Wisp LogoWisp Logo

Wisp Privacy Policy

Wisp, Inc. and its affiliates (“wisp,” “we,” “our,” and/or “us”) value the privacy of individuals who use our websites and related services (collectively, our “Services”). This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose information from users of our Services (“Users”), including website visitors and individuals who partner with us to promote our Services. By using our Services, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service https://hellowisp.com/terms.

THIS NOTICE DESCRIBES HOW INFORMATION ABOUT YOU (INCLUDING MEDICAL INFORMATION) MAY BE COLLECTED, USED, AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Information We Collect

We may collect a variety of information from or about you or your devices from various sources, as described below.

A. Information You Provide to Us.

  • Registration and Account Information. If you sign up for an account, we may ask you for your name, sex assigned at birth, date of birth, email address, shipping address, billing information, and phone number.
  • Identification Verification. If you choose to purchase prescription medication through our Services, we will ask you to provide a government-issued ID and a photo of you so that we and our third party providers (such as Persona) can verify your identity.
  • Symptoms Quiz and Medical History. If you choose to complete our Symptoms Quiz in order to request treatment or connect with our partner Telehealth Provider (“Provider”), we will collect information about the treatment or service you are seeking, as well as information that you provide through the form, such as your health symptoms and conditions.If you choose to consult with a Provider through our patient portal, we may collect additional information, such as your medical history.
  • Communications with Wisp. If you contact us directly, we and our third party vendors (such as Klaviyo and HelpScout) may receive additional information about you, such as your name, email address, phone number, the contents of a message or attachments that you may send to us, and other information you choose to provide. If you subscribe to receive updates, promotions, and discounts, then we will collect certain information from you, such as your email address. When we send you emails, we and our third-party vendor may track whether you open them to learn how to deliver a better customer experience and improve our Services.
  • Payment Information. If you subscribe to or make a purchase through our Services, your payment-related information, such as credit card or other financial information, is collected by our third-party payment processor (such as Stripe) on our behalf.
  • Wisp Affiliate Program. If you sign up to become our Affiliate through Impact Tech, Inc., we will collect your email address, first name, last name, username, password, phone number, entity type, mailing address, time zone, and preferred currency. For Impact’s privacy practices, please refer to their privacy policy https://impact.com/privacy-policy/.
  • Careers. If you decide that you wish to apply for a job with us, you may submit your application and your resume online. We will collect the information you provide on your application and resume, such as your education, email address, phone number, gender, and employment experience. You may also apply through LinkedIn. If you do so, we will collect the information you make available to us on LinkedIn.

B. Information We Collect When You Use Our Services.

  • Communications with Providers. If you exchange messages with a Provider through our platform, we receive the messages between you and the Provider, including the contents of a message and any attachments you send to them. We also work with third parties to facilitate audio and video consultations between you and the Providers off our platform. But while a third party provides the communication services, we collect certain information about those communications. For example, for audio consultations, we receive your phone number and the date and time of the consultations in order to provide payments to the Provider. For video consultations, we receive information about whether you were in the virtual waiting room and messages may you send in the room.
  • Medication Information. We receive information about the medications you purchase and the prescriptions that the Provider has prescribed to you. We also receive your home address for delivery of your medications.
  • Usage Information. We automatically receive information about your interactions with our Services, like the pages, products, or other content you view, the searches you conduct and the dates and times of your visits.
  • Device Information. We receive information about the device and software you use to access our Services, including IP address (from which we infer your general location information), web browser type, operating system version, and device identifiers.
  • Information from Cookies and Other Tracking Technologies. We and our third-party partners collect information using cookies, pixel tags, SDKs, or other tracking technologies. Our third-party partners, such as analytics and advertising partners, may use these technologies to collect information about your online activities over time and across different services.

C. Information We Receive from Other Sources.

  • Information from Your Provider. If you choose to consult with a Provider, we receive the Provider’s clinical notes from the consultation and prescription approval information.
  • Information from Your Pharmacy. If you choose to purchase medications through our Services, we receive fulfillment and shipping status information from our pharmacy partners (including Curexa, TruePill, and Precision Compounding Pharmacy.)
  • Lab Results. If you choose to direct our lab partners to send your lab results directly to us, we receive that information from our lab partners (including LabCorp, Quest, Daye, and TBD Health) on your behalf.

