Privacy Policy

Last updated: August 1st, 2023
Table of Contents
This is also a heading
This is a heading

Dear User,

Welcome to an area most online vendors hope you never visit. We’re glad you came. We’re super glad that privacy is important to you because it’s important to us, too. We’re going to do our best here to be clear & understandable, but as you know this is where law dictates a lot of what we can say. So if you’d like to ask us anything, please don’t be shy. Email us at privacy@folxhealth.com

The Basics:

FOLX Health, Inc. (our pronouns are "we," or "us" or “FOLX Health”) owns and operates the websites located at www.Folxhealth.com (the "Website") and may now or in the future own and/or operate a FOLX Health mobile application (collectively, the "Platform"). As described in the FOLX Health Terms and Conditions ("Terms and Conditions"), the FOLX Affiliated Practices provide clinical services through the Platform . Your access and use of the Platform, including its content ("Content"), any products or services provided through the Platform or otherwise by FOLX Health, and any affiliated website, software or application owned or operated by FOLX Health (collectively, including the Platform and the Content, the "Service") are subject to this Privacy Policy unless specifically stated otherwise. Capitalized terms not otherwise defined in this Privacy Policy have the same meaning as set forth in the Terms and Conditions. Translated: If it says FOLX Health on it, it’s ours and you’re agreeing to everything in this document.

The Obvious:

We are deeply committed to respecting the privacy of users of the Service. We created this Privacy Policy ("Privacy Policy") to tell you how FOLX Health collects, uses and discloses information in order to provide you with the Service. Our goal with this Privacy Policy is to be transparent so that you can make a fully-informed choice in regards to how your data is used or disclosed by FOLX Health.

How does this Work?: If you use our service, you agree to these policies. As with our Terms & Conditions, by creating, registering, or logging into an account through the Service, or otherwise accessing or using the Service, you are automatically accepting and acknowledging the most recent version of this Privacy Policy. If we make any changes to our Privacy Policy, we will post the revised Privacy Policy and update the "Last updated" date of the Privacy Policy.

If you are using the Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to act on such individual's behalf and that such individual acknowledges the practices and policies outlined in this Privacy Policy.

This is an Adults Only Situation (For now;): Our Service is intended for use by individuals who are at least eighteen (18) years of age or such older age as may be required by applicable state laws in the jurisdiction in which an individual utilizes the Service. It’s not that we don’t love young people. It’s just that the law requires a lot of additional capabilities to appropriately serve folks under 18 and we’re not there yet.

The Service is not designed or intended to attract, and is not directed to, children under eighteen (18) years of age, let alone thirteen (13) years of age. If we obtain actual knowledge that we have inadvertently collected personal information through the Platform from a person under thirteen (13) years of age, we will use reasonable efforts to refrain from further using such personal information or maintaining it in retrievable form.

Furthermore, if you are under eighteen (18) years of age, then you (or your parent or legal guardian) may at any time request that we remove content or information about you that is posted on the Platform. Please submit any such request ("Request for Removal of Minor Information") to the FOLX Help Center: https://support.folxhealth.com with a subject line of "Removal of Minor Information"

For each Request for Removal of Minor Information, please state "Removal of Minor Information" in the email or letter subject line, and clearly state the following in the body of the request:

  • The nature of your request
  • The identity of the content or information to be removed
  • The location of the content or information on the Platform (e.g., by providing the URL)
  • That the request is related to the "Removal of Minor Information"
  • Your name, street address, city, state, zip code and email address, and whether you prefer to receive a response to your request by mail or email.

We will not accept any Request for Removal of Minor Information via telephone or fax. FOLX Health is not responsible for failing to comply with any Request for Removal of Minor Information that is incomplete, incorrectly labeled, or incorrectly sent because unless we have an email or a letter these requests are hard to track and we need to ensure we are taking an appropriate action.

Sometimes we won’t be able (and legally aren’t required) to delete your information in certain circumstances, such as, for example, when an international, federal, state, or local law, rule or regulation requires FOLX Health to maintain the content or information; when FOLX Health maintains the content or information on behalf of the Affiliated Practices as part of your electronic medical record; when the content or information is stored on or posted to the Site by a third party other than you (including any content or information posted by you that was stored, republished or reposted by the third party); when FOLX Health anonymizes the content or information, so that you cannot be individually identified; or when you do not follow the aforementioned instructions for requesting the removal of the content or information. Even though we are not required to erase information in these certain circumstances, we strive to make our decisions in regard to your content and information in a way that best protects the privacy of that information.

The foregoing is a description of FOLX Health's voluntary practices concerning the collection of personal information through the Service from certain minors. Additionally, FOLX Health agrees to comply with the Children's Online Privacy Protection Act, the Federal Trade Commission's Children's Online Privacy Protection Rule(s), or any similar international, federal, state, or local laws, rules, or regulations as applicable.

Protected Health Information

Please see the Affiliated Practices’ Notice of Privacy Practices to understand how we protect, use and disclose your protected health information. FOLX Health follows the Notice of Privacy Practices as a “business associate” of the Affiliated Practices.

Collection of Information

What do we collect? We collect any information you provide when you use the Service, including, but not limited to:

  • Personally identifying information such as your name and contact data such as your e-mail address, phone number, and billing and physical addresses
  • Your login and password and other account ("Account") registration details
  • Demographic data (such as your gender, date of birth and zip code)
  • Computer, mobile device and/or browser information (e.g., IP address, mobile device ID information, operating system, connection speed, bandwidth, browser type, referring/exist web pages, web page requests, cookie information, hardware attributes, software attributes)
  • Third-party website, network, platform, server and/or application information (e.g., Facebook, Twitter, Instagram)
  • Usage activity concerning your interactions with the Service and/or third-party websites, networks or applications accessed through the Service (e.g., viewing habits, viewing preferences, viewing history, number of clicks on a page or feature, amount of time spent on a page or feature, identify of third-party websites, networks, etc.)
  • Billing, payment and shipping information
  • Electronic signature
  • Photographic or video images submitted for identification or non-diagnosis or treatment purposes
  • Information about third parties that you refer to us (e.g., name, email, and/or other contact information, relationship)
  • Statements or content (e.g., comments, videos, photographs, images) and information about such statements or content, which you submit or publish on or through the Service or which are accessed via your public or linked social media pages (e.g., Facebook, Twitter, Instagram)
  • Any other information you provide when you contact or communicate with us

If you use your mobile device to visit, access or use the Service, then additional categories of information that we collect may include:

  • Your name associated with your mobile device
  • Your telephone number associated with your mobile device
  • Your geolocation
  • Your mobile device ID information
  • With your express consent, your contacts and/or contact information (e.g., names, telephone numbers, physical addresses, email addresses, photos) stored on your mobile device
  • With your express consent, information about third-party software applications on your mobile device (including, without limitation, general software apps, downloadable software apps, social media apps)

We also collect certain medical information on behalf of the Affiliated Practices, which is addressed in the Notice of Privacy Practices. 

How Information Is Collected

FOLX Health might collect personal and non-personal information directly from you when you visit, access or use the Service; when you register with or subscribe to the Service or any products or services available through the Service; when you "sign in," "log in," or the like to the Service; when you allow the Service to access, upload, download, import or export content found on or through, or to otherwise interact with, your computer or mobile device (or any other device you may use to visit, access or use the Service) or online accounts with third-party websites, networks, platforms, servers or applications (e.g., your online social media accounts, your cloud drives and servers, your mobile device service provider); or whenever FOLX Health asks you for such information, such as, for example, when you process a payment through the Service, or when you answer an online survey or questionnaire. In addition, if you or a third party sends FOLX Health a comment, message or other communication (such as, by way of example only, email, letter, fax, phone call, or voice message) about you or your activities on or through the Site and/or the App, then FOLX Health may collect any personal or non-personal information provided therein or therewith.

In addition to the information FOLX Health collects directly from you, the Affiliated Practices may collect information directly from you. This information may include, but is not limited to, diagnoses, treatment plans (including prescription details) and notes, and is accessible and visible through certain components of the Service. This information is subject to the Notice of Privacy Practices.

We may also receive information from third parties that pay for your care or provide you with treatment, laboratory care or prescription medication, which may include, for example, your prescription history, insurance policy, insurance eligibility and coverage, and laboratory test results. This information is also subject to the Notice of Privacy Practices.

Finally, FOLX Health might use various tracking, data aggregation and/or data analysis technologies.

Please be advised that if you choose to block, reject, disable, delete or change the management settings for any or all of the aforementioned technologies and/or other tracking, data aggregation and data analysis technologies, then certain areas of the Platform might not function properly.

By visiting, accessing or using the Service, you acknowledge and agree in each instance that you are giving FOLX Health permission to monitor or otherwise track your activities on the Service, and that FOLX Health may use the aforementioned technologies and/or other tracking, data aggregation and data analysis technologies, solely for the purposes outlined in this Privacy Policy. Notwithstanding the foregoing, FOLX Health does not permit third parties or third-party cookies to access protected health information unless as authorized under law and the Notice of Privacy Practices.

