Effective Date: June 1, 2026
This Mobile App Privacy Policy (“Policy”) explains how Hello Dose and its affiliated entities (“Hello Dose,” “we,” “us,” or “our”) collect, use, disclose, and protect information when you download, access, or use the Hello Dose mobile application and any related mobile services that link to this Policy (collectively, the “App”). This Policy applies to users of the App, including prospective patients and existing patients who access Hello Dose services through the App. To the extent any information collected through the App constitutes PHI, the use and disclosure of that PHI are governed by our HIPAA Notice of Privacy Practices, which controls over this Policy in the event of any conflict.
1. Information We Collect
We may collect the following categories of information:
- Identifiers and contact information, such as name, email address, phone number, mailing address, date of birth, username, password, and account credentials.
- Health-related information, such as weight, medical history, current medications, contraindication screening answers, consultation-related information, prescription information, order status, coaching interactions, and other information you submit through the App.
- Transaction and payment information, such as subscription selections, billing information, transaction history, and limited payment details processed by our payment vendors.
- Communications, such as in-app messages, customer support inquiries, form submissions, appointment-related communications, and feedback.
- Technical and usage information, such as IP address, device identifiers, mobile device model, operating system, app version, language settings, carrier, crash reports, session activity, feature usage, and interaction data.
- Location information, such as general location inferred from IP address and any location information you provide voluntarily. If enabled on your device and used by the App, we may also collect more precise location information with your permission.
- Notification information, such as push notification tokens, delivery confirmations, and notification preferences.
- Uploaded content, such as photos, documents, profile images, or other files you submit through the App.
- Biometric or device-authentication information, if you choose to use device-based login or authentication tools made available through your device or operating system.
- Inferences, such as preferences or characteristics derived from the information above.
- We may collect information directly from you, automatically through the App and related technologies, and from vendors, service providers, analytics providers, payment processors, and other third parties where permitted by law.
2. How We Use Information
We may use information for the following purposes:
- To operate, maintain, secure, and improve the App;
- To create and manage accounts;
- To authenticate users and maintain secure sessions;
- To respond to inquiries and provide support;
- To administer intake, scheduling, eligibility screening, patient communications, prescription workflows, order tracking, and coaching features;
- To process subscriptions, payments, cancellations, and refunds where applicable;
- To send service-related notices, reminders, push notifications, and other communications;
- To personalize content and user experience;
- To detect fraud, prevent abuse, and protect the rights, safety, and property of Hello Dose, our users, and others;
- To comply with law, legal process, and regulatory obligations;
- To send administrative, service, and marketing communications, subject to your preferences and applicable law; and/or
- To create aggregated or de-identified information.
3. Device Permissions, Push Notifications, and Similar Technologies
We and our service providers may use SDKs, device identifiers, tags, scripts, local storage, push notification tokens, analytics tools, and similar technologies in the App to
operate the App, remember user preferences, understand how users interact with the App, improve performance, and support security, fraud prevention, analytics, and measurement. Some of these technologies are strictly necessary for the App to function, while others help us analyze usage, improve user experience, and, where permitted by law, measure the effectiveness of our communications and content. You may be able to control certain permissions and settings through your device or App settings. If you disable certain permissions or technologies, some App features may not function properly. We do not permit advertising or analytics technologies to receive PHI from any feature, form, intake flow, or other App workflow where health-related information is submitted or reasonably likely to be submitted, except as permitted by HIPAA, applicable law, or a valid HIPAA authorization. Where a vendor creates, receives, maintains, or transmits PHI on our behalf, we use appropriate contractual and other safeguards required by HIPAA, and disclosures are limited to what is permitted and reasonably necessary for the intended purpose.
4. How We Share Information
We may disclose information to the following categories of recipients, as described below:
a. Affiliates and related entities. We may share information with our affiliates, parent companies, subsidiaries, and related entities for business, administrative, operational, compliance, and service-delivery purposes.
b. Service providers. We may share information with vendors and service providers that perform services on our behalf, such as hosting, data storage, customer support, communications, analytics, security, fraud prevention, identity verification, billing, payment processing, shipping, and other operational services. These service providers are authorized to use information only as necessary to perform services for us and are subject to appropriate confidentiality and, where required, contractual obligations.
c. Clinical providers and care team members. We may share information with licensed health care providers, care coordinators, coaches, pharmacies, and other members of your care team as needed to provide treatment, coordinate care, process prescriptions, support delivery, or administer related health care services.
d. Payment and fulfillment partners. We may share information with payment processors, pharmacy partners, compounding pharmacies, shipping carriers,
fulfillment vendors, and other third parties necessary to process payments, dispense medication, or deliver products or services you request.
