Privacy Notice

Last updated on June 20, 2024

FSA Store Inc. ("FSA Store", “we”, “our”, “us”) is committed to protecting the information we collect via our website: (“Website”), as well as information we collect when we interact with you by phone, electronically, or in-person. This privacy notice describes the types of information we collect and how such information is used. It also describes the choices available to you regarding our use of certain information collected about you and how you can access, update and delete this information.

This privacy notice applies to information we collect:

  • on our Website;
  • through email, text, and other electronic messages between you and our Website;
  • over the phone, via email or through our webform or chat function between you and our Customer Service Team; and
  • when you interact with our advertising and applications on third-party websites or when using third-party services if those applications or advertising include links to this Privacy Notice.

It does not apply to information collected by:

  • any third party, including through any application or content (including advertising) that may link to or be accessible from or through our Website.

Please read this Privacy Notice carefully prior to your use of, or creation of an account on, our Website. If you do not agree to abide by this privacy notice, please do not use our Website or create an account.

This Privacy Notice may change from time to time and should be read in conjunction with our Website Terms of Use, which include all disclaimers of warranties and limitation of liabilities.

1. Information We Collect About You and How We Collect It

We collect information from and about you (“Personal Information”), including information:

  • by which you may be personally identified, such as name, mailing address, email address, or telephone number (“Personal Information”);
  • regarding your spending account and/or employer information; your spending account balance; your purchases and preferences;
  • that is about you but individually does may not specifically identify you, such as your geographic location; and/or
  • about your internet connection, the equipment you use to access our Website, your IP address, and usage details.

We collect this information:

  • directly from you when you provide it to us or enroll in our services;
  • automatically as you navigate through our Website (information collected automatically may include usage details and information collected through cookies, web beacons, and other tracking technologies); or
  • from third parties, including Third-Party Administrators.

2.             Information You Provide Us:

The information we collect on or through our Website may include information you provide:

  • when you provide contact information such as name, email address, mailing address, billing address or phone number;
  • when you create an account on our Website;
  • when you interact with your account on our Website by updating your information, providing us your deadline information or letting us know your grace period status;
  • when you enroll in or participate in our loyalty programs including, but not limited to FSA Perks®;
  • when you use our FSA calculator;
  • when you participate in sweepstakes or contests that we offer on our Website or in partnership with third parties;
  • when you participate in quizzes or surveys that we administer on our Website, via email or in partnership with third parties;
  • when you redeem coupons or offers from us;
  • when you enroll in or participate in our integration services including, but not limited to single sign-on, balance display, cardless pay, or DirectPay;
  • when you enroll in or participate in our receipt tracking services including, but not limited to Expense Dashboard;
  • when you indicate that you are interested in receiving information about our products or services, such as email alerts, SMS texts and other notifications;
  • when you interact with our SMS texts, including your messaging history and any information included in those messages;
  • when you add a product to your cart on our Website;
  • when you make a transaction on our Website, including purchase history, order status (for tracking purposes);
  • when you make returns or exchanges and your financial information such as your credit or debit card information to process your payment;
  • when you interact with our Website and other services including content you post such as reviews, testimonials, and other feedback;
  • when you use our Website, including search terms, pages you visit, computer and mobile device information and general location information from your browser or device; and
  • when you share your social media account information with us.

Usage Information: We may also collect information that is not Personal Information, but that relates to your usage of our Website and that may be necessary for the proper functioning or improvement of our Website (“Usage Information”), including:

  • the dates and times at which you use our Website;
  • the extent of your use of our Website;
  • the general location from which you access and/or use our Website;
  • the URL or advertisement that referred you to our Website;
  • the search terms you entered into a search engine that led you to our Website;
  • your usage preferences, areas and pages within our Website that you access or use, which products/services you view or purchase, and any other items or links within our Website that you click, view or access; and
  • the mobile platform or service provider you use, your browser type, your operating system, and referring/exit pages.

We may collect Usage Information over time and across third-party websites or other online services for behavioral tracking purposes.

