plans described in any
Agreement or in these Terms and Conditions:
Services Available Under Other Plans or Forms of Insurance: Any financial or
legal service that is available to the Member under another plan or form of
insurance, unless such plan or form of insurance permits subrogation rights
and/or third-party indemnification.
Actions Involving Other Parties: Any legal matter involving an adversarial
relationship between or among the parties, including, but is not limited to, the
Member, the Plan Sponsor, the Plan Administrator and any Third-Party
Provider(s).
Actions Involving Employment: Any actions arising from the Member’s employment.
Class Action Lawsuits and Similar Actions: Class actions, interventions, appeals
or amicus curiae filings.
Conflicts of Interest: Any matter or service that is found by the Third-Party
Provider to be in conflict of interest with his or her practice.
Frivolous or Groundless Claims: Any claim or defense which is deemed by a
Third-Party Provider (at his or her sole discretion) to be frivolous or
groundless.
Respondeat Superior: A Member may not receive coverage solely as a result of the
doctrine of Respondeat Superior.
Issues involving Professional Licensing and Codes of Ethics: Any matter or
service which might subject the professional provider to either ethical
considerations or licensing concerns.
Payments to Third Party Providers: When it is determined by the Member, with the
assistance of the staff Money Coach, that outside services are necessary, the
Covered Member shall contract directly with the Third Party Provider and shall
pay for all professional services fees and costs directly to the Third Party
Provider and shall be solely responsible for payment. All such fees and costs
shall be non-refundable.
Condition of using MSA Wallet: The following notice applies to those Members
that have access to MSA Wallet through their Plan: MSA Wallet uses Plaid
Technologies, Inc. to gather Members’ data from financial institutions. By using
MSA Wallet, you (the Member) grant MY SECURE ADVANTAGE, Inc and Plaid
Technologies, Inc. the right, power, and authority to act on your behalf to
access and transmit your personal and financial information from the relevant
financial institution. By using MSA Wallet you also agree to your personal and
financial information being transferred, stored, and processed by Plaid
Technologies, Inc. in accordance with the Plaid Privacy Policy, which can be
found at:
https://plaid.com/legal
Miscellaneous:
Complaint Resolution: Should the Member at any time have a complaint
with or concern regarding the services provided by staff or a
professional provider, the Member may call or send a written notice to
the Plan Administrator. The Plan Administrator may contact the Member
for additional information, as well as, the staff Money Coach or the
Third-Party Provider for input, within five (5) business days of receipt
of the notice. The Plan Administrator will attempt to resolve the
complaint within thirty (30) days or less of the notice. The Member will
be advised throughout the process of the steps being taken to resolve
the matter, via telephone, email or any other acceptable means of
communication to the Member. The Member expressly waives all matters of
confidentiality for purposes of investigating and resolving any
complaints or concerns.
Binding Arbitration: In the event that any controversy or claim arises
between the Named Member, Covered Member, the Plan Administrator, any
Money Coach, or any combination thereof, which is pursuant to these
Terms and Conditions or pertains to services rendered under the My
Secure Advantage™ Program which cannot be resolved by mutual agreement
between the disputing parties, then such controversy or claim shall be
submitted for settlement by binding arbitration in accordance with the
then-current rules of the American Arbitration Association as full
recourse between the disputing parties.
The arbitrator(s) shall have the power to decide any dispute
between the parties concerning the application or interpretation
of these Terms and Conditions or the rendering of any service
under the My Secure Advantage™ Program. Any such decision
rendered by the arbitrator(s) shall be final and binding upon
all parties, but said arbitrator(s) shall have no power to
change or add to the provisions of these Terms and Conditions or
the rendering of services under the My Secure Advantage™
Program.
If such arbitration includes the Plan Administrator, a Money
Coach, or any employee of MSA, the location of the arbitration
shall be Roseville, California. Prior to the beginning of the
arbitration, each disputing party shall pay an equal share of
the estimated cost of arbitration.
Integration: These Terms and Conditions represent the entire agreement
between the Plan Administrator and the Self-Paying Member and supersede
any advertisements, letters, articles, or written or oral statements,
which pre-date or were made contemporaneously with these Terms and
Conditions.
Severance Clauses: If any section of these Terms and Conditions is deemed null
and void, such section shall be severed and shall not affect the validity of the
rest of these Terms and Conditions.
Out-of-Network Services: Nothing herein shall prevent a Member, at his or her
own expense, from hiring the services of any other money coach, financial
consultant, or any other professional outside of the My Secure Advantage™
Program and it is understood that such services shall be outside of the benefits
provided under this the My Secure Advantage™ Program.
Emails and Newsletters: There are four types of email the Member will receive
from My Secure Advantage:
System emails, which include calendar reminders and other system
generated notices vital to your communication with your Money Coach.
These emails you cannot opt-out of.
Newsletters, financial and ID theft “tips,” and webinar notifications
are sent periodically to all Members. At the bottom of all of these
newsletters is an opt-out link.
Emails to the Member from their Money Coach or Fraud Resolution
Specialist - these emails are to facilitate communication about the
Member’s financial circumstances and may include forms and templates for
the Member’s use.
For Members with an Identity Monitoring benefit, the system will
generate email notifications of potentially suspicious activities
related to identity theft. You cannot opt-out of these emails.
My Secure Advantage™ Benefits
Benefits: Each Plan will include a specific combination of Benefits. Members should
contact the Plan Administrator or their Plan Sponsor to determine the Benefits available
to them through their Plan. The following is a list of Benefits that may be available to
a Member through their Plan. Benefits may be added and/or removed from this list at any
time by the Plan Administrator.
Financial Coaching: Members may have access to a personal Money Coach to work with on an
on-going basis. The frequency and duration of access to a Money Coach will vary
depending upon the specific Plan purchased by the Self-Paying Member or by the Plan
Sponsor Agreement. The personal Money Coach will help the member identify personal
financial goals, assess the Member’s financial situation, and provide a suggested action
plan to accomplish those goals. Financial coaching sessions are by appointment as
requested by the Member and are at times mutually agreed to by both the Member and the
personal Money Coach. The duration of each consultation is typically 30 minutes per
session. The Money Coach may determine that a longer session is necessary. The frequency
of sessions is determined by the Money Coach based upon the progress made during each
session. Either the Money Coach or Plan Administrator shall retain absolute discretion
to end consultation on any issue where continued consultation will not serve the best
interests of the Member.
ID Theft Monitoring/Fraud Resolution:
Identity Monitoring and Fraud Resolution services may be available to a Member
through their Plan.
Identity Monitoring: When enrolled in identity monitoring services, the Member’s
information is monitored across a network of companies who utilize out of wallet
knowledge-based authentication questions to verify an identity during a
transaction. The Member will receive a real-time alert via the email on record
when the out of wallet knowledge-based authentication questions have been
activated.
Fraud Resolution Services: Where Fraud Resolution is included in the Member’s
Plan, the Member whose identity has been compromised will receive access to a
Fraud Resolution Specialists (FRS) who will address and assist in the effort to
repair the Member’s identity. Where comprehensive identity recovery services are
included, these services will include, but are not limited to, working with
creditors, collection companies, collection law firms and credit reporting
agencies. Where comprehensive identity recovery services are included, at the
option of the Member, the FRS will serve as a personal advocate in representing
the Member in disputing and clearing up fraudulent or incorrect claims and
credit records.
Where Identity Fraud Expense Reimbursement Coverage and Unauthorized Electronic
Funds Transfers reimbursement are included – the Member will have access to up
to a total of $1,000,000* in Unauthorized Electronic Funds Transfers” (UEFT)
reimbursement, which includes up to $25,000* in ID Theft Fraud Expense
Reimbursement Coverage for certain expenses incurred in reclaiming the Member’s
identity, with a zero deductible.
*Identity theft insurance underwritten by subsidiaries or affiliates of
American International Group, Inc. The description herein is a summary
and intended for informational purposes only and does not include all
terms, conditions and exclusions of the policies described. Please refer
to the actual policies for terms, conditions, and exclusions of
coverage. Coverage may not be available in all jurisdictions.
ID Fraud Expense Reimbursement Coverage:
This is a summary when a Member’s Plan includes access to ID Fraud Expense
Reimbursement Coverage: This Summary is provided to inform the Member of the My
Secure Advantage™ Plan, that they are entitled to benefits under the Certificate
of Insurance. This Summary Description of Benefits does not state all the terms,
conditions, and exclusions of the Certificate of Insurance. The Member’s
benefits will be subject to all of the terms, conditions, and exclusions of the
Master Certificate of Insurance, even if they are not mentioned in this Summary.
A complete copy of the Certificate of Insurance will be provided upon request.
The Master Policy (“Identity Fraud” Expense Coverage) has been issued to: MY
SECURE ADVANTAGE™ Inc. (the “Master Policy Holder”) to provide benefits as
described in this Summary.
Includes, subject to limitation:
Lost wages, as a result of time taken off from work to reestablish
identity (up to $500 per week for a maximum of four weeks).
Notary and certified mailing costs for completing and delivering fraud
affidavits.
Long distance phone calls associated with reporting an identity theft
and/or reestablishing a victim’s identity.
Attorney fees incurred (with prior consent) from the insurer for:
Defending suits brought incorrectly by merchants, creditors or
collection agencies.
Removing civil judgments and/or criminal convictions wrongly
entered against the victim.
For Member’s, whose Plan includes access to Unauthorized Electronic Funds Transfers
(UEFT) reimbursement, this coverage includes, subject to limitations:
Unauthorized transfers from a Member’s personal (non-business) deposit account
initiated by someone other than the Member and without the Member’s permission.
UEFT covers personal checking, savings and money market accounts, both inside
and outside of retirement accounts.
For Member’s, whose Plan includes the insurance coverage described above: To file a
claim under the Certificate of Insurance, call 1-888-724-2326, Monday through Friday
between the hours of 6:00 am and 8:00 pm PT.
Exclusions and Limitations:
For more information on UEFT reimbursement and ID Theft Fraud Expense
Reimbursement coverage, and exclusions, please contact the Plan Administrator.
Coverage is provided under the Master Policy issued to My Secure Advantage, Inc.
Coverage is subject to all terms, conditions and limitations of the Master
Identity Fraud Reimbursement Expense policy.
UEFT coverage specifically excludes certain accounts and acts. There is no
coverage for business accounts of any nature. Members must have first sought
reimbursement from the financial institution that issued access and held the
funds that were stolen and from which the member has not received reimbursement
from any source.
Website:
For Members whose Plan includes access to the website; the Member will have
access to a secure, private My Secure Advantage™ website that is a
collaborative
tool for coaching, which may include highlights and suggestions from the
Member’s personal Money Coach. The features that may be accessible through the
website include:
MSA Wallet: Members may have access to MSA Wallet, a
Personal
Financial
Management software that will allow Members to track their banking and
investment activity across all of their financial accounts. MSA
Wallet
will allow the Member to set spending and savings goals and provide
alerts or notices that may be electronically communicated to the Member.
The Member dictates what information, if any, is shared with their
personal Money Coach in the MSA Wallet application
Online financial calculators with financial articles
Access to self-help legal forms
On-demand learning through education and instructional videos
Legal/Mediation Referrals: When included in the Member’s Plan, the Member is entitled to
one (1) initial thirty-minute office or telephone consultation at no cost with a network
attorney or mediator. In the event that the Member wishes to retain a participating
attorney or mediator after the initial consultation, the Member will be provided with a
preferred rate reduction of 25% from the attorney's normal hourly or fixed fee rate.
Membership Fees for Self-Paying Members can be paid to the Plan Administrator by debit
or electronic funds transfer, such as ACH or bank account payments, or by a charge to
the Member’s credit/debit card. The Plan Administrator may choose to change the accepted
forms of payment from Self-Paying Members at any time.
Changes to Benefits and/or Membership Fees: Unless otherwise defined by a Plan Sponsor
Agreement, the Plan Administrator reserves the right to replace vendors, change benefits
and/or membership fees at any time. In such event, the Member shall receive no less than
thirty (30) days advance notice of the effective date of any changes.
Terms of Self-Payment
A Self-Paying Member will have access to a My Secure Advantage™ Plan for a
Membership
Fee that is paid by the Self-Paying Member to the Plan Administrator. The Membership
Fees and Benefits provided for those fees will be presented to the Member at the time of
enrollment. The Self-Paying Member will be the sole arbiter of how long they continue
working with their Money Coach under this self-pay arrangement. There are three options
for processing payment: Authorized Payroll Deduction, Bank Account Debit, or Credit
Card.
Authorized Payroll Deductions - This form of payment is only available to Named
Members whose Plan Sponsor offers payroll deductions as an option. When Payroll
Deduction is chosen by a Self-Paying Member as his or her payment method, the
Self-Paying Member accepts and agrees to these Terms and Conditions. Payroll
deductions may be made to the Plan Administrator for those Named Members who
elect to continue with the My Secure Advantage™ Program by becoming
Self-Paying
Members. The Self-Paying Member will authorize a payroll deduction by digital
impression from a recorded phone conversation with an MY SECURE ADVANTAGE™
representative. Payroll deductions, based on the periodic payment schedule of
employees, will take place such that the total sum deducted in any one month of
payroll will not exceed the monthly Membership Fee. Payroll deductions shall
continue until the Plan Sponsor’s human resource or payroll department is
notified in writing by the Plan Administrator or the Self-Paying Member to
discontinue the deductions. The Plan Administrator will submit monthly
identification data in a separate digital file for authorizing Self-Paying
Members in a format acceptable to the Plan Sponsor. The Plan Sponsor will
provide to the Plan Administrator the contact information and data needed to
facilitate the payroll deduction process. Authorized Payroll Deductions are not
available to Covered Members or memberships purchased directly from MSA.
Bank Account Debit: (ACH - Automated Clearing House) When Debit to the
Self-Paying Member’s Bank Account is chosen by a Self-Paying Member as his or
her payment method, the Self-Paying Member accepts and agrees to these Terms and
Conditions.
Bank Account Payments: By choosing to use a bank account as a payment method,
the Self-Paying Member will be able to complete his or her purchase using any
valid automated clearing house ("ACH") enabled bank account at a United
States-based financial institution. By doing so, the Self-Paying Member is
authorizing the Plan Administrator to debit their bank account for the total
amount of the purchase (including applicable taxes, fees and shipping costs). To
complete the transaction, the Plan Administrator, or an agent acting on its
behalf, will create an electronic funds transfer or bank draft, which will be
presented to the Self-Paying Member’s bank or financial institution for payment
from Self-Paying Member’s bank account. The transaction must be payable in U.S.
dollars. The Plan Administrator, in its sole discretion, may refuse this payment
option service to anyone or any user without notice for any reason at any time.
Electronic Signature and ACH Authorization: By choosing your bank account as
your payment method, the Self-Paying Member agrees that:
he or she has read, understands, and agrees to these Terms and
Conditions, and that such agreement constitutes a "writing signed by
you" under any applicable law or regulation,
he or she consents to the electronic delivery of the disclosures
contained in these Terms and Conditions
he or she authorizes the Plan Administrator (or its agent) to make any
inquiries it considers necessary to validate the Self-Paying Member’s
dispute, which may include ordering a credit report and performing other
credit checks or verifying the information provided against third party
databases, and
He or she authorizes the Plan Administrator (or its agent) to initiate
one or more ACH debit entries (withdrawals) for the specified amount(s)
from the Self-Paying Member’s bank account, and the Self-Paying Member
authorizes the financial institution that holds his or her bank account
to deduct such payments.
Returned Payments: If any payments are returned unpaid, the Plan Administrator reserves
the right to charge the Self-Paying Member a returned item fee of twenty-five dollars
($25.00) or the maximum amount allowed by law, which may be added to the Self-Paying
Member’s payment amount and debited from his or her bank account if the Plan
Administrator re-submits an ACH debit due to insufficient funds. The Plan Administrator
may initiate a collection process or legal action to collect unpaid fees. Self-Paying
Member agrees to pay all the Plan Administrator’s costs for such action, including any
reasonable attorneys' fees.
Customer Service: All questions relating to My Secure Advantage™ orders or any
payments
made using Self-Paying Member’s bank account should be directed to the Plan
Administrator, and not to the financial institution that holds the Self-Paying Member’s
bank account. The Plan Administrator may be contacted regarding a Self-Paying Member’s
My Secure Advantage™ order or any payments made using his or her bank account by
calling
the Plan Administrator at 1-888-724-2326.
Error Resolution Policy: If a Self-Paying Member believes that any payment transaction
initiated by the Plan Administrator (or its agent) with respect to his or her bank
account is erroneous, or if the Self-Paying Member needs more information about any such
transaction, he or she should contact the Plan Administrator as soon as possible by
telephone or email using the telephone number or email address provided in Section 4 of
these Terms and Conditions. In any event, the Plan Administrator must hear from the
Self-Paying Member no later than 90 days after the date the questionable transaction
FIRST appeared on the Self-Paying Member’s bank account statement. When contacting Plan
Administrator, provide the following information:
Self-Paying Member’s name and the email address associated with the Self-Paying
Member’s My Secure Advantage™ customer account
a description of the error or the transfer Self-Paying Member is unsure about,
and a clear explanation as to what is believed to be in error or why more
information is needed,
the dollar amount of the suspected error,
the transaction date and associated transaction identification number from
Self-Paying Member’s bank account statement,
a telephone number at which the Self-Paying Member can be reached in case the
Plan Administrator needs further information,
the telephone number of the bank, and
That portion of Self-Paying Member’s bank account statement containing the My
Secure Advantage™ transaction information (if requested).
If the information is provided to Plan Administrator orally, the Plan
Administrator may require that the complaint or question be sent to the Plan
Administrator in writing within ten (10) business days. A "Business Day" means
Monday through Friday, excluding federal banking holidays.
Our Liability: If the Plan Administrator fails to debit the Self-Paying Member’s bank
account in accordance with these Terms and Conditions, in the correct amount, it may be
liable for certain losses directly caused by its failure as the law may impose in such
cases. However, the Plan Administrator will not be liable where:
The Self-Paying Member does not have enough money in their bank account.
Self-Paying Member’s bank account is closed, or withdrawals are restricted.
