Site Policy

Privacy Policy

Last published: April 26, 2026

Privacy Policy


Effective Date: April 25, 2026


This Privacy Policy explains how ConnectHealthMD ("ConnectHealthMD," "we," "our," or "us") collects, uses, shares, and protects information when you use the ConnectHealthMD platform, including our websites, mobile experiences, and any related services (collectively, the "Platform").


ConnectHealthMD is a multi-sided marketplace connecting four user types - Patients, Professionals, Licensed Professionals (such as MDs and other licensed clinicians), and Vendors. Different parts of this Policy apply depending on which user type you are.

By using the Platform, you agree to this Policy. If you do not agree, please do not use the Platform.


1. Who We Are and How to Contact Us


ConnectHealthMD is organized in [State of Incorporation]. You can reach us at:


  • Mail: info@connecthealthmd.com
  • Email (general): info@connecthealthmd.com
  • Email (privacy): privacy@connecthealthmd.com


2. A Note on Health Information and HIPAA


ConnectHealthMD is a technology platform that connects users; we are generally not your healthcare provider. When a Licensed Professional uses our Platform to provide care to a Patient, that Licensed Professional is the "Covered Entity" under the U.S. Health Insurance Portability and Accountability Act ("HIPAA"). We may operate as a "Business Associate" to Licensed Professionals for certain activities, in which case our handling of "Protected Health Information" (PHI) is governed by a separate Business Associate Agreement and applicable law.


Information that you choose to submit on your own - such as journal entries, social-community posts, items in your Health Wallet, or messages outside a clinical encounter - is generally not PHI and is governed by this Policy rather than HIPAA. Please be thoughtful about what you choose to share publicly.


3. Information We Collect


We collect information in three ways: information you provide, information we collect automatically, and information we receive from third parties.


3.1 Information You Provide


  • Account information: name, email address, password, role (Patient / Professional / Licensed Professional / Vendor), date of birth, phone number, and profile details.
  • Verification and credentialing information (Licensed Professionals and Vendors): NPI, DEA registration, license numbers and states, business documentation, and tax information required to receive payouts.
  • Health information you choose to share: entries in your Health Wallet (medications, allergies, conditions, advance directives, emergency contacts), messages with providers, telemedicine session content, prescription requests, and intake forms.
  • Transaction information: items purchased, prescriptions ordered, appointment bookings, billing addresses, and payout details.
  • Communications: messages with other users, support tickets, dispute submissions, reviews and ratings, and content you post in social-community features (groups, follows, posts, comments).
  • Uploaded files: images, PDFs, and other documents you attach to messages, profiles, listings, prescriptions, or wallet items.


3.2 Information We Collect Automatically


  • Device and connection data: IP address, approximate location derived from IP, browser type and version, operating system, device identifiers, and referrer URLs.
  • Usage data: pages viewed, search queries, click events, time spent, ad impressions and clicks (within the Platform), and similar telemetry.
  • Cookies and similar technologies: see our Cookie Policy for details.


3.3 Information from Third Parties


  • Payment processors (Stripe and PayPal): transaction confirmation, payout status, chargeback notices, and fraud signals. We do not store full payment-card numbers; those are handled by our processors.
  • Identity, license, and fraud-prevention vendors: signals used to verify Licensed Professionals and Vendors and to detect abuse on the Platform.
  • Analytics and geolocation services: used to localize content and detect suspicious patterns.
  • Public sources: professional license registries and similar public records used during credentialing.


4. How We Use Information


We use information to:


  • Provide, operate, and improve the Platform, including telemedicine, prescription handling, e-commerce, messaging, the Health Wallet, and the social community.
  • Verify identity and credentials for Licensed Professionals and Vendors.
  • Process payments, payouts, refunds, store credit, and disputes.
  • Match Patients with appropriate Professionals or Licensed Professionals based on the Patient's stated needs and preferences.
  • Detect, investigate, and prevent fraud, abuse, and security incidents (including by computing internal trust signals).
  • Send transactional notifications (appointment confirmations, prescription updates, dispute notices, payout receipts).
  • Send marketing communications where permitted, which you can unsubscribe from at any time.
  • Comply with legal obligations and enforce our Terms of Service and other policies.


We do not sell your personal information for monetary consideration.


5. How We Share Information


5.1 Between Users on the Platform


The Platform exists to connect users, so certain information is intentionally shared:


  • Patient ↔ Licensed Professional: when you book a telemedicine appointment or submit a prescription request, the Licensed Professional receives the information necessary to provide care.
  • Patient ↔ Vendor: when a prescription is fulfilled by a Vendor pharmacy, the Vendor receives the information necessary to dispense and ship.
  • Patient ↔ Professional: when you engage a Professional (such as a wellness Professional or coach), they receive the information necessary to deliver their service.
  • Public profiles, reviews, and posts: content you choose to publish in profiles, reviews, ratings, or social-community features is visible to other users and, in some cases, to the public web.


5.2 Service Providers


We share information with vendors that operate the Platform on our behalf, such as cloud hosting, payment processing (Stripe, PayPal), telemedicine video infrastructure, email delivery, geolocation, analytics, fraud prevention, and customer support tooling. These providers are contractually obligated to use your information only to perform services for us.


