Privacy Policy

Voyax Health Inc. ("Voyax Health," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (the "Service") for travel health consultations. As a HIPAA-covered entity, we also comply with the Health Insurance Portability and Accountability Act (HIPAA) and related regulations. This policy incorporates elements of our HIPAA Notice of Privacy Practices (NPP), which details your rights regarding Protected Health Information (PHI). If you are a California resident, additional rights under the California Consumer Privacy Act (CCPA) apply.

Please read this Privacy Policy carefully. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service. We may update this policy from time to time and will notify you via email or a prominent notice on our website. Your continued use after changes constitutes acceptance.

1. Information We Collect

We collect the following categories of personal information:

• Personal Identifiers: Name, email address, phone number, date of birth, mailing address.
• Health and Medical Information (PHI): Travel destination and itinerary, past medical history, allergies, current medications, vaccination history, pregnancy status, and other health-related details provided via our online questionnaire.
• Device and Usage Information: IP address, device ID, browser type, location data (if relevant for travel risk assessment), and usage analytics (e.g., pages visited, time spent).
• Uploaded Content: Photos or documents, such as vaccine cards, uploaded through forms.
• Information from Third Parties: We may receive data from partner pharmacies (e.g., fulfillment status) or integrated services, though we do not currently integrate with health apps or wearables.

We do not intentionally collect information from children under 13 without parental consent (see COPPA compliance below). For users aged 3-17, parental approval is required.

2. How We Collect Information

• Directly from You: Through online forms, questionnaires, uploads, and account registration.
• Automatically: Via cookies, web beacons, and similar technologies for device and usage data.
• From Third Parties: From partner pharmacies for service fulfillment, or service providers like payment processors.
• Integrations: If you connect external accounts (though not currently offered).

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To process your questionnaire, generate AI-based recommendations reviewed by licensed pharmacists, and transfer your intake form to your chosen pharmacy for prescriptions, vaccine referrals, or medication orders.
• Personalization: To tailor travel health advice based on your health history and itinerary.
• Pharmacist Review: To enable licensed pharmacists at partner pharmacies to review and fulfill recommendations.
• Marketing and Communications: To send promotional emails, updates, or offers (with opt-out options).
• Analytics and Improvement: To analyze usage patterns and improve the Service.
• Research: For aggregated, de-identified research to enhance travel health tools.
• Legal Compliance: To comply with laws, including HIPAA, CCPA, and other regulations.

We do not use your information for automated decision-making that produces legal effects.

4. How We Share Your Information

We may disclose your information to:

• Licensed Pharmacists and Providers: For review and consultation.
• Partner Pharmacies: For fulfillment of prescriptions, vaccines, or medications (in-person administration may occur at pharmacies).
• Analytics and Advertising Partners: Such as Google Analytics for usage insights (no PHI shared).
• Service Providers: Cloud hosting (e.g., Amazon AWS), payment processors, and other vendors who assist in operations, bound by confidentiality and HIPAA business associate agreements where applicable.
• In Business Transfers: If we are involved in a merger, acquisition, or sale, your information may be transferred (with notice where required).
• Legal Requirements: To comply with subpoenas, court orders, or to protect rights, safety, or property.

We do not sell your personal data as defined under CCPA. International data transfers may occur (e.g., to AWS servers outside the U.S.), protected by standard contractual clauses or equivalent safeguards.

5. Data Storage and Security

Your information is stored on Amazon AWS servers in the U.S., following AWS security protocols, including encryption in transit and at rest. We implement administrative, technical, and physical safeguards compliant with HIPAA, such as access controls, regular audits, and breach notification procedures. Retention periods vary: PHI is retained as required by HIPAA (typically 6 years); other data is kept as needed for services or legal obligations. In case of a breach, we will notify affected individuals as required by law.

6. Your Rights and Choices

• Access and Correction: Request access to or correction of your personal information.
• Deletion: Request deletion, subject to legal retention requirements (e.g., HIPAA).
• Opt-Out: Opt out of marketing communications or data sharing for non-essential purposes.
• CCPA Rights (for CA Residents): Know categories collected/sold/shared; access specifics; delete; opt-out of sales (none occur); non-discrimination.
• HIPAA Rights: Access PHI, amend inaccuracies, request accounting of disclosures, restrict uses, confidential communications, and receive paper copy of this NPP.

To exercise rights, contact us at the address below. We respond within 45 days (extendable). For children under 13, we comply with COPPA by obtaining verifiable parental consent; no plans for direct child-targeted features.

7. Additional Information

• Cookies and Tracking: We use cookies for functionality and analytics. You can manage via browser settings.
• Do Not Track: We do not respond to DNT signals.
• Children's Privacy: No services for under 3; 3-17 require parent approval. COPPA applies for under 13.
• Health Claims: Our marketing is substantiated; Service is not a substitute for primary care.
• Integrations: No current integrations with Apple Health, Google Fit, etc.
• Insurance: We maintain professional liability insurance.