Effective Date: July 3, 2025

This privacy policy stated below applies to information collected online from users of this website. In this policy, you can learn what kind of information we collect, when and how we might use that information, how we protect the information, and the choices you have with respect to your personal information.

 

1. Your Information. Your Rights. Our Responsibilities.

We are committed to safeguarding your personal and health information. Your protected health information (PHI) includes details about your past, present, or future health or condition, the provision of healthcare, and payment for healthcare that can reasonably identify you.

 

2. Your Information.

What personal information is collected through this website and how is it used?

We collect information about our users in three ways: directly from the user, from our Web server logs, and through cookies. We use the information primarily to provide you with a personalized Internet experience that delivers the information, resources, and services that are most relevant and helpful to you. We don’t share any of the information you provide with others, unless we say so in this Privacy Policy, or when we believe in good faith that the law requires it.

User-supplied information: If you fill out a contact form on this website, we will ask you to provide some personal information (such as an e-mail address, name, phone number and state).

We only require that you provide an e-mail address on the contact form. Further, if chat is available through this site, you may be asked to provide information if you participate in an online chat. Please do not submit any confidential, proprietary or sensitive personally identifiable information (e.g. Social Security Number; date of birth; driver’s license number; or credit card, bank account or other financial information) (collectively, “Sensitive Information”). If you submit any Sensitive Information, you do so at your own risk, and we will not be liable to you or responsible for consequences of your submission.

 

3. Your Rights

You have the right to:

Access your medical records

You may request to view or receive an electronic or paper copy of your medical records. We will respond within 30 days and may charge a reasonable, cost-based fee.

Request corrections

You can ask us to correct PHI you believe is incorrect or incomplete. We may deny the request, but we’ll explain why in writing within 60 days.

Request confidential communications

You may request that we contact you by a specific method or at a different address. We will accommodate all reasonable requests.

Limit what we use or share

You may opt out of any future contact from us at any time. Contact us via the phone number, or mailing address within this notice at any time to ask us not to share certain PHI.

Get a list of disclosures

You can request a list of times we’ve shared your PHI for six years prior to your request (excluding disclosures for treatment, payment, or operations).

Get a copy of this privacy notice

You may request a paper copy of this notice at any time.

Choose someone to act for you

If someone is legally authorized to act for you (e.g., medical power of attorney), we will confirm their authority before we respond to their requests.

File a complaint

You can file a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated. We will not retaliate against you.

 

4. Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

You have the right to tell us to:

  • Share your information with family, friends, or others involved in your care.
  • Share information in a disaster relief situation.
  • You must give us written permission to:
  • Use your information for marketing purposes.
  • Sell your information.
  • Share psychotherapy notes (in most cases).

 

5. Our Uses and Disclosures

We typically use or share your PHI to:

Treat you Share PHI with other healthcare professionals for the coordination of your care. Example: A doctor treating you for an injury asks another doctor about your overall health condition.
To service you Share PHI with unaffiliated third-parties in the fulfilment of our services to you. Example: to agents, website vendors and/or contractors who may use it on our behalf or in connection with their relationship with us or if we are unable to assist with your matter, but know an unaffiliated attorney or firm that may be able to help you, we may refer you and share information you provided us with that party;
Run our organization Use PHI to manage operations, improve care, and communicate with you. Example: We use health information about you to manage your treatment and services.
Bill for services Share PHI to process payment with insurance plans or payers. Example: We give information about you to your health insurance plan so it will pay for your services.

 

We may also share your information in the following ways, as allowed or required by law:

 

Public health and safety: For disease prevention, recalls, adverse reaction reporting, abuse or neglect, and threats to health or safety.
Research: For approved health research under safeguards.
Compliance with the law: With HHS or other government entities for legal compliance.
Organ and tissue donation: Share with appropriate organizations as needed.
Medical examiner or funeral director: For death-related services.
Workers’ compensation, law enforcement, and government functions: For claims, investigations, legal processes, or national security.
Lawsuits and legal actions: Respond to subpoenas or court orders.

 

6. How We Protect Your Information

We are required by law to maintain the privacy and security of your protected health information. We take appropriate administrative, technical, and physical safeguards to protect your PHI against unauthorized access or disclosure. This includes encryption, secure systems, access controls, and regular audits.

However, no system is completely secure. In the event of a breach involving your unsecured PHI, we will notify you promptly as required by HIPAA. We must follow the duties and privacy practices described in this notice and give you a copy of it. We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

Business Transfers

All Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

 

7. Use of Website Information and Cookies

If you interact with us via our website, you may opt-in to save your name, email address, and website cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set up a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options for cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Information that you provide to us through a contact form, or an online chat, will be used so that we may respond to your inquiry. We may also use the information you provide us with to communicate with you in the future. If you do not wish to receive such communications, you may opt out (unsubscribe) as described below.

