Privacy Policy for AthenaDirectCare.com
Effective Date: January 1, 2026
At AthenaDirectCare.com (referred to as “we,” “us,” or “our”), we are committed to protecting your privacy and safeguarding your personal information, including sensitive health data. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website AthenaDirectCare.com, use our services, or interact with us. By accessing or using our website, you consent to the practices described in this policy.
This policy applies solely to information collected through our website and does not replace our Notice of Privacy Practices required under the Health Insurance Portability Accountability Act of 1996 (HIPAA). If you are accessing our services from outside the United States, please note that your information may be transferred to, stored, and processed in the United States, where our servers are located and where data protection laws may differ from those in your jurisdiction.
Medical Disclaimer
The information provided on this website is for general informational and educational purposes only and is not intended to serve as medical advice, diagnosis, or treatment. It should not be used as a substitute for professional medical care or consultation with a qualified healthcare provider.
No Physician-Patient Relationship Established
Use of this website, including viewing its content, submitting inquiries, or communicating via email or forms, does not create or establish a physician-patient relationship with Athena Direct Primary Care PLLC, its physicians, staff, or any affiliated providers.
Always seek the advice of your physician or other qualified healthcare professional with any questions you may have regarding a medical condition. Never disregard professional medical advice or delay seeking it because of something you have read on this website.
If you think you may have a medical emergency, call your doctor, go to the nearest emergency room, or dial 911 immediately.
Athena Direct Primary Care PLLC expressly disclaims any liability for damages, loss, or injury arising from the use of or reliance on information contained on this website.
1. Information We Collect
We collect various types of information to provide and improve our medical services, which may include telehealth consultations, appointment scheduling, health resources, and patient portals. The information we collect falls into the following categories:
a. Personal Information
• Contact Information: Name, email address, phone number, mailing address.
• Account Information: Username, password, and security questions when you create an account.
• Demographic Information: Age, gender, date of birth.
b. Health Information
• Protected Health Information (PHI): Medical history, symptoms, diagnoses, treatment plans, prescriptions, lab results, and other health-related data you provide or that is generated through our services.
• Billing Information: Insurance details, payment information (e.g., credit card numbers), and billing history.
c. Usage and Technical Information
• Device and Browser Data: IP address, browser type, operating system, device identifiers.
• Website Interaction Data: Pages visited, time spent on pages, referral sources, using cookies, web beacons, and similar technologies.
• Location Data: Approximate location based on IP address (we do not collect precise geolocation without consent).
We may collect this information directly from you (e.g., via forms or communications), automatically through your use of the website, or from third parties (e.g., healthcare providers with your consent).
2. How We Use Your Information
We use your information for the following purposes:
• Providing Services: To facilitate medical consultations, schedule appointments, process payments, and deliver health resources.
• Improving Our Services: To analyze usage patterns, enhance website functionality, and develop new features.
• Communication: To send appointment reminders, health tips, newsletters, or respond to your inquiries. You can opt out of non-essential communications.
• Compliance and Legal Obligations: To comply with laws, regulations, and legal processes, including HIPAA (Health Insurance Portability and Accountability Act) requirements for handling PHI.
• Research and Analytics: De-identified or aggregated data may be used for medical research, public health initiatives, or statistical analysis, ensuring no individual identification.
• Marketing: With your consent, to promote our services or those of partners.
We will not use your PHI for marketing without your explicit authorization, as required by HIPAA.
3. Sharing Your Information
We may share your information in the following circumstances:
• With Healthcare Providers: To coordinate your care, such as sharing PHI with doctors, pharmacies, or labs involved in your treatment.
• Service Providers: With third-party vendors who assist us (e.g., payment processors, IT support) under strict confidentiality agreements and HIPAA-compliant Business Associate Agreements.
• Legal Requirements: If required by law, such as in response to a subpoena, court order, or to prevent harm (e.g., reporting abuse or threats).
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.
• With Your Consent: For any other purpose with your explicit permission.
We do not sell your personal information or PHI to third parties.
4. Data Security
We implement reasonable administrative, technical, and physical safeguards to protect your information, including encryption, access controls, and regular security audits. As a HIPAA-covered entity, we adhere to HIPAA Security Rule standards.
However, no system is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.
5. Your Rights and Choices
You have certain rights regarding your information:
• Access and Correction: Request access to your PHI, request corrections, or obtain an accounting of disclosures.
• Opt-Out: Unsubscribe from marketing emails or restrict certain uses of your PHI (e.g., for fundraising).
• Deletion: Request deletion of your information, subject to legal retention requirements (e.g., medical records must be retained for a period under law).
• Cookies: Manage cookie preferences through your browser settings. Note that disabling cookies may affect website functionality.
To exercise these rights, contact us at [contact email or form]. We will respond within the timeframes required by law (e.g., 30 days under HIPAA).
If you are in the European Union or other regions with GDPR-like laws, you may have additional rights, such as data portability or objection to processing.
6. Children’s Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13 without parental consent. If we learn we have collected such information, we will delete it promptly.
For minors aged 13-18, we may require parental consent for certain services involving PHI.
7. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices. Review their policies before providing information.
8. Changes to This Privacy Policy
We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or a prominent notice on our website. Continued use of our services after changes constitutes acceptance.
9. Contact Us
If you have questions about this Privacy Policy or our practices, please contact our Privacy Officer at:
Athena Direct Primary Care PLLC
30 Office Park Way, Pittsford NY 14530
Email: info@athenadirectcare.com
Phone: 585-662-5510
For HIPAA-related concerns, you may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights.
This Privacy Policy is not a contract and does not create any legal rights or obligations beyond those required by applicable law.