Privacy Policy

1.1 Information You Provide Directly

• Name, date of birth, gender, and contact information (address, phone, email)
• Health and medical information you share with us or your provider
• Payment and billing information (processed securely through our payment processors)
• Insurance, FSA, or HSA account information where applicable
• Preferred pharmacy information
• Emergency contact information
• Communications you send to us by email, phone, or secure message

1.2 Information Collected Automatically

• IP address, browser type, operating system, and device identifiers
• Pages visited, time spent, and links clicked on our website
• Cookies and similar tracking technologies (see Section 7)
• Appointment scheduling activity and platform usage data

1.3 Information from Third Parties

• Information from referring brokers or employers when you enroll through a group
• Laboratory and imaging results from partnered diagnostic providers
• Payment processor confirmations and transaction data

• To provide, manage, and improve telehealth services and your membership
• To connect you with licensed healthcare providers
• To process payments, billing, and membership renewals
• To send appointment reminders, care instructions, and membership communications
• To fulfill prescription support requests and coordinate pharmacy communications
• To respond to your inquiries and provide customer support
• To comply with legal, regulatory, and HIPAA obligations
• To analyze platform usage and improve our services
• To detect, prevent, and respond to fraud or securityincidents

Healthcare Providers: We share your health information with licensed providers on our platform solely to deliver care to you.

Business Associates: We share information with service providers (payment processors, IT vendors, secure messaging platforms) under Business Associate Agreements (BAAs) that require HIPAA-compliant handling of your data.

Pharmacy Partners: With your consent, we share prescription information with your designated pharmacy.

Legal Requirements: We may disclose information when required by law, court order, or government regulation, or to protect the safety of any person.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. You will be notified of any change in ownership.

With Your Consent: We will not share your information for any other purpose without your explicit consent.

Your health information is also governed by our Notice of Privacy Practices, which describes how we use and disclose Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). A copy of our Notice of Privacy Practices is available on our website and will be provided to you upon request. In the event of a conflict between this Privacy Policy and our Notice of Privacy Practices regarding health information, the Notice of Privacy Practices controls.

• All data transmitted through our platform is encrypted using industry-standard TLS/SSL encryption
• Health information is stored in HIPAA-compliant, access-controlled systems
• Access to patient records is restricted to authorized personnel on a need-to-know basis
• We conduct regular security assessments and maintain incident response procedures
• In the event of a data breach affecting your health information, we will notify you as required by HIPAA and applicable state law

We retain your personal and health information for as long as necessary to provide services, comply with legal obligations, and resolve disputes. Medical records are retained in accordance with applicable state law and HIPAA requirements. You may request deletion of non-health personal information by contacting us, subject to our legal retention obligations.

Our website uses cookies and similar technologies to improve functionality and analyze usage. You may control cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain features of our website. We do not respond to browser Do Not Track signals at this time.

Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 without parental consent. For family memberships that include minors, the primary account holder (parent or guardian) provides consent on behalf of enrolled minor family members.

Access: You may request a copy of the personal information we hold about you.

Correction: You may request correction of inaccurate information.

Deletion: You may request deletion of personal information, subject to legal and medical record retention requirements.

Portability: You may request your health records in a portable format as permitted by HIPAA.

Opt-Out: You may opt out of non-essential marketing communications at any time by replying UNSUBSCRIBE to any email or contacting us directly.

To exercise any of these rights, contact support@directproviderscare.com for general requests, or legal@directproviderscare.com for legal and compliance matters. Call (307) 213-8870.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where required, by direct communication. Continued use of our services after the effective date of any update constitutes acceptance of the revised policy.