Privacy Policy

Privacy Policy

Effective Date: 3 February 2026

This Privacy Policy describes how SwimScore LLC (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and otherwise processes personal information in connection with our websites, applications, patient portals, online services, communications, and related offerings (collectively, the “Services”).

Some Services may facilitate access to medical testing, telemedicine services, prescriptions, or related care. Personal information collected in connection with medical care may be subject to additional protections under applicable healthcare laws, including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Practices related to protected health information (“PHI”) are described in a separate Notice of Privacy Practices, which applies when you become a patient and receive healthcare services.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal information we collect through:

  • Our websites and web-based applications

  • Account registration and login experiences

  • Patient portals and dashboards

  • Ecommerce, checkout, and subscription workflows

  • Customer support interactions and communications

  • Email, SMS, and other electronic communications

  • Marketing and promotional activities

This Privacy Policy does not replace or supersede our Notice of Privacy Practices, which governs PHI handled by applicable medical providers in connection with healthcare services.

2. Categories of Personal Information and Purposes of Collection

We collect and process personal information to operate, maintain, and improve the Services; to communicate with users; to facilitate transactions and fulfillment; to protect the security and integrity of the Services; and to comply with applicable legal and regulatory obligations. Depending on how you interact with the Services, we may collect the following categories of personal information:

Categories of Personal Information Collected

  • Identifiers and Contact Information, including first and last name, email address, telephone number, mailing address, city, state, and ZIP code.

  • Account and Authentication Information, including usernames, passwords, authentication credentials, account settings, and preferences used to register for and access the Services.

  • Financial and Transaction Information, including billing address, payment method details, transaction history, and related payment processing information.

  • User Communications and Feedback, including comments, reviews, suggestions, survey responses, customer support inquiries, and other information you choose to submit.

  • Personal Characteristics, such as age, date of birth, gender, marital status, and nationality, where voluntarily provided.

  • Preferences and Interests, including product preferences, content preferences, marketing preferences, and inferred interests based on interactions with the Services.

  • Internet and Network Activity Information, including pages viewed, features used, time spent on the Services, interaction logs, referral URLs, and similar activity data.

  • Device and Technical Information, including IP address, browser type, operating system, device identifiers, mobile network information, and similar technical data.

  • Geolocation Information, including approximate or precise location derived from IP address, mobile device settings, or other technologies, where enabled.

If you access the Services through a mobile device, we may also collect device-specific information such as unique device identifiers, mobile operating system data, and mobile network information.

3. Sensitive Personal Information

We may collect certain categories of sensitive personal information, as defined under applicable privacy laws, including:

  • Precise geolocation information

  • Health-related information, including information submitted through questionnaires or collected in connection with facilitating access to testing, telemedicine, prescriptions, or related services

Sensitive personal information is collected and used solely to the extent reasonably necessary to provide the Services, facilitate services you request, comply with legal obligations, and protect the security and integrity of the Services. Such information is not collected or used for the purpose of inferring characteristics about you beyond what is necessary for these purposes.

Unless expressly stated in a separate written agreement, we do not intentionally collect or process the following categories of sensitive personal information, and we ask that you do not provide them to us:

  • Social Security numbers, driver’s license numbers, state identification card numbers, or passport numbers

  • Financial account numbers, debit or credit card numbers combined with any required security or access codes, passwords, or credentials allowing access to an account (other than through secure third-party payment processors)

  • Racial or ethnic origin, religious or philosophical beliefs, or union membership

  • The contents of your mail, email, or text messages, except where we are the intended recipient of the communication

  • Genetic data

  • Biometric information used for unique identification

  • Information concerning sex life or sexual orientation

4. Purpose Limitation and Data Minimization

We collect and process personal information and sensitive personal information only to the extent reasonably necessary and proportionate to achieve the purposes of our processing activities. Our processing activities include:

  • Conducting and operating our business

  • Marketing and communications (subject to your preferences)

  • Customer support and quality assurance

  • User verification, authentication, and fraud prevention

  • Payment processing and transaction fulfillment

  • Service customization and personalization

  • Service maintenance, security, and improvements

  • Analytics and product development

  • Compliance with legal, regulatory, and contractual obligations

We retain personal information only for as long as reasonably necessary to fulfill these purposes, unless a longer retention period is required or permitted by law.

If we intend to further process your personal information for a purpose that is materially different from the purpose for which it was originally collected, we will provide additional notice and, where required by applicable law, obtain your consent prior to such processing.

Text messaging originator opt-in data and consent information are excluded from the categories above and will not be shared with any third parties.