Web server logs: When you visit our website, we may track information about your visit and store that information in web server logs, which are records of the activities on our sites. The servers automatically capture and save the information electronically. Examples of the information we may collect include:

  • your unique Internet protocol address;
  • the name of your unique Internet service provider;
  • the town/city, county/state and country from which you access our website;
  • the kind of browser or computer you use;
  • the number of links you click within the site;
  • the date and time of your visit;
  • the web page from which you arrived to our site;
  • the pages you viewed on the site; and
  • certain searches/queries that you conducted via our website(s).

The information we collect in web server logs helps us administer the site, analyze its usage, protect the website and its content from inappropriate use, and improve the user’s experience.

Cookies: In order to offer and provide a customized and personal service, our websites and applications may use cookies to store and help track information about you. Cookies are simply small pieces of data that are sent to your browser from a Web server and stored on your computer’s hard drive. We use cookies to help remind us of who you are and to help you navigate our sites during your visits. Cookies allow us to save passwords and preferences for you, so you won’t have to re-enter them each time you visit.

The use of cookies is relatively standard. Most browsers are initially set up to accept cookies. However, if you prefer, you can set up your browser to either notify you when you receive a cookie or refuse to accept cookies. You should understand that some features of many sites may not function properly if you don’t accept cookies.

 

8. Contact, Access, and Changes

You may contact us at any time to:

  • Access or update your information.
  • Revoke a previously given authorization.
  • Request restrictions.
  • File a complaint.

Contact Information:

Redirect Health

Guy Berry – HIPAA Privacy Officer

2020 N Central Ave Suite 400, Phoenix, AZ 85004

(888) 688-4734

privacy@redirecthealth.com

 

9. State Notices

California Rights and Disclosures

The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA”), provides California residents with specific rights regarding their Personal Data. Please see the “Exercising Your Rights” section below for instructions regarding how California residents can exercise these rights. This section describes your CCPA rights and explains how to exercise those rights. If you have any questions about this section or whether any of the following applies to you, please contact us at Privacy@redirecthealth.com and indicate “California Rights” in the subject line of your communication. Because of the minimal Personal Data we collect and retain about Visitors, certain rights may not be afforded to you (as further described below). Additionally, please note that these rights are subject to certain conditions and exceptions under applicable law, which may permit or require us to deny your request. Lastly, we may process Personal Data of our customers’ end users or employees in connection with our provision of certain services to our customers. If we are processing your Personal Data as a “service provider” under the CCPA, you may need to contact the entity that collected your Personal Data in the first instance to address your rights with respect to such data.

Access

If you have a Redirect Health account, you have the right to request certain information about our collection and use of your Personal Data, including the following:

  • The categories of Personal Data that we have collected about you.
  • The categories of sources from which Personal Data was collected.
  • The business or commercial purpose for collecting or selling your Personal Data.
  • The categories of third parties with whom we have shared your Personal Data.
  • The specific pieces of Personal Data that we have collected about you.

If we have disclosed your Personal Data for a business purpose, we will identify the categories of Personal Data shared with each third-party recipient. If we have sold your Personal Data over the past 12 months, we will identify the categories of Personal Data purchased by third-party recipients.

Deletion

If you have a Redirect Health account, you have the right to request that we delete the Personal Data that we have collected from you. Under the CCPA, this right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.

Correction

If you have a Redirect Health account, you have the right to request that we correct any inaccurate Personal Data we have collected about you. Under the CCPA, this right is subject to certain exceptions: for example, if we decide, based on the totality of circumstances related to your Personal Data, that such data is correct. If your correction request is subject to one of these exceptions, we may deny your request.

Processing of Sensitive Personal Data Opt-Out

If you have a Redirect Health account, we may collect Personal Data that is considered “sensitive” under the CCPA. Because we may use or disclose Sensitive Personal Information for purposes other than those set forth in section 7027(m) of the CCPA regulations, California residents have the right to request that we limit the use or sharing of their Sensitive Personal Information (“Right to Limit”). The Right to Limit allows California residents to direct a business that collects Sensitive Personal Information to limit its use of this information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services, to perform the services set forth in paragraphs (2), (4), (5), and (8) of subdivision (e) of Section 1798.140, and as authorized in the CCPA regulations.

