Information We Collect
We collect information in two ways: information you provide directly, and information collected automatically.
- ✓Identity information: name, date of birth, email address, phone number, and mailing address.
- ✓Health and medical information: health history, symptoms, diagnoses, and treatment details necessary to provide medical care.
- ✓Payment information: credit card numbers and billing details, transmitted securely via SSL encryption.
- ✓Account credentials: username and password for your patient portal.
- →Technical data: IP address, device ID, device name, operating system version, and browser type.
- →Usage data: log files, dates of product activation, and technical debug information.
- →Cookies: small files placed on your browser to remember your preferences and enhance your experience.
- →Analytics data: we use Google Analytics to understand how visitors use our site. You may opt out via Google\'s Ad Settings or the Network Advertising Initiative opt-out page.
How We Use Your Information
We use your personal and health information for the following purposes:
- ✓Medical care: to diagnose conditions, recommend treatments, prescribe medications, and provide medical guidance.
- ✓Communications: appointment reminders, prescription notifications, and care-related messages.
- ✓Customer support: to resolve issues you report to our support team.
- ✓Service improvement: to personalize your experience, optimize our platform, and develop new features.
- ✓Marketing (with consent): to inform you of new products or promotions. You may withdraw consent at any time.
Telemedicine Visits
During a telemedicine visit, our application may request access to your microphone, camera, or phone status. These permissions are used solely to facilitate your consultation. We do not access these features for any other purpose and strictly comply with all applicable privacy regulations.
How We Share Your Information
We do not sell, rent, or lease your personal information to third parties. We may share your information only in the following limited circumstances:
- →Service providers: third-party vendors who assist in delivering our services (such as Tebra EHR), bound by confidentiality agreements.
- →Affiliates and subsidiaries: subject to the same privacy protections described in this Policy.
- →SMS messaging providers: phone carriers and platform providers that help deliver text messages. Your SMS opt-in consent will never be shared with third parties for unrelated purposes.
- →Advertising & analytics platforms: We do not share your protected health information (PHI) with advertising platforms (such as Facebook, Instagram, or TikTok) and do not place advertising trackers on pages where you submit health information. Any advertising or analytics data is limited to non-health website-usage data in de-identified or aggregate form. We do not use it to build health profiles or share it with data brokers.
- →Legal requirements: when required by law or necessary to protect the rights, safety, or property of our users or the public.
- →Business transfers: in the event of a merger or acquisition, your information may be transferred as part of that transaction.
Where Your Data Is Stored
Your personal data is stored within the United States on secure servers, subject to U.S. laws and regulations. We use Tebra EHR as our electronic health record platform.
Data Security
We take reasonable technical and administrative measures to protect your information:
- 🔒SSL/TLS encryption for all data transmitted through our intake forms and patient portal.
- 🔒HIPAA Security Rule compliance, including administrative, physical, and technical safeguards.
- 🔒Access controls restricting access to staff and contractors on a strict need-to-know basis.
In the event of a breach of unsecured protected health information (PHI), we will notify affected individuals without unreasonable delay and no later than 60 days following discovery, as required by the HIPAA Breach Notification Rule (45 CFR 164.400-414).
Your Health Information Rights
As a patient, you have the following rights under HIPAA and applicable law:
Children\'s Privacy
We do not knowingly collect personal information from children without verifiable parental consent, in compliance with COPPA and GDPR.
SMS & Phone Communications
By providing your phone number, you consent to receive text messages and phone calls for appointment reminders, follow-ups, and promotional messages. You may opt out at any time by replying STOP to any text message, or by contacting us directly.
Account Deletion
To delete your account, go to the Profile section within torvianhealth.com. You may also contact us directly to request deletion. Certain information may be retained as required by law.
You may recover a deleted or deactivated account by signing in with your credentials and completing two-factor authentication, or by contacting us.
Our HIPAA Compliance Commitments
AngelTelemedicine LLC d/b/a Torvian manages patient information in compliance with HIPAA Rules and HHS requirements:
- ✓Non-disclosure: we will not use or disclose your information in any manner prohibited by law.
- ✓Security: we implement all required HIPAA security measures.
- ✓Breach notification: we will notify you of any breach of your PHI.
- ✓Subcontractor compliance: any subcontractors are bound by the same restrictions.
- ✓HHS access: we will make our practices available to HHS for compliance oversight.
Your Responsibilities
- →Provide only the minimum personal and health information necessary to receive our services.
- →Use appropriate safeguards to protect information you transmit to us.
- →Keep your account credentials confidential and notify us of any suspected unauthorized access.
Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be posted prominently for at least 30 days before taking effect. Continued use constitutes acceptance.
Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights: