Privacy Policy

1. Information We Collect

VevaMD collects information that you provide directly to us when you create an account, complete a health assessment, communicate with providers, or use our services. This may include:

• Personal identification information (name, email address, date of birth, phone number, mailing address)
• Health and medical information (medical history, current medications, symptoms, lab results, treatment records)
• Payment and billing information (credit card details, billing address, transaction history)
• Communications (messages with providers, support correspondence)
• Device and usage data (IP address, browser type, pages visited, referring URLs)

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services. Specifically, we use your information to:

• Facilitate telehealth consultations and coordinate your care with licensed providers
• Process prescriptions and coordinate medication delivery
• Order and coordinate laboratory testing
• Process payments and manage your subscription
• Communicate with you about your account, appointments, and treatment
• Improve our platform, services, and patient experience
• Comply with legal obligations and enforce our terms of service

3. Information Sharing

We do not sell your personal health information to third parties. We may share your information in the following limited circumstances:

• Healthcare Providers: With the licensed physicians and nurse practitioners involved in your care
• Pharmacies: With state-licensed compounding pharmacies to fulfill your prescriptions
• Laboratories: With lab partners to coordinate your bloodwork and testing
• Payment Processors: With third-party payment processors to handle billing transactions securely
• Legal Compliance: When required by law, regulation, legal process, or governmental request

4. Data Security

We implement industry-standard security measures to protect your personal and health information. All data is encrypted in transit using 256-bit SSL/TLS encryption and at rest using AES-256 encryption. Access to patient records is restricted to authorized personnel on a need-to-know basis. We conduct regular security audits and maintain comprehensive access logs. While we strive to protect your information, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

5. HIPAA Compliance

VevaMD is committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA). We maintain appropriate administrative, physical, and technical safeguards to protect the privacy and security of your protected health information (PHI). Our providers, pharmacy partners, and technology vendors are bound by Business Associate Agreements (BAAs) as required by HIPAA. You have the right to receive a Notice of Privacy Practices detailing how your PHI may be used and disclosed.

6. Your Rights

You have the following rights regarding your personal and health information:

• Access: You may request a copy of the personal and health information we hold about you
• Correction: You may request that we correct inaccurate or incomplete information
• Deletion: You may request that we delete your personal information, subject to legal and regulatory retention requirements
• Portability: You may request a copy of your health records in a standard electronic format
• Opt-Out: You may opt out of non-essential communications at any time

7. Contact Us

If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us at privacy@vevamd.com. We will respond to your request within 30 days.