Privacy Policy
Last updated: April 3, 2026
1. Information We Collect
We collect information you provide directly to us, including your name, email address, phone number, date of birth, physical address, medical history, health information, and payment details. We also collect information automatically when you use our services, such as your IP address, browser type, device information, and usage patterns.
2. How We Use Your Information
We use your information to provide and improve our telehealth services, facilitate medical consultations with licensed clinicians, process prescriptions and medication delivery, communicate with you about your treatment plan and appointments, process payments and manage your account, comply with legal and regulatory requirements, and protect the safety and security of our platform.
3. HIPAA Compliance
Lavia is fully HIPAA compliant. All protected health information (PHI) is handled in accordance with the Health Insurance Portability and Accountability Act. We implement administrative, physical, and technical safeguards to protect your health information. This includes enterprise grade encryption for data in transit and at rest, strict access controls, regular security audits, and comprehensive employee training on privacy and security protocols.
4. Information Sharing
We do not sell your personal or medical information. We may share your information with licensed healthcare providers who are part of your care team, pharmacy partners for medication fulfillment, payment processors to complete transactions, service providers who assist in operating our platform (under strict confidentiality agreements), and law enforcement or regulatory bodies when required by law.
5. Data Security
We employ industry standard security measures to protect your information, including SSL/TLS encryption for all data transmissions, encrypted database storage, regular security assessments and penetration testing, multi factor authentication for administrative access, and automated monitoring for unauthorized access attempts. While we strive to protect your information, no method of electronic transmission or storage is 100% secure.
6. Your Rights
You have the right to access your personal and medical information, request corrections to inaccurate information, request deletion of your account and associated data (subject to legal retention requirements), receive a copy of your health records, opt out of non essential communications, and file a complaint if you believe your privacy rights have been violated.
7. Cookies and Tracking
We use cookies and similar technologies to improve your experience on our website, analyze usage patterns, and deliver relevant content. You can manage your cookie preferences through your browser settings. Essential cookies required for the operation of our services cannot be disabled.
8. Data Retention
We retain your personal and medical information for as long as necessary to provide our services and comply with legal obligations. Medical records are retained in accordance with applicable state and federal regulations. When data is no longer needed, it is securely deleted or anonymized.
9. Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a person under 18, we will take steps to delete that information promptly.
10. Contact Us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at [email protected]. For HIPAA related inquiries, you may also contact our Privacy Officer at the same address.