Third Party Information: We may collect information about you that we receive from third parties (“Third-Party Information:”). For example, we may supplement certain information that we collect from you with outside records, or information third parties may provide us about you in connection with a co-marketing or other agreement.

While Usage Information and Third-Party Information are generally non-identifying on a standalone basis, we may in certain instances combine this information with other information collected on our Website, as described above. If Usage Information can be used to identify you, we treat such information as Personal Information.

3.             Categories of Personal Information We Process

For purposes of this Privacy Notice, the term “Personal Information” means information about you that can identify you individually or by household.

In the past 12 months, we have processed the categories of Personal Information listed in the table below. The table also lists, for each category, the source, business purpose, and a general description of third parties to whom this information may be disclosed.

Personal Information Category Source of Information Business Purpose Third Parties to Whom Information is Shared
Identifiers (e.g., name, mailing address, email address, IP address) You, your company, and/or your use of our Website To contact you; provide you or your company, or other HSA Store customers with goods, services, or information you or your company request; or to make our products and services better We disclose your information to service providers, such as mailing fulfillment vendors and companies that help us identify you and your preferences, to conduct our business. We may also share your personal information with other service providers, such as credit card processors or professionals, like attorneys or accountants, where necessary for our business. We may also share this information with advertisers for cross-context behavioral i.e., targeted advertising.
Payment information (e.g., credit card information) You, your company, and/or your use of our Website See above See above
Commercial information (e.g., products or services purchased or considered); your favorite products on our Website You, your company, and/or your use of our Website See above See above
Internet or other similar network activity; Website usage information You, your company, and/or your use of our Website See above See above
Geolocation data (e.g., physical location) You, your company, and/or your use of our Website See above See above
Inferences drawn from other Personal Information You, your company, and/or your use of our Website See above See above
Information concerning your spending account, including as needed for our DirectPay service (e.g., name, age, postal address, phone number, account balance, employer identification, participant identification, administrator identification) You, your plan’s Third-Party Administrator To display account information to you; to administer our DirectPay service See above

Generally, we retain Personal Information for as long as it serves the business purpose for which it was collected, if there is a specific retention period required by law or contract, the Personal Information will be retained for that length of time. Where we collect Personal Information in relation to our DirectPay service, we collect your consent to do so. After you have enrolled, you can opt out of the DirectPay service by logging in to your account portal and following the opt out prompts.

4.             Sensitive Personal Information

Under applicable law, some categories of Personal Information are considered sensitive, requiring, in some cases, that we obtain your consent to process such information, and that we take certain additional steps to protect it. The table below lists the categories of Sensitive Personal Information we have processed in the last 12 months, the purposes for such processing, and whether we sell or share Sensitive Personal Information.

Sensitive Personal Information Category Business Purpose Sold or Shared for Purposes of Targeted Advertising?
Financial account or spending account information, including account log-in, financial account, debit card, or credit card number and potential credentials allowing access to an account To allow you to make purchases; to display spending account information; to offer you the DirectPay service No
Health information To offer you products and services you may need or be interested in; to answer your questions via our chat function No

We retain Sensitive Personal Information as per our general retention practices, noted above. We only process your Sensitive Personal Information as necessary to perform the services or provide the goods that you reasonably expect when dealing with us, or as otherwise authorized by law. 

5.        Use of Personal Information

We may use the Personal Information we collect to:

  • identify you and improve and/or customize our Website;
  • complete your transactions, fulfill your orders or process your returns/exchanges;
  • send you browse or cart reminders, order confirmations and other administrative or account notices;
  • send you requested product or service information;
  • respond to customer service requests, questions or comments;
  • administer your account and manage your account information;
  • send you emails;
  • send you SMS messages (subject to certain terms described herein);
  • contact you with offers, promotions, and other product specials;
  • send you more relevant marketing communications and general Website information/updates;
  • create a more personalized shopping experience and customize certain content you see on our Website;
  • identify trends, conduct data analysis, optimize, and determine the effectiveness of our marketing and promotions and other service offerings;
  • improve your user experience and increase the efficiency and effectiveness of our Website;
  • analyze Website usage;
  • maintain security;
  • enforce our Terms of Use;
  • support purposes that we believe are necessary to protect our rights and the rights of others, or as otherwise described to you at the time of collection;
  • perform internal operations that are reasonably aligned with your expectations as a consumer or reasonably anticipated based on your existing relationship with us; and
  • perform internal operations that are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by you or the performance of a contract with you.

