Privacy Policy

How we protect your personal and health information. Last updated: May 31, 2026.

1. Introduction

NexerDoc ("we," "us," "our") is a telehealth platform specializing in semaglutide weight management. We are committed to protecting the privacy and security of your personal information and protected health information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and services.

NexerDoc operates under Licensed Medical Oversight. Our physicians are board-certified medical professionals licensed in the states where we provide services. This policy reflects our commitment to HIPAA compliance and the ethical handling of your most sensitive health data.

2. Information We Collect

2.1 Personal Information

We collect information that identifies you personally, including:

  • Contact Information: Name, email address, phone number, mailing address, date of birth
  • Account Credentials: Username, password, security questions
  • Payment Information: Credit card details, billing address (processed through PCI-compliant third-party processors; we do not store full card numbers)
  • Identity Verification: Government-issued ID, photographs for verification purposes

2.2 Protected Health Information (PHI)

As a healthcare provider with Licensed Medical Oversight, we collect PHI as defined by HIPAA, including:

  • Medical history and current health conditions
  • Weight, height, BMI, and vital signs
  • Laboratory results and diagnostic information
  • Medication history and current prescriptions
  • Treatment plans and progress notes
  • Health insurance information
  • Any other health information you provide during consultations

2.3 Automatically Collected Information

When you visit our platform, we automatically collect:

  • Usage Data: Pages visited, time spent, links clicked, features used
  • Device Information: IP address, browser type, operating system, device identifiers
  • Cookies and Tracking Technologies: As described in our Cookie Policy

3. How We Collect Your Information

We collect information through:

  • Direct Interactions: When you create an account, complete medical intake forms, communicate with our licensed medical professionals, make payments, or contact our support team
  • Automated Technologies: Cookies, web beacons, and similar tracking technologies as described in our Cookie Policy
  • Third-Party Sources: Pharmacy partners, laboratory services, and payment processors, only with your authorization or as permitted by law

4. How We Use Your Information

We use your information for the following purposes:

  • Provision of Services: To provide telehealth consultations, prescribe medications, coordinate pharmacy fulfillment, and deliver ongoing care under Licensed Medical Oversight
  • Treatment and Care Management: Our board-certified physicians and clinical staff use your PHI to evaluate your condition, develop treatment plans, monitor progress, and adjust care as needed
  • Payment and Billing: To process payments, verify insurance, and manage billing
  • Healthcare Operations: To improve our services, conduct quality assessments, train our staff, and manage our business operations
  • Communication: To send appointment reminders, treatment updates, relevant health information, and respond to your inquiries
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Security: To protect the integrity and security of our platform and your information

5. HIPAA Compliance and Protected Health Information

NexerDoc is fully committed to HIPAA compliance. As a healthcare provider with Licensed Medical Oversight, we are classified as a covered entity under HIPAA. We implement administrative, physical, and technical safeguards to protect your PHI.

We adhere to the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule. Our licensed medical professionals and staff receive regular HIPAA training. We enter into Business Associate Agreements (BAAs) with all third-party service providers who handle PHI on our behalf.

6. Disclosure of Your Information

We may disclose your information in the following circumstances:

  • With Your Authorization: We will disclose your information when you provide written authorization
  • Treatment Coordination: With pharmacies, laboratories, and other healthcare providers involved in your care
  • Payment Purposes: With payment processors, insurance companies, and billing services
  • Healthcare Operations: With quality assurance teams, accreditation organizations, and business associates who have signed BAAs
  • As Required by Law: When required by law, court order, or legal process
  • Public Health Activities: To public health authorities for disease reporting, as permitted by law
  • Health Oversight Activities: To health oversight agencies for audits, investigations, and licensure review
  • Emergency Situations: To prevent serious threat to health or safety

We do not sell your personal information or PHI to third parties.

7. Your Rights Regarding Your Information

Under HIPAA and applicable privacy laws, you have the following rights:

  • Right to Access: You may request to inspect and obtain copies of your medical records and PHI
  • Right to Amend: You may request corrections to your PHI if you believe it is incorrect or incomplete
  • Right to Accounting of Disclosures: You may request a list of disclosures we have made of your PHI
  • Right to Request Restrictions: You may request restrictions on how we use or disclose your PHI
  • Right to Confidential Communications: You may request to receive communications at alternative locations or methods
  • Right to Request Deletion: You may request deletion of your information, subject to legal retention requirements
  • Right to Revoke Authorization: You may revoke any prior authorization for use or disclosure of your PHI
  • Right to File a Complaint: You may file a complaint with us or with the Department of Health and Human Services

8. Data Security

We implement comprehensive security measures to protect your information:

  • 256-bit encryption for data in transit (TLS 1.3) and at rest (AES-256)
  • Multi-factor authentication for all clinical staff accessing PHI
  • Role-based access controls ensuring the minimum necessary standard
  • Regular security audits and penetration testing
  • 24/7 monitoring for unauthorized access attempts
  • Automated threat detection and response systems
  • Employee background checks and security training
  • Secure data centers with physical access controls

9. Data Retention

We retain your personal information and PHI for as long as necessary to provide services and comply with legal obligations. Medical records are retained for a minimum of seven years as required by applicable law. After the retention period, information is securely destroyed or de-identified.

10. Cookies and Tracking Technologies

Our platform uses cookies and similar tracking technologies to enhance your experience. For detailed information about our use of cookies, please see our Cookie Policy. You can manage cookie preferences through your browser settings.

11. Third-Party Services

We engage trusted third-party service providers to support our operations, including:

  • Payment processing (PCI-compliant processors)
  • Pharmacy fulfillment and medication dispensing
  • Laboratory testing services
  • Cloud hosting and data storage
  • Analytics and platform optimization
  • Customer support tools

All third-party providers who handle PHI are required to sign Business Associate Agreements and comply with HIPAA requirements.

12. Minors

Our services are intended for adults 18 years of age or older. We do not knowingly collect information from minors. If we become aware that a minor has provided information, we will delete it promptly.

13. International Transfers

We primarily store and process data within the United States. If your data is transferred internationally, we ensure appropriate safeguards are in place consistent with applicable law.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through email or prominent notice on our platform. The "Last updated" date at the top of this policy indicates when it was last revised.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@nexerdoc.com
  • Phone: (555) 123-4567
  • Mail: NexerDoc Privacy Office, 123 Healthcare Drive, Suite 200, Medical City, MC 12345
  • Privacy Officer: You may contact our Privacy Officer directly at privacy@nexerdoc.com

16. Your California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights.

17. Notice to Virginia, Colorado, Connecticut, and Utah Residents

If you reside in Virginia, Colorado, Connecticut, or Utah, you may have additional rights under applicable state privacy laws, including the right to access, correct, delete, and obtain a copy of your personal data.