Rooted Health← Home

Privacy Policy

Last updated: May 13, 2026

This Privacy Policy explains how Rooted Health Hormones & MedSpa, LLC ("Rooted Health," "we," "us") collects, uses, and shares information through rootedhealthmember.com and our member portal (the "Services"). This policy applies to general website data. Protected Health Information ("PHI") is governed by our HIPAA Notice of Privacy Practices.

1. Information we collect

  • Account data — name, email, phone, date of birth, address.
  • Health intake — quiz responses, goals, medication history, consents.
  • Payment data — handled by Stripe; we do not store full card numbers.
  • Technical data — IP address, device, browser, timestamps, audit logs.

2. How we use information

  • To provide care, schedule visits, message you, and process payments.
  • To verify identity, prevent fraud, and meet legal/regulatory obligations.
  • To improve the Services and analyze de-identified usage trends.

We do not sell your personal information. We do not use PHI for advertising.

3. Sharing

We share information only with: (a) our clinicians and workforce on a need-to-know basis; (b) Business Associates under written BAAs (hosting, payment, e-prescribing, lab partners); (c) authorities when required by law; (d) you and people you authorize in writing.

4. Security

Data is encrypted in transit (TLS 1.2+) and at rest. Role-based access controls and immutable audit logs are enforced at the database layer (row-level security). We follow HIPAA Security Rule administrative, physical, and technical safeguards.

5. Your choices and rights

  • Access, correct, or download your account data.
  • Request deletion subject to record-retention laws (Ark. Code § 17-95-107 generally requires retention of medical records for at least 10 years for adults; longer for minors).
  • Opt out of non-essential email by replying or contacting us.
  • HIPAA rights are described in our Notice of Privacy Practices.

6. Children

The Services are intended for adults 18+ unless a parent or legal guardian establishes a minor's account. We do not knowingly collect data from children under 13 online.

7. Cookies

We use essential cookies for authentication and session management. We do not use cross-site advertising trackers.

8. Changes

Material changes will be posted here and, when required, sent to you by email at least 30 days before they take effect.

9. Contact

Privacy Officer: privacy@rootedhealthmember.com.

Questions? Contact our Privacy Officer at privacy@rootedhealthmember.com · Rooted Health Hormones & MedSpa, LLC · Conway, Arkansas