Find doctorsFor providersContact Us

Privacy Policy

Last updated: May 2026

Healthnava ("we," "us," or "our") operates a cash-pay telehealth marketplace. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website and services.

Information we collect

We may collect the following categories of information:

  • Account information: name, email address, date of birth, and phone number when you register or update your profile.
  • Health information: symptoms, medical history, appointment notes, prescriptions, lab orders, and other information you or your provider submit through the platform.
  • Payment information: billing details and transaction records. Card data is processed by our payment provider; we do not store full card numbers on our servers.
  • Usage information: device type, browser, IP address, and activity logs related to how you use the platform (excluding PHI in logs).

How we use information

We use your information to:

  • Provide and operate our telehealth marketplace services
  • Facilitate appointments, video visits, messaging, and records
  • Communicate with you about bookings, account activity, and support
  • Process payments and send receipts
  • Improve platform security, reliability, and user experience
  • Comply with legal obligations and enforce our terms

HIPAA compliance

Healthnava is designed to support HIPAA-compliant handling of protected health information (PHI). We maintain administrative, physical, and technical safeguards appropriate for a healthcare platform, enter into Business Associate Agreements (BAAs) with qualifying subprocessors where required, and limit access to PHI to authorized personnel and systems with a legitimate need.

Providers on our platform are independent professionals responsible for their own clinical practices and applicable privacy obligations.

Data security measures

We use industry-standard measures to protect your information, including encryption in transit (TLS), encryption at rest where applicable, role-based access controls, row-level security in our database, audit logging for access to sensitive records, and regular review of our security practices.

No method of transmission or storage is completely secure. If you believe your account has been compromised, contact us immediately.

Third-party services

We use trusted third-party providers to operate the platform. These may process personal or health information on our behalf under contractual safeguards:

  • Stripe — payment processing
  • Daily.co — secure video visits
  • Supabase — database and authentication infrastructure
  • Resend — transactional email delivery

We do not sell your personal information. We share information only as needed to provide services, with your direction, or as required by law.

Your rights

Depending on your location and relationship with us, you may have the right to:

  • Access and obtain a copy of your personal information
  • Request correction of inaccurate information
  • Request deletion of certain information, subject to legal retention requirements
  • Restrict or object to certain processing
  • Receive information about how we use and share your data

To exercise these rights, contact us at the address below. We will respond within the timeframes required by applicable law.

Contact us

For privacy-related questions or requests, email privacy@healthnava.com.