Licensed providers. 100% online experience.

Legal

Privacy Policy

How Divinni collects, uses, discloses, and protects your personal information and protected health information (PHI) when you use our website and telehealth services.

Introduction

This Privacy Policy describes how Divinni ("we," "us," or "our") handles information when you visit divinni.co, create an account, complete a health assessment, receive telehealth services, or purchase medications through our platform. By using our services, you agree to the practices described here. This policy is designed to comply with applicable privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA) where we act as a business associate or covered entity, and state telehealth and consumer privacy laws.

Information we collect

We collect information you provide directly and information generated through your use of our services.

  • Identity and contact information: name, email, phone number, date of birth, shipping address, and account credentials
  • Health information: medical history, symptoms, medications, allergies, lab results, photos or videos submitted for clinical review, and provider communications
  • Payment information: billing address and payment card details processed by our PCI-compliant payment processors
  • Technical data: IP address, browser type, device identifiers, and usage data collected through cookies and similar technologies
  • Communications: messages with our support team and secure provider messaging within your patient dashboard

How we use your information

We use the information we collect for the following purposes:

  • Facilitating telehealth consultations and clinical decision-making by licensed providers
  • Processing prescriptions, coordinating pharmacy fulfillment, and managing medication delivery
  • Operating your account, processing payments, and providing customer support
  • Sending care-related notifications, refill reminders, and service updates
  • Improving our platform, conducting quality assurance, and meeting legal and regulatory obligations
  • Preventing fraud, securing our systems, and enforcing our Terms & Conditions

Protected health information (HIPAA)

When you receive clinical services through Divinni, certain health information constitutes protected health information (PHI) under HIPAA. We maintain administrative, technical, and physical safeguards designed to protect PHI, including encryption of data in transit, access controls, workforce training, and business associate agreements with vendors that handle PHI on our behalf. Our HIPAA Notice of Privacy Practices provides additional detail on how PHI may be used and disclosed, and your rights regarding PHI. You can review it at divinni.co/hipaa.

How we share information

We do not sell your personal information or PHI. We may share information with the following categories of recipients as needed to deliver our services:

  • Beluga Health and affiliated licensed clinicians who provide telehealth services through our partnership with Bond Health
  • Licensed pharmacies and fulfillment partners that dispense and ship prescribed medications
  • Laboratories and diagnostic partners when lab work is ordered as part of your care
  • Payment processors, cloud hosting providers, and technology vendors under contractual confidentiality and security obligations
  • Regulatory authorities, law enforcement, or other parties when required by law, court order, or to protect rights and safety

Data security

We implement industry-standard security measures to protect your information, including TLS encryption for data transmitted over the internet, role-based access controls, secure authentication, and regular security assessments. No method of transmission or storage is completely secure; we cannot guarantee absolute security but are committed to protecting your information using reasonable and appropriate safeguards.

Data retention

We retain personal information and PHI for as long as necessary to provide services, comply with legal and clinical record-keeping requirements, resolve disputes, and enforce our agreements. Medical records may be retained for periods required by applicable state and federal law, even after you close your account.

Your rights and choices

Depending on your location and the nature of your information, you may have the following rights:

  • Access and obtain a copy of your PHI, subject to legal exceptions
  • Request correction of inaccurate health or account information
  • Request restrictions on certain uses or disclosures of PHI where permitted by law
  • Receive confidential communications through alternative means or at alternative locations
  • Opt out of non-essential marketing communications
  • Close your account, subject to retention requirements for clinical and legal records
  • File a complaint with us at privacy@divinni.co or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated

Children's privacy

Our services are intended for individuals 18 years of age and older. We do not knowingly collect personal information or PHI from anyone under 18. If we learn that we have collected information from a minor, we will take steps to delete it promptly.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy on this page and update the "Last updated" date. Your continued use of our services after changes become effective constitutes acceptance of the revised policy.

Contact us

For privacy-related questions, requests regarding your data, or to exercise your rights, contact us at privacy@divinni.co or support@divinni.co. For general member support, visit divinni.co/contact.

Ready to get started?

Complete a free assessment and connect with a licensed provider in minutes.

Start Telehealth Consultation