How We Use the Information We Collect

We use the information we collect:

  • To provide, maintain, improve, and enhance our Services;
  • To personalize your experience on our Services such as by providing tailored content and recommendations;
  • To understand and analyze how you use our Services and develop new products, services, features, and functionality;
  • To communicate with you, provide you with updates and other information relating to our Services, provide information that you request, and otherwise provide customer support;
  • For marketing and advertising purposes, such as developing and providing promotional and advertising materials that may be relevant, valuable or otherwise of interest to you;
  • For research purposes;
  • To partner with you to promote our Services;
  • To generate anonymized or aggregate data containing only de-identified, non-personal information that we may use for any lawful purposes;
  • To facilitate transactions and payments;
  • To find and prevent fraud and abuse, and respond to trust and safety issues that may arise;
  • For compliance purposes, including enforcing our TOS or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency; and
  • For other purposes for which we provide specific notice at the time the information is collected.

How We Disclose the Information We Collect

  • Vendors and Service Providers. We may disclose any information we receive to vendors and service providers retained in connection with the provision of our Services.
  • Telehealth Providers. If you choose to have a telehealth consultation with a Provider, we may disclose your information to the provider to facilitate the consultation, such as your self-reported demographics information, health-related questionnaires, and requests for treatment.
  • Pharmacy Partners. We disclose your order and prescription information to partnering pharmacies to facilitate medication fulfillment and/or delivery.
  • Advertising Partners. We work with third-party advertising partners to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative (https://optout.networkadvertising.org) or the Digital Advertising Alliance (https://optout.aboutads.info) and serve ads through cookie-based technologies. If you do not wish to receive these personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving personalized ads from member companies. These opt-outs will not apply to our third-party advertising partners that are not members of these organizations and will not apply when our partners serve ads through non-cookie based technologies.
  • As Required By Law and Similar Disclosures. We may access, preserve, and disclose your information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety. For the avoidance of doubt, the disclosure of your information may occur if you post any objectionable content on or through the Services.
  • Merger, Sale, or Other Asset Transfers. We may transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets. The use of your information following any of these events will be governed by the provisions of this Privacy Policy in effect at the time the applicable information was collected.
  • Consent. We may also disclose your information with your permission. Requests for access to, deletion, or correction of Personal Information are subject to our ability to verify your identity. If you have a Wisp account, we will verify your identity by asking you to log into your account. You may also be asked to verify your identity by confirming information that we may have about you, such as your name, email address, and other information.
  • Authorized Agents. We may disclose your information to your authorized agent, executor, administrator, or other person with the authority to act on your behalf, provided such person is able to provide additional documentation that establishes their authority to act on your behalf.

Marketing Communications

  • Promotional Messaging. You can unsubscribe from our promotional emails via the link provided in the emails. You can also opt out from our promotional SMS messages by replying “STOP” to our message. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.
  • Third Parties. Our Services may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy practices of these third parties. Please be aware that this Privacy Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to them.
  • Security. We make reasonable efforts to protect your information by using physical and electronic safeguards designed to improve the security of the information we maintain. However, because no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information.

Biometric Privacy Notice

Why are you receiving this notice?

This biometric privacy notice explains how we collect, use, share, retain, and destroy your Biometric Data for identify verification purposes when you use wisp for online consultations. “Biometric Data” includes: (i) “Biometric Identifiers,” which are data generated by measurements of your biological characteristics, such as your retina or iris scan, fingerprint, voiceprint, or a scan of your hand or face geometry; and (ii) “Biometric Information,” which is information based on a Biometric Identifier that can be used to identify you.

Please review this notice carefully. By agreeing to our collection of your Biometric Data, you consent to the collection, use, sharing, and retention of your Biometric Data as described in this notice.

What type of Biometric Data do we collect?

Face geometry.

How do we collect it?

We use our third-party service provider, Persona Identities, Inc. to extract your face geometry from the government-issued identification documents and photo that you provide.

How do we use and share it?

Your Biometric Data is directly collected by our third-party service provider, Persona Identities.

How long do we retain your Biometric Data?

Our service provider, Persona Identities, retains your Biometric Data as long as Persona Identities needs it to verify your identity, and in no event will it be retained for longer than three years unless there are legal requirements to keep it for a longer period (such as a warrant or subpoena).

What happens to your Biometric Data at the end of the retention period?

When the retention period ends, your Biometric Data is permanently deleted.

Requests for Personal Information

  • You may make the following requests with respect to your health information maintained by us:
  • Confidential Communication. You may request that you receive your health information by alternative means (e.g., by e-mail rather than via the portal) or at alternative locations (e.g., that we mail your medical records to a different physical address. You must submit your request in writing to privacy@hellowisp.com.
  • Restrictions. You may request restrictions on certain uses and disclosures of your health information, or to revoke or terminate a restriction that we previously agreed to. You may request that Wisp limit its disclosures of your health information to only certain individuals involved in your care or the payment of your care. You must submit your request in writing to Wisp at privacy@hellowisp.com. We are not required to comply with your request. However, if we agree to comply with your request, we will be bound by such agreement, except when otherwise required by law or in the event of an emergency.
  • Inspection and Copies. You may make a request to inspect and copy your health information. You must submit your request in writing to Wisp at privacy@hellowisp.com. We may deny your request to inspect and/or copy your health information in certain limited circumstances, in which case we will inform you of the reason for the denial, and you may request a review of the denial.
  • Amendment. You may request that we amend your health information if you believe it is incorrect or incomplete, and you may request an amendment for as long as the information is maintained by Wisp. You must submit your request in writing to Wisp at privacy@hellowisp.com and provide a reason to support the requested amendment. We may, under certain circumstances, deny your request by sending you a written notice of denial. If we deny your request, you will be permitted to submit a statement of disagreement for inclusion in your records.
  • Accounting of Disclosures. You may request an accounting of all disclosures we have made of your health information. However, that right does not include disclosures made for treatment, payment or health care operations, disclosures made to you about your treatment, disclosures made pursuant to an authorization, and certain other disclosures. You must submit your request in writing to Wisp at privacy@hellowisp.com and you must specify the time period involved (which must be for a period of time less than six years from the date of the disclosure).
  • Paper Copy. You have the right to obtain a paper copy of this Privacy Policy from us at any time upon request. To obtain a paper copy of this notice, please contact Wisp by emailing us at privacy@hellowisp.com or calling (415) 209-5810.
  • Complaint. You may complain to Wisp if you believe that your privacy rights have been violated. To file a complaint with Wisp, you must submit a statement in writing to us at Privacy@Hellowisp.com. Wisp will not retaliate against you for filing a complaint.

Children’s Privacy

We do not knowingly collect, maintain, or use personal information from children under 18 years of age, and no part of our Service(s) is directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at Privacy@Hellowisp.com or by phone at (415) 209-5810.

International Visitors

Our Services are hosted in the United States and intended for visitors located within the United States. If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personal information outside of those regions to the U.S. for storage and processing. We may also transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. By providing any information, including personal information, on or to the Services, you consent to such transfer, storage, and processing.

Update Your Information

You can update your account information that does not require additional verification such as your name or date of birth through your account settings. For further assistance, please contact our team at support@hellowisp.com.

You can exercise your right to opt out of the processing of your Personal Information for targeted advertising or the “sale” or your Personal Information by adjusting your cookie settings. You will be prompted to select your options on our website at www.hellowisp.com via the banner at the bottom of the screen. You may also update your settings at any time by clicking the cookie icon at the lower left corner of the screen after your first interaction, or by clicking the Do Not Sell/Share My Personal Information link in the footer.

Changes to this Privacy Policy

We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or disclose personal information previously collected from you through the Services, we will notify you through the Services, by email, or other communication.