We may also use certain information on an aggregated and/or anonymized basis to conduct market research, engage in project planning, for troubleshooting purposes or to help detect and protect against error, fraud or other criminal activity. We will not de-aggregate or re-identify the aggregated and/or anonymized data that we process. 

6.        Disclosure of Personal Information

We may disclose Personal Information that we collect or that you provide us as described in this Privacy Notice:

  • to any of our current or future subsidiaries or affiliates;
  • to contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep such Personal Information confidential and use it only for the purposes for which we disclose it to them;
  • to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our Website users or customers is among the assets transferred;
  • to third parties to market their products or services to you if you have consented to these disclosures;
  • to fulfill the purpose for which you provide it;
  • for any other purpose disclosed by us when you provide the information; and
  • with your consent.

We may also disclose your Personal Information:

  • to comply with any court order, law, or legal process, including to respond to any government, law enforcement, or regulatory request;
  • to enforce or apply our Terms of Use and other agreements, including for billing and collection purposes; and
  • if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of FSA Store, our customers, or others; this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

We may disclose aggregated information or any information that does not identify any individual without restriction.

7.        Cookies and Other Tracking Technologies

We may use cookies, for example, to keep track of your preferences and profile information, or to engage in certain retargeting activities that we feel will better enhance your user experience and the efficiency and effectiveness of our Website and certain product and service offerings. For example, we may use cookies to track the items in your shopping cart and may use that information to send you triggered text campaigns (e.g., sending you personalized text messages such as browse reminders or shopping cart reminders). Cookies are also used to collect Website usage information.

Cookies are small pieces of information that are stored as text files by your Internet browser on your computer’s hard drive, mobile device, or tablet. Most Internet browsers are initially set to accept cookies. You can set your browser to refuse cookies from websites or to remove cookies from your hard drive, but if you do so, you may not be able to access or use portions of our Website, or certain offerings on our Website may not function as intended. We must use cookies to enable you to select products, place them in an online shopping cart, and to purchase those products. If you do this, we will keep a record of your browsing activity and purchases.

We may use a third-party service to place cookies on your computer to collect information and compile aggregated statistics for us about visitors to our Website.

We do not control third parties’ collection or use of your information to serve interest-based advertising. For more information about these forms of targeted advertising and to understand your right to opt out from these practices, please visit: Additional information on how to opt out of targeted advertising practices of NAI or DAA affiliated advertisers is available here: NAI Opt Out or DAA Opt Out. To further prevent targeted advertising based on browser behavior, you can disable digital tracking tools on your browser.

Note, because we do not sell Personal Information and because such signals are not standardized, we do not respond to “Do Not Track” signals or Global Privacy Controls.

8.        Web Beacons

Our Website pages may contain electronic images known as web beacons (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our Website is used, and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our customer communications and marketing campaigns.

We also use third parties to gather information about how you use our Website. For example, we will know how many users access a specific page and which links they clicked on. We use this aggregated information to understand and optimize how our Website is used.

9.        Use of Chatbots 

We may use automated chat features, or “chatbots” on our Website. Information collected by a chatbot is used only for the intended purpose stated at the time of collection, such as to answer a specific user question. We will only collect the information a user submits as part of a chatbot conversation, along with session information described generally above. We recommend that users not submit Personal or Sensitive Personal Information through the chatbot features unless specifically prompted to do so. We may recommend products based on your questions submitted through the chatbot, but you should not take chatbot suggestions as medical advice. If you have a specific question requiring a detailed response, we recommend contacting Customer Service at (888) 372-1450. 