Terminal or system was not working properly and the Self-Paying Member was
advised of that prior to when he or she initiated the payment.
Circumstances beyond the Plan Administrator’s control (such as flood, fire,
power outages, mechanical or system failures).
Self-Paying Member’s financial institution refuses to honor an ACH debit.
The Self-Paying Member’s instructions were lost or delayed in transmission to
the Plan Administrator.
A reasonable security concern, such as unauthorized use, causes the Plan
Administrator to not honor the Self-Paying Member’s instructions.
This payment option has been discontinued or suspended.
The Plan Administrator advised the Self-Paying Member that their request would
not be processed; and
Other exceptions allowed by law. If the Plan Administrator’s error was
unintentional and resulted from a bona fide error, its liability is limited to
actual damages, which shall not to exceed the total sum of those charges
deducted from the Self-Paying Member’s account in error.
CREDIT CARD PAYMENTS
When a charge to the Self-Paying Member’s Credit Card is chosen by a Self-Paying Member
as his or her payment method, the Self-Paying Member accepts and agrees to these Terms
and Conditions.
By choosing this payment method the Self-Paying Member will be able to complete his or
her purchase using any valid Visa, MasterCard, American Express, or Discover account.
Whenever the Self-Paying Member chooses to pay for an order using their credit card, he
or she is authorizing the Plan Administrator to charge their credit card for the total
amount of purchase, which includes monthly charges or other recurring charges. To
complete the transaction, the Plan Administrator, or an agent acting on its behalf, will
create a credit card charge equal to the Self-Paying Member’s "Purchase Total", which
will be presented to his or her credit card account. The transaction must be payable in
U.S. dollars. The Plan Administrator, in its sole discretion, may refuse this payment
option service to anyone or any user without notice for any reason at any time.
Electronic Signature: By choosing your credit card as your payment method, the
Self-Paying Member agrees that:
He or she has read, understands, and agree to these Terms and Conditions, and
that such agreement constitutes a "writing signed by you" under any applicable
law or regulation,
He or she consents to the electronic delivery of the disclosures contained in
these Terms and Conditions,
He or she authorizes the Plan Administrator (or its agent) to make any inquiries
it considers necessary to validate Self-Paying Member’s dispute, which may
include ordering a credit report and performing other credit checks or verifying
the information provided against third party databases, and
He or she authorizes the Plan Administrator (or its agent) to initiate one or
more credit card charges for the specified amount(s).
Returned Payments: If any payments are returned unpaid, the Plan Administrator reserves
the right to charge the Self-Paying Member an insufficient funds fee of twenty-five
dollars ($25.00).
Customer Service: All questions relating to My Secure Advantage™ orders or any
payments made using the Self-Paying Member’s credit card should be directed to the Plan
Administrator, and not to the Self-Paying Member’s credit card company. My Secure
Advantage™ 1-888-724-2326 will show up on the Self-Paying Member’s credit card
descriptor. The Self-Paying Member may contact the Plan Administrator regarding his or
her My Secure Advantage™ order or any payments made using his or her credit card
by
calling us at 1-888-724-2326.
Error Resolution Policy: If a Self-Paying Member believes that any payment transaction
initiated by the Plan Administrator (or its agent) with respect to his or her credit
card is erroneous, or if the Self-Paying Member needs more information about any such
transaction, he or she should contact the Plan Administrator as soon as possible by
telephone or email using the telephone number or email address provided in section (4)
of these Terms and Conditions. In any event, the Plan Administrator must hear from the
Self-Paying Member no later than 90 days after the date the questionable transaction
FIRST appeared on the Self-Paying Member’s credit card account statement. When
contacting the Plan Administrator, provide us with the following information:
Self-Paying Member’s name and the email address associated with their My Secure
Advantage™ customer account,
a description of the error or the payment the Self-Paying Member unsure about,
and a clear explanation as to what is believed to be in error or why more
information is needed,
the dollar amount of the suspected error,
the transaction date and associated transaction identification number from
Self-Paying Member’s credit card account statement,
a telephone number at which the Self-Paying Member can be reached in case the
Plan Administrator needs further information,
the telephone number of the credit card company, and
that portion of Self-Paying Member’s credit card account statement containing
the My Secure Advantage™ transaction information (if requested)
If the information is provided to the Plan Administrator orally, the Plan
Administrator may require that the complaint or question be sent to the Plan
Administrator in writing within ten (10) business days. A "business day" means
Monday through Friday, excluding federal banking holidays.
Our Liability: If the Plan Administrator fails to charge the Self-Paying Member’s credit
card account in accordance with these Terms and Conditions, in the correct amount, it
may be liable for certain losses directly caused by our failure as the law may impose in
such cases. However, the Plan Administrator will not be liable where:
The Self-Paying Member’s credit card returns as insufficient funds.