Contact Information

If you have any questions, comments, or concerns about our processing activities, please email us at Privacy@Hellowisp.com or by phone at (415) 209-5810.

Wisp U.S. State Privacy Notice Addendum

This U.S. State Privacy Notice Addendum (this “Notice") supplements the information and disclosures contained in our Privacy Policy. It applies to the residents of California, Colorado, Connecticut, Texas, Utah, and Virginia, and explains how we collect and process information about you as a business or controller and how you can exercise your privacy rights under the California Consumer Privacy Act, the Colorado Privacy Act, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring, the Texas Data Privacy and Security Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act (the “U.S. State Privacy Laws”).

Personal Information means information that the U.S. State Privacy Laws in this Notice defines as “Personal Information” or “Personal Data.” Personal Information does not include information that is deidentified or aggregated or otherwise excluded from the scope of the U.S. State Privacy Laws.

Sources of Personal Information We Collect

We collect Personal Information from you when you provide it to us or automatically through our services. We may also obtain information about you from other sources, such as partnering pharmacies, Telehealth Providers (“Providers”), payment providers, advertising networks, and analytics providers.

Categories of Personal Information We Collect, Process, and Disclose to Third Parties; and the Purposes of Processing

The information we collect, use, and disclose about you will vary depending on how you interact with Wisp and our products. Over the past 12 months, we or our service providers acting on our behalf may have collected, used, and disclosed each of the categories of Personal Information about you, as described below.

Identifiers, including name, address, online identifiers, internet protocol address, email address, phone number, driver’s license number or other government-issued ID number, or other similar identifiers may be disclosed to the following:

  • Service providers and vendors
  • Providers
  • Pharmacy partners
  • Advertising partners
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Categories of information listed in the California Customer Records statute (Cal. Civ. Code Section 1798.80(e)), including name, address, telephone number, driver’s license number or other government-issued ID number, physical characteristics or description, education, employment, employment history, payment card number, and medical information may be disclosed to the following:

  • Service providers and vendors
  • Providers
  • Pharmacy partners
  • Advertising partners
  • Analytics providers
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Characteristics of Protected Classifications under California or Federal Law, including age, sex/gender, and medical condition may be disclosed to the following:

  • Service providers and vendors
  • Providers
  • Advertising partners
  • Analytics providers
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Commercial Information, including products or services purchased or considered may be disclosed to the following:

  • Service providers and vendors
  • Providers
  • Advertising partners
  • Analytics providers
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Biometric Information, including facial geometry may be disclosed to our service provider (Persona) who processes this information on our behalf.

Internet or Other Electronic Network Activity Information, including browsing history, search history, and information regarding a consumer’s interaction with an internet website may be disclosed to the following:

  • Service providers and vendors
  • Advertising partners
  • Analytics providers
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

General (Non-Precise) Geolocation may be disclosed to the following:

  • Service providers and vendors
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Audio and Video Information may be disclosed to the following:

  • Service providers and vendors
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Professional or Employment-Related Information, such as job application or resume information may be disclosed to the following:

  • Service providers and vendors
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Sensitive Personal Information, including driver’s license number or other government-issued ID number, account log-in information, biometric information, health information, and information concerning an individual’s sex life may be disclosed to the following:

  • Service providers and vendors
  • Providers (health-related information only)
  • Advertising partners
  • Analytics providers
  • Pharmacy partners (health-related information only)
  • Law enforcement or other third parties in connection with legal requests, to comply with applicable law or to prevent harm
  • Third parties in mergers and other corporate transactions
  • Corporate affiliates

Over the past 12 months, we have disclosed Identifiers, Categories of information listed in the California Customer Records statute, Characteristics of Protected Classifications, Commercial Information, Internet or Other Electronic Network Activity Information, and Sensitive Personal Information to Advertising Partners. Under the U.S. State Privacy Laws, some of these data disclosures may broadly be considered a “sale” of Personal Information, processing of Personal Information for targeted advertising, and “sharing” of Personal Information for cross-context behavioral advertising. We do not collect or process Sensitive Personal Information for the purpose of inferring characteristics about a consumer, and we use or disclose Sensitive Personal Information for purposes other than those specified in CCPA Regulation 7027(m). We do not knowingly “sell” Personal Information or “share” Personal Information about consumers under the age of 18 for cross-context behavioral advertising. We do not knowingly process Personal Information about consumers under the age of 18.

