Privacy Policy

Last updated: March 26, 2026

This Privacy Policy explains how Norm Wellness LLC (“Norm,” “we,” “our,” or “us”) collects, uses, and safeguards your information when you use our website and telehealth services. We operate in the United States and are based in California.

What we collect

• Account & contact info (e.g., name, email).
• Health information you provide for care (e.g., medical history, medications, allergies, goals, and age).
• Usage data (device/browser info, pages viewed) and cookies/analytics.
• Payment data processed by our payment partner (we don’t store full card numbers).

How we use information

• Deliver telehealth services, including clinical evaluation and care coordination.
• Operate, improve, and secure our website and services.
• Communicate with you about your account, care, and support.
• Comply with legal, regulatory, and security requirements.

HIPAA & PHI

When we receive or create health information in connection with your care, we treat it as Protected Health Information (“PHI”) subject to HIPAA. Please also review our Notice of Privacy Practices for details on how we use and disclose PHI for treatment, payment, and health care operations.

Sharing

• Service providers under agreements (including HIPAA Business Associate Agreements where applicable).
• Clinicians & pharmacies to deliver your care and fulfill prescriptions.
• Legal/Compliance if required by law, regulation, or to protect safety and security.

Cookies & analytics

We may use cookies and similar technologies to remember preferences and understand site usage. You can adjust browser settings to manage cookies; some features may be limited if disabled.

Data retention

We retain information as required by law and for legitimate business and clinical purposes. PHI may be retained consistent with medical record retention requirements.

Your choices

• Update your account information by contacting support.
• Opt out of non-essential emails using unsubscribe links or by contacting us.
• For PHI rights (access, amendments, restrictions), see our HIPAA Notice.

California disclosures (CCPA/CPRA)

For information covered by HIPAA, the CCPA/CPRA generally does not apply. For other personal information, you may have rights to know, delete, or correct certain data. To exercise CA rights, contact us at joseph@normwellness.com.

Age restrictions

Our services are intended for adults 18 years of age and older. We do not knowingly collect or maintain information from individuals under 18. If we learn that we have inadvertently received information from a person under 18, we will delete it promptly.

Security

We use reasonable administrative, technical, and physical safeguards to protect information. No system is 100% secure.

Changes to this policy

We may update this policy. We will revise the “Last updated” date above and post the new version on this page.

Contact us

Email: joseph@normwellness.com