Privacy Policy

WellMensRX ("Company," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with our telehealth platform.

By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2.1 Personal Information

We collect personal information you voluntarily provide when registering for services, expressing interest in our products, or contacting us:

• Name, email address, phone number, and mailing address
• Date of birth and gender
• Payment and billing information
• Account credentials and communication preferences

2.2 Health Information (PHI)

As a telehealth provider, we collect Protected Health Information (PHI) under HIPAA:

• Medical history and current health conditions
• Prescription and medication history
• Consultation notes and treatment plans
• Lab results and diagnostic information

2.3 Automatically Collected Information

When accessing our services, we automatically collect device and usage information including IP address, browser type, pages visited, time spent, and navigation patterns.

3.1 Service Provision

• Processing and fulfilling orders and prescriptions
• Facilitating telehealth consultations with licensed physicians
• Managing your account and providing customer support
• Processing payments and preventing fraud

3.2 Communications

• Transactional emails (order confirmations, shipping updates)
• Health-related information and reminders
• Marketing communications (with consent)

3.3 Analytics & Compliance

• Analyzing usage patterns to improve services
• Monitoring security threats
• Ensuring legal compliance

We do not sell your personal information. We may share information with:

4.1 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

We comply with the Health Insurance Portability and Accountability Act (HIPAA):

• Administrative Safeguards: Policies for managing PHI, workforce training, incident response
• Physical Safeguards: Controls protecting physical access to systems and facilities
• Technical Safeguards: Access controls, audit logs, encryption, secure transmission

5.1 Permitted Uses and Disclosures (TPO)

Under HIPAA, we may use and disclose your PHI without your authorization for:

• Treatment: To provide, coordinate, or manage your healthcare
• Payment: To bill and collect payment for services
• Healthcare Operations: For quality assessment, training, and business management

5.2 Breach Notification

In the event of a data breach affecting your personal information, we will notify you in accordance with applicable law, including HIPAA breach notification requirements for Protected Health Information. Notification will be provided without unreasonable delay and no later than 60 days after discovery.

We implement industry-standard security measures:

• 256-bit SSL/TLS encryption for data in transit
• AES-256 encryption for data at rest
• Multi-factor authentication
• Regular security assessments and penetration testing
• SOC 2 Type II compliant infrastructure

6.1 Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Medical records and PHI are retained in accordance with applicable state and federal healthcare record retention requirements, typically for a minimum of 6-10 years.

7.1 HIPAA Rights

• Access: Right to inspect and obtain copies of your PHI
• Amendment: Right to request corrections to your PHI
• Accounting: Right to receive a list of disclosures
• Restriction: Right to request restrictions on uses/disclosures

7.2 California Residents (CCPA)

California residents have additional rights under CCPA, including the right to know, delete, and opt-out of personal information sales (we do not sell personal information).

We use cookies and tracking technologies to remember preferences, understand usage, improve functionality, and deliver relevant content. You can control cookies through browser settings.

8.1 Third-Party Analytics & Tracking Services

We use the following third-party analytics and tracking services:

• Google Tag Manager (GTM) for tag management and analytics
• Microsoft Clarity for user experience analytics and session recordings
• Everflow for affiliate and conversion tracking

These services may collect information about your browsing behavior, device information, and interactions with our Platform.

Our services are not intended for individuals under 18. We do not knowingly collect information from children. If discovered, such information will be promptly deleted.

We may update this Privacy Policy periodically. Changes will be posted here with an updated "Last Updated" date. Continued use indicates acceptance of changes.