Use of Information

That’s a lot of information. What do we use it for? In connection with providing the Service, we and our affiliates and service providers may use your information, subject to the limitations addressed in the Notice of Privacy Practices, for a number of purposes, including, but not limited to:

  • Verifying your identity;
  • Confirming your location;
  • Administering your account;
  • Fulfilling your requests;
  • Processing your payments;
  • Facilitating your movement through Service;
  • Facilitating your use of the Service and/or products or services offered through the Service;
  • Communicating with you by letter, email, text, telephone or other forms of communication;
  • Providing you with information about FOLX Health, the Pharmacies, Labs, the Medical Groups, and/or their businesses, products and services by letter, email, text, telephone or other forms of communication;
  • Providing you with customer support;
  • Providing you with information about third-party businesses, products and services by letter, email, text, telephone or other forms of communication to the extent permitted by law;
  • Developing, testing or improving the Service and content, features and/or products or services offered via the Service;
  • Identifying or creating new products, services, marketing and/or promotions for FOLX Health or the Service;
  • Promoting and marketing FOLX Health, the Service, and the products and/or services offered via the Service to the extent permitted by law;
  • Improving user experiences with the Service;
  • Analyzing traffic to and through Service;
  • Analyzing user behavior and activity on or through the Service in order to analyze and improve the Service;
  • Conducting research and measurement activities for purposes of product and service research and development, advertising claim substantiation, market research, and other activities related to FOLX Health, the Service or products and services offered via the Service;
  • Monitoring the activities of you and others on or through the Service in order to analyze and improve the Service;
  • Placing and tracking orders for products or services on your behalf;
  • Protecting or enforcing FOLX Health's rights and properties;
  • Protecting or enforcing the rights and properties of others (which may include you);
  • When required by applicable law, court order or other governmental authority (including, without limitation and by way of example only, in response to a subpoena or other legal process); or
  • FOLX Health believes in good faith that such use is otherwise necessary or advisable (including, without limitation and by way of example only, to investigate, prevent, or take legal action against someone who may be causing injury to, interfering with, or threatening the rights, obligations or properties of FOLX Health, a user of the Service, which may include you, or anyone else who may be harmed by such activities or to further FOLX Health's legitimate business interests).

We may de-identify your information and use, create and sell such de-identified information, or any business or other purpose not prohibited by applicable law.

Disclosure of Information

When might we have to disclose your information to others? Subject to applicable law, we may disclose your information to third parties in connection with the provision of our Service or as otherwise permitted or required by law. For example, we may disclose your information to:

  • Our third-party and service providers (collectively "vendors") that provide services to enable us to provide the Service, such as the hosting of the Service, data analysis, IT services and infrastructure, customer service, e-mail delivery, and other similar services;
  • Our vendors that provide services to enable us to run our business and administrative operations, such as legal and financial advisory services, auditing services, analytics and similar services;
  • Our vendors that provide services to enable us to promote and advertise the Service and the products and/or services offered via the Service, such as ad platforms or ad-retargeting services, as well as comply with contact removal requests or requirements, such as mailing list removal services, do not call registries, and similar services;
  • The Providers and Affiliated Practices to enable them to provide services to you via the Service and to collect payment on their behalf;
  • Vendors as we believe necessary or appropriate to comply with applicable laws; and
  • To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, liquidation or other disposition of all or any portion of our business, assets or stock with such third party.

Data Retention

FOLX Health may retain your information for as long as it believes necessary; as long as necessary to comply with its legal obligations, resolve disputes and/or enforce its agreements; and/or as long as needed to provide you with the products and/or services of the Service. FOLX Health may dispose of or delete any such information at any time, except as set forth in any other agreement or document executed by FOLX Health or as required by law.

There are different data retention requirements for protected health information, as described in the Notice of Privacy Practices.

Transactions

In connection with any transaction that you conduct through the Service (e.g., the purchase or sale of any products or services on or through the Service), you may be asked to supply certain information relevant to the transaction, including, without limitation, your credit card number and expiration date, your billing address, your shipping address, your phone number and/or your email address. By submitting such information, you grant FOLX Health without charge the right to provide such information to third parties (e.g., payment processing companies, buyers on the Service, sellers on the Service) for the purpose of facilitating the transaction.

All credit card, debit card and other monetary transactions on or through the Service occur through an online payment processing application(s) accessible through the Service. This online payment processing application(s) is provided by FOLX Health's third-party online payment processing vendor, Stripe ("Stripe"). Additional information about Stripe, its privacy policy and its information security measures (collectively, the "Stripe Policies") should be available on the Stripe website located at https://stripe.com/us/privacy or by contacting Stipe directly. Reference is made to the Stripe Policies for informational purposes only and are in no way incorporated into or made a part of this Privacy Policy

Jurisdictional Issues

The Service may only be used within certain states within the United States as described in our Terms and Conditions. Accordingly, this Privacy Policy, and our collection, use, and disclosure of your information, is governed by U.S. law.