The Self-Paying Member’s credit card account is closed or charges restricted.
Any terminal or system was not working properly and the Self-Paying Member was
advised of that before he or she initiated the payment.
Circumstances beyond the Plan Administrator’s control (such as flood, fire,
power outages, mechanical or system failures).
Self-Paying Member’s credit card company refuses to honor the transaction.
The Self-Paying Member’s instructions are lost or delayed in transmission to us.
A reasonable security concern, such as unauthorized use, causes the Plan
Administrator not to honor the Self-Paying Member’s instructions.
This payment option has been discontinued or suspended.
The Plan Administrator advised the Self-Paying Member that their request would
not be processed.
Other exceptions allowed by law. If the Plan Administrator’s error was
unintentional and resulted from a bona fide error, its liability is limited to
actual damages, which shall not to exceed the total sum of those charges
deducted from Self-Paying Member’s credit card account in error.
CANCELLATION POLICY:
The Self-Paying Member may cancel his or her membership at any time by calling us at
1-888-724-2326 and ask for an MY SECURE ADVANTAGE™ Representative. For any such
cancellations, the following rules apply:
Definitions
Billing Day: The same day each month as the enrollment date. For example, if the
enrollment date = June 5, the billing day in subsequent months = July 5, August
5, September 5, and so on.
Billing Month: A one-month period that commences on the billing day and ends on
the day before the next billing day. For example, if the enrollment date is June
5, the billing months would be as follows:
Billing month 1 = June 5 - July 4
Billing month 2 = July 5 - August 4
Billing month 3 = August 5 - September 4
And so on.
Billing Period: The period of time that corresponds with billing frequency:
Monthly = 1 billing month
Quarterly = 3 billing months
Annually = 12 billing months
Rules
Cancellations within the first five (5) calendar days of the billing period:
If you cancel within (5) days of the start of your billing period, you are
entitled to a full refund for that billing month, and all future billing months,
in your billing period (for which you have paid).
Cancellations after six (6) or more calendar days after start of billing period:
If you cancel (6) days or more after the start of your billing period, you will
receive a full refund for all subsequent billing months remaining in the billing
period (for which you have paid). You will be entitled to full identity theft
benefits during the billing month in which the cancellation notice is received
by Plan Administrator.
Security
Data Security: The My Secure Advantage™ Website uses SSL-encryption technology
when
transferring and receiving member data. This same level of encryption is used if Member
information is transferred to an affiliate’s website. We have employed reliable
encryption services to protect against the loss, misuse, or alteration of information
that has been collected from members. The servers that store personally identifiable
information on are kept in a secure environment. We take reasonable security measures to
protect against unauthorized access to or the unauthorized alteration, disclosure or
destruction of data. These include daily malware scanning, PCI compliant network
vulnerability scans, regular network penetration testing, internal reviews of data
collection, storage and processing practices and security measures, as well as physical
security measures to guard against unauthorized access to systems where personal data
are stored. We restrict access to personal information to employees, contractors and
agents who need to know information in order to operate, develop or improve our
services. These individuals are bound by confidentiality obligations and may be subject
to discipline, including termination and criminal prosecution, if they fail to meet
these obligations. Although we strive to have to have the best security, perfect
security is unattainable; you understand and agree that there is a certain intrinsic
risk in transmitting data over the internet.
Hosting Provider: MySecureAdvantage.com uses Amazon AWS Elastic Compute Cloud (EC2)
hosting environments. Security within Amazon EC2 is provided on multiple levels; the
operating system (OS) of the host system, the virtual instance operating system or guest
OS, a stateful firewall and signed API calls. Amazon continually manages risk and
undergoes recurring assessments to ensure compliance with industry standards. Amazon’s
data center operations have been accredited under:
ISO 27001
SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
Host Operating System: AWS administrators are required to use their individual
cryptographically strong SSH keys to gain access to a bastion host. These
bastion hosts are specifically built systems that are designed and configured to
protect the management plane of the cloud. Once connected to the bastion,
authorized administrators are able to use a privileged escalation command to
gain access to an individual host. All such accesses are logged and routinely
audited. When an AWS employee no longer has a business need to administer EC2
hosts, their privileges on and access to the bastion hosts are revoked.
Guest Operating System: Virtual instances are completely controlled by the
customer. They have full root access and all administrative control over
additional accounts, services, and applications. AWS administrators do not have
access to customer instances and cannot log into the guest OS. Customers should
disable password-based access to their hosts and utilize token or key-based
authentication to gain access to unprivileged accounts. Further, customers
should employ a privilege escalation mechanism with logging on a per-user basis.
