top of page

Privacy Policy

Effective Date: January 12, 2023 

At Bodyhance (“Bodyhance,” “we,” or “us”), our most important value is ‘Patients First’, which means that we are committed to protecting your privacy and we take great care with your personal information we gather when you access or use Bodyhance.com and related websites, applications, and services owned and operated by Bodyhance and that link to this Privacy Policy (collectively, the “Services”). This Privacy Policy is meant to help consumers who use our Services (“Consumers”, “you”, or “your”) to explore providers or book appointments understand how we treat your personal information. BY USING OR ACCESSING THE SERVICES IN ANY MANNER, YOU ACKNOWLEDGE THAT YOU ACCEPT THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY, AND YOU HEREBY CONSENT THAT WE WILL COLLECT, USE, AND SHARE YOUR INFORMATION IN THE FOLLOWING WAYS. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICES. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY (SUCH AS YOUR EMPLOYER), YOU REPRESENT THAT YOU ARE AUTHORIZED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF. A Consumer’s use of Bodyhance’s Services is at all times subject to the Agreement (as the term “Agreement” is defined in our Terms of Use, which incorporates this Privacy Policy). Thank you so much for choosing Bodyhance. 

Privacy Policy Table of Contents 

HIPAA and PHI 

  • Categories of Personal Data We Collect 

  • Categories of Sources of Personal Data 

  • Commercial or Business Purposes for Collecting Data 

  • How We Share Your Personal Data 

Personal Data 

Business Transfers 

Tracking Tools, Advertising and Opt-Out 

Data Security and Retention 

How We Use Information That is Neither Personal Data nor PHI 

Controlling Your Personal Data & Notifications 

California Rights 

Changes to this Privacy Policy 

  Contact Information 

HIPAA and PHI 

Certain demographic, health and/or health-related information that Bodyhance collects about Consumers as part of providing the Services may be considered “protected health information” or “PHI” under the Health Insurance Portability and Accountability Act (“HIPAA”). Specifically, when Bodyhance, acting as a “Business Associate” (as such term is defined in HIPAA) receives identifiable information about a Consumer from or on behalf of a Consumer, or Customer’s doctor, dentist, or other healthcare specialist, professional, provider, organization or agent or affiliate thereof (collectively, “Healthcare Providers”), this information is considered PHI. 

HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. Bodyhance may only use and disclose PHI in the ways permitted by a Consumer’s Healthcare Provider(s) or authorized by a Consumer. 

Personal Data 

The following subsections detail the categories of Personal Data we collect. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules or regulations. For each category of Personal Data, these subsections also set out the source of that Personal Data, our commercial or business purpose for collecting that Personal Data, and the categories of third parties with whom we may share that Personal Data. More information regarding those sources and categories are set forth below. 

Consumer Personal Data 

Categories of Personal Data We Collect 

  • Device/IP Information 

Examples of Personal Data Collected: 

  • IP address 

  • Device ID 

  • Domain server 

  • Type of device/operating system/browser used to access the Services 

Source: 

  • You 

  • Web Analytics 

  • Examples of Personal Data Collected: 

  • Web page interactions 

  • Referring webpage/source through which you access the Services 

  • Non-identifiable request IDs 

  • Statistics associated with the interaction between device or browser and the Services 

    • Source: 

  • You 

  • Third Parties 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Third-Party Business Partners You Access Through the Services 

  • Geolocation Data 

  • Source 

  • You 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Third-Party Business Partners You Access Through the Services 

  • Other Identifying Information That You Voluntarily Choose to Provide 

  • Examples of Personal Data Collected: 

  • Unique identifiers such as passwords 

  • Personal Data in emails or letters you send to us 

  • Source: 

  • You 

  • Third Parties with Whom We Share Data for Business Purposes 

  • Service Providers 

  • Consumer Contact Data 

  • Examples of Personal Data Collected: 

  • First and last name 

  • E-mail 

  • Phone number 

  • Mailing address 

  • Source: 

  • You 

  • Consumer Demographic Data 

  • Examples of Personal Data Collected: 

  • Gender 

  • Age 

  • Date of birth 

  • Zip code 

  • Race 

  • Ethnicity 

  • Source: 

  • You 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Healthcare Providers 

  • Health Information Exchanges 

  • Parties You Authorize, Access or Authenticate 

  • Medical Data 

  • Examples of Personal Data Collected 

  • Health conditions 

  • Healthcare Providers visited 

  • Reasons for visit 

  • Dates of visit 

  • Medical history and health information you provide us 

  • Source: 

