top of page

Privacy Policy

This Privacy Policy (“Policy”) is provided by Lyv Health, Inc. (“Lyv,” “we,” “us,” or “our”) and governs the collection, use, disclosure, and protection of personal information and health data obtained through your use of our website, mobile application, and affiliated services (collectively, the “Services”).

 

Your access to and use of the Services is conditioned upon your acceptance of this Policy. By accessing or using the Services, you agree to the terms set forth herein.


1. Scope of Policy

This Policy applies to all users of the Services, including patients, Business Associates, and health professionals. It covers all personal data, protected health information (“PHI”), and other information collected, processed, or maintained by Lyv in the course of providing and supporting the Services.

 

Where applicable, this Policy supplements—but does not replace—Lyv’s obligations under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and other state or federal health privacy laws.​

​

2. Information Collected
Lyv may collect, use, and maintain the following categories of information:

  • Identifiers and Account Data

    Full name, contact information, date of birth, and demographic data

  • Health and Medical Data

    Symptom reporting, medical history, medications, allergies, lab test results, diagnostic assessments, and data shared via wearables or health-tracking tools

  • Communications

    Content of messages, surveys or virtual check-ins with support staff or affiliated clinical providers

  • Technical Data

    Device ID, IP address, browser data, usage logs, and session analytics

  • Payment and Transaction Data

    Payment card information and billing details are collected and processed by our third-party payment processors. We may receive limited information such as payment confirmation, transaction identifiers, and billing contact details, but we do not store full card numbers except as permitted through tokenization by our processors.


    We use cookies and similar tracking technologies to operate and improve the Services, understand usage, and measure marketing performance. These tools may collect information about your device, browser, and interactions with our site or app. You can control cookies through your browser settings and may have additional rights depending on your state of residence.

 

3. Legal Basis for Processing

Lyv processes your personal and health information only where permitted by applicable law. Legal bases include:

  • Consent, as provided through your affirmative use of the Services;

  • Contractual necessity, for the provision of health services and communications;

  • Compliance with legal obligations, including public health and regulatory reporting;

  • Legitimate interests, such as internal research, quality assurance, and product development using de-identified information.
     

Where PHI is involved and HIPAA applies, Lyv processes PHI as permitted by HIPAA and applicable Business Associate Agreements. References to consent or legitimate interests are provided for transparency and may not apply in all jurisdictions or legal contexts.

​

4. Use of Information
Information collected may be used for the following purposes:

  • To provide and support the Services, including coordinating access to health-related services offered by affiliated licensed providers;

  • To facilitate interactions between you and our licensed healthcare providers;

  • To fulfill contractual obligations and deliver user support;

  • To improve, maintain, and secure the Services;

  • To conduct internal analytics and research using de-identified and/or aggregated data;

  • To comply with legal, regulatory, or public health obligations.

​

​

5. Sharing and Disclosure of Information
Lyv takes the confidentiality of your personal and health data seriously.

​

  • No Sale of Personal Information

    Lyv does not sell, rent, or license your personal or health data to any third party.
     

  • Internal Use and Sharing with Providers

    By using the Services, you consent to the disclosure of your health information—including lab test results, symptom logs, and related data—to our team of healthcare professionals and clinical staff, affiliated clinical providers, laboratories, pharmacies, and shipping providers as necessary to fulfill requested services.
     

  • De-identified and Aggregated Use

    We may use or disclose data that has been de-identified in accordance with HIPAA standards for purposes including research, analytics, and product development. De-identified information is not treated as personal information under this Policy, but we maintain appropriate safeguards and do not attempt to re-identify it except as permitted by law. 
     

  • Service Providers and Contractors

    We may share limited data with third-party vendors under binding contractual obligations. These parties act as “business associates” or processors and are prohibited from using data for any purpose other than providing services to Lyv. We share payment information with payment processors and financial institutions to process transactions, prevent fraud, and comply with legal obligations.
     

  • Legal and Regulatory Compliance

    We may disclose information as required by law, including in response to subpoenas, court orders, legal process, or to comply with applicable regulatory obligations. We reserve the right to report to law enforcement any activities that we reasonably believe to be unlawful.
     

  • Sharing with Coaches or Other Authorized Professionals.

    The Services may allow you to authorize a health coach or other non-clinical professional to view certain health-related information (such as lab results and prescription requests) for the purpose of supporting you in your wellness journey. You may control, modify, or revoke this access at any time through the Services. Coaches are not licensed providers through the platform unless explicitly stated, and any information shared with them is provided solely at your direction.​
     

6. Data Retention

We retain personal and health data for as long as necessary to:

 

  • Fulfill the purposes outlined in this Policy;

  • Comply with medical record retention laws;

  • Meet applicable legal, regulatory, and contractual obligations.

  • De-identified or anonymized data may be retained indefinitely.​

​

7. Security Measures
Lyv employs administrative, technical, and physical safeguards consistent with industry best practices and HIPAA Security Rule standards to protect your data. These include:

  • Encryption in transit (e.g., TLS) and at rest

  • Role-based access controls

  • Secure cloud infrastructure

  • Audit logs and monitoring
     

No system is completely immune to breach or misuse. You acknowledge and accept this risk by using the Services.

 

8. Children’s Privacy
Our Services are not intended for or directed to individuals under 18 years of age. We do not knowingly collect data from children. If we learn that we have inadvertently collected personal data from a minor without parental consent, we will promptly delete such information.
 

9. International Users and Data Transfers
If you access the Services from outside the United States, you understand that your data may be transferred to and processed in the United States, which may not provide the same legal protections as your jurisdiction.

 

10. Your Rights and Choices
Subject to applicable law, you may request:

  • Access to your personal data

  • Correction of inaccurate or incomplete information

  • Deletion of your personal data. Note: Certain health information may not be eligible for deletion where retention is required by HIPAA or other applicable law.

  • Restriction of data processing

  • Data portability

 

All requests must be submitted to: hello@lyvhealth.co. We reserve the right to verify your identity before responding.

 

You may also opt out of marketing emails by using the “unsubscribe” link provided in such communications.

Certain U.S. state privacy laws (such as the California Consumer Privacy Act, as amended by the CPRA, and Washington’s My Health My Data Act) may provide residents with additional rights regarding their personal information and health data.

 

Depending on where you live, you may have the right to:

  • Request access to and a copy of the personal information we hold about you

  • Request correction of inaccurate personal information

  • Request deletion of your personal information, subject to legal exceptions

  • Request information about how we share or disclose your data

  • Opt out of certain forms of data processing where applicable

  • Withdraw consent for processing of certain health data, where required by law
     

We will respond to verified requests as required by applicable law, and we will not discriminate against you for exercising your privacy rights.
 

To submit a request, email: hello@lyvhealth.co

11. Limitation of Liability
To the maximum extent permitted by law, Lyv Health, Inc. shall not be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages, including but not limited to loss of data, loss of use, or other intangible losses, resulting from unauthorized access, disclosure, alteration, or destruction of your data, except in cases of gross negligence or willful misconduct.

​

Your sole and exclusive remedy for dissatisfaction with the Services or this Policy is to discontinue your use of the Services.

 

12. Changes to This Policy
We may amend this Privacy Policy at any time, and such changes will become effective upon posting. You are responsible for reviewing this Policy periodically. Your continued use of the Services constitutes your acceptance of any modifications.

 

13. Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact:

 

Lyv Health, Inc.

Email: hello@lyvhealth.co

bottom of page