Our Purposes for Processing Personal Information

Identifiers, Categories of information listed in the California Customer Records statute, Characteristics of Protected Classifications, Commercial Information, Biometric Information, Internet or Other Electronic Network Activity Information, Geolocation Information, Sensory Information, Sensitive Personal Information are used to provide, maintain, improve, and enhance our Services;

Identifiers, Categories of information listed in the California Customer Records statute, Characteristics of Protected Classifications under California or Federal Law, Sensitive Personal Information are used to personalize your experience on our Services such as by providing tailored content and recommendations;

Identifiers, Categories of information listed in the California Customer Records statute, Commercial Information, Internet or Other Electronic Network Activity Information, Geolocation Information, Sensitive Personal Information are used to understand and analyze how you use our Services and develop new products, services, features, and functionality;

Identifiers, Categories of information listed in the California Customer Records statute, Sensitive Personal Information are used to communicate with you, provide you with updates and other information relating to our Services, provide information that you request, and otherwise provide customer support;

Identifiers, Categories of information listed in the California Customer Records statute, Characteristics of Protected Classifications, Commercial Information, Internet or Other Electronic Network Activity Information, Sensitive Personal Information are used for marketing and advertising purposes, such as developing and providing promotional and advertising materials that may be relevant, valuable or otherwise of interest to you;

Identifiers, Categories of information listed in the California Customer Records statute are used to partner with you to promote our Services;

Identifiers, Categories of information listed in the California Customer Records statute, Sensitive Personal Information are used to facilitate transactions and payments;

Identifiers, Categories of information listed in the California Customer Records statute, Biometric Information, Internet or Other Electronic Network Activity Information, Geolocation Information, are used to find and prevent fraud and abuse, and respond to trust and safety issues that may arise;

Identifiers, Categories of information listed in the California Customer Records statute, Characteristics of Protected Classifications, Commercial Information, Biometric Information, Internet or Other Electronic Network Activity Information, Geolocation Information, Sensory Information, Sensitive Personal Information are used for compliance purposes, including enforcing our TOS or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.

Retention

We will retain Personal Information and Sensitive Personal Information for a time period required or allowed by applicable regulations or laws and as needed to fulfill business purposes outlined in Section 3 and as outlined in our internal document retention schedule, including providing you products and services, complying with our legal obligations, resolving disputes, and enforcing our agreements, or for other purposes described in this U.S. State Privacy Notice Addendum. Our retention of information is based on many factors such as your relationship with Wisp, the nature of the information, compliance with our legal obligations, and defending or resolving actual or anticipated legal claims.

Your U.S. State Privacy Rights

Some states provide consumers certain rights regarding their Personal Information. Depending on where you live and subject to certain exceptions, you may exercise the following rights:

  • The right to confirm whether we process your personal information and to know the categories of personal information we have collected or disclosed about you, as well as the sources of such personal information, the purposes, and the third parties or categories of third parties to whom such personal information is disclosed.
  • The right to access, correct, or delete the specific pieces of Personal Information we have collected about you.
  • The right to opt out of the “sale” of your Personal Information, the “sharing” of your Personal information for cross-context behavioral advertising, and the processing of your Personal Information for targeted advertising.
  • The right to be free from discriminatory treatment for the exercise of your privacy rights.
  • The right to appeal any decision with regard to your privacy request.
  • The right to opt-out of profiling in furtherance of producing legal or significant decisions concerning a consumer. We do not engage in such profiling.