  • You 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Healthcare Providers 

  • Insurance Providers 

  • Health Information Exchanges 

  • Parties You Authorize, Access or Authenticate 

  • Insurance Information 

  • Examples of Personal Data Collected: 

  • Insurance carrier 

  • Insurance plan 

  • Member ID 

  • Group ID 

  • Payer ID 

  • Source: 

  • You 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Healthcare Providers 

  • Health Information Exchanges 

  • Parties You Authorize, Access or Authenticate 

  • Social Network Data 

  • Examples of Personal Data Collected: 

  • E-mail 

  • Phone number 

  • Username 

  • IP address 

  • Device ID 

  • Source: 

  • You 

  • Third Parties 

  • Third Parties with Whom We Share Data for Business Purposes: 

  • Service Providers 

  • Parties You Authorize, Access or Authenticate 

Categories of Sources of Personal Data 

  • You 

When You Provide Information Directly to Us 

  • When you create an account or use our interactive tools and services, such as searching for Healthcare Providers or available appointments with Healthcare Providers and completing Medical History Forms prior to Healthcare Provider appointments. 

  • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys and questionnaires, or post reviews. 

  • When you send us an email or otherwise contact us. 

When Personal Data is Automatically Collected When You Use the Services 

  • Through Cookies (defined below). 

  • If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices. 

  • If you download our mobile application or use a location-enabled browser, we may receive information about your location and mobile device, as applicable. 

  • Third Parties 

Service Providers 

  • We may use analytics service providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support. 

  • We may use service providers to obtain information to generate leads and create user profiles. 

Healthcare Providers 

  • We may receive certain data from your Healthcare Provider to facilitate Consumer booking of appointments. 

Social Networks 

  • If you provide your social network account credentials to us or otherwise sign in to the Services through a third-party site or service, you understand some content and/or information in those accounts may be transmitted into your account with us. 

Commercial or Business Purposes for Collecting Data 

  • Providing, Customizing, and Improving the Services 

  • Creating and managing your account or other user profiles, billing. 

  • Providing you with the products, services and information you request. 

  • Meeting or fulfilling the reason you provided the information to us. 

  • Providing support and assistance for the Services. 

  • Improving the Services, including testing, research, internal analytics, and product development. 

  • Personalizing the Services, website content and communications based on your preferences. 

  • Fraud protection, security and debugging. 

  • Marketing the Services 

  • Marketing and selling the Services. 

  • Showing you advertisements, including interest-based or online behavioral advertising. 

  • Corresponding with You 

  • Responding to correspondence that we receive from you, contacting you when necessary or requested, including to remind you of an upcoming appointment, and sending you information about Bodyhance or the Services. 

  • Sending emails and other communications that display content that we think will interest you and according to your preferences including notifying you about certain resources, Healthcare Providers or services. 

  • Legal Requirements 

  • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities. 

  • Protecting the rights, property or safety of you, Bodyhance or another party. 

  • Enforcing any agreements with you. 

  • Responding to claims that any posting or other content violates third-party rights. 

  • Resolving disputes. 

How We Share Your Personal Data 

In certain circumstances, we may share your Personal Data with the following categories of service providers and other third parties for the indicated business purposes: 

  • Service Providers 

Payment Processors 

  • Our payment processing partner (currently Stripe, Inc. (“Stripe”)) collects your voluntarily provided payment card information necessary to process your payment. 

  • Please see Stripe’s terms of service and privacy policy for information on its use and storage of personal data. 

Security and Fraud Prevention Consultants 

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity. 

Hosting, Technology and Communications Providers; Fulfillment Providers; Data Storage Providers; Analytics Providers; Insurance Verification Providers; Staff Augmentation Personnel 

  • To perform operational services (such as hosting, billing, fulfillment, data storage, security, insurance verification, web service analytics) and/or make certain services, features or functionality available to our users. 

  • Debugging to identify and repair errors that impair existing intended functionality. 

  • Short-term, transient use of Personal Data that is not used by another party to build a consumer profile or otherwise alter your consumer experience outside the current interaction. 

  • Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider. 

  • Undertaking internal research for technological development and demonstration. 

  • Undertaking activities to verify or maintain the quality or safety of our services. 

  • Selected Recipients 

Health Information Exchanges 

  • Health Information Exchanges and related organizations that collect and organize Consumer information (such as Regional Health Information Organizations) to make your information more securely and easily accessible to your Healthcare Providers. The goal of such organizations is to facilitate access to health information to improve the safety, quality, and efficiency of patient-centered care. More information on Health Information Exchanges can be found here

Healthcare Providers 

  • Healthcare Providers with whom Consumers choose to schedule through the Services. For example, if you complete a Medical History Form using the Services in advance of an appointment and elect to share it with your selected Healthcare Provider. 

