1. Scope of This Privacy Policy

This Privacy Policy applies to information collected through:

• The website order.rightmd.health
• Our telehealth consultation platform
• Online prescription approval services
• Customer support communications
• Any services provided through the RightMD platform

Our privacy practices comply with applicable laws including:

• Health Insurance Portability and Accountability Act (HIPAA)
• California Consumer Privacy Act (CCPA)
• California Privacy Rights Act (CPRA)
• Other applicable U.S. federal and state privacy laws

2. Information We Collect

A. Information You Provide Directly

When you create an account or request services, we may collect:

Personal Information

• Full name
• Date of birth
• Email address
• Phone number
• Mailing or shipping address
• Government-issued ID when required

Health Information (PHI)

• Medical history
• Current symptoms
• Medication history
• Prescription requests
• Allergies or medical conditions
• Communication with licensed medical professionals

Payment Information

• Billing address
• Payment card details (processed securely)
• Transaction records

3. Information Received from Third Parties

• Healthcare Professionals reviewing patient intake forms
• Analytics and advertising platforms such as Google or Meta
• Secure payment processors handling transactions

4. How We Use Your Information

• Review medical questionnaires
• Connect patients with licensed prescribers
• Process service payments
• Confirm orders and provide shipping updates
• Provide customer support
• Improve platform performance and usability
• Send marketing communications (if you opt-in)

5. Disclosure of Information

We may share information with healthcare providers, service providers, analytics platforms, and when legally required.

• Licensed healthcare providers
• Payment processors
• Hosting and security providers
• Analytics providers such as Google and Meta
• Legal authorities when required

6. HIPAA Compliance

RightMD implements safeguards consistent with HIPAA regulations to protect Protected Health Information (PHI). This includes encrypted data transmission, restricted access controls, and ongoing security monitoring.

Users have the right to:

• Access their medical records
• Request corrections to health information
• Request restrictions on disclosures
• Receive confidential communications

7. Data Security

• Encrypted connections (HTTPS / TLS)
• Restricted access controls
• Secure hosting environments
• Regular security monitoring

8. Data Retention

We retain personal and health information only as long as necessary to provide services, comply with legal requirements, and maintain medical records.

9. Children's Privacy

RightMD services are intended for individuals 18 years of age or older. We do not knowingly collect personal information from minors.

10. Your Privacy Rights

• Access your personal data
• Request corrections
• Request deletion of certain data
• Opt out of marketing communications

11. California Consumer Privacy Act (CCPA)

California residents have additional rights including the right to know what data is collected, request deletion, and opt out of the sale of personal information.

Contact: support@rightmd.health

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updated versions will be posted on our website with a revised effective date.