Consumer Health Data Privacy Policy

"Consumer health data" means personal information that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status. This includes, but is not limited to:

• Individual health conditions, treatment, diseases, or diagnoses
• Social, psychological, behavioral, and medical interventions
• Health-related surgeries or procedures
• Use or purchase of prescribed medications
• Bodily functions, vital signs, measurements (e.g., heart rate, blood pressure, body temperature)
• Diagnoses or diagnostic testing, treatment, or medication
• Gender-affirming care information
• Reproductive or sexual health information
• Biometric data
• Genetic data
• Precise location information that could reasonably indicate a consumer's attempt to acquire or receive health services or supplies
• Data that identifies a consumer seeking healthcare services

Consumer health data does not include information used to engage in public or peer-reviewed scientific, historical, or statistical research that is in the public interest and that adheres to all applicable ethics and privacy laws.

In connection with providing our Services, we may collect the following categories of consumer health data:

• Health conditions and symptoms you report through intake forms, questionnaires, or consultations
• Medication and prescription information
• Treatment plans and clinical notes
• Telehealth consultation records
• Laboratory and diagnostic test results
• Biometric identifiers (if collected as part of health assessments)
• Precise geolocation data (to verify you are in an authorized state for telehealth services)

• Directly from you when you complete intake forms, questionnaires, or participate in telehealth consultations
• From healthcare providers involved in your care
• From pharmacies and laboratories
• Through our Website and patient portal (e.g., location data, device information)
• From third-party sources authorized by you

We collect and use consumer health data for the following purposes:

• To provide healthcare services, including telehealth consultations, diagnosis, and treatment
• To fulfill prescriptions and coordinate with pharmacies
• To coordinate care with other healthcare providers, laboratories, and specialists
• To verify your geographic location for telehealth eligibility
• To process payments and manage billing
• To communicate with you about your care, appointments, and account
• To comply with legal and regulatory obligations
• To improve the quality and safety of our Services
• To conduct internal analytics and quality improvement

We will not collect consumer health data for purposes beyond those disclosed in this Policy without first obtaining your affirmative consent.

We may share your consumer health data with the following categories of recipients:

To exercise any of the rights described in this Policy, please contact us using one of the following methods:

• Email: support@healthconvenience.com
• Phone: 786-863-6314
• Through the "Your Privacy Choices" link on our Website

We will verify your identity before processing your request. Verification may require you to provide information that matches our records. We will respond to verified requests within the timeframes required by applicable law (generally within 45 days for Washington residents, or as otherwise required).

If we deny your request, we will provide you with a written explanation of the basis for the denial and instructions for how to appeal the decision.

Where required by applicable law, we obtain your affirmative consent before collecting, using, or sharing your consumer health data. Consent may be obtained through:

• Electronic signature or checkbox on intake forms
• Written consent forms
• Clear affirmative action (e.g., clicking "I Agree" or "Accept")

You may withdraw your consent at any time by contacting us using the methods described above. Withdrawal of consent will not affect the lawfulness of processing performed prior to your withdrawal. Withdrawal of consent may affect our ability to provide certain Services to you.

We implement administrative, technical, and physical safeguards to protect your consumer health data from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, access controls, employee training, and regular security assessments. Despite our efforts, no security measure is entirely foolproof, and we cannot guarantee the absolute security of your data.

We retain consumer health data only for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Medical records are retained in accordance with applicable federal and state law, including Florida medical records retention requirements (generally a minimum of seven (7) years from the last entry).

We reserve the right to update this Consumer Health Data Privacy Policy at any time. If we make material changes, we will notify you by posting the updated Policy on our Website and, where required by law, obtaining your consent to the material changes. Your continued use of our Services after the effective date of any changes constitutes acceptance of the revised Policy.