NavioMD Privacy Policy
Effective Date: April 11, 2025

Last Date Updated: April 18, 2025

Table of Contents

  1. Definitions
  2. Introduction
  3. Limitations on Use by Minors & Children’s Privacy
  4. Protected Health Information (PHI) & State‑Specific Health Data
  5. Information We Collect
  6. How We Use Your Information
  7. Disclosure of Your Information
  8. Your Choices & Controls
  9. Browser, Cookie & Tracking Controls
  10. Data Retention
  11. Security Measures
  12. International Data Transfers
  13. Vendor & Third‑Party Links
  14. Our Responsibilities & HIPAA Compliance
  15. Transactions & Payment Data
  16. Jurisdictional Matters
  17. Your State Privacy Rights
  18. Data Breach Notification
  19. Changes to This Policy
  20. Contacting Us

1. Definitions

  • Personal Information
    Any information that identifies or can reasonably be linked to an individual.
  • Health Information
    Includes medical history, treatment details, prescriptions, lab results, and related data.
  • Platform/Services
    NavioMD’s websites, mobile apps, and related digital offerings.
  • Care Providers
    Our clinical and pharmacy partners (e.g., Qualiphy, The Pharmacy Hub).

2. Introduction

NavioMD Inc. and its subsidiaries (“NavioMD,” “we,” “us,” or “our”) operate the NavioMD Platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your Personal and Health Information. By accessing or using our Services, you consent to these practices.

3. Limitations on Use by Minors & Children’s Privacy

  • Services are intended for users 18 years or older.
  • We do not knowingly collect data from anyone under 18 without verified parental consent.
  • If you believe we have collected data from a child under 13 without consent, contact us to have it deleted.

4. Protected Health Information (PHI) & State‑Specific Health Data

  • NavioMD is not a HIPAA‑covered entity, but we and our Care Providers comply with HIPAA as Business Associates where applicable.
  • We also adhere to state laws, including CMIA (CA), My Health My Data (WA), VCDPA (VA), CPA (CO), and CT Data Privacy Act.
  • Basic account data (name, email, shipping address) is not PHI unless linked with health details.

5. Information We Collect

A. Information You Provide

  • Identity & contact details (name, DOB, email, address)
  • Medical history, treatment goals, lifestyle information
  • Government‑issued ID (for identity verification)
  • Payment details (handled by third parties)
  • Uploaded documents, photos, intake forms
  • Communications (chat, email, surveys)

B. Information Collected Automatically

  • IP address, device/browser identifiers
  • Usage and clickstream data
  • Geolocation (with consent)
  • Cookies, web beacons, email open tracking

C. Information from Third Parties

  • Social login data
  • Analytics providers, data brokers
  • Records from Care Providers (Qualiphy, The Pharmacy Hub)

D. Inferred Data

  • Preferences or interests derived from your activity

6. How We Use Your Information

  • Provide & Improve Services: telehealth, prescriptions, labs
  • Billing & Operations: payment processing, support
  • Research & Analytics: aggregate/de‑identified insights
  • Legal & Safety: comply with law, detect fraud, protect rights

7. Disclosure of Your Information

We may share your data with:

  • Care Providers & Pharmacies: Qualiphy, The Pharmacy Hub
  • Patient Experience & Support: Steer Health
  • Service Providers: payment processors (Stripe, Adyen), hosting, analytics
  • Marketing Partners: for promotions (with opt‑out)
  • Corporate Transactions: mergers, acquisitions, asset sales
  • Legal Authorities: subpoenas, public health reporting
  • Data Enrichment: hashed or de‑identified formats

8. Your Choices & Controls

  • Access & Portability: request copy of your data
  • Correction: ask to amend inaccurate info
  • Deletion: request erasure (subject to legal requirements)
  • Limit Use/Sharing: for treatment, payment, operations
  • Confidential Communications: specify alternative contacts
  • Opt‑out of Marketing/Sales: follow instructions in Section 9

To exercise any rights, email support@naviomd.com. We may verify your identity before fulfillment.

9. Browser, Cookie & Tracking Controls

  • Cookie Notice: full details at our Cookie Notice page
  • Browser Settings: disable or delete cookies
  • Global Privacy Control (GPC): honored where supported
  • Do Not Track (DNT): not recognized
  • Mobile Ad IDs: opt‑out via device settings

10. Data Retention

We retain data only as long as necessary to:

  • Provide Services
  • Comply with laws, tax, or accounting obligations
  • Resolve disputes and enforce agreements
Note: De‑identified data may be kept indefinitely for research.

11. Security Measures

  • Encryption: in transit (TLS) and at rest where feasible
  • Access Controls: role‑based, least privilege
  • Monitoring & Testing: regular vulnerability scans and audits
  • Employee Training: mandatory privacy & security training
No system is infallible; we mitigate risks but cannot guarantee absolute security.

12. International Data Transfers

Our Services are hosted in the U.S. By using them, you consent to transfer, storage, and processing of your data in the U.S. If you access from outside, you assume any additional privacy risks.

13. Vendor & Third‑Party Links

  • External Links: our Platform may link externally; we aren’t responsible for their practices.
  • Embedded Content: videos or widgets follow the provider’s policy.

14. Our Responsibilities & HIPAA Compliance

  • We notify you of any breach affecting your data per HIPAA and state laws.
  • We follow our Notice of Privacy Practices when acting as a Business Associate.

15. Transactions & Payment Data

All billing is processed by PCI‑compliant vendors (Stripe, Adyen). NavioMD never stores full card numbers.

16. Jurisdictional Matters

Our data practices are governed by U.S. law. By using our Services, you consent to U.S. jurisdiction as set forth in our Terms & Conditions.

17. Your State Privacy Rights

  • California (CCPA/CPRA): rights to know, delete, correct data; opt‑out of “sale”/“sharing”; non‑discrimination.
  • WA, VA, CO, CT, NV: similar rights.
To exercise rights, visit our Privacy Center or email support@naviomd.com.

18. Data Breach Notification

In the event of unauthorized disclosure, we will notify you and regulators per applicable laws, typically within 30 days of discovery.

19. Changes to This Policy

We may update this Policy at any time. When we do, we will:

  1. Post the revised Policy with a new “Last updated” date.
  2. Provide notice (e.g., email) if material changes occur.
Your continued use indicates acceptance.

20. Contacting Us

NavioMD Privacy Officer
300 S Pine Island Road, Suite 260
Plantation, Florida 33324
Phone: 1-877-276-2846
Email: support@naviomd.com

© 2025 NavioMD, Inc. All rights reserved.

Logo

Explore

Learn

Treatments

Location

300 S Pine Island Road, Suite 260 Plantation, Florida 33324

6am—7pm PST

Mon-Sun

Help CenterTerms of ServiceImportant Safety InformationPrivacy PolicyTelehealth Consent and Open Payments Notice
Footerbg

© 2025 — Copyright