Privacy Policy

Last updated: April 26, 2026

1. Information We Collect

We collect the information you provide during registration and the intake assessment, including your name, email address, date of birth, state of residence, medical history, and responses to our clinical screening questions.

2. How We Use Your Information

Your information is used to facilitate clinical review by licensed providers, to communicate with you about your care, and to process payments. We do not sell your personal health information.

3. HIPAA Compliance

We treat your health information as Protected Health Information (PHI) under HIPAA guidelines. We implement administrative, physical, and technical safeguards to protect your PHI.

4. Data Security

All data is encrypted in transit (TLS) and at rest. Access to PHI is restricted to authorized personnel and your assigned licensed provider.

5. Third-Party Services

We use Stripe for payment processing. Stripe is PCI-DSS compliant and does not have access to your health information. We may use HIPAA-compliant third-party telehealth partners for provider matchmaking.

6. Data Retention

We retain your health records in accordance with applicable state and federal law. You may request deletion of your account subject to legal retention requirements.

7. Your Rights

You have the right to access, correct, or request deletion of your personal information. Contact us at privacy@cura.health to exercise these rights.