Privacy Policy

Effective Date: April 29, 2026

Last Updated: 04/29/2026 

Introduction and Scope

Piper Wellness LLC d/b/a JoinPolly (“Polly,” “we,” “us,” or “our”) owns and operates the website located at www.joinpolly.com, including all subdomains and related websites that link to the Terms and Conditions of Use (collectively, the “Website”). The Website and the services, features, content, and functionality made available through it are referred to collectively as the “Services.” This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with the Services.

Personal information collected through your use of our general informational webpages is subject to this Privacy Policy. In other instances, such as when you enroll for services from a Provider or we assist a Provider in providing services to you (e.g., processing prescriptions), we are acting on behalf of the Provider in the role of a HIPAA “Business Associate.” The information we collect and process in those instances is subject to our HIPAA Notice, not this Privacy Policy.

This Privacy Policy is incorporated into and forms part of the Terms and Conditions of Use (the “Terms”) and is subject to all provisions, limitations, disclaimers, and conditions set forth in the Terms. In the event of a conflict between this Privacy Policy and the Terms, the Terms shall control unless expressly stated otherwise.

‍

Information We Collect

We collect personal information in connection with your use of the Services when Polly is not acting on behalf of a Provider in the role of a HIPAA “Business Associate.” The type of information we collect depends on how you interact with the Services.

‍

1. Information You Provide Directly to Us

We may collect personal information that you voluntarily provide to us, including when you:

  • Create or manage an account
  • Make a purchase or subscribe to products or services
  • Contact us via email, chat, SMS, or other communications channels
  • Submit forms or respond to surveys

Depending on your interaction with the Services, this information may include:

  • Name
  • Email address
  • Telephone number
  • Billing address
  • Shipping address
  • Date of birth
  • Account login credentials
  • Payment information (processed by our third-party payment processors on our behalf)
  • Records of your communications with us
  • Information about purchases or transactions with us
  • Any other information you choose to provide

We do not collect government-issued identification numbers, precise geolocation data, or health or medical information under this Privacy Policy.

‍

2. Information Collected Automatically

When you access or use the Services, we and our service providers may automatically collect certain information about your device and usage, including:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Referring and exit pages
  • Pages viewed and links clicked
  • Date and time of visits
  • Time spent on pages
  • General geographic region (e.g., city/state derived from IP address)

We collect this information using cookies, pixels, web server logs, and similar tracking technologies. These technologies help us:

  • Operate and secure the Services
  • Analyze usage and improve functionality
  • Provide customer support
  • Measure the effectiveness of marketing and advertising

We do not collect precise GPS location data through the Services

‍

3. Information from Social Media and Third-Party Platforms

If you interact with us through social media platforms (such as liking, following, or messaging us), we may receive information such as your name, username, and any content you choose to share with us.

If you access the Services through a third-party authentication service, we may receive certain information from that service depending on your privacy settings. We encourage you to review the privacy policies of those third parties.

‍

4. Information Received from Service Providers and Partners

We may receive information about you from third-party service providers who assist us in operating the Services, such as:

  • Payment processors
  • Analytics providers
  • Advertising and marketing partners

We may combine this information with other information we collect about you.

‍

5. Information Subject to HIPAA

When you enroll for services from a Provider or when we assist a Provider in providing healthcare services to you (such as facilitating telehealth services or processing prescriptions), we act on behalf of the Provider in the role of a HIPAA “Business Associate.” In those instances, any health or medical information we collect, receive, maintain, or transmit is governed by our HIPAA Notice and the applicable Provider’s Notice of Privacy Practices, not this Privacy Policy.

How We Use Your Information

We use personal information governed by this Privacy Policy for legitimate business and operational purposes, including to:

 

Operate and Maintain the Services

  • Provide, operate, and improve the Services
  • Manage user accounts
  • Fulfill purchases and subscriptions
  • Coordinate payment processing through our third-party payment processors
  • Maintain the security and integrity of the Services

 

Communicate with You

  • Send welcome emails and account-related communications
  • Respond to your inquiries and customer support requests
  • Provide service-related notifications
  • Send promotional communications where permitted by law (you may opt out of marketing communications at any time).

 

Polly does not send medical communications on behalf of Providers outside of the HIPAA-governed patient portal.

 

Customer Support and Technical Administration

  • Provide technical support
  • Troubleshoot errors
  • Monitor performance and usage trends
  • Detect and prevent fraud, abuse, or security incidents
  • Analytics and Service Improvement
  • Analyze how users interact with the Services
  • Improve functionality, content, and user experience
  • Conduct internal research and reporting

 

Advertising and Marketing

  • Deliver advertising and promotional content
  • Measure the effectiveness of marketing campaigns
  • Develop insights regarding user engagement

 

We do not use health or medical information governed by our HIPAA Notice for advertising or marketing purposes.

 

Legal and Compliance Purposes

  • Comply with applicable laws and regulations
  • Respond to lawful requests and legal process
  • Enforce our Terms and Conditions of Use
  • Establish, exercise, or defend legal claims

 

Other Disclosed Purposes

  • For any other purpose disclosed to you at the time information is collected or pursuant to your consent

 

Information Subject to HIPAA: When we act on behalf of a Provider in the role of a HIPAA “Business Associate,” our collection, use, and disclosure of protected health information are governed by our HIPAA Notice and the applicable Provider’s Notice of Privacy Practices, not this Privacy Policy.

 

Combining Information: We may combine personal information collected through the Services with information obtained from other sources and use the combined information in accordance with this Privacy Policy.