10.      Email Opt-Out

We maintain a strict “no-spam” policy. Unless you request otherwise in your account settings at the time of your initial account creation or specifically opt out as provided below, by accepting the Terms of Use and this Privacy Notice, you expressly agree that we may use your information to contact you by email in order to deliver you information that is relevant to your use of our Website such as administrative notices, product offers, service enhancements or “newsletters”, or that, in some cases, is targeted to your interests, such as targeted advertisements or information about certain eligible products (including deals, discounts or other promotions for such products) that we believe you may be interested in learning more about. You may choose to stop receiving these email communications from us by following the instructions included in such communications or by accessing your account at My Account and changing your email preferences. If a third-party vendor provides such newsletters, you may unsubscribe in accordance with the instructions provided by such third party. If you are having problems unsubscribing, please contact us at [email protected] (forwarding the newsletter, if applicable, and including in the Subject line the words “Unsubscribe”), and we will make commercially reasonable efforts to complete your request within seven (7) business days. Please note that we cannot process any unsubscribe requests submitted as direct replies to any newsletter.

11.      SMS Opt-In and Out

By providing your mobile phone number and deadline information, and electing to opt-in to our SMS messaging program via our Website or by sending us an opt-in text message, you confirm that you are the subscriber or customary user of that mobile phone number and affirmatively consent to our use of your mobile phone number for calls and texts (including prerecorded and/or by automatic telephone dialing systems) in order to provide you with (i) order confirmations and tracking information; (ii) reminder notifications regarding your account deadline (Note: deadline information provided is based solely on the information you provide us; we cannot confirm the validity of the information provided.); (iii) information and reminders regarding certain eligible product offerings and promotions; (iv) information and reminders regarding certain product specials, deals and discounts; (v) any push notifications delivered by us; and (vi) browse or cart reminders (Note: FSA Store uses cookies to collect information around abandoned shopping carts. A cart is considered abandoned within one hour of inactivity/lack of purchase. Once the cart is considered abandoned, an SMS message will be sent as a reminder.). Message frequency may vary. We will not assess any charges for calls or texts, but standard message and data rates may apply. If you have any questions or need assistance regarding any text message received, you can text us “HELP” to receive assistance. You may opt-out of receiving text messages from us by texting “STOP” in response to any text. You understand that we may send you a text confirming any opt-out by you.

12.      Sweepstakes, Contests and Promotions

We may offer sweepstakes, contests, and other promotions (each a “Promotion”) that may require registration. By participating in a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor(s) of the Promotion to use your name, voice, likeness, or other indicia of persona in advertising or marketing associated with the Promotion. If you choose to enter a Promotion, your Personal Information may be disclosed to third parties or the public in connection with the administration of such Promotion, including, without limitation, in connection with winner selection, prize fulfillment, and as required by law or permitted by the Promotion’s official rules, such as on a winner’s list.

13.      Links to Other Websites

Our Website may include links to other websites, mobile applications, or services (“Third-Party Sites”), whose privacy practices may differ from ours. Such links are not an endorsement by FSA Store of those Third-Party Sites and/or the products or services they offer. If you visit Third-Party Sites, or submit information to Third-Party Sites, your visit, and the information you provide is governed by the privacy statements on those sites. We encourage you to carefully read the privacy statement of any Third-Party Site you visit, as it may differ substantially from that of this Privacy Notice. FSA Store makes no representations or warranties nor is FSA Store responsible for the privacy statements of any third party. If you decide to click on any such links or access any Third-Party Sites appearing on our Website, you do so at your own risk.

Our Website includes hyperlinks to an eyewear/optical prescription fulfillment website. Our Terms of Use and this Privacy Notice do not extend to such eyewear/optical prescription fulfillment website, and we therefore encourage you to review the terms and conditions and privacy statement of such fulfillment website before accessing, using, or providing any information to such website. Any Personal Information, including prescription and credit card information, that you provide via the eyewear/optical prescription fulfillment website will be governed by the privacy statement of such website.

14.      Children

We are committed to protecting the privacy and rights of children online. To that end, no part of our Website is directed towards persons under the age of 16 and we do not collect any Personal Information from users who we know are under the age of 16. Should we discover or be informed that a child has submitted their Personal Information, we will delete such information.