5.3 Legal, Safety, and Compliance


We may disclose information when we reasonably believe it is necessary to: comply with law, a subpoena, or other legal process; cooperate with law enforcement; protect the rights, property, or safety of ConnectHealthMD, our users, or others; or investigate suspected fraud or violations of our policies.


5.4 Corporate Transactions


If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction, subject to standard confidentiality protections.


5.5 With Your Consent


We share information for any other purpose disclosed to you with your consent.


6. Prescriptions and Pharmacy Fulfillment


If a Licensed Professional issues you a prescription on the Platform, the prescription details are shared with the dispensing Vendor (pharmacy) you choose or are matched with, so they can fill and ship the order. Prescription handling is also subject to the Licensed Professional's own notices and to applicable federal and state pharmacy laws.


7. Telemedicine


Telemedicine sessions on the Platform are conducted using third-party video infrastructure. The provider of that infrastructure processes session video and audio on our behalf under contract. We do not record telemedicine sessions unless required by law, requested by the Licensed Professional consistent with applicable consent rules, or required for safety or compliance reviews.


8. Payments, Payouts, and Disputes


Payments are processed by Stripe and PayPal under their own privacy policies. We retain transaction metadata (amount, status, parties, item references, dispute history) to operate the marketplace, comply with tax and accounting rules, and enforce our payout terms. We do not retain full card numbers.


If you open a dispute or request a refund, the parties involved (buyer, seller, and where applicable our support team) will see the messages, evidence, and decisions in that dispute.


9. Social Community and User-Generated Content


The Platform includes social features such as profiles, follows, groups, posts, and reviews. Content you post in these features is visible to other users in accordance with the visibility setting you choose. Reviews of Licensed Professionals or Vendors may be visible to the public web.


Please do not post other people's protected health information, and do not post content that violates our Social Community Policy.


10. Job Connect


If you use Job Connect to post or apply to listings, the information in your listing or application is visible to the other party in that interaction (employer or applicant) and, where you choose, the public web.


11. Cookies and Tracking


We use cookies and similar technologies to keep you signed in, remember preferences, secure the Platform, measure usage, and serve in-platform advertising where applicable. See our Cookie Policy for details and choices.

We do not currently respond to "Do Not Track" browser signals, but we honor opt-outs as described below.


12. Your Choices


  • Account information: you can review and update most account information in your dashboard.
  • Marketing emails: you can unsubscribe using the link in any marketing email.
  • Cookies: see the Cookie Policy.
  • Health Wallet and journal: you can edit or delete entries you've created.
  • Account closure: you can request account closure by contacting privacy@connecthealthmd.com.


Some information may persist after closure where we have a legitimate need to retain it (for example, to comply with tax and accounting rules, to defend against legal claims, or to maintain the integrity of past transactions or reviews of you by counterparties).


13. Your Privacy Rights


Depending on where you live, you may have rights to:


  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete personal information, subject to legal exceptions.
  • Receive a copy of certain information in a portable format.
  • Opt out of certain disclosures (including any "sale" or "sharing" as defined by your state, if applicable).
  • Limit the use of sensitive personal information.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a privacy regulator.


To exercise these rights, contact privacy@connecthealthmd.com. We will verify your identity before responding. We will not discriminate against you for exercising your rights.


13.1 California Residents


California residents have rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA, including the rights described above and the right to limit the use of "sensitive personal information." We do not sell personal information for money. If we ever "share" personal information for cross-context behavioral advertising as defined under California law, we will provide an opt-out at that time.


13.2 European Economic Area, United Kingdom, and Switzerland


If you are in the EEA, UK, or Switzerland, our legal bases for processing include performance of a contract with you, our legitimate interests in operating and securing the Platform, your consent (where required), and compliance with legal obligations. You may contact our privacy team at privacy@connecthealthmd.com with questions or to exercise your GDPR/UK GDPR rights.


14. Data Retention


We retain personal information for as long as needed to provide the Platform, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary by data type - for example, we retain transaction and tax records for the period required by applicable financial-recordkeeping rules, which is typically several years.


15. Security


We use administrative, technical, and physical safeguards designed to protect personal information, including access controls, encryption in transit, audit logging, hardened file-upload validation, and fraud monitoring. No system is perfectly secure. If we ever suffer a data breach affecting your information, we will notify you and regulators as required by law.


16. Children


The Platform is not intended for children under 13 (or under 16 in the EEA/UK), and we do not knowingly collect personal information from such children. If you believe a child has provided us with information, contact privacy@connecthealthmd.com and we will delete it.


Patient accounts for minors must be created and managed by a parent or legal guardian in accordance with our Terms of Service.


17. International Users


ConnectHealthMD is operated from the United States. If you access the Platform from outside the United States, your information will be transferred to and processed in the United States, which may have data-protection laws different from those in your country. By using the Platform, you consent to this transfer.


18. Third-Party Links and Affiliate Links


The Platform may include links to third-party websites or affiliate offers. We are not responsible for the privacy practices of third-party sites. Please review their policies before providing information.


19. Changes to This Policy


We may update this Policy from time to time. When we make material changes, we will update the Effective Date at the top and, for significant changes, provide additional notice (such as an email or in-Platform banner). Your continued use of the Platform after changes take effect constitutes your acceptance of the updated Policy.


20. Contact Us


For privacy questions, requests, or complaints:


  • Email: privacy@connecthealthmd.com
  • Mail: TBD
  • Subject line suggestion: "Privacy Request - ConnectHealthMD"