Privacy Policy

01 Who We Are

Falcons ADHD +Plus is a husband-and-wife telehealth partnership providing ADHD management, metabolic reset, hormone optimization, and related cash-pay wellness services. This Policy applies to our website, patient portal, booking flows, communications, and any other digital services we operate (collectively, the "Services").

This Policy does not govern third-party websites or platforms that may link to or from our Services. When you leave our Services, the privacy practices of the destination apply.

02 Information We Collect

Information You Provide

• Identity & Contact Details: name, date of birth, email, phone number, mailing and shipping addresses.
• Health Information: symptoms, medical and medication history, mental health history, lab results, height/weight, allergies, and other information you share with your provider.
• Insurance & Government IDs: a valid government-issued photo ID is required at intake for controlled substance prescribing.
• Payment Information: billing details are collected and processed by our PCI-compliant payment processor; we do not store full card numbers on our servers.
• Communications: messages you send through the portal, email, SMS, or support chat.

Information Collected Automatically

• Device & Log Data: IP address, browser type, operating system, referring pages, and timestamps.
• Usage Data: pages viewed, features used, and session duration.
• Cookies & Similar Technologies: see Section 06 for details.

03 How We Use Information

We use the information we collect to:

• Provide and coordinate your clinical care, including evaluation, prescribing, and follow-up.
• Transmit prescriptions to licensed compounding or retail pharmacies on your behalf.
• Verify your identity, confirm eligibility, and comply with controlled-substance regulations.
• Process payments, send receipts, and manage billing.
• Send appointment reminders, refill notices, and service-related updates.
• Improve our website, diagnose technical issues, and secure our Services.
• Meet legal, regulatory, and professional licensing obligations.

04 HIPAA & Protected Health Information

Falcons ADHD +Plus is a Covered Entity under the Health Insurance Portability and Accountability Act ("HIPAA"). Protected Health Information ("PHI") you share with your provider is handled in accordance with our Notice of Privacy Practices, which describes your rights regarding your medical record and how we may use and disclose PHI for treatment, payment, and healthcare operations.

05 Sharing & Disclosure

We do not sell your personal information. We share information only in these limited situations:

• Licensed Pharmacies: including 503A sterile compounding partners (such as Empower and Olympia) to fulfill your prescriptions.
• Laboratories & Clinical Partners: for ordering and receiving diagnostic results.
• Service Providers & Business Associates: EHR, telehealth video, payment, scheduling, and analytics vendors, each bound by written agreements that restrict use of your information.
• Legal & Safety Reasons: when required by law, subpoena, court order, or to prevent imminent harm.
• Business Transfers: in the event of a merger or sale, your information may transfer subject to this Policy.
• With Your Authorization: any other disclosure requires your written authorization, which you may revoke at any time.

06 Cookies & Tracking

We use a small number of first-party cookies to keep you logged in, remember preferences, and measure aggregate site performance. We do not use cookies to track you across unrelated third-party sites for advertising.

You may block or delete cookies through your browser settings. Some portal features may not function correctly without cookies enabled.

07 Data Security

We use industry-standard administrative, physical, and technical safeguards to protect your information, including encryption in transit and at rest, role-based access controls, multi-factor authentication for staff, and regular security reviews. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.

08 Data Retention

We retain medical records for the period required by the state where care was provided, which is generally seven (7) years after the last patient encounter, or longer for minors. Non-clinical business records are kept only as long as necessary for the purposes described in this Policy or as required by law.

09 Your Rights

Depending on where you live, you may have the right to:

• Access and receive a copy of your medical or personal records.
• Request correction of inaccurate information.
• Request restrictions on how we use or disclose your PHI.
• Receive an accounting of certain disclosures.
• Request deletion of non-medical personal information, subject to legal exceptions.
• Opt out of marketing communications at any time by using the unsubscribe link or contacting us.

To exercise these rights, please contact us using the details in Section 12. We will respond within the timeframes required by applicable law.

10 Children's Privacy

Our Services are intended for patients 18 years of age and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with information, please contact us and we will promptly delete it.

11 Changes to This Policy

We may update this Policy from time to time. When we make material changes, we will update the "Last Updated" date above and, where appropriate, notify you through the portal or by email. Your continued use of the Services after changes become effective constitutes acceptance of the updated Policy.