• San Diego, CA, USA
dexa scans
Services and Consultation

MyTimely Health

Privacy Policy

Effective Date: [EFFECTIVE DATE]

This Privacy Policy explains how [COMPANY LEGAL NAME] (“Timely Health,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you visit mytimelyhealth.com, use our services, communicate with us, or interact with our forms and messaging systems.

Important: If we are a covered entity or business associate under HIPAA, certain health information may be regulated as Protected Health Information (PHI). Our HIPAA Notice of Privacy Practices (“NPP”) describes how PHI may be used and disclosed and explains your HIPAA rights. If there is a conflict between this Privacy Policy and the NPP regarding PHI, the NPP controls.

1) Information We Collect

We may collect the following categories of information:

  • Contact & Identity Information: name, email address, phone number, mailing address, date of birth (if provided), and similar identifiers.
  • Account / Intake / Form Information: information you submit through forms, questionnaires, appointment requests, consultations, or intake documents.
  • Health & Service Information (PHI when applicable): symptoms, diagnoses, treatment history, medications, lab results, clinical notes, and other health-related data you share with us.
  • Payment Information: billing address and payment details (note: payment processing may be handled by third-party processors; we do not store full card numbers unless explicitly stated).
  • Communications: emails, calls, chat messages, SMS/text messages, voicemail content, and any files or images you send us.
  • Device & Usage Data: IP address, browser type, device identifiers, operating system, pages viewed, clicks, referral URLs, and timestamps.
  • Cookies & Similar Technologies: data collected via cookies, pixels, tags, and analytics tools (see Section 4).

2) How We Use Information

We use information for purposes such as:

  • Providing services: scheduling, consultations, care coordination, support, and responding to requests.
  • Treatment, payment, and healthcare operations (as applicable under HIPAA).
  • Communications: sending confirmations, reminders, follow-ups, service updates, and administrative messages.
  • Improving our website and services: analytics, troubleshooting, quality assurance, and user experience improvements.
  • Security and fraud prevention: protecting accounts, preventing abuse, and enforcing policies.
  • Legal and compliance: complying with applicable laws, regulations, subpoenas, and lawful requests.
  • Marketing (non-PHI): sending educational or promotional content where permitted by law and your preferences. We do not sell PHI.

3) SMS/Text Messaging (Opt-In, Consent, and Opt-Out)

If you provide your mobile number and opt in, you agree that we may send you text messages (SMS/MMS) related to services, scheduling, reminders, updates, and customer support. Message frequency varies.

  • Opt-in: You opt in by submitting a form with a phone number and selecting/agreeing to receive texts, signing a consent, or otherwise providing express consent.
  • Opt-out: Reply STOP to any message to unsubscribe. You may also contact us at [EMAIL].
  • Help: Reply HELP or contact us at [EMAIL] or [PHONE].
  • Fees: Message and data rates may apply depending on your carrier and plan.

HIPAA note: Text messages may not always be fully secure depending on your device and carrier. If you prefer not to receive any health-related information by text, do not opt in to SMS or ask us for alternative communication methods.

4) Cookies & Tracking Practices

We use cookies and similar technologies (e.g., pixels, tags, and analytics tools) to operate our website, understand usage, and improve performance. These technologies may collect device and usage data such as IP address, browser type, pages visited, time spent, and referring pages.

  • Essential cookies: required for basic site functionality and security.
  • Analytics cookies: help us understand site usage and improve content and performance.
  • Marketing cookies (if enabled): may be used to measure campaigns and show relevant content.

Your choices: You can control cookies through your browser settings and may be able to delete existing cookies. If you disable cookies, some features may not work properly.

5) How We Share Information

We may share information in the following situations:

  • Service providers: vendors who help operate our website, scheduling, CRM, messaging, analytics, hosting, and payment processing (under appropriate contracts and security safeguards).
  • Healthcare operations (PHI when applicable): as permitted or required under HIPAA and described in our Notice of Privacy Practices.
  • Legal obligations: to comply with applicable law, court orders, subpoenas, or lawful requests.
  • Business transfers: if we are involved in a merger, acquisition, financing, reorganization, or sale of assets (subject to confidentiality protections).
  • With your authorization: when you direct us to share information or provide explicit permission.

We do not sell your personal information or PHI.

6) Data Security & Handling

We maintain administrative, physical, and technical safeguards designed to protect your information from unauthorized access, use, alteration, and disclosure. These safeguards may include access controls, encryption in transit where supported, secure hosting, least-privilege access, staff training, and monitoring.

No method of transmission or storage is 100% secure. If you believe your information has been compromised, contact us at [EMAIL] immediately.

7) Data Retention

We retain information as long as necessary to provide services, maintain records, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary depending on the type of data and applicable laws (including healthcare record requirements when applicable).

8) Your Rights & Choices

Depending on where you live and the nature of our relationship, you may have rights such as:

  • Request access to certain personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of certain information (subject to legal/medical record obligations).
  • Opt out of marketing communications (email unsubscribe links or by contacting us).
  • HIPAA (PHI) rights: access, amendment, accounting of disclosures, request restrictions, confidential communications, and the right to receive a paper copy of the NPP.

To exercise these rights, contact us at [EMAIL] or [PHONE].

9) Mobile Information Sharing Statement

We do not share your mobile phone number or SMS content with third parties for their own marketing purposes without your consent. Mobile data may be shared with service providers who support our messaging and communications systems solely to deliver messages and operate our services. You can opt out at any time by replying STOP.

10) Children’s Privacy

Our website and services are not intended for children under 13 (or the minimum age required by applicable law) unless provided through a parent/guardian or as part of permitted services. If you believe a child has provided information without appropriate consent, contact us at [EMAIL].

11) Third-Party Links

Our website may link to third-party sites or services. We are not responsible for their privacy practices. Please review their policies before providing information.

12) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the Effective Date above.

13) Contact Us

[COMPANY LEGAL NAME]
Address: [ADDRESS]
Email: [EMAIL]
Phone: [PHONE]

HIPAA Notice of Privacy Practices (Summary)

This summary is provided for convenience. Your official HIPAA Notice of Privacy Practices should be posted separately and/or provided as required. If you want, paste your full NPP text here under this section.

A) Our Duties

  • We are required by law to maintain the privacy and security of PHI.
  • We will notify you promptly if a breach occurs that may have compromised the privacy or security of your PHI.
  • We must follow the duties and privacy practices described in the NPP and give you a copy upon request.

B) How We May Use & Disclose PHI

We may use and disclose PHI for treatment, payment, and healthcare operations, and as otherwise permitted or required by law (e.g., public health, reporting, oversight, and legal compliance).

C) Your HIPAA Rights

  • Get a copy of your health records.
  • Ask us to correct your health records.
  • Request confidential communications.
  • Ask us to limit what we use or share.
  • Get a list of those with whom we’ve shared information (accounting of disclosures) in certain circumstances.
  • Get a copy of this notice.
  • Choose someone to act for you.
  • File a complaint if you feel your rights are violated.

D) Complaints

You can complain if you feel we have violated your privacy rights by contacting us at [EMAIL]. You can also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.