Third Parties

This Privacy Policy does not address or apply to, and we are not responsible for, the privacy, information or other practices of any third parties, including, without limitation, the manufacturer of your mobile device, and any other third-party mobile application or website to which our Service may contain a link. These third parties may at times gather information from or about you. We do not control and are not responsible for the privacy practices of these third parties.

Summary of Information Practices

Here’s a handy table that summarizes our personal information collection, use, and sharing practices in the preceding 12 months since we last updated this Policy. As reflected in this table, we may share your personal information with a variety of outside entities.

Category of Personal Information Collected Examples Categories of Sources Commercial/Business Purpose Categories of Third Parties with Whom FOLX Health Shares Personal Information
Identifiers Full name, email address, phone number, account login and password, purchase information, billing address, physical address You, our and third-party cookies and other tracking technologies on our website, and service providers. Facilitating use of Services and/or products or services, processing payments, marketing, customer, or analytic services, protecting against malicious, deceptive, fraudulent or illegal activity, and enabling or effecting, directly or indirectly, a commercial transaction Service providers, Medical Groups, Labs, Providers, Pharmacies, third parties that assume control over all or part of the business in connection with a merger, acquisition, bankruptcy, or similar event, affiliates, professional advisors, law enforcement authorities, and those involved in legal proceedings, with consent
Unique identifiers or personal identifiers IP address, online identifiers, mobile device ID, dates of medical visit You, your mobile device, and our and third-party cookies and other tracking technologies on our website Processing or fulfilling orders and transactions, debugging to identify and repair errors that impair existing intended functionality, providing customer or analytic services, and enabling or effecting, directly or indirectly, a commercial transaction Service providers, Medical Groups, Providers, Pharmacies, data analytic providers, payment processors, affiliates, professional advisors, law enforcement authorities, and those involved in legal proceedings, with consent
Internet and other network activity Browsing activity Your mobile devices and computers used to access our Site Marketing, customer, or analytic services and enabling or effecting, directly or indirectly, a commercial transaction Service providers, data analytic providers, affiliates
Demographic information Gender, date of birth, zip code You Marketing, customer, or analytic services, processing or fulfilling orders and transactions Service providers, data analytic providers, affiliates
Audio, electronic, visual, thermal, olfactory, or similar information Electronic signature, photographic or video images You Identification verification or non-diagnosis or treatment purposes, on behalf of Medical Groups/Providers for diagnosis or treatment purposes Medical Groups and Providers
Commercial Activity Information about goods or services purchased, obtained, or considered, Your mobile device Processing or fulfilling orders and transactions, marketing, customer or analytic services Service providers, data analytic providers, affiliates
Health and Medical Information Medical history and other information, symptoms, prescription history, insurance policy, insurance eligibility and coverage, laboratory test results, previous doctors visited You or Medical Group and/or Providers Processing or fulfilling orders and transactions Medical Groups, Labs, Pharmacies and Providers
Health and Medical Information Medical history and other information, symptoms, prescription history, insurance policy, insurance eligibility and coverage, laboratory test results, previous doctors visited You or Medical Group and/or Providers Processing or fulfilling orders and transactions Medical Groups, Labs, Pharmacies and Providers
Financial Information (Information under California Civil Code 1798.80) Payment information You Processing or fulfilling orders and transactions Payment processors, buyers on Service, sellers on Service
Geolocation information Geolocation Your mobile devices and computers used to access our Site Confirming location Medical Groups and Providers
Professional or Employment-related Information Job history, educational history, employer Applicants or non-applicant email addresses or signature blocks Process and evaluate applications for positions with FOLX Health Service providers such as HR vendors

If you would like additional information on what personal information we collect, use, or disclose about you, please contact the FOLX Help Center: https://support.folxhealth.com. You may also contact us at the FOLX Help Center: https://support.folxhealth.com to request that we delete your personal information, which we will review under applicable law. We do not sell your personal data.

Miscellaneous

We strive to use reasonable physical, technical and administrative measures to protect information under our control. However, you must keep your Account password secure and your Account confidential, and you are responsible for any and all use of your Account. If you have reason to believe that the security of your Account has been compromised, please notify us immediately in accordance with the "Contacting Us" section below.

When using the Service, you may choose not to provide us with certain information, but this may limit the features you are able to use or may prevent you from using the Service all together. You may also choose to opt out of receiving certain communications (e.g., newsletters, promotions) by emailing us your preference. Please note that even if you opt out, we may still send you Service-related communications. We do not currently respond to web browser "do not track" signals or other mechanisms that provide a method to opt out of the collection of information across the networks of websites and online services in which we participate. If we do so in the future, we will describe how we do so in this Privacy Policy. FOLX Health may supplement, amend, or otherwise modify this Privacy Policy at any time. Such supplements, amendments and other modifications will be posted on this or a similar page of the Service, and shall be deemed effective as of the "Last Updated" date; provided, however, that FOLX Health will notify you and/or require you to accept the updated Privacy Policy if the supplemented, amended or otherwise modified Privacy Policy implements material changes from FOLX Health's then-current Privacy Policy. It is your responsibility to carefully review this Privacy Policy each time you visit, access or use the Service.

Contacting Us

So that was a lot of information and a lot of legal jargon. Please contact us if you have any questions about this Privacy Policy, please contact us by submitting your questions to the FOLX Help Center: https://support.folxhealth.com, Attn: Privacy Officer. Generally, Privacy Officers are lonely. So don’t be shy.

HIPAA NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.


This Notice of Privacy Practices (the “Notice”) describes how the FOLX Professionals, as an affiliated covered entity composed of multiple distinct medical groups including but not limited to Ampersex.VA PC, AS Medical of New York, P.C., Marsha Medical Group of CA, P.C., Marsha Medical Group of Kansas, P.A., Marsha Medical Group of NJ, P.C., and Marsha Medical Group, P.A. (collectively, “we” or “our”), may use and disclose your protected health information to carry out treatment, payment, or business operations and for other purposes that are permitted or required by law. “Protected health information” or “PHI” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical health or condition, treatment or payment for health care services.


This Notice also describes your rights to access and control your protected health information.


USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION:


Your protected health information may be used and disclosed by our health care providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law. 


TREATMENT:


We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to any other health care provider with whom you have an existing treatment relationship to ensure the necessary information is accessible to diagnose or treat you.  


PAYMENT:


Your protected health information may be used to bill or obtain payment for your health care services. For example, we may use your PHI in connection with processing payments for services provided to you.


HEALTH CARE OPERATIONS:


We may use or disclose, as needed, your protected health information in order to support the business activities of this office. These activities include, but are not limited to, improving quality of care, providing information about treatment alternatives or other health-related benefits and services, development or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste and abuse investigations.  We may de-identify and anonymize your information such that it is no longer considered protected health information or personally identifiable information and as such, will not contain any reference to you. In that instance, we may modify or create derivative works which contain this de-identified and anonymized information and may use that information as may be necessary to enhance the services we are providing. In addition, we may use this de-identified information for non-commercial purposes including but not limited to analytics, research, preparation of case studies and other educational and research related publication and usage. Under no circumstances will we sell or commercially market your information.

USES AND DISCLOSURES THAT DO NOT REQUIRE YOUR AUTHORIZATION


We may use or disclose your protected health information in the following situations without your authorization. These situations include the following uses and disclosures: as required by law; for public health purposes; for health care oversight purposes; for abuse or neglect reporting; pursuant to Food and Drug Administration requirements; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors and organ donation agencies; for certain research purposes; for certain criminal activities; for certain military activity and national security purposes; for workers’ compensation reporting; relating to certain inmate reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”). State laws may further restrict these disclosures.


USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION:


Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. In such cases, without your authorization, we shall not use or disclose your protected health information, but we may prepare a rebuttal to our statement and we will provide you with a copy of any such rebuttal.

You have the right to receive an accounting of certain disclosures of your protected health information that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record); or for certain other purposes.

You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.


REVISIONS TO THIS NOTICE:


We reserve the right to revise this Notice and to make the revised Notice effective for protected health information we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on the Platform. You then have the right to object or withdraw as provided in this Notice.


BREACH OF HEALTH INFORMATION:


We will notify you if a reportable breach of your unsecured protected health information is discovered.


Notification will be made to you no later than 60 days from the breach discovery and will include a brief description of how the breach occurred, the protected health information involved and contact information for you to ask questions.


COMPLAINTS:


Complaints about this Notice or how we handle your protected health information should be directed to our HIPAA Privacy Officer. If you are not satisfied with the manner in which a complaint is handled you may submit a formal complaint to the Department of Health and Human Services, Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.


We must follow the duties and privacy practices described in this Notice. FOLX also follows this Notice as a HIPAA business associate. If you have any questions about this Notice, please contact the FOLX Help Center: https://support.folxhealth.com, Attn: Privacy Officer.