To allow us to provide you with service, you may be asked to share personal information, including health information. Gordy Health is committed to securing the privacy and security of the information that you provide to us.
By using or accessing Gordy Health’s services, website, mobile application, products, and other technology platforms (collectively, the “Services”), you understand and agree that your information will be subject to the practices and policies outlined in this Privacy Policy, and you consent to the collection, use, and sharing of your information in the ways outlined in this Privacy Policy. If you don’t agree to this Privacy Policy, you shouldn’t and aren’t permitted to use or access any of the Services. You may print a copy of this Privacy Policy. If you have a disability, you may access this Privacy Policy in an alternative format by contacting [email protected].
Use of the Services is also subject to our Terms of Service (our “Terms”), which incorporates this Privacy Policy.
This Privacy Policy is effective with respect to you on or after, depending on when you first use or access the Services, the Effective Date.
This Privacy Policy covers how we treat identifiable information about you that we collect. When we say, “information about you” or “your information”, we mean any information that identifies you and includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, and regulations.
This Privacy Policy doesn’t cover the practices of third parties that we don’t own, control, or manage including any third-party websites or services. While we try to only work with third parties that share our respect for your privacy, we don’t take responsibility for their policies, so we encourage you to carefully review the privacy policies of the third-party websites or services that you access.
Certain health-related information that Gordy Health collects may be considered “protected health information” or “PHI” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Please make sure to carefully review our HIPAA Notices of Privacy Practices (“HIPAA Notice”) which applies to the protection and use of PHI.
We collect information about you when you sign up for an account, place an order, communicate with us, or otherwise make use of or interact with any of the Services. This information may include your name, address, contact information, birth date, and health plan information. If a family member is using the Services on your behalf, we may also collect information about you through them.
We may gather information about your geographic location, either from your IP address or from your use of the Services, or from location-based information that you elect to provide through your use of a mobile device or Internet-enabled vehicle. We may also receive information through Cookies (as defined below).
We may receive information about you from our service providers or business partners who assist us with, for example, marketing or promotional services, advertisements, or communications. We may use analytics providers to collect and analyze information about how you interact and engage with the Services.
When you use certain Services, you may provide us with PHI. We may also receive PHI and other information from third parties, such as your doctor or health plan, who are permitted under applicable law, like HIPAA, to disclose this information to us.
We never share information about you unless you’ve given us permission to share that information or we’ve given you prior notice that the information will be shared and with whom (such as in this Privacy Policy). We may share, without notice or permission, aggregated, de-identified information about you to third parties as permitted by applicable law. Disclosures of your PHI will in all instances be governed by HIPAA, as further described in our HIPAA Notice.
We don’t sell your information in personally identifiable form to anyone and we have never sold information in personally identifiable form. We may share your information with third parties for the following reasons:
You can correct or update your personal information by updating your account through the Services or by contacting us at [email protected] or (888) 467-3910. Our HIPAA Policy provides details on how to update your PHI.
Gordy Health follows generally accepted industry best practices for protecting your information, including encryption of sensitive data at rest and in transit, anti-malware detection and prevention mechanisms, and real-time monitoring and response for potential security threats to protect sensitive personal information. Although we work to protect the security of your account and information, please be aware that no method of information transfer over the Internet or electronic data storage is completely secure and therefore we can’t guarantee the absolute security of your information during its transmission or its storage in our systems.
We may change this Privacy Policy at any time. However, we’ll give you prior notice of any major changes by placing a notice on the Services, by sending you an email, or by some other manner, and we’ll let you know when the modified Privacy Policy will become effective. Your continued use of the Services after the new effective date will be considered assent to the new Privacy Policy.
Gordy Health may use browser local storage technology to manage your identity, store your preferences, track how you interact with the Services, and make your experience more consistent. You may control how local storage works on your browser settings, however, disabling the local storage functionality on your browser may prevent you from being able to access and use our website.
Cookies and similar technologies such as tracking pixels (collectively, “Cookies”) are small pieces of data placed on your computer, tablet, phone or similar device when you use that device to access the Services. We may use Cookies to enable our servers to recognize your web browser, tell us how and when you visit and use the Services, analyze trends, learn about our customer base, and operate and improve the Services (local storage may also perform these functions). We may also use Cookies to track and provide advertising and in our relationships with our service providers to assist us in better understanding customers of the Services. Cookies help us in many ways to make your use of the Services more enjoyable and meaningful.
You can decide whether or not to accept Cookies through your browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and other Services and it may impact the overall functionality of some features of the Services. Please note that because of our use of Cookies, the Services don’t support “Do Not Track” requests sent from a browser at this time.
If you’re under the age of eighteen, please don’t use or access the Services. If you believe that a child under 18 years of age may have directly provided their information to us, please contact us at [email protected].
We retain information about you for as long as you have an active account with us or as otherwise necessary to provide you with our Services. In some cases, we retain information for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
If you’ve any questions or concerns regarding privacy using the Services, please contact us at [email protected] or (888) 467-3910.
If you’re a California resident, California law requires us to provide you with some additional information about how we collect, use, and share your “personal information” as defined in the CCPA. If there are any conflicts between this section and any other provision of this Privacy Policy and you’re a California resident, the portion that is more protective of your personal information shall control to the extent of such conflict.
Summary of Personal Information We Collect. Throughout this Privacy Policy, we describe the personal information we collect, the sources of that information, and how we use and share it. Under the CCPA, we also have to provide you with the “categories” of personal information we collect and disclose for “business purposes” (as those terms are defined by applicable law). Those categories are identifiers (such as name and email address); commercial information (such as transaction history); financial data (such as financial account information); internet or other network or device activity (such as IP address or usage data); geolocation information (such as general location); health data; inference data about you; legally protected classifications (such as gender); professional or employment information (such as job title); sensory data; (such as voice recordings made during calls with our customer support team); or other information that identifies or can be reasonably associated with you.
Use and Sharing of Personal Information. We use these categories of personal information consistent with the various business and commercial purposes we describe in this Privacy Policy. Check out “How do we use your information?” above to learn more. We may share this information with third parties as described above.
Your Privacy Rights. You have the following rights under the CCPA with respect to your personal information.
Right to Non-Discrimination. We may not discriminate against you because you’ve exercised any of the privacy rights described above.
Exercising Your Rights. To exercise the rights described above, you (or your authorized agent) must send us a request that (1) provides sufficient information to allow us to verify that you’re the person about whom we’ve collected personal information, and (2) describes your request in sufficient detail to allow us to understand, evaluate and respond to it. Satisfaction of both criteria means your request is a “verifiable consumer request” and we’re not required to respond to requests that don’t meet these criteria. We’ll only use personal information provided in a request to verify your identity and complete your request. You don’t need an account to submit a request.
We’ll work to respond to your request within 45 days of receipt. We’ll not charge you a fee for making a request unless your request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your request warrants a fee, we’ll notify you of the fee and explain that decision before completing your request.
You may submit a request using the following methods:
You may authorize an agent to exercise your rights on your behalf. To do this, you must provide your authorized agent with written permission to exercise your rights on your behalf, and we may request a copy of this written permission from your authorized agent when they make a request on your behalf. If we’ve collected information on your minor child, you may exercise the above rights on behalf of your minor child.
If you’re a California resident, you may request that we provide you with certain information about the entities with which we’ve shared your personal information for the entities’ own direct marketing purposes during the preceding calendar year. To do so, please contact us at [email protected].
If you’re a resident of Nevada, you’ve the right to opt-out of the sale of certain personal information to third parties who intend to license or sell that personal information. You can exercise this right by contacting us at [email protected] with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we don’t currently sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.