Privacy Policy
Your health information is private, protected, and handled with the care it deserves. Here’s exactly how we collect, use, and safeguard it.
At Redy (“we,” “us,” or “our”), protecting your privacy isn’t a checkbox — it’s a core part of how we operate. As a telehealth platform for men’s health, we handle sensitive information every day, and we take that responsibility seriously.
This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data. If anything here is unclear, reach out to us at privacy@tryredy.com.
1. Overview
Redy operates tryredy.com and related services that connect you with licensed healthcare providers for consultations, prescriptions, and ongoing care. This policy applies to all information collected through our website, telehealth platform, mobile applications, and any related services (collectively, the “Services”).
By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Services.
2. Information We Collect
2.1 Information You Provide Directly
When you use Redy, we collect information you voluntarily provide, including:
- Account details: Name, email address, phone number, date of birth, and password.
- Health information: Medical history, current medications, allergies, symptoms, lab results, and other clinical details you share during consultations.
- Identity verification: Government-issued ID (for age and identity verification as required by law).
- Payment information: Credit card numbers, billing addresses, and related details — processed securely through our payment partner (Stripe). We do not store full card numbers on our servers.
- Communications: Messages you send through the platform, contact form submissions, and any support correspondence.
2.2 Information Collected Automatically
When you visit our website, we automatically collect:
- Device and browser data: IP address, browser type, operating system, device identifiers.
- Usage data: Pages visited, time spent, referring URLs, and clickstream activity.
- Cookies and similar technologies: See Section 7 for details.
2.3 Information from Third Parties
We may receive information from:
- Pharmacy partners regarding prescription status and fulfillment.
- Laboratory partners regarding test results you’ve authorized.
- Identity verification services.
- Analytics and advertising platforms (with your consent where required).
3. How We Use Your Information
We use your information to:
- Provide telehealth consultations and connect you with licensed healthcare providers.
- Process prescriptions and coordinate with pharmacy partners.
- Verify your identity and eligibility for our Services.
- Process payments and prevent fraud.
- Send you appointment reminders, consultation results, and service-related communications.
- Improve our Services, develop new features, and conduct internal analytics.
- Comply with legal obligations and respond to legal requests.
- With your explicit consent, send marketing communications (which you can opt out of at any time).
Redy does not sell, rent, or trade your personal or health information to third parties for marketing purposes. Full stop.
4. How We Share Information
We share your information only as necessary to provide our Services and comply with the law. Specifically:
| Recipient | Purpose |
|---|---|
| Licensed healthcare providers | To conduct consultations and provide medical care. |
| Partner pharmacies | To fulfill and ship prescriptions. |
| Laboratory partners | To process lab tests you’ve authorized. |
| Payment processors (e.g., Stripe) | To securely process payments. |
| Technology service providers | Hosting, email delivery, analytics — all under strict confidentiality and data-protection agreements. |
| Legal and regulatory authorities | When required by law, subpoena, or to protect rights and safety. |
| Business transfers | In the event of a merger, acquisition, or sale of assets, subject to continued privacy protections. |
All third parties we work with are contractually obligated to protect your information and use it only for the purposes we’ve authorized.
5. HIPAA & Protected Health Information
As a telehealth platform, Redy complies with the Health Insurance Portability and Accountability Act (“HIPAA”) and its implementing regulations. Your Protected Health Information (“PHI”) — including medical records, diagnoses, and treatment information — is handled under additional safeguards required by HIPAA.
5.1 Your HIPAA Rights
Under HIPAA, you have the right to:
- Access and obtain a copy of your medical records.
- Request corrections to inaccurate or incomplete PHI.
- Request an accounting of how your PHI has been disclosed.
- Request restrictions on how your PHI is used or shared.
- Receive a copy of our Notice of Privacy Practices.
- File a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated.
5.2 Business Associate Agreements
All vendors who handle PHI on our behalf — including pharmacies, labs, and cloud providers — have signed Business Associate Agreements (BAAs) that legally bind them to protect your information in accordance with HIPAA.
6. Data Security
We take security seriously. Our safeguards include:
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
- Access controls: Role-based access limits who on our team can view your information.
- Authentication: Multi-factor authentication is required for all staff accessing PHI.
- Infrastructure: We use HIPAA-compliant hosting providers with SOC 2 Type II certification.
- Monitoring: 24/7 security monitoring and regular penetration testing.
- Incident response: A documented breach response plan, including timely notification of affected individuals and regulators as required by law.
No system is 100% secure. If we become aware of a data breach affecting your information, we will notify you as required by applicable law.
7. Cookies & Tracking Technologies
We use cookies and similar technologies to improve your experience on our site.
7.1 Types of Cookies We Use
- Essential cookies: Required for the site to function (e.g., keeping you logged in).
- Analytics cookies: Help us understand how visitors use the site (e.g., Google Analytics).
- Marketing cookies: Used — only with your consent — to deliver relevant ads and measure campaign performance.
7.2 Managing Cookies
You can control cookies through your browser settings or by using our cookie consent tool when you first visit the site. Note that disabling essential cookies may impair site functionality.
7.3 Do Not Track
Some browsers send a “Do Not Track” signal. At this time, our site does not respond to these signals because no industry standard has been adopted.
8. Your Rights
Depending on your location, you may have the right to:
- Access: Request a copy of the personal information we have about you.
- Correct: Request that we fix inaccurate or incomplete information.
- Delete: Request deletion of your personal information, subject to legal and regulatory retention requirements.
- Restrict or object: Ask us to limit how we use your information.
- Portability: Receive your information in a structured, commonly used format.
- Withdraw consent: For processing that relies on your consent, you may withdraw it at any time.
- Opt out of marketing: Unsubscribe from marketing communications via the link in any email, or by emailing us.
To exercise any of these rights, email privacy@tryredy.com. We’ll respond within the timeframe required by applicable law (typically 30 days).
9. Data Retention
We retain your information only as long as necessary to provide our Services and fulfill legal obligations. Specifically:
- Medical records: Retained for a minimum of 7 years (or longer, as required by state law) after your last interaction with us.
- Account information: Retained while your account is active and for a reasonable period afterward.
- Billing records: Retained for 7 years to comply with tax and audit obligations.
- Marketing data: Retained until you unsubscribe or request deletion.
When information is no longer needed, we securely delete or anonymize it.
10. Children’s Privacy
Redy’s Services are intended for adults 18 years of age or older. We do not knowingly collect information from anyone under 18. If you believe we’ve collected information from a minor, contact us immediately at privacy@tryredy.com and we will delete it.
11. State-Specific Rights
11.1 California Residents (CCPA/CPRA)
California residents have the right to know what personal information we collect, request deletion, opt out of the sale or sharing of personal information (we do not sell), and non-discrimination for exercising these rights. Submit requests to privacy@tryredy.com.
11.2 Other State Privacy Laws
Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have similar rights. Contact us to exercise them.
11.3 Washington State My Health My Data Act
Residents of Washington State have specific rights regarding consumer health data under the My Health My Data Act, including the right to withdraw consent and request deletion. Contact us at privacy@tryredy.com to exercise these rights.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we’ll update the “Last updated” date at the top of this page and, if the changes are significant, we’ll notify you via email or a prominent notice on our site.
We encourage you to review this policy periodically to stay informed.
13. Contact Us
Have questions, concerns, or want to exercise your privacy rights? Get in touch.