Privacy Policy

INA, operated by Adsail LLC ("INA," "we," "us," or "our"), is committed to protecting the privacy and security of your personal information, including your protected health information ("PHI") as defined under the Health Insurance Portability and Accountability Act ("HIPAA"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our telehealth platform, or otherwise interact with our services. By using INA, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use our services.

Information We Collect

We collect several types of information to provide and improve our telehealth services. The categories of information we may collect include:

Personal Information

When you create an account, complete a health intake questionnaire, or otherwise engage with our services, we may collect your full name, date of birth, email address, phone number, mailing address, and government-issued identification where required for identity verification.

Health and Medical Information

In the course of providing telehealth services, we collect health information you provide through intake forms, consultations with healthcare providers, and ongoing treatment interactions. This includes your medical history, current medications, allergies, symptoms, diagnoses, treatment plans, and prescription information. This information constitutes PHI and is handled in accordance with HIPAA and applicable state laws.

Payment Information

We collect billing information necessary to process payments for our services, including credit card or debit card numbers, billing addresses, and transaction histories. Payment processing is handled by our third-party payment processor, Stripe, and we do not store your full payment card details on our servers.

Technical and Usage Information

We automatically collect certain information when you access our website and platform, including your IP address, browser type, device information, operating system, referring URLs, pages viewed, and the dates and times of your visits. We may use cookies, web beacons, and similar tracking technologies to gather this information for analytics and service improvement purposes.

How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our telehealth services, including facilitating consultations with licensed healthcare providers through the OpenLoop physician network
• To process and fulfill prescription orders and coordinate with licensed pharmacies for medication dispensing and delivery
• To manage your account, including authentication, customer support, and subscription management through our Bask Health platform integration
• To process payments and subscriptions via Stripe and maintain accurate billing records
• To communicate with you about your treatment, appointments, prescription status, and service updates
• To comply with legal and regulatory obligations, including HIPAA requirements for the use and disclosure of PHI
• To detect, prevent, and address fraud, security incidents, and technical issues
• To conduct analytics and research to improve our services, user experience, and clinical outcomes, using de-identified or aggregated data where possible

How We Share Your Information

We do not sell your personal information or PHI. We may share your information in the following circumstances:

Healthcare Providers

We share your health information with the independent, licensed healthcare providers in the OpenLoop physician network who provide your telehealth consultations and prescribe medications as part of your treatment plan.

Pharmacies

Prescription information is shared with licensed pharmacies to fulfill your medication orders and ensure safe dispensing.

Service Providers and Business Partners

We work with trusted third-party service providers who assist us in operating our platform and delivering our services. These include the Bask Health platform for telehealth infrastructure, Stripe for payment processing, shipping and logistics providers, and cloud hosting services. These providers are contractually obligated to protect your information and, where applicable, are bound by Business Associate Agreements as required under HIPAA.

Legal and Regulatory Compliance

We may disclose your information when required by law, regulation, legal process, or governmental request. This includes compliance with HIPAA-permitted disclosures, such as those related to public health activities, health oversight, judicial and administrative proceedings, law enforcement, and to avert a serious threat to health or safety.

Data Security

We implement administrative, technical, and physical safeguards designed to protect your personal information and PHI against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, audit logging, workforce training, and regular security assessments. While we strive to protect your information, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security. In the event of a data breach involving your PHI, we will notify you and the appropriate regulatory authorities in accordance with HIPAA and applicable state breach notification laws.

Your Rights

Depending on your jurisdiction and the nature of the information, you may have the following rights:

• Access: You have the right to request access to the personal information and PHI we hold about you, including the right to obtain a copy of your medical records.
• Correction: You may request that we correct inaccurate or incomplete personal information or PHI.
• Deletion: You may request that we delete your personal information, subject to certain exceptions required by law, including medical record retention requirements.
• Restriction: You may request restrictions on certain uses or disclosures of your PHI, although we are not required to agree to all such requests.
• Data Portability: Where applicable, you may request that we provide your personal information in a structured, commonly used, machine-readable format.
• Opt-Out: You may opt out of receiving marketing communications from us at any time by following the unsubscribe instructions in our emails or contacting us directly.

To exercise any of these rights, please contact us at hello@tryina.com. We will respond to your request within the timeframes required by applicable law.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information or PHI from children under 18. If we become aware that we have inadvertently collected such information, we will take prompt steps to delete it. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hello@tryina.com.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, provide you with additional notice (such as by email or through a prominent notice on our website). We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: