Privacy Policy

1. Introduction and Scope

Fernly Health ("we," "us," "our," or "Company") is committed to protecting your privacy while providing comprehensive mental health and wellness services. This Privacy Policy governs our collection, use, disclosure, and retention of your personal information, including protected health information (PHI), in accordance with applicable laws including the Health Insurance Portability and Accountability Act (HIPAA), state privacy laws, and other relevant regulations.

This Privacy Policy applies to all services, platforms, applications, and communications provided by Fernly Health, including but not limited to our website, mobile applications, telehealth services, AI chat systems, and any other digital or physical healthcare services.

2. Information We Collect

2.1 Personal Health Information

We collect and process extensive personal health information including:

• Medical history, diagnoses, symptoms, and treatment records
• Mental health assessments, screening results, and therapeutic progress
• Medication information, adherence tracking, and side effects
• Biometric data, vital signs, and health monitoring data
• Insurance information and billing records
• Emergency contact information and healthcare proxy details
• Voice recordings, video sessions, and written communications
• Location data when accessing our services
• Device information and usage patterns

2.2 Technical and Usage Data

We automatically collect technical information including:

• IP addresses, device identifiers, and browser information
• Usage patterns, click-stream data, and interaction logs
• Performance metrics and error reports
• Cookies, web beacons, and similar tracking technologies
• Social media account information when you connect accounts

3. How We Use Your Information

We have broad rights to use your personal health information for the following purposes:

• Providing, improving, and personalizing healthcare services
• Treatment planning, care coordination, and continuity of care
• Research, analytics, and population health studies
• Quality improvement and outcomes measurement
• Training AI systems and developing new healthcare technologies
• Marketing our services and communicating about new offerings
• Compliance with legal and regulatory requirements
• Business operations, financial reporting, and strategic planning
• Risk management and fraud prevention

4. Information Sharing and Disclosure

We may share your information with a broad range of third parties including:

4.1 Healthcare Partners

• Healthcare providers, specialists, and referring physicians
• Hospitals, clinics, and other healthcare facilities
• Laboratory services and diagnostic imaging centers
• Pharmacy networks and medication management services
• Insurance companies and healthcare payers
• Healthcare clearinghouses and billing services

4.2 Technology and Service Providers

• Cloud storage providers and data hosting services
• Software vendors and technology platforms
• Analytics companies and research organizations
• Marketing and communication service providers
• Customer support and call center services

4.3 Business Partners and Affiliates

• Corporate affiliates and subsidiary companies
• Business partners and joint venture participants
• Investors and financial institutions
• Professional advisors including attorneys and consultants

4.4 Legal and Regulatory Disclosures

We may disclose your information without your consent when required or permitted by law, including:

• Court orders, subpoenas, and legal proceedings
• Government agencies and regulatory bodies
• Law enforcement and public safety officials
• Public health authorities and disease surveillance
• Emergency situations and imminent threats

5. Data Retention and Storage

We retain your information for extended periods as follows:

• Medical records: Minimum 7 years from last service date, potentially longer
• Mental health records: Up to 25 years or as required by state law
• Billing and insurance records: Minimum 7 years
• Research data: Indefinitely for ongoing studies
• Technical logs: Up to 3 years
• Marketing data: Until you opt out

6. Your Rights and Choices

Subject to applicable laws and our business needs, you may have certain rights regarding your personal information:

• Access to your medical records (fees may apply)
• Request corrections to certain information
• Request restrictions on use or disclosure (we may decline)
• Request alternative communication methods
• File complaints with privacy officers or regulatory agencies

Please note that certain requests may be denied if they would compromise care quality, legal compliance, or our legitimate business interests.

7. Security Measures

We implement reasonable security measures to protect your information, including:

• Encryption for data transmission and storage
• Access controls and authentication systems
• Regular security audits and vulnerability assessments
• Employee training and confidentiality agreements
• Incident response and breach notification procedures

However, no system is completely secure, and we cannot guarantee absolute security of your information.

8. International Data Transfers

Your information may be transferred to, stored, and processed in countries outside of your residence, including countries that may not have the same data protection laws. By using our services, you consent to these transfers.

9. Changes to This Policy

We reserve the right to modify this Privacy Policy at any time without prior notice. Changes will be effective immediately upon posting on our website. Your continued use of our services after any changes constitutes acceptance of the updated policy.

10. Limitation of Liability

To the maximum extent permitted by law, Fernly Health shall not be liable for any damages arising from the use, disclosure, or processing of your personal information in accordance with this Privacy Policy. This includes but is not limited to direct, indirect, incidental, consequential, or punitive damages.

11. User Indemnification

You agree to indemnify and hold harmless Fernly Health from any claims, damages, or expenses arising from your misuse of our services, violation of this Privacy Policy, or breach of applicable laws.

12. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of the State of Arizona. Any disputes shall be resolved in the courts of Arizona, and you consent to the jurisdiction of such courts.