5. How We Use Personal Information

We may use personal information to:

  • Provide, operate, maintain, and improve the Services

  • Create, manage, and authenticate accounts

  • Process payments, subscriptions, and transactions

  • Provide shipping, logistics, and fulfillment

  • Facilitate access to testing, telemedicine, prescriptions, and related services you request

  • Communicate with you about your account, orders, services, and updates

  • Provide customer support and respond to inquiries

  • Conduct analytics, research, and product development

  • Monitor and protect the security and integrity of the Services

  • Detect, investigate, and prevent fraud, misuse, or illegal activity

  • Enforce our terms, policies, and agreements

  • Comply with applicable laws and respond to legal process

  • Send marketing and promotional communications, subject to your preferences

6. Disclosure of Personal Information

We do not trade, rent, or sell your personal information to third parties, and we do not share personal information with third parties for cross-context behavioral advertising.

We may share or disclose personal information for the following limited purposes:

Aggregated or De-Identified Information

We may share aggregated or de-identified information that does not reasonably identify you with third parties for purposes such as analytics, industry research, demographic analysis, and improving the Services.

Service Providers

We may engage third-party vendors and service providers to facilitate, operate, or improve the Services, including to:

  • Process payments

  • Provide customer support

  • Provide cloud hosting and data storage

  • Provide website maintenance and database management

  • Provide web analytics, performance monitoring, and feature improvement

  • Provide fraud prevention, identity verification, and geolocation services

These third parties may access personal information only as necessary to perform tasks on our behalf and are contractually obligated to protect the information and to not disclose or use it for any purpose other than providing services to us.

Business Partners and Optional Offers

We may provide personal information to business partners or other trusted entities to provide you with information about goods or services we believe may be of interest to you. If you choose to purchase goods or services, your personal information (such as delivery address or payment details) may be used to complete the transaction. You may opt out of receiving such communications at any time using the mechanism described in the communication.

Legal and Law Enforcement

We may disclose personal information to government authorities, law enforcement officials, courts, or private parties when we believe disclosure is necessary or appropriate to:

  • Respond to claims and legal process (including subpoenas and court orders)

  • Protect the rights, property, or safety of the Company, our users, or others

  • Protect the security and integrity of the Services

  • Detect, prevent, or address fraud, security, or technical issues

  • Prevent or stop activity we reasonably believe to be illegal, unethical, or legally actionable

Business Transfers

We may disclose personal information to a buyer or other successor in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution, financing, bankruptcy, liquidation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a similar proceeding, in which personal information held by the Services is among the assets transferred.

7. Cookies, Do Not Track Signals, and Similar Technologies

We may use cookies, web beacons, pixel tags, SDKs, mobile analytics software, log files, or similar technologies to collect certain information about your online activity on the Services and interactions with our communications and advertisements. These technologies help us:

  • Enable core functionality and account logins

  • Authenticate users and maintain sessions

  • Analyze usage and improve performance

  • Measure effectiveness of communications and campaigns

  • Improve and personalize the Services

  • Provide content and advertising offered by us or through the Services

You may disable cookies through your browser settings. If you disable cookies, certain features (including account logins) may not work properly, and you may not be able to use all or part of the Services. Similarly, you may configure your mobile device settings to limit certain data collection, but doing so may affect functionality.

It is not our intention to use these technologies to collect information unrelated to the Services or your interaction with the Services.

At this time, we do not respond to browser “Do Not Track” (“DNT”) signals.

8. Communications Preferences

You may opt out of marketing communications at any time by following the unsubscribe instructions in those communications or by contacting us using the information below. Even if you opt out of marketing communications, we may still send you non-marketing messages, such as those about your account, transactions, service updates, or security notices.

Mobile information will not be shared with third parties/affiliates for marketing/promotional purposes. Any other mentions in this policy exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. If you wish to be removed from receiving future communications, you can opt out by texting STOP.

9. Links and Third-Party Websites

The Services may contain links to third-party websites or services, including social media platforms. When you click on a link to a third-party website or location, you will leave the Services and another entity may collect personal information or anonymous information from you.

We have no control over, do not review, and are not responsible for the privacy practices, content, or security of third-party websites or services. This Privacy Policy does not apply to third-party websites or services, and we expressly disclaim any liability arising from your use of, or the provision of information to, third-party websites or services. Your interactions with third parties are governed by their privacy practices and terms.

10. User Content

Certain features of the Services may allow you to submit content for publication or display in public or interactive areas of the Services (“User Content”), such as written comments, reviews, survey responses, or interactive submissions.

Be careful when providing information in public areas of the Services. Any information you share in public areas may be viewed by other users and may be collected and used by third parties. We cannot control the actions of other users or third parties with whom you choose to share User Content.

11. Data Retention

We retain personal information for as long as reasonably necessary to:

  • Provide, operate, and maintain the Services

  • Complete transactions and fulfill requests

  • Maintain records for legal, regulatory, accounting, or security purposes

  • Resolve disputes and enforce agreements

Medical records and PHI are retained in accordance with applicable healthcare laws and provider policies, as described in the applicable Notice of Privacy Practices.

12. Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information. However, no security measures are perfect, and we cannot guarantee the absolute security of personal information.

13. Consent to Processing and International Transfers

We may process, transfer, and store personal information on servers located in a number of countries, including the United States, where we or our service providers maintain facilities or otherwise operate.

As a result, your personal information may be subject to privacy and other laws that may differ from the laws of your country or state of residence. Your personal information may also be disclosed in response to inquiries or requests from government authorities or to respond to judicial process in the countries in which we operate.

By using the Services, or by providing us with personal information, you consent to the collection, processing, maintenance, and transfer of your personal information in and to the United States and other applicable jurisdictions where privacy laws may not be as comprehensive as those in your place of residence.

Where required by applicable law, we implement appropriate safeguards designed to protect personal information transferred across borders.

14. U.S. State Privacy Rights and Notices

Certain U.S. states provide residents with specific rights regarding their personal information. This section applies to residents of states with comprehensive privacy laws, including California, Nevada, Virginia, Colorado, Connecticut, Utah, and other applicable jurisdictions.

For purposes of this section, “personal information” or “personal data” generally means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable individual or household. It does not include publicly available, de-identified, or aggregated information.

Submitting a Privacy Rights Request

To submit a request, contact us at [email protected]

If you choose to submit a request, you must provide enough information for us to reasonably verify your identity and understand the scope of your request. We will only use information provided in connection with your request to verify your identity and respond. We may not be able to fulfill your request if we cannot verify your identity or authority to act on another person’s behalf.

Rights You May Have (Depending on Your State)

Depending on your state of residence, you may have the right to:

  • Confirm whether we process your personal information

  • Access and obtain a copy of personal information

  • Request correction of inaccuracies

  • Request deletion of personal information

  • Opt out of certain processing, including sale of personal information, targeted advertising, or profiling (where applicable)

  • Appeal certain decisions regarding requests

We will respond to verified requests in accordance with applicable law.

Limits on Requests

Where permitted by law, we are not required to:

  • Retain personal information solely to respond to a request

  • Re-identify or link data that we do not maintain in identifiable form

  • Provide personal information more than twice within a twelve-month period

Special Notice to California Residents (CCPA/CPRA)

California residents may have the following rights:

Right to Know / Right to Access. You may request:

  • The categories of personal information we collected about you

  • The categories of sources from which we collected personal information

  • Our business or commercial purposes for collecting, using, selling, or sharing personal information

  • The categories of third parties to whom we disclose personal information

  • The specific pieces of personal information we collected about you

Right to Correct. You may request that we correct inaccurate personal information. You may also correct or update certain personal information by logging into your account.

Right to Delete. You may request that we delete personal information we collected from you. Subject to certain exceptions, we will delete your personal information and direct service providers to do the same.

We may deny or limit deletion requests where retention is necessary to:

  • Complete the transaction for which the information was collected, provide a good or service requested, or perform a contract

  • Help ensure security and integrity, prevent fraud, and protect against malicious activity

  • Debug and repair errors that impair intended functionality

  • Exercise free speech or protect another’s rights

  • Comply with legal obligations

  • Conduct certain internal uses reasonably aligned with your expectations

  • Engage in permitted research activities with appropriate safeguards

Non-Discrimination. We will not discriminate against you for exercising your rights. We will not deny services, charge different prices, or provide different quality solely because you exercised your rights, except as permitted by law.

Special Notice to Nevada Residents

We do not sell, rent, or lease personally identifiable information to third parties for monetary consideration. Nevada residents who wish to submit a request not to sell personally identifiable information may do so by contacting us at [email protected]

Special Notice to Virginia Residents (VCDPA)

Virginia residents may have the right to access, correct, delete, or obtain a copy of personal data, and to opt out of the sale of personal data, targeted advertising, or profiling.

We do not sell personal data and do not process personal data for targeted advertising or profiling.

Appeals. If we deny your request, you may appeal by contacting us within 30 days. If your appeal is denied, you may submit a complaint to the Virginia Attorney General.

Special Notice to Colorado Residents (CPA)

Colorado residents may have the right to confirm processing, access, correct, delete, and obtain a copy of personal data, and to opt out of the sale of personal data, targeted advertising, or profiling.

We do not sell personal data and do not process personal data for targeted advertising or profiling.

Appeals. If we deny your request, you may appeal by contacting us within 30 days. If your appeal is denied, you may contact the Colorado Attorney General.

15. Children’s Privacy

The Services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from children.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated Privacy Policy and update the Effective Date. Your continued use of the Services after an update constitutes acceptance of the updated Privacy Policy.

17. Questions and How to Contact Us

If you have any questions, concerns, complaints, or suggestions regarding this Privacy Policy or our privacy practices, you may contact us at:

SwimScore LLC

Email: [email protected]