Personal Data Sharing or Selling

Under the CCPA, California residents have certain rights when a business “shares” or “sells” Personal Data with third parties for purposes of cross-contextual behavioral advertising. While Redirect Health does not sell Users’ information to unaffiliated parties for money, we do share Cookies and other web data to advertising and marketing partners in a manner which might be considered “selling” or “sharing” your Personal Data as those terms are defined under the CCPA. Accordingly, we have shared and sold the foregoing categories of Personal Data for the purposes of cross-contextual behavioral advertising:

  • User Demographic data (not Sensitive Demographic Data) such as gender or zipcode;
  • Online Identifiers
  • Web analytics

As described in the “Tracking Tools, Advertising, and Opt-Out” section above, we have incorporated Cookies from certain third parties into our Services. These Cookies allow those third parties to receive information about your activity on our Services that is associated with your browser or device. Those third parties may use that data to serve you relevant ads on our

Services or on other websites you visit. Under the laws of the CCPA, “sharing” of a user’s web analytics is also considered “selling.” You can opt out of such data selling and/or sharing by following the instructions in this section.

We share Personal Data with the following categories of third parties:

  • Advertising partners

Over the past 12 months, we have shared Personal Data with the categories of third parties listed above for the following purposes:

  • Marketing and advertising our Services.
  • Showing you advertisements, including interest-based or online behavioral advertising.

Once you have submitted an opt-out request, we will not ask you to reauthorize the sharing of your Personal Data for at least 12 months. To our knowledge, we do not share the Personal Data of minors under 16 years of age.

We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA.

We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you with a lower quality of goods and services if you exercise your rights under the CCPA.

Other California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes. To submit such a request, please contact us at Privacy@redirectheath.com.

Other U.S. State Rights and Disclosures

If you are a resident of Virginia, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, Washington State (solely with respect to consumer health information) or another state with a similar comprehensive consumer privacy law, you may have certain rights regarding your information. Please see the “Exercising Your Rights” section below for instructions regarding how to exercise these rights. Please note that in some cases, we may process Personal Data of our customers’ end users or employees in connection with our provision of certain services to our customers. If we are processing your Personal Data as a “processor” (or similar term) under the applicable privacy law, you may need to contact the entity that collected your Personal Data in the first instance to address your rights with respect to such data. Also, because of the minimal Personal Data we collect and retain about Visitors, certain rights may not be afforded to you (as further described below). Lastly,

please note that these rights are subject to certain conditions and exceptions under applicable law, which may permit or require us to deny your request.

If you have any questions about this section or whether any of the following rights apply to you, please contact us at privacy@redirecthealth.com and indicate “State Rights” in the subject line of your communication.

Access

If you are a User, you may have the right to request confirmation of whether we are processing your Personal Data and to access your Personal Data. Additionally, if you are an Oregon resident, you may also request access to specific third parties to which we have disclosed the Personal Data of Users (subject to exceptions in accordance with the Oregon Consumer Privacy Act.) To exercise this right, please email privacy@redirecthealth.com with the subject “Oregon Access Request.”

Correction

If you have a Redirect Health account, you may have the right to correct inaccuracies in your Personal Data, to the extent such correction is appropriate in consideration of the nature of such data and our purposes of processing your Personal Data.

Portability

If you have a Redirect Health account, you may have the right to request a copy of your Personal Data in a machine-readable format to the extent technically feasible.

Deletion

If you have a Redirect Health account, you may have the right to delete your Personal Data.

Opt-Out of Certain Processing Activities

You may have the right to opt-out to the processing of your Personal Data for targeted advertising purposes. As discussed in the “Personal Data Sharing or Selling” section of the “California Rights” section of this Privacy Policy, we process your Personal Data for targeted advertising purposes. To opt-out of our processing of Personal Data for targeted advertising purposes, please see the “Exercising Your Rights” section.

You may have the right to opt-out to the sale of your Personal Data. We do not currently sell your Personal Data to others for monetary considerations.

You may have the right to opt-out from processing your Personal Data for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects to you. However, we do not conduct such activities.

Appealing a Denial

If we refuse to take action on a request within a reasonable period of time after receiving your request in accordance with this section, you may have the right to appeal such decision. In such appeal, you must (1) provide sufficient information to allow us to verify that you are the person about whom the original request pertains and to identify the original request, and (2) provide a description of the basis of your appeal. Please note that your appeal will be subject to your rights and obligations afforded to you under the applicable state law that applies to you. We will respond to such appeal within 45 days of receiving your request. If we deny your appeal, you may have the right to contact the applicable regulators in your state.

You may appeal a decision by us using the following methods:

Email us at: privacy@redirecthealth.com (title must include “Consumer Appeal”)

Call us at (888) 688-4734.

Exercising Your Rights

To exercise the rights under the CCPA or other state laws as described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We will only use Personal Data provided in a Valid Request to verify you and complete your request.

We will respond to your Valid Request within the applicable time period required by law. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

To the extent rights are afforded to you, you may submit a Valid Request using the following method:

  • Email – privacy@redirecthealth.com

If you have questions or difficulty submitting a Valid Request, you can call us at (888) 688-4734 or email us at privacy@redirecthealth.com.

10. Changes to This Notice

We may update this notice to reflect changes in privacy practices or legal requirements. Updated versions will be posted on our website and available upon request.