15.      Security

The security of your information is important to us. When you enter payment information into our Website, we encrypt its transmission. We use appropriate administrative, technical, and physical safeguards to protect the information submitted to us, both during transmission and once we receive it, and to keep such information confidential (unless it is non-confidential by nature, for example, publicly available information) and free from any unauthorized access or alteration. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and the nature of security risks is constantly evolving. The security of any information collected, stored, or used by us cannot be guaranteed. 

If you have any questions about security on our Website, you can contact us at [email protected].

16.      Accessing and Updating Your Personal Information

To access and update your Personal Information go to My Account.

17.      Your Rights and Choices

We will not sell the Personal Information we collect. However, we may share it with third parties for cross-context behavioral, i.e., targeted advertising. To opt-out of Personal Information sharing for targeted advertising purposes, email [email protected]. We will not share the mobile information we collect for targeted advertising purposes. However with your authorization, we will share your mobile information with service providers solely for the purpose of providing our marketing e.g., when you sign up to receive SMS texts from us.

Applicable law may provide consumers with specific rights regarding their Personal Information. This section describes these rights and explains how to exercise them. You may also have the right to appeal our decision regarding your request.

Access to Specific Information and Data Portability Rights

You may have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting or selling that Personal Information.
  • The categories of third parties with whom we share that Personal Information.
  • The specific pieces of Personal Information we collected about you.

You may also have the right to a copy of the Personal Information we have collected from you in a readily useable, electronic format.

Deletion Request Rights

You may have the right to request that we delete any of your Personal Information that we collected from or about you, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) applicable Personal Information from our records, unless an exception applies. Please note that if you wish to have Personal Information collected by one of our affiliate sites (e.g., optical) deleted, you must contact that affiliate directly and follow the data deletion request process outlined in that affiliate's privacy notice to do so.  

Correct Inaccurate Information

You can make any corrections needed in your profile by logging into My Account. If you need to correct any other Personal Information that we process concerning you, please contact us as noted below.

Exercising Data Rights

To exercise any of the rights described above, please submit a verifiable consumer request to us by either:

Only you, or a person duly authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. We will need proof showing you have authorized someone else to make a request on your behalf, which may include a Power of Attorney form or other signed document.

Before we fulfill a deletion, access, or correction request, we must verify your identity and ability to exercise some of these rights. In order to do this, we may require you to provide your name, contact information and the nature of your relationship with us.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific Account.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless authorized by law. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

If we reject your request, you may have the right to appeal our decision. If we reject your request, we will provide instructions on how to make an appeal.


Of course, we will not discriminate against you for exercising any of your data rights. Unless permitted by applicable law, we will not do any of the following, if you exercise your data rights:

  • deny you goods or services;
  • charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • provide you a different level or quality of goods or services; or
  • suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services

18.      Contact Information

You can contact us about this privacy notice by writing, emailing, or calling us at:

FSA Store Inc.

5473 Blair Rd

Suite 100

PMB 24308 

Dallas, TX 75231

Email: [email protected]

19.      Business-to-Business Privacy 

Residents of California that have a business-to-business (“B2B”) relationship (e.g., relationships with third-party administrators or service providers, each a “B2B Contact”) with us have the rights outlined above. For information on how we process Personal Information concerning job applicants, employees, please see this Notice

In the past 12 months, we have collected the following categories of Personal Information from and concerning B2B contacts:

Categories of personal information we collect Source of information Business Purpose Third Parties to Whom Information Is Disclosed
Identifiers (e.g., name, email address, phone number) Our B2B Contacts, their employers, and other third parties. Engaging in transactions and other business with employers of B2B Contacts We disclose your information to service providers, such as mailing fulfillment vendors and companies that help us connect and do business with your employers. We may also share your Personal Information with other service providers, such as professionals, like attorneys or accountants, where necessary for our business.
Information relating to Internet activity or other electronic network activity (e.g., browsing data) Our B2B Contacts See above See above

We may also disclose your information to government entities, regulators and law enforcement or other B2B Contacts. We disclose Personal Information concerning B2B Contacts to support our operations.

If you would like to exercise your privacy rights in relation to this Personal Information, please contact us as noted above. 

To print out a copy of this Privacy Notice, please click here.