Exercising Your U.S. State Privacy Rights

  • Submitting Requests. You can submit an access, correction, deletion, and/or appeal request by sending us an email to privacy@hellowisp.com or by phone at (415) 209-5810.
  • You can exercise your right to opt out of the processing of your Personal Information for targeted advertising or the “sale” or your Personal Information by adjusting your cookie settings. You will be prompted to select your options on our website at www.hellowisp.com via the banner at the bottom of the screen. You may also update your settings at any time by clicking the cookie icon at the lower left corner of the screen after your first interaction. If you are visiting our website using a web browser with the Global Privacy Control (“GPC”) signal enabled, we will treat the GPC signal as a request to opt out of targeted advertising and “sales.”
  • Verification. Requests for access to, deletion, or correction of Personal Information are subject to our ability to verify your identity. If you have a Wisp account, we will verify your identity by asking you to log into your account. If you do not have an account, we will attempt to verify your identity by asking for information that we may have about you, such as your name, email address, and other information.
  • Authorizing an Agent. If you are acting as an authorized agent to make a request to know, delete, or correct on behalf of a California resident, please send an email to privacy@hellowisp.com and attach a written authorization signed by the resident. We may still require the California resident to directly verify their identity and confirm that they have provided you permission to submit the request.

Consumer Health Data Privacy Policy

This Consumer Health Data Privacy Policy supplements the Wisp Privacy Policy and applies only to personal data defined as “consumer health data” that is subject to the Washington State My Health My Data Act (MHMDA) and the Nevada Health Data Privacy Act (NHDPA) (“U.S. State Health Privacy Laws”).

Categories of Consumer Health Data We Collect

Depending on the context of your interactions with Wisp and the products and services you use, we may collect the following categories of Consumer Health Data:

  • Individual health conditions, treatment, diseases, or diagnosis
  • Diagnoses or diagnostic testing, treatment, or medication
  • Use or purchase of medication, including prescribed medication
  • Bodily functions, vital signs, symptoms, or measurements
  • Data that identifies a consumer seeking health care services
  • Reproductive or sexual health information
  • Health-related surgeries or procedures
  • Gender-affirming care information
  • Biometric information.

Examples of how we collect these categories of Consumer Health Data:

  • If you choose to complete our Symptoms Quiz, we will collect information about your symptoms, health conditions, and the treatment or services you are seeking
  • If you place an order for prescribed medication, we will collect information about your order and may collect information related to health-related surgeries or procedures or gender-affirming care information to provide your medical history information to the Telehealth Provider
  • If you connect with our partner Telehealth Provider through our patient portal, we will collect your medical history, and we receive the Telehealth Provider’s clinical notes from the consultation and prescription approval information
  • If you choose to purchase medication, including prescribed medication, through our services, we receive prescription approval information from your Telehealth Provider and fulfillment and shipping status information from our pharmacy partners
  • In order to verify your identity before meeting with a Telehealth Provider, our service provider collects face geometry from the government-issued identification and photo that you provide
  • If you obtain certain medications or services, such as pregnancy or STD-related services, we may collect reproductive or sexual health information.
  • If you choose to direct our lab partners to send your lab results directly to us, we receive those results from the partners on your behalf.

Sources of Consumer Health Data

We collect Consumer Health Data from the following categories of sources: directly from you, Telehealth Providers, partnering pharmacies, and service providers.

Purposes for Collection and Use of Consumer Health Information

We collect and use Consumer Health Data to provide you with the products or Services you have requested, for other purposes permitted under U.S. State Health Privacy Laws, or with your consent. We process your Consumer Health Data using methods such as automated processing and manual human review, depending on the nature of the Consumer Health Data and the purposes of collection, use, and disclosure. These uses may include:

  • Providing, maintaining, improving, and enhancing our products and services to you;
  • Personalizing our services and products tailored for your needs;
  • Understanding and analyzing how you use our Services and develop new products, services, features, and functionality;
  • Communicating with you, providing you with updates and other information relating to our services, providing information that you request, and otherwise providing customer support;
  • Facilitating the connection of third-party services, such as matching you with a Telehealth Provider;
  • Anonymizing and aggregating information for analytics and reporting;
  • Administering surveys and questionnaires;
  • Sending you text messages; and
  • Facilitating transactions and payments.
  • Marketing and advertising purposes, such as developing and providing promotional and advertising materials that may be relevant, valuable or otherwise of interest to you;
  • Finding and preventing fraud and abuse, and responding to trust and safety issues that may arise;
  • For compliance purposes, including enforcing our Terms of Use or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency;

Our Sharing of Consumer Health Data

With your consent, or to the extent necessary to provide you with the products or Services you have requested or for other purposes permitted under U.S. State Health Privacy Laws, we share Consumer Health Data with the following categories of third parties (excluding those who constitute “processors” who only process consumer health data on our behalf for limited purposes pursuant to our instructions) and affiliates:

  • Vendors and Service Providers. We may disclose information to vendors and service providers retained in connection with the provision of our Services.
  • Telehealth Providers. If you choose to have a telehealth consultation with a Telehealth Provider, we may disclose your information to the provider to facilitate the consultation, such as your self-reported demographics information, health-related questionnaires, and requests for treatment.
  • Pharmacy Partners. We disclose your order and prescription information to our partnering pharmacies to facilitate medication fulfillment and delivery.
  • Corporate Affiliates. We may disclose your information to corporate affiliates.
  • Advertising Partners. We disclose your interactions with our website, such as the products or services that you view, add to your cart, or purchase, and activities you conduct to develop and provide promotional and advertising materials that may be relevant, valuable or otherwise of interest to you.
  • Analytics Providers. We disclose your interactions with our website, such as the products or services that you view, add to your cart, or purchase, to understand and analyze how you use our Services and develop new products, services, features, and functionality.
  • When we believe that doing so is required or appropriate to comply with applicable law, respond to law enforcement requests and legal process, or to protect your, our, or others’ rights, property, or safety; or
  • With potential transactional partners or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
  • We allow a third party to collect your Consumer Health Data over time and across different Internet websites or online services when you use our Services.

Consumer Rights

If you are a Washington or Nevada resident or an individual whose information is otherwise covered by U.S. State Health Privacy Laws, you may exercise the following rights depending on where you reside, subject to certain exceptions:

  • The right to confirm whether we have collected, shared, or sold Consumer Health Data concerning you.
  • The right to access such data
  • The right to obtain list of all third parties and affiliates with whom we have shared or sold such data and an active email address or other online mechanism that the consumer may use to contact these third parties.
  • The right to request deletion of the Consumer Health Data concerning you.
  • The right to request that we cease collecting, sharing, or selling such data;
  • When we rely on your consent to process your Consumer Health Data, the right to withdraw consent from our collection and sharing of such data;
  • The right to appeal any decision with regard to your privacy request.

Submitting Requests. You can submit an access, correction, deletion, and/or appeal request by sending us an email to privacy@hellowisp.com or by phone at (415) 209-5810.

Verification. Requests for access to, deletion, or correction of Personal Information are subject to our ability to verify your identity. If you have a Wisp account, we will verify your identity by asking you to log into your account. If you do not have an account, we will attempt to verify your identity by asking for information that we may have about you, such as your name, email address, phone number, and other information.

Authorizing an Agent. If you are acting as an authorized agent to make a request to know, delete, or correct on behalf of a California resident, please send an email to privacy@hellowisp.com and attach a written authorization signed by the resident. We may still require the California resident to directly verify their identity and confirm that they have provided you permission to submit the request.

If you submit an appeal and it is unsuccessful, you can raise a concern or lodge a complaint, depending on where you reside, with the Washington State Attorney General at www.atg.wa.gov/file-complaint or the Nevada State Attorney General at https://ag.nv.gov/Contact/.

Contact Information

If you have any questions, comments, or concerns about our privacy policy or processing activities, please email us at Privacy@Hellowisp.com or call us at (415) 209-5810.

Changes to This Privacy Policy

If we make any material changes to this Privacy Policy, we will post the updated version here. You can see when this Privacy Policy was last updated by checking the “last updated” or “effective” date displayed at the bottom of this Privacy Policy.

Last Updated: 12/19/2024