  • If you choose to use the applicable Services, Healthcare Providers to enable them to refer you to and make appointments with other Healthcare Providers on your behalf or to perform analyses on potential health issues or treatments. 

  • In the event of an emergency. 

Insurance Providers 

  • To determine eligibility and cost-sharing obligations, and to otherwise obtain benefit plan information on your behalf. 

  • Parties You Authorize, Access or Authenticate 

Third-Party Business Partners You Access Through the Services 

  • We will share certain Personal Data if you choose to use any service to log in to the Services. 

  • To meet or fulfill the reason you provided the information to us. 

Other Users 

  • Any information that you may reveal in a review posting or online discussion or forum is intentionally open to the public and is not in any way private. We recommend that you carefully consider whether to disclose any Personal Data in any public posting or forum. What you have written may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict. 

Business Transfers 

All Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices. 

Tracking Tools, Advertising and Opt-Out 

The following sections provide additional information about how we collect your Personal Data. 

Information Collected Automatically 

The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs, mobile identifiers, and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser and tell us how and when you visit and use our Services. We do this to analyze trends, learn about and advertise to our user base, and operate and improve our Services. For example, we use Cookies to tailor the Services or customize advertisements by tracking navigation habits, measuring performance, storing authentication status so re-entering credentials is not required, customizing user experiences with the Services and for analytics and fraud prevention. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone, or similar device when you use that device to visit our Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). 

We use the following types of Cookies: 

  • Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into the secure areas of our Services. Disabling these Cookies may make certain features and services unavailable. 

  • Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These Cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region). 

  • Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Services such as by collecting information about the number of visitors to the Services, what pages visitors view on our Services, how long visitors are viewing pages on the Services, mouse clicks, mouse movements, scrolling activity, and text typed into the Services. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising. For example, Google Inc. (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of cookies by visiting the Google advertising opt-out page at www.google.com/privacy_ads  or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/

  • Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you. For more information about this, please see the section below titled “Information about Interest-Based Advertisements.” 

  • Web Beacons. Web Beacons (e.g., clear GIFs or pixel tags) are tiny graphic image files embedded in a web page or email that may be used to collect information about the use of our Services, the web services of selected advertisers and the emails, special promotions or newsletters that we send. The information collected by Web Beacons allows us to analyze how many people are using the Services, using selected publishers’ web services or opening emails, and for what purpose, and also allows us to enhance our interest-based advertising (discussed further below). 

  • Mobile Device Identifiers. Mobile device identifiers help Bodyhance learn more about our users’ demographics and internet behaviors. Mobile device identifiers are data stored on mobile devices that may track mobile device and data and activities occurring on and through it, as well as the applications installed on it. Mobile device identifiers enable collection of Personal Data (such as media access control, address and location, and tracking data, including without limitation IP address, domain server, type of device(s) used to access the Services, web browser(s) used to access the Services, referring webpage or other source through which you accessed the Services, other statistics and information associated with the interaction between your browser or device and the Services). 

  • Cross Device Matching. To determine if users have interacted with content across multiple devices and to match such devices, we may work with partners who analyze device activity data and/or rely on your information (including demographic, geographic and interest-based data). To supplement this analysis, we may also provide de-identified data to these partners. Based on this data, we may then display targeted advertisements across devices that we believe are associated or use this data to further analyze usage of Services across devices. 

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You may also be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. You can also delete all Cookies that are already on your computer. Although you are not required to accept Bodyhance’s Cookies, if you block, reject, or delete them, you may have to manually adjust some preferences every time you visit a site and some of the Services and functionalities may not work. 

To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/

Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Not all browsers offer a Do Not Track option and there is currently no industry consensus as to what constitutes a Do Not Track signal. Please note that, for these reasons and because of our use of Cookies, our Services, like many website operators, do not support “Do Not Track” requests sent from a browser at this time. To find out more about “Do Not Track,” you can visit www.allaboutdnt.com

Data Security and Retention 

The security of your Personal Data is important to us. We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. We endeavor to follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and in storage. For example, the Services use industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data. We store and process your information on our servers in the United States and abroad. We maintain what we consider industry standard backup and archival systems. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, for example, by making good faith efforts to store Personal Data in a secure operating environment that is not open to the public, please be aware that no method of transmitting data over the Internet or storing data is completely secure. We cannot and do not guarantee the complete security of any data you share with us, and except as expressly required by law, we are not responsible for the theft, destruction, loss or inadvertent disclosure of your information or content. 

If at any time during or after our relationship we believe that the security of your Personal Data may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we will endeavor to notify you as promptly as possible under the circumstances. If we have your e-mail address, we may notify you by e-mail to the most recent e-mail address you have provided us in your account profile. Please keep your e-mail address in your account up to date. You can update that e-mail address anytime in your account profile. If you receive a notice from us, you can print it to retain a copy of it. To receive these notices, you must check your e-mail account using your computer or mobile device and email application software.  If you prefer for us to use the U.S. Postal Service to notify you in this situation, please e-mail us at  support@bodyhance.com. Please include your address when you submit your request. You can make this election any time, and it will apply to notifications we make after a reasonable time thereafter for us to process your request. You may also use this e-mail address to request a print copy, at no charge, of an electronic notice we have sent to you regarding a compromise of your Personal Data. 

We retain Personal Data about you consistent with all internal policies and procedures. We may retain Personal Data to comply with our legal obligations, resolve disputes or collect fees owed, or as is otherwise permitted or required by our data retention policies and procedures. 

How We Use Information That is Neither Personal Data nor PHI 

We may use information that is neither Personal Data nor PHI (including non-PHI Personal Data that has been de-identified and/or aggregated) to better understand who uses Bodyhance and how we can deliver a better digital healthcare experience, or otherwise at our discretion. 

Controlling Your Personal Data & Notifications 

If you are a registered user of the Services, you can modify certain Personal Data or account information by logging in and accessing your account. If you wish to close your account, please email us at support@bodyhance.com. Bodyhance will use reasonable efforts to delete your account as soon as reasonably possible. Please note, however, that Bodyhance reserves the right to retain information from closed accounts consistent with all internal data retention policies and procedures. 

You must promptly notify us if any of your account data is lost, stolen or used without permission. 

California Rights 

Bodyhance follows all state consumer privacy requirements, which provide residents with specific rights regarding their personal information. This section describes your rights and explains how to exercise those rights. If you have any questions about this section or whether any of the following applies to you, please contact us at support@bodyhance.com

Access 

You have the right to request certain information about our collection and use of your Personal Data over the past 12 months, including the following: 

  • The categories of Personal Data that we have collected about you. 

  • The categories of sources from which that Personal Data was collected. 

  • The business or commercial purpose for collecting or selling your Personal Data. 

  • The categories of third parties with whom we have shared your Personal Data. 

  • The specific pieces of Personal Data that we have collected about you. 

If we have disclosed your Personal Data for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third-party recipient. 

If we have sold your Personal Data over the past 12 months, we will identify the categories of Personal Data purchased by each category of third-party recipient. 

Deletion 

You have the right to request that we delete the Personal Data that we have collected from you. This right is subject to certain exceptions: for example, we may need to retain your Personal Data to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request. 

Exercising Your Rights 

To exercise the rights described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Data, and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Data provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request. 

We will work to respond to your Valid Request within 45 days of receipt. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request. 

Personal Data Sales Opt-Out 

In this section, we use the term ‘sell’ as it is defined in state consumer privacy laws. We sell your Personal Data, subject to your right to opt-out of these sales. 

Over the past twelve months, we have sold the following categories of your Personal Data to third parties: 

  • Demographic Data 

  • Web analytics or other similar network activity information 

You have the right to opt-out of the sale of your Personal Data. You can opt-out using the following methods: 

 

We do not sell the Personal Data of minors under 16 years of age without affirmative authorization. 
 

We Will Not Discriminate Against You for Exercising Your Rights Under State Privacy Laws 
 

We will not discriminate against you for exercising your rights under state consumer privacy laws. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under such laws. However, we may offer different tiers of our Services as allowed by applicable data privacy laws with varying prices, rates, or levels of quality of the goods or services you receive related to the value of Personal Data that we receive from you. 

Other California Resident Rights 

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at support@bodyhance.com

Changes to this Privacy Policy 

We reserve the right to amend our Privacy Policy at our discretion and at any time. When we make changes to the Privacy Policy, we will notify you by email or through a notice on our website homepage. Use of the information we collect is subject to the Privacy Policy in effect at the time such information is collected. 

 

Contact Information 

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, your choices and rights regarding such use, please do not hesitate to contact us at: 

  • Emailing us at: support@bodyhance.com 

  • Address: DIB Management Group, dba Bodyhance, 13492 RESEARCH BLVD
    SUITE 120-176, AUSTIN, TX 78750

Paying Methods
bottom of page