e. Advertising and analytics partners. We may use limited analytics and measurement tools to understand how users interact with our website or app and to improve functionality and performance. We do not disclose PHI to advertising or analytics vendors from authenticated patient areas or from health-care submission workflows except as permitted by HIPAA, applicable law, or a valid HIPAA authorization. If a vendor creates, receives, maintains, or transmits PHI on our behalf, we will use contractual and other safeguards required by HIPAA and will limit the disclosure to what is permitted and reasonably necessary for the intended purpose.
f. Legal, safety, and compliance purposes. We may disclose information if we believe in good faith that doing so is necessary to comply with law, regulation, subpoena, court order, search warrant, governmental request, or other legal process; to protect the rights, property, safety, and security of Hello Dose, our users, clinicians, or others; to investigate fraud or misuse; or to enforce our agreements and policies.
g. Business transactions. We may disclose or transfer information in connection with or during negotiations of any merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar corporate transaction, subject to applicable law.
h. At your direction or with your consent. We may share information with third parties when you ask us to do so or when you otherwise give us permission.
We do not disclose PHI to advertising or analytics vendors unless the disclosure is permitted by HIPAA and supported by an applicable legal basis, including a business associate arrangement where required, or a valid authorization where required.
5. Health Information
The App may collect health-related information through account features, questionnaires, messaging tools, prescription tools, coaching tools, and other App functionality. If you become a patient of Hello Dose or an affiliated clinical entity, certain information may also be governed by applicable health privacy laws and separate patient-facing privacy notices.
6. Marketing and Advertising
We may use information to communicate with you about services, promotions, and updates, subject to applicable law. We do not sell personal information for money. If applicable law treats certain advertising or analytics activities as a sale, sharing, or targeted advertising, we will provide any notices and choices required by law.
7. State Privacy Rights
Depending on your state of residence, you may have rights to access, correct, delete, or receive a copy of certain personal information, and to opt out of targeted advertising, sales, or certain profiling. California residents may have additional rights under the California Consumer Privacy Act, as amended, including rights to know, delete, correct, opt out of sale or sharing, and limit certain uses of sensitive personal information.
If you are entitled to privacy rights under applicable law, we will honor them as required by law. We will not discriminate against you for exercising those rights.
If you are a resident of a state that provides rights with respect to consumer health data, including Washington, this section applies to consumer health data that we collect through the App and that is not otherwise governed by HIPAA.
We may collect consumer health data such as information you provide in questionnaires, intake forms, messages, subscription or eligibility screens, medication-related interactions, symptom information, device or location data that may indicate interest in health care services, and inferences drawn from that information. We use this data to provide and improve our services, communicate with you, determine eligibility, coordinate care, process subscriptions and orders, prevent fraud, comply with law, and for other purposes described in this Policy.
We may share consumer health data with service providers, clinicians, pharmacies, fulfillment vendors, payment processors, and other vendors that help us operate the App and provide services. We do not sell consumer health data. We do not use consumer health data for targeted advertising unless we have obtained any consent or authorization required by applicable law.
Subject to applicable law, you may have the right to confirm whether we process your consumer health data, access that data, request deletion of that data, and withdraw consent to our processing of that data. You may exercise these rights by contacting us (see below in Section 13). We will respond as required by applicable law.
If you withdraw consent where consent is the lawful basis for processing, we will stop collecting or sharing your consumer health data for that purpose, subject to legal, operational, and recordkeeping requirements.
8. Children’s Privacy
The App is not intended for children under 18, and we do not knowingly collect personal information from children under 13 through the App. If we learn that we have collected personal information from a child in violation of applicable law, we will take appropriate steps to delete it.
9. Data Retention
We retain information for as long as reasonably necessary to fulfill the purposes described in this Policy, comply with legal obligations, resolve disputes, enforce agreements, maintain records, and support business operations. Retention periods may vary depending on the type of information and legal requirements.
10.Security
We use reasonable administrative, technical, and physical safeguards designed to protect information. No security system is perfect, and we cannot guarantee absolute security.
11. International Users
The App is intended for users in the United States. If you access the App from outside the United States, you understand that your information may be processed in the United States or other jurisdictions with different privacy laws.
12.Changes to This Policy
We may update this Policy from time to time. The “Effective Date” above indicates when this version became effective. Material changes will be posted in the App, on the Hello Dose website, or otherwise communicated as required by law.
13.Contact Us
If you have questions about this Policy or wish to exercise your rights, contact us at:
- Hello Dose
- 980 East 12th Brooklyn, NY 11230
- [email protected]
- (607) 638-3948