Privacy Policy

Effective Date: January 3, 2025

This Privacy Policy ("Policy") describes the manner in which Vanity Prescribed ("Company," "we," "our," or "us") collects, uses, discloses, and safeguards personal and health information in compliance with applicable federal and state privacy laws, including but not limited to the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and the California Consumer Privacy Act ("CCPA"). By accessing or using our telehealth services, website, and related offerings (collectively, the "Services"), you consent to the terms and conditions set forth in this Policy.

Scope and Applicability

This Policy applies to all users of our Services, including patients, healthcare providers, and other authorized users. It governs the collection, processing, storage, and disclosure of personal and protected health information ("PHI") in connection with the Services provided by Vanity Prescribed.

Information Collected

We collect personal information such as identifying data including name, date of birth, gender, and contact details such as email, phone number, and mailing address. Account credentials, including usernames, passwords, and authentication details, as well as financial information for payment processing, may also be collected. In providing telehealth services, we collect PHI including medical records such as diagnoses, treatments, medications, allergies, and medical history. Consultation details, laboratory and test results, and associated healthcare documentation may also be recorded. Additionally, we collect technical and analytical data such as device information including IP address, browser type, and operating system, as well as user interactions with our website, mobile application, or online portal. Cookies and tracking technologies are used to enhance user experience and ensure security compliance.

Purpose of Data Processing

Vanity Prescribed processes personal and health information to provide and administer telehealth consultations and related healthcare services, facilitate secure communication with healthcare providers, pharmacies, and medical professionals, and ensure compliance with HIPAA, CCPA, and other applicable legal requirements. We also process information to enhance and improve our Services, including user experience and security measures, process payments and verify insurance eligibility where applicable, and send health-related notifications, appointment reminders, and service-related communications.

Disclosure of Information

We may disclose your personal and health information to licensed medical professionals and clinical groups who provide telehealth consultations and pharmacies for prescription fulfillment and medication management. We may engage third-party service providers for payment processing, IT infrastructure, security monitoring, system administration, analytics, research, and operational improvements. We may disclose information to government and regulatory authorities to comply with legal and regulatory obligations, subpoenas, or law enforcement requests, and to report adverse drug events, communicable diseases, or public health concerns as required by law. We will not share your PHI or PII with unaffiliated third parties for marketing purposes without obtaining explicit consent.

User Rights and Responsibilities

Users have rights under HIPAA, including the right to access and obtain a copy of their medical records upon request, the right to amend inaccuracies in PHI, the right to restrict certain uses and disclosures of PHI, and the right to request confidential communications through secure methods. Under CCPA, California residents have additional rights, including the right to know details about the data we collect and how it is used, the right to request deletion of personal data, subject to legal retention requirements, and the right to opt out of the sale or disclosure of personal data. Users may submit requests to exercise these rights by contacting us.

Data Protection and Security Measures

We implement industry-standard security measures to protect sensitive data, including encryption during transmission and at rest, role-based access restrictions to limit data exposure, and regular security audits and compliance checks. Despite our efforts, no security measures can guarantee absolute protection. In the event of a data breach, we will provide notifications as required by law.

Data Retention and Storage

Vanity Prescribed retains personal and health information for the period necessary to provide telehealth services effectively, fulfill legal and regulatory obligations related to medical record retention, and securely dispose of or anonymize data once it is no longer required.

Third-Party Links and External Websites

Our website may contain links to third-party platforms. Vanity Prescribed is not responsible for their privacy practices or content. Users are encouraged to review third-party privacy policies before providing personal information.

Policy Updates and Modifications

We reserve the right to update this Policy periodically. Any revisions will be posted on our website with an updated effective date. Continued use of our Services following updates constitutes acceptance of the revised terms.

Contact Information

For questions regarding this Privacy Policy or to exercise your privacy rights, please contact us at Vanity Prescribed.

Email: hello@vanityprescribed.com
Phone: 949-779-6644

By using Vanity Prescribed Services, you acknowledge that you have read, understood, and agreed to the terms set forth in this Privacy Policy.