For example, if the guest OS is Linux, utilize SSH with keys to access the
virtual instance, enable shell command-line logging, and use the 'sudo' utility
for privilege escalation. Customers should generate their own key pairs to
guarantee that they are unique and not shared with other customers or with AWS.
Firewall: Amazon EC2 provides a complete firewall solution; this mandatory
inbound firewall is configured in a default deny mode and the Amazon EC2
customer must explicitly open any ports to allow inbound traffic. The traffic
may be restricted by protocol, by service port, as well as by source IP address
(individual IP or CIDR block). The firewall can be configured in groups
permitting different classes of instances to have different rules, for example
the case of a traditional three-tiered web application. The group for the web
servers would have port 80 (HTTP) and port 443 (HTTPS) open to the world. The
group for the application servers would have port 8000 (application specific)
accessible only to the web server group. The group for the database servers
would have port 3306 (MySQL) open only to the application server group. All
three groups would permit administrative access on port 22 (SSH), but only from
the customer's corporate network. Highly secure applications can be deployed
using this expressive mechanism. The firewall is controlled not by the
host/instance itself, however requires the customer's X.509 certificate and key
to authorize changes, thus adding an extra layer of security. Within EC2, the
host administrator and cloud administrator can be separate people, permitting
two-man rule security policies to be enforced. In addition, AWS encourages
customers to apply additional per-instance filters with host-based firewalls
such as IPtables. This can restrict both inbound and outbound traffic on each
instance. The level of security afforded by the firewall is a function of which
ports are opened by the customer, and for what duration and purpose. The default
state is to deny all incoming traffic, and developers should plan carefully what
they will open when building and securing their applications. Well-informed
traffic management and security design is still required on a per-instance
basis.
API: Calls to launch and terminate instances, change firewall parameters, and
perform other functions are all signed by an X.509 certificate or the customer's
Amazon Secret Access Key. Without access to the customer's Secret Access Key or
X.509 certificate, Amazon EC2 API calls cannot be made on their behalf. In
addition, API calls can be encrypted in transit with SSL to maintain
confidentiality. Amazon recommends always using SSL-protected API endpoints.
The Hypervisor: Amazon EC2 currently utilizes a highly customized version of the
Xen hypervisor, taking advantage of paravirtualization. Because para-virtualized
guests rely on the hypervisor to provide support for operations that normally
require privileged access, it is possible to run the guest OS with no elevated
access to the CPU. This explicit virtualization of the physical resources leads
to a clear separation between guest and hypervisor, resulting in strong security
separation between the two.
Instance Isolation: Different instances running on the same physical machine are
isolated from each other utilizing the Xen hypervisor. Amazon is an active
participant and contributor within the Xen community, which ensures awareness of
potential pending issues. In addition, the aforementioned firewall resides
within the hypervisor layer, between the physical interface and the instance's
virtual interface. All packets must pass through this layer, thus an instance's
neighbors have no additional access to that instance, and can be treated as if
they are on separate physical hosts. The physical RAM is separated using similar
mechanisms. Customer instances have no access to raw disk devices, but instead
are presented with virtualized disks. The AWS proprietary disk virtualization
layer automatically wipes every block of storage used by the customer and
guarantees that one customer's data is never exposed to another. Note that
unintentionally leaving data on disk devices is only one possible breach of
confidentiality; many others exist, and for this reason AWS recommends that
customers further protect their data using appropriate means. One common
solution is to run an encrypted file system on top of the virtualized disk
device.
Network Security: The Amazon AWS network provides significant protection against
traditional network security issues and further protection is added as new
threats rise. A few of these threats and how they are averted is described
below.
Distributed Denial Of Service (DDoS) Attacks: AWS API endpoints are hosted on
the same Internet-scale, world class infrastructure that supports the Amazon.com
retail site. Standard DDoS mitigation techniques such as syn cookies and
connection limiting are used. To further mitigate the effect of potential DDoS
attacks, Amazon maintains internal bandwidth which exceeds its provider-supplied
Internet bandwidth.
Man In The Middle (MITM) Attacks: All of the AWS APIs are available via
SSL-protected endpoints which provides server authentication. Amazon EC2 AMIs
automatically generates new SSH host keys on first boot and log them to the
console. Customers can then use the secure APIs to call the console and access
the host keys before logging into the instance for the first time. Customers are
encouraged to use the SSL endpoints for all of their interactions with AWS.
IP Spoofing: Amazon EC2 instances cannot send spoofed traffic. The Amazon
-controlled, host-based firewall infrastructure will not permit an instance to
send traffic with a source IP or MAC address other than its own.
