Hims & Hers Health, Inc.
Consumer Health Data Privacy Policy
Last updated: March 26, 2024
Introduction
Hims & Hers Health, Inc. and its subsidiaries ("
Hims & Hers" "
we,"
or "
us") owns and operates websites (the "
Websites") located at
www.hims.com and
www.forhers.com and any Hims and/or Hers mobile application (collectively, the "
Platform"). Your access and use of the Platform, any part thereof, or anything associated therewith, including its content ("
Content"), any products or services provided through the Platform or otherwise by Hims & Hers, and any affiliated website, software or application owned or operated by Hims & Hers (collectively, including the Platform and the Content, the "
Service") are subject to our
Privacy Policy unless specifically stated otherwise. Capitalized terms not otherwise defined in our Privacy Policy or this Consumer Health Data Privacy Policy have the same meaning as set forth in the
Hims & Hers Terms and Conditions ("
Terms and Conditions").
This Consumer Health Data Privacy Policy ("
Consumer Health Data Privacy Policy") applies to the extent required by applicable state law with respect to consumer health data (“
Consumer Health Data”) as defined by applicable law. For example, this Consumer Health Data Privacy Policy does not apply to protected health information subject to the Health Insurance Portability and Accountability Act of 1996. Please refer to our
Notice of Privacy Practices, which governs such information. This Consumer Health Data Privacy Policy supplements our general Privacy Policy. In the event of a conflict between our Privacy Policy and the Consumer Health Data Privacy Policy, the Consumer Health Data Privacy Policy applies to the extent that it is consistent with applicable state law.
Collection of Consumer Health Data
The Consumer Health Data we collect depends on how you interact with us, the services you use, and the choices you make.
We collect Consumer Health Data about you from different sources and in various ways when you use our services, including Consumer Health Data you provide directly, Consumer Health Data collected automatically, Consumer Health Data we obtain from third-party data sources, and Consumer Health Data we infer or generate from other data.
Consumer Health Data you provide. We collect Consumer Health Data you may provide to us. For example:
- Name and contact information, such as your name, email address, phone number, and billing and physical addresses.
- Demographic information, such as your gender, racial or ethnic origin, date of birth, and zip code.
- Payment information, such as your credit card number, financial account information, and other payment details.
- Account profile information, such as a username or account number in combination with a password, security or access code, or other credential that allows access to an account; a redemption code; biographical details; links to your profiles on social networks; information about your interests and preferences; and any other information that you add to your account profile.
- Marketing information, such as your preferences for receiving our marketing communications and details about your engagement with them.
- Content, such as photographs, videos, documents, and other files you upload to our Service. This includes email messages and the content of other communications you send to us.
- Government-issued identifiers, such as driver’s license number, passport number, and social security number. We may collect images of such identification cards.
- Biometric information, such as information that can identify you.
- Health information, such as information concerning your physical and/or mental health status.
- Sexual and reproductive health, such as information about your sex life, reproductive health, and/or sexual orientation.
Consumer Health Data we collect automatically. When you use our services, we collect some information through certain technical tracking technologies that may be considered Consumer Health Data. For example:
- Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the “Cookies, Mobile IDs, and Similar Technologies” section of our Privacy Policy, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
- Location data. We may collect general location data when you use our apps or online services.
- Usage data. We automatically log your activity on our websites, apps and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website. In some instances, such usage data may be related to browsing activity on health-specific sites.
Consumer Health Data we create, infer, or generate. We may create, infer or generate Consumer Health Data from other data we collect, including using automated means to generate information about your likely preferences or other characteristics.
Consumer Health Data we obtain from third-party sources. We also obtain the types of Consumer Health Data described above from third parties. These third-party sources may include, for example:
- Corporate affiliates. We may obtain your Consumer Health Data from our corporate affiliates.
- Third-party partners. Third-party applications and services, including social networks you choose to connect with or interact with through our services.
- Co-branding/marketing partners. Partners with which we offer co-branded services or engage in joint marketing activities.
- Service providers. Third parties that collect or provide data in connection with work they do on our behalf.
- Publicly available sources. Public sources of Consumer Health Data such as open government databases.
Use of Consumer Health Data
We use Consumer Health Data for purposes described in this Consumer Health Data Privacy Policy or as otherwise disclosed to you. For example, we use Consumer Health Data for the following purposes:
Purpose of Use
|
Categories of Consumer Health Data |
Product and service delivery. To provide and deliver our Service and operate our business, including analyzing Service use, troubleshooting, facilitating your movement through the Service, confirming your location, billing, processing your payments, accounting, administering your account, securing our systems, detecting fraudulent or illegal activity, providing customer support, communicating with you about the Service, personalizing the Service, verifying your identity and complying with our legal obligations and enforcing our rights. |
Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, location data, usage data, inferences, government ID, account access information, health data, information about sex life, reproductive health, or sexual orientation.
|
Product improvement, development, and research. To develop, test, or improve the Service and content, features and/or products or services offered via the Service. Additionally, to Identify or create new products or services. Lastly, to analyze traffic and user behavior or activity to and through Service
|
Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, usage data, inferences, government ID, account access information, location data, genetic data, health data, information about sex life, reproductive health, or sexual orientation. |
Aggregation, de-identification and/or anonymization. We may create aggregated, de-identified and/or anonymized data from your Consumer Health Data. We make Consumer Health Data into de-identified and/or anonymized data by removing information that makes the data identifiable to you and we will not attempt to re-identify such data other than if required by applicable law. We may use and disclose this aggregated, de-identified and/or anonymized data with third parties. |
Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, location data, usage data, inferences, government ID, account access information, health data, information about sex life, reproductive health, or sexual orientation. |
Marketing. To communicate with you about new services, offers, promotions, rewards, contests, upcoming events, and other information about our services and those of our selected partners. |
Contact information, demographic data, payment information, content and files, biometric information, identifiers and device information, location data, usage data, sensor data, inferences, health data, information about sex life, reproductive health, or sexual orientation. |
Sharing Consumer Health Data
We may “share” (as applicable state law defines that term) Consumer Health Data with your consent or as we determine necessary to complete your transactions, provide the services you have requested or authorized, or as otherwise permitted or required by law. For example, we may share your Consumer Health Data to:
- Affiliates. We enable access to Consumer Health Data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business. The specific affiliates with whom we may share Consumer Health Data includes: Hims, Inc., and H&H Derm, LLC.
- Legal and law enforcement. We will access, share, and preserve Consumer Health Data when we believe that doing so is necessary to comapostrply with applicable law or respond to valid legal process, including from law enforcement or other government agencies. We will also share Consumer Health Data if we believe it is necessary to protect our customers and/or the rights or property of ourselves or others.
Your Consumer Health Data Rights
You may have certain rights to your Consumer Health Data under applicable state law. These rights may vary depending on your state of residence. Any of the rights discussed below may be subject to certain limitations (for example, a monetary charge).
If you wish to exercise these rights, please visit
privacy.hims.com.
Withdraw consent. To the extent we rely upon your consent for either our collection or sharing of your Consumer Health Data, you have the right to withdraw such consent from any future collection or sharing.
Access and confirm. You have the right to ask us to confirm whether we have collected, shared or sold your Consumer Health Data. Further, you have the right to access (in other words, request a copy of) the Consumer Health Data that we have collected, shared or sold. You also have a right to access a list of all “third parties” (as applicable state law defines that term) and affiliates with whom we have shared or sold your Consumer Health Data and receive certain corresponding information.
Correction. You have the right to ask us to correct inaccuracies in your Consumer Health Data.
Deletion. You have the right to ask us to delete your Consumer Health Data.
Appeal. You have the right to appeal our denying a right you have attempted to exercise. We will provide details on how to appeal our denial in connection with such action.
To exercise your rights above and make a Consumer Health Data rights request, please visit
privacy.hims.com. We may need to verify your identity in order to process your request. To confirm your identity, we may ask you to verify personal information we already have on file for you. If we cannot verify your identity based on the information we have on file, we may request additional information from you (such as government identification), which we will only use to verify your identity, and for security or fraud-prevention purposes.
We need to collect certain Consumer Health Data in order to provide the Service to you. If you request that any required Consumer Health Data be deleted or withdraw your consent for future collection or sharing of any required Consumer Health Data, we may not be able to provide the Service or certain features of the Service to you.
Changes to this Consumer Health Data Privacy Policy
We reserve the right to modify this Consumer Health Data Privacy Policy at any time. If we make material changes to this Consumer Health Data Privacy Policy, we will notify you by updating the date of this Consumer Health Data Privacy Policy and posting it on the Service or other appropriate means. Any modifications to this Consumer Health Data Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Consumer Health Data Privacy indicates your acknowledging that the modified Consumer Health Data Privacy Policy applies to your interactions with the Service.
Contacting Us
If you have any questions about this Privacy Policy, please contact us by email at privacy@forhims.com.