 

Aggregate and De-Identified Information: We may aggregate and/or de-identify information so that it can no longer reasonably be linked to you. We may use and disclose such aggregated or de-identified information for any lawful purpose, including analytics, research, and marketing.

 

How we Disclose Your Information

We may share personal information governed by this Privacy Policy for legitimate business purposes as described below.

1. Service Providers

 

We share personal information with third-party service providers that perform services on our behalf and help us operate the Services. These may include providers of:

  • Payment processing
  • Billing support
  • Shipping and fulfillment
  • Customer service
  • IT infrastructure and cloud hosting
  • Security and fraud prevention
  • Analytics
  • Marketing support
  • Legal, accounting, and consulting services

 

These service providers are authorized to use personal information only as necessary to provide services to Polly. Payment information for healthcare services is processed by third-party payment processors. Polly does not store or process full credit or debit card numbers.

 

2. Advertising and Analytics Partners

 

We may share certain identifiers and online activity information with advertising and analytics partners to:

  • Measure the effectiveness of advertising
  • Understand how users interact with the Services
  • Deliver promotional content

 

These partners may collect information directly through cookies, pixels, or similar technologies when you use the Services. We do not disclose protected health information governed by our HIPAA Notice for advertising or marketing purposes.

 

3. Communications with Providers

 

Users communicate with healthcare Providers exclusively through the HIPAA-governed patient portal. When we act on behalf of a Provider in the role of a HIPAA “Business Associate,” our disclosure of protected health information is governed by our HIPAA Notice and the applicable Provider’s Notice of Privacy Practices, not this Privacy Policy.

 

4. Legal and Safety Disclosures

 

We may access, retain, and disclose personal information if we believe in good faith that doing so is necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Enforce our Terms and Conditions of Use
  • Investigate or prevent fraud, security incidents, or other unlawful activity
  • Protect the rights, property, or safety of Polly, our users, or others

 

This may include exchanging information with other companies and organizations for fraud prevention and security purposes.

 

5. Business Transfers

 

If Polly is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to applicable legal requirements.

 

6. With Your Direction or Consent

 

We may share personal information where you direct us to do so or where we have your consent.

 

Your Choices and Controls

 

You have certain choices regarding how we use and communicate with you about your personal information governed by this Privacy Policy.

 

Access and Correction Requests

You may request that we review, update, or correct certain personal information we maintain about you by contacting us at legal@joinpolly.com. We will consider and respond to requests in accordance with applicable law. Please note that we may retain certain information as required by law, for legitimate business purposes, or to comply with our legal obligations.

 

Requests relating to health or medical information maintained in connection with healthcare services must be directed to the applicable Provider in accordance with the Provider’s Notice of Privacy Practices and our HIPAA Notice.

 

Marketing Communications

You may opt out of receiving promotional emails from us by clicking the “Unsubscribe” link included in such emails. You may opt out of promotional text messages by following the instructions included in the message (such as replying “STOP,” where applicable).

 

Even if you opt out of promotional communications, you may continue to receive non-marketing communications related to:

  • Your account
  • Your transactions
  • Service updates
  • Security notifications

 

Cookies and Online Tracking

We and our service providers use cookies and similar technologies to operate and improve the Services, analyze usage, and support advertising and marketing activities. Most web browsers allow you to control cookies through browser settings. You may be able to:

  • Remove existing cookies
  • Block future cookies
  • Set preferences for certain websites

 

Please note that disabling cookies may affect the functionality of certain features of the Services. You may also adjust settings on your mobile device to limit the use of advertising identifiers for interest-based advertising. Because cookie and device settings are browser- and device-specific, you must adjust your preferences on each device and browser you use.

 

Do Not Track Signals

Some browsers transmit “Do Not Track” signals. At this time, we do not respond to such signals.

 

California Privacy Rights

If you are a California resident, your rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), are described in our separate California Privacy Notice, which is incorporated into this Privacy Policy by reference.

 

Children

The Services are intended only for individuals who are 18 years of age or older.  We do not knowingly collect personal information from children under 18 through the portions of the Services governed by this Privacy Policy. If we become aware that we have collected personal information from a child under 18 in violation of applicable law, we will take appropriate steps to delete such information. Health or medical information collected in connection with healthcare services is governed by our HIPAA Notice and the applicable Provider’s Notice of Privacy Practices.

 

Data Retention

We retain personal information governed by this Privacy Policy for as long as reasonably necessary to:

  • Provide and operate the Services;
  • Maintain business and financial records;
  • Comply with applicable legal, tax, accounting, and regulatory obligations;
  • Enforce our agreements and resolve disputes; and
  • Protect against fraud or security incidents.

 

Retention periods vary depending on the nature of the information and the purpose for which it was collected. When personal information is no longer required for these purposes, we will delete or de-identify it in accordance with our internal data management practices.

 

Information collected and maintained in connection with healthcare services is subject to applicable legal and regulatory retention requirements and is governed by our HIPAA Notice and the applicable Provider’s record retention obligations.

 

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, or applicable law.

When we make material changes, we will post the updated Privacy Policy on the Services and revise the “Last updated” date at the top of this document. In some cases, we may provide additional notice as required by law.

Your continued use of the Services after the updated Privacy Policy becomes effective constitutes your acknowledgment of the revised Privacy Policy.

 

Contact Us

If you have questions about this Privacy Policy or our privacy practices, you may contact us at: legal@joinpolly.com. You may also send written correspondence to the address listed in our Terms and Conditions of Use.

‍