Port Scanning: Port scans by Amazon EC2 customers are a violation of the Amazon
EC2 Acceptable Use Policy (AUP). Violations of the AUP are taken seriously, and
every reported violation is investigated. When Port scanning is detected it is
stopped and blocked. Port scans of Amazon EC2 instances are generally
ineffective because, by default, all inbound ports on Amazon EC2 instances are
closed.
The customer's strict management of security groups can further mitigate the
threat of port scans. If the customer configures the security group to allow
traffic from any source to a specific port, then that specific port will be
vulnerable to a port scan. In these cases, the customer must use appropriate
security measures to protect listening services that may be essential to their
application from being discovered by an unauthorized port scan. For example, a
web server must clearly have port 80 (HTTP) open to the world, and the
administrator of this server is responsible for ensuring the security of the
HTTP server software, such as Apache.
Packet Sniffing By Other Tenants: It is not possible for a virtual instance
running in promiscuous mode to receive or "sniff" traffic that is intended for a
different virtual instance. While customers can place their interfaces into
promiscuous mode, the hypervisor will not deliver any traffic to them that is
not addressed to them. This includes two virtual instances that are owned by the
same customer, even if they are located on the same physical host. Attacks such
as ARP cache poisoning do not work within EC2. While Amazon EC2 does provide
ample protection against one customer inadvertently or maliciously attempting to
view another's data, as a standard practice, customers should encrypt sensitive
traffic.
Physical Security: AWS data centers are housed in nondescript facilities.
Physical access is strictly controlled both at the perimeter and at building
ingress points by professional security staff utilizing video surveillance,
intrusion detection systems, and other electronic means. Authorized staff must
pass two-factor authentication a minimum of two times to access data center
floors. All visitors and contractors are required to present identification and
are signed in and continually escorted by authorized staff. AWS only provides
data center access and information to employees and contractors who have a
legitimate business need for such privileges. When an employee no longer has a
business need for these privileges, his or her access is immediately revoked,
even if they continue to be an employee of Amazon or Amazon Web Services. All
physical access to data centers by AWS employees is logged and audited
routinely. AWS data centers have automatic fire detection and suppression
equipment, redundant electrical power systems, climate and temperature controls.
When a storage device has reached the end of its useful life, AWS procedures
include a decommissioning process that is designed to prevent customer data from
being exposed to unauthorized individuals. AWS uses the techniques detailed in
DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST
800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the
decommissioning process. All decommissioned magnetic storage devices are
degaussed and physically destroyed in accordance with industry-standard
practices.
Access to the Hosting Provider: MY SECURE ADVANTAGE™ connects to the
Amazon EC2 environments through a virtual private cloud (VPC) with a public
subnet and a private subnet. This allows MY SECURE ADVANTAGE™ to run a
public-facing web application, while maintaining back-end servers that aren't
publicly accessible. The instances in the public subnet can receive inbound
traffic directly from the Internet, whereas the instances in the private subnet
can't. The instances in the public subnet can send outbound traffic directly to
the Internet, whereas the instances in the private subnet can't. Instead, the
instances in the private subnet can access the Internet by using a network
address translation (NAT) instance that is launched into the public subnet.
Configuration Security: AWS provides two features to increase security in the
VPC: security groups and network ACLs. Both features enable control of the
inbound and outbound traffic for the instances, but security groups work at the
instance level, while network ACLs work at the subnet level. Both security
groups and network ACLs are used to provide an additional layer of security.
Information Collected: In order to provide Members with the MY SECURE
ADVANTAGE™
Wellness Plan and the My Secure Advantage™ Plan, two types of information
may be
collected; Personally Identifiable Information and Non-Personally Identifiable
Information.
Plan Sponsor Provided Benefit: Your Plan Sponsor may not have independently verified the
security of the MY SECURE ADVANTAGE™ Website. By using the MY SECURE
ADVANTAGE™ Website,
you agree that your Plan Sponsor is not responsible for any security breach to the MY
SECURE ADVANTAGE™ Website, and agree to indemnify and hold harmless your Plan Sponsor,
Plan Sponsor’s affiliates, officers, directors, and employees from and against all
losses, damages, liabilities, deficiencies, actions, judgements, costs, or expenses of
whatever kind arising out of, or resulting from, any security breach of the MY SECURE
ADVANTAGE™ Website.
Password Management: To protect your MySecureAdvantage Account, keep your password
confidential. You are responsible for managing the security of your password and the
resulting activity that happens on or through your MySecureAdvantage Account should your
password be compromised. Try not to reuse your password on third-party applications. If
you learn of any unauthorized use of your password or MySecureAdvantage Account, please
go to your account and change your password. Please notify MySecureAdvantage by calling
888-724-2326.