Privacy Policy

Covenix Health ("Covenix," "we," "our," or "us") operates the website located at covenix.health and provides physician-led performance medicine services, including telehealth consultations, hormone optimization protocols, and membership programs (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or use our Services.

By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website and Services.

We collect the following categories of information:

Information You Provide Directly

When you complete the Performance Gap Quiz, book a consultation, submit an intake form, purchase a membership, or contact us, you may provide: your name, email address, phone number, date of birth, biological sex, state of residence, health history, symptom information, and payment information. Payment transactions are processed by our third-party payment processor (Stripe) and we do not store full credit card numbers.

Information Collected Automatically

When you visit our website, we automatically collect certain technical data including your IP address, browser type, operating system, referring URLs, pages viewed, and time spent on pages. This data is collected through cookies, web beacons, and similar tracking technologies, including the Meta Pixel (Facebook Pixel) and analytics tools. See Section 6 for more information on cookies and tracking.

Health and Medical Information

As a telehealth practice, we collect health-related information including lab results, symptom descriptions, medical history, and treatment information. This information is considered Protected Health Information (PHI) under HIPAA and is handled in accordance with our HIPAA Notice of Privacy Practices, which is provided separately through our patient portal (Optimantra).

We use the information we collect for the following purposes:

• To provide, operate, and improve our telehealth Services and website
• To schedule and conduct telehealth consultations and manage your care
• To process payments for evaluations and membership subscriptions
• To send appointment confirmations, lab requisitions, and clinical communications
• To send membership enrollment follow-up communications after your evaluation
• To respond to your inquiries submitted through our website or chatbot
• To analyze website usage and improve user experience
• To deliver targeted advertising through Meta (Facebook/Instagram) and other platforms, based on your interactions with our website (see Section 6)
• To comply with applicable laws, regulations, and professional licensing requirements
• To protect the security and integrity of our Services

Covenix Health is a covered entity under the Health Insurance Portability and Accountability Act (HIPAA). Protected Health Information (PHI), including your name, contact information when combined with health data, lab results, diagnoses, and treatment records, is governed by HIPAA and our separate HIPAA Notice of Privacy Practices.

We will not use or disclose your PHI for marketing purposes without your written authorization. We do not sell PHI. PHI is shared only with treatment providers, business associates under signed Business Associate Agreements (BAAs), and as otherwise required or permitted by law.

Our patient portal (Optimantra) operates under its own HIPAA-compliant privacy practices. Please review the Optimantra privacy policy when registering as a patient.

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We share information with third-party vendors who assist in operating our website and Services, including our patient management platform (Optimantra), CRM and marketing platform (GoHighLevel), payment processor (Stripe), lab ordering service (Ulta Lab Tests), and cloud infrastructure providers. These vendors are contractually required to protect your information.
• Compounding Pharmacies: When a prescription is issued, your name, contact information, and prescription details are shared with your designated 503A or 503B accredited compounding pharmacy for fulfillment.
• Legal Requirements: We may disclose information when required by law, subpoena, court order, or to protect the rights, property, or safety of Covenix Health, our patients, or others.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

Our website uses cookies and similar tracking technologies to enhance your experience and for marketing purposes. Specifically:

Meta Pixel (Facebook Pixel)

We use the Meta Pixel on our website. This technology allows Meta Platforms, Inc. to collect data about your interactions with our website, including pages visited, quiz completions, and booking actions - to enable us to serve targeted advertisements on Facebook and Instagram, and to measure the effectiveness of our advertising campaigns. This data is transmitted to Meta and is subject to Meta's Data Policy. You may opt out of Meta's use of this data by visiting Facebook Ad Preferences.

Analytics

We use privacy-focused analytics tools to understand how visitors use our website. This data is aggregated and does not identify individual users.

You may control cookies through your browser settings. Disabling cookies may affect the functionality of certain features on our website.

We retain personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Medical records are retained in accordance with applicable state and federal law, generally a minimum of seven (7) years for adult patients, or until the patient reaches the age of majority plus three years, whichever is longer.

Non-clinical data such as website analytics and marketing data is retained for a shorter period consistent with its purpose.

We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encrypted data transmission (TLS/HTTPS), access controls, and secure cloud infrastructure. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Depending on your state of residence, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Opt-Out of Marketing: Unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email or contacting us directly.
• HIPAA Rights: As a patient, you have additional rights under HIPAA including the right to access your medical records, request amendments, and receive an accounting of disclosures. These rights are administered through our patient portal.

To exercise any of these rights, contact us at [email protected].

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately at [email protected] and we will promptly delete such information.

Our website may contain links to third-party websites, including our patient portal, lab ordering service, and social media platforms. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies independently.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the effective date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or Services after changes are posted constitutes your acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: