lemma health

Lemma Health Privacy Policy

Updated: Mar 17, 2025

This Policy describes the personal information that is collected, used, and disclosed by Lemma Health, Inc. dba Lemma Health and its subsidiaries and affiliated companies, including the medical practices and other healthcare entities and pharmacies with which Lemma Health contracts in order to provide products and services to you (all of the foregoing collectively, “Lemma Health”, “Lemma”, “We”, or “Us”). This privacy policy (“Policy”) applies to the websites of Lemma Health, including lemmahealth.com (the “Website”), and Lemma Health’s applications and other online services (collectively, “Services”). This Policy does not apply to websites, applications or services that display or link to different privacy statements.

Please read this policy carefully. By accessing or using our Website and/or Application, you agree to this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services.

Information We Collect

Personal information: Personal information means information associated with or used to identify or contact a specific person. Personal information we collect may include:

  • Identifiers such as your first and last name, date of birth, sex or gender, physical address, email address, phone number, identification numbers, etc.
  • Audio, visual, and other electronic information such as photographs and videos for purposes other than diagnosis or treatment
  • Commercial information such as your order history, products purchased or considered, payment information, and shipping history
  • Internet and network activity information such as IP address, geolocation information, device information, log data, and cookies and similar technologies
  • Inferences drawn from any of the information collected about you such as your preferences, characteristics, and behavior, etc.
Health information: Health information is a type of personal information that includes any identifying information we collect relating to your medical history, including symptoms, diagnoses, treatment and outcomes. Health information we collect may include:
  • Audio, visual, and other electronic information such as photographs and videos for purposes of diagnosis or treatment
  • Medical history such as medical conditions, medications, allergies, treatment options, prescriptions, and any other health-related information for purposes of diagnosis or treatment.
  • Commercial information such as your order and shipping history

Sources of Information

Information you provide to us: You may actively provide us information when you use our Services such as through our Website, emails, social media, surveys, sweepstakes and promotions, or any other online or offline interactions.

If you become a patient of a healthcare provider affiliated with or contracted by Lemma Health or organizations that Lemma Health has contracted with, with your consent we may collect health information about you relating to your treatment such as your medical history and allergies to medications to provide you with continuous services through other affiliated health care providers.

Information we collect: Some information is automatically collected through your interactions and use of our Services such as your IP address, access times, hardware and software information, device information, device event information (e.g. crashes, unsuccessful logins, browser type), the web page you’ve viewed or engaged with before or after using the Services, and other relevant information. We may use cookies, web beacons and other tracking technology to collect this information.

Information we receive from third parties: We may receive information from third parties such as affiliates, business partners, and service providers to operate our business and improve your experience and interactions with us.

We use third-party service providers such as Google Analytics by Google LLC (“Google”) to track and analyze Website traffic through the use of cookies and other tracking technology. This allows us to show you advertisements and content that may be of interest to you based on your interactions with the Services, other online services, and/or information received from third parties.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://policies.google.com/privacy.

Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics, available at: http://tools.google.com/dlpage/gaoptout.

We may receive information that is available publicly, either online or offline, to operate our business and improve your experience and interactions with us.

How We Use Your Information

Lemma Health and affiliated Providers may use information about you to:

  • Connect you with a healthcare professional for consultation and treatment;
  • Operate and improve our Website, products, and Services;
  • Verify your identity as the holder of an account with us;
  • Respond to your comments and questions and provide customer service;
  • Provide and deliver products and Services you request;
  • Process, fulfill, and administer transactions and orders for Services or Products ordered by you;
  • Create De-Identified Data such as aggregate statistics relating to the use of our Application;
  • Communicate with you about the Services, and to deliver any administrative notices or alerts and communications relevant to your use of the Services;
  • Notify you about changes to our Website or any products or services we offer or provide though them;
  • Promote our Services to you;
  • Fulfill any other purpose for which you provide us personal data;
  • Make sure our terms, policies, and agreements with you and any third parties are enforced;
  • Comply with applicable laws and regulations

Log Files

Lemma Health follows a standard procedure of using log files. These files log visitors when they visit websites. It is common industry practice for hosting companies to do this as part of hosting services' analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

Children Under 18

Persons under the age of 13 are prohibited from using our online Services even if they are patients of Lemma Health. Persons between the ages of 13 and 18 may only use our online Services with the legal authorization of their parent or legal guardian. Lemma Health does not knowingly collect any information from persons under the age of 13 (or from persons between the age of 13 and 18 without appropriate authorization). If you are a parent or guardian of an individual under the age of 18 and believe your child has disclosed personal or health information to Lemma Health without your authorization, please contact us at info@lemmahealth.com

Disclosure of Your Information

We take the confidentiality of your information and protection of your personal and/or health information seriously. Please be mindful of your own privacy needs as you choose what to share and make public. We cannot control the privacy or security of information you choose to make public. We limit our disclosure of your information to the following possible scenarios:

  • To licensed medical providers so that they may provide you with telehealth and related products and Services you request;
  • To contractors and third-party service providers that we use to support our business and who are contractually bound to keep your personal data confidential;
  • In order to protect the safety and security of Lemma Health, the Services, our operations, our systems, our properties, our customers, or any other related person or entity;
  • To protect the rights and property of Lemma Health, our agents, customers, and others including to enforce our agreements, policies, and Terms of Service;
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • To a company we merge with or acquire, or that buys us, or in the event of change in structure of our company of any form;
  • With your consent
We do not share data without your explicit consent. We may share non-personal, de-identified, or aggregated information with third parties.

Retention of Information

We may retain your information as required or permitted by applicable laws and regulations. For example, if you are a resident of certain jurisdictions you may be able to request to have your personal information deleted. If your request is granted, we may still be required by medical laws to retain your health information for a period of time.

Your medical records will be retained by us for a period of at least five (5) years, unless a longer period is required by state or federal law, after which they may be destroyed. If you are younger than twenty-three (23) years of age on the date the records may potentially be destroyed, your records will be kept at least until you reach the age of 23 or as required by state or federal law.

Choices About Your Information

You may send requests about your contact preferences, or changes to your information including requests to opt-out of sharing your personal information with third parties by emailing info@lemmahealth.com.

You may request deletion of your Personal Data by contacting info@lemmahealth.com. However, please be aware that we may be required (by law or otherwise) to keep such data and not delete it (or to retain it for a certain period of time, in which case it will be deleted after the required retention period). By deleting your personal data, we will remove it from active databases, however, it may remain in archives and we also may continue to use de-Identified data about your use of Services.

Rights with Respect to Protected Health Information

When you set up an account with Lemma Health, you are creating a direct customer relationship with Lemma Health that enables you to access and/or utilize the various functions of the Platform and the Service as a user. As part of that relationship, you provide information to Lemma Health, including but not limited to, your name, email address, shipping address, phone number and certain transactional information, which we do not consider to be “protected health information” or “medical information.” However, in using certain components of the Service, you may provide certain health or medical information that may be protected under applicable laws. Lemma Health is not a “covered entity” under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and its related regulations and amendments from time to time (collectively, “HIPAA”). One or more of the Labs, Pharmacies or Medical Groups used in rendering the Services may or may not be a “covered entity” or “business associate” under HIPAA, and Lemma Health may in some cases be a “business associate” of a Pharmacy or Medical Group. It is important to note that HIPAA does not necessarily apply to an entity or person simply because there is health information involved, and HIPAA may not apply to your transactions or communications with Lemma Health, the Medical Groups, the Providers, the Labs, or the Pharmacies. To the extent Lemma Health is deemed a “business associate” however, Lemma Health may be subject to certain provisions of HIPAA with respect to “protected health information,” as defined under HIPAA, that you provide to Lemma Health, the Medical Group or the Providers (“PHI”). In addition, any medical or health information that you provide that is subject to specific protections under applicable state or federal laws (collectively, with PHI, “Protected Information”), will be used and disclosed only in accordance with such applicable laws. By accessing or using any part of the Service, you understand that any information that you submit to Lemma Health that is not intended and used solely for the provision of diagnosis and treatment by the Medical Group and Providers, laboratory services by the Labs or prescription fulfillment by the Pharmacies, is not considered Protected Information, and will be subject only to our Privacy Policy and any applicable state laws that govern the privacy and security of such information. For purposes of clarity, information you provide to Lemma Health in order to register and set up an account on the Platform, including name, date of birth, username, email address, shipping address, and phone number, are not considered Protected Information. In regards to protected health information:
  • You have the right to inspect and copy your protected health information.
  • You may request access to or an amendment of your protected health information.
  • You have the right to request a restriction on the use or disclosure of your protected health/personal information. Your request must be in writing and state the specific restriction requested and to whom you want the restriction to apply. If we agree to comply with your request, we will be bound by such agreement, except when otherwise required by law or in the event of an emergency.
  • You have the right to request to receive confidential communications from us by alternative means or at an alternate location, and we will accommodate reasonable requests. You must submit your request in writing to info@lemmahealth.com.
  • You have the right to request an amendment of your protected health information. If we deny your request for amendment, you have the right to file a statement of disagreement with us.
  • You have the right to receive an accounting of certain disclosures of your protected health information that we have made for the prior six (6) years, except to the extent made for purposes of treatment, payment, healthcare operations, or certain other purposes (such as your authorization).
  • You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by email.
  • You have the right to be notified in the event that we (or one of our business associates) discovers a breach of unsecured PHI.

CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

  • Request that a business that collects a consumer's personal data disclose the categories of personal data that a business has collected about consumers.
  • Request that a business delete any personal data about the consumer that a business has collected.
  • Request that a business that sells a consumer's personal data not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

Data Security

We use reasonable technical, administrative, and physical safeguards (including encryption) to protect your personal data from unauthorized access, disclosure, alteration, and destruction. While no online transmission is entirely secure, we strive to protect your information as best as possible. While we do our best to try to protect your personal data, we cannot guarantee the security of any information you transmit to us. If you notice suspicious activity or believe that your account may have been compromised in some way, please contact us immediately at info@lemmahealth.com. You must keep your account password secure and your account confidential, and you are responsible for any and all use of your account. To help us protect personal information, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

Changes to This Policy

We may update this Privacy Policy from time to time and make changes to our information practices as permitted by law. You can reference the date on the top to determine when this Privacy Policy was last updated. Any changes will become effective when we post the revised Privacy Policy on the Services. If you are registered for the Services, you will be notified of any material changes to this notice prior to it becoming effective. Your use of the Services following the changes means that you acknowledge and accept the revised Privacy Policy.

Contact

If you have questions or concerns about this Privacy Policy, please contact us at info@lemmahealth.com.

Thank you for choosing Lemma Health. We are committed to protecting your privacy and ensuring a secure and personalized experience while delivering high‑quality healthcare services.