Legal

Privacy Policy

Last updated: March 1, 2026

Prometheuz (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and telehealth services (collectively, the “Services”). Please read this policy carefully. If you do not agree with its terms, please discontinue use of the Services.

1. Information We Collect

We collect information in several ways:

Information You Provide Directly

  • Account information: name, email address, phone number, date of birth, and password when you register.
  • Health and medical information: health history, symptoms, medications, lab results, and other medical data you submit through intake forms or consultations.
  • Payment information: billing address and payment card details, processed securely through our third-party payment processor.
  • Communications: messages, emails, or other correspondence you send to us or your care team.

Information Collected Automatically

  • Usage data: pages visited, features used, time spent on the Services, and referring URLs.
  • Device information: IP address, browser type, operating system, and device identifiers.
  • Cookies and tracking technologies: as described in the Cookies section below.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve our Services and telehealth platform.
  • Connect you with licensed healthcare providers and facilitate your care.
  • Process payments and manage your subscription.
  • Communicate with you about your account, appointments, and treatment updates.
  • Send administrative notices, security alerts, and support messages.
  • Comply with applicable laws, regulations, and professional standards, including HIPAA.
  • Detect, investigate, and prevent fraudulent or unauthorized activity.
  • Analyze aggregate, de-identified usage trends to improve the platform.

We will not use your health information for marketing purposes without your explicit consent, as required by HIPAA and applicable state law.

3. How We Share Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Healthcare providers: We share your health information with the licensed providers on our platform who are involved in your care, as necessary to provide treatment.
  • Service providers: We share information with trusted vendors who assist us in operating the Services (e.g., cloud hosting, payment processing, pharmacy fulfillment), subject to contractual confidentiality obligations.
  • Legal compliance: We may disclose information when required by law, subpoena, court order, or to protect the rights, property, or safety of Prometheuz, our users, or the public.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred, subject to the same privacy protections described here.
  • With your consent: We may share information in other ways when you have given us explicit permission to do so.

4. HIPAA & Health Information

To the extent that we function as a HIPAA-covered entity or business associate, your Protected Health Information (PHI) is handled in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations. Our HIPAA Notice of Privacy Practices, available at /legal/hipaa-notice, provides a detailed description of how we use and disclose PHI and your rights with respect to that information.

5. Data Security

We implement administrative, technical, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include end-to-end encryption for data in transit (TLS), encryption at rest for stored health records, access controls limiting data access to authorized personnel, and regular security audits.

No method of electronic transmission or storage is completely secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to our legal and clinical retention obligations.
  • Portability: Request that we provide your data in a structured, machine-readable format.
  • Opt-out of marketing: Unsubscribe from promotional communications at any time using the link in any email or by contacting us directly.
  • California residents (CCPA): California residents have additional rights under the California Consumer Privacy Act, including the right to know, delete, and opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, please contact us at [email protected].

7. Cookies

We use cookies and similar tracking technologies to operate our Services, remember your preferences, and analyze usage patterns. Cookies are small text files stored on your device. You may configure your browser to refuse cookies; however, some features of the Services may not function properly without them. We do not use cookies to collect health information or track you across third-party sites for advertising purposes.

8. Children’s Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete that information promptly. If you believe a child has submitted information to us, please contact us at [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, where changes are material, provide additional notice (such as an email notification or a prominent notice on our website). Your continued use of the Services after any changes constitutes your acceptance of the revised policy.

10. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact our Privacy Team:

This Privacy Policy is incorporated into and subject to our Terms of Service. In the event of a conflict between this Privacy Policy and our HIPAA Notice of Privacy Practices with respect to Protected Health Information, our HIPAA Notice shall control.