EFFECTIVE DATE: February 26, 2018


This Privacy Policy sets out the terms under which Hint Inc., doing business as HintMD (“us,” “we,” or “HintMD”), will treat your personal information any time you come in contact with HintMD or any HintMD service, including using our mobile app (each a “Service,” and together the “Services”). We created this Privacy Policy to give you confidence as you visit and use the Services, and to demonstrate our commitment to fair information practices and the protection of privacy.

Users of Our Services

There are three kinds of users of our Services:

  1. A “Physician” is a physician or medical practice that uses our Service to maintain business records and give their patients the ability to subscribe to, pay for and keep a history of their treatments, all supported by the HintMD platform. Employees and agents of the Physician who use our Services are treated as Physicians under this Privacy Policy.

  2. A “Patient” is an individual with an account on the HintMD platform. If you are a Patient, your account with HintMD has been created by and is paid for by your Physician.

  3. A “Visitor” is an individual visiting our website or downloading our app without an account.  

Our Relationship with Physicians and their Employees

As a Physician or an employee or agent of a Physician, you create and are in control of the data and information stored in our Services. This Privacy Policy describes how we treat and can use that data and information. It also describes the data we collect when you access our Services, and how we treat and can use that data.

Our Relationship with Patients

We are a service provider to your Physician, and your Physician is providing our services to you as a benefit of your relationship with that Physician. The records, data and information that are stored by our Services are owned and controlled by your Physician, subject to HIPAA and our BAA (both described below).

This Privacy Policy describes how we treat and can use the data, records and other information placed into your account by your Physician. It also describes the data we collect when you access our Services to check on or use your account, and how we treat and can use that data.

Our Relationship with Visitors

As a Visitor, you do not have an account and HintMD does not have any personal information about you. For you, this Privacy Policy describes the data we collect when you access our Services, and how we treat and can use that data.

Where We Store Your Data

HintMD provides Services from the United States of America. So when you use our Services, the information you enter will be sent to and stored in our servers in the United States.

If you are visiting our website or using our Services from anywhere outside of the United States, including any part of the European Union, please note that you are expressly agreeing and consenting that your information will be transferred to, processed in and stored in the United States, where we will always treat it as described in this Privacy Policy.

Protected Health Information: HIPAA and Our Business Associates Agreement

If you are a Patient, our Services are being used by your Physician to store and process information that may include health information that can identify you (known as “Protected Health Information”).

The types of Protected Health Information we store and process are limited. We do not store or process medical charts, diagnostic information or other detailed information about your diagnoses, treatments or health history.

The Protected Health Information that we may store and process depends on what your Physician provides and generally falls into one of these categories:

The privacy of your Protected Health Information is governed by this Privacy Policy, the Health Insurance Portability and Accountability Act (“HIPAA”) and the Business Associates Agreement (“BAA”) we have entered into with your Physician. If you would like more information about HIPAA and BAAs, the Wikipedia entry for HIPAA is a good starting point:

If you are a Physician or a Visitor, we are not collecting Protected Health Information about you.

Other Information We Collect

We also collect and store data that we need to provide the Services and to improve those Services. This section will give you more information about the kinds of information we collect, but the specific information we collect will depend on the type of user you are, and whether you are using our app or visiting our website.

(a) Non-Health Personal Information. We may collect personal information that is not Personal Health Information in order to provide the Services to you and to improve the Services.

(b) Financial Data. HintMD will collect, record, and maintain a history of transactions between Patients and Physicians. Our Services make those records available to you at any time. Either a Patient or your Physician will also provide Patients’ credit card numbers or other financial account information (“Payment Account Data”) that will be used to process subscription plans and service payments as described in our Terms of Use

 HintMD never directly sees, records, or uses any Payment Account Data other than the last four digits of your payment account number, which we use solely for identity and account verification. Instead, we use a third-party payment processor that complies with the Payment Card Industry Data Security Standard when processing and/or storing such data. Our payment processor’s privacy policy governs Payment Account Data and can be found here.

(c) Device and Traffic Data. Our servers automatically recognize and store your domain names, Internet Protocol addresses (the number assigned to your device when it accesses the Internet), device identifiers (small data files or similar data structures stored on or associated with your mobile device or wearable, which uniquely identify your device), and your device’s name, model, operating system and locale. The Services may also gather anonymous traffic data -- for example, the amount of data passing through our Services at any point in time -- that does not personally identify you but may be helpful for improving our business and how we serve you.  

(d) Cookies and Similar Technologies. From time to time, we may use the standard cookies feature of major browser applications, pixels or web beacons that allows us to store a small piece of data on the computer, mobile device or wearable device you use to access our Services. We may also use similar technologies when you use our app. We do not set any personally identifiable information in cookies.

These technologies help us learn which areas of our Services are useful and which areas need improvement. You can choose whether to accept cookies and other web technologies by changing the settings on your browser. However, if you choose to disable these functions, your experience using our Services may be diminished and some features may not work as they were intended.

(e) Log Files. When you access our Services, we may automatically record certain log file information, including your request, browser type (when you access our website), referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails we send you to help us track which emails are opened and which links are clicked. The information we collect helps us achieve a better, more accurate understanding of how our Services are used, and how we can improve them.

(f) Metadata. Metadata is usually technical data that is associated with the entry of specific data into our Services. For example, Metadata can describe how, when, where and by whom a piece of data was created and collected.

(g) Analytics Data. We may use third-party analytics tools to help us measure traffic and usage trends for the Services. These tools collect information sent by your device or our Services to assists us in improving the Service.

How We Use and Share Information

Our goal in using and sharing information is to create better services for you and your Physician. Here is how we use and share, or not share, the different kinds of information we collect.

(a) Personal Information. Personal information is information relating to an identified or identifiable natural person – in other words, information that can identify you, directly or indirectly. Except (i) as stated in this Privacy Policy, (ii) as necessary to provide you with our Services, or (iii) as necessary to comply with the law, we will not share your personal information with any third parties without your consent.

Here is how we may use your personal information under this Privacy Policy:

We may use your personal information to verify your identity or to follow up with activities initiated on the Services. We may also use your contact information to stay in touch, inform you of any changes to the Services, or to send you additional information about HintMD.

As discussed above, we use a third-party payment processor to process your payments. We, and you, provide them with personal data for that purpose and subject to the payment processor’s privacy policy, linked above.

If we ever use a different third party to help us provide our Services, our first choice will be to not provide that third party with access to any personal information. But if that third party needs access to your personal information in order to help us provide the Service, we will share the information with them only under an agreement that does not allow them to use it for any other purpose.

(b) Data Use by Physicians. Physicians create Patient accounts, and Patient accounts are business record for the Physicians. A Physician will always have access to the account created by that Physician, including all information in it. If a Patient receives treatments from more than one Physician using our Services, each Physician will only be able to access the account created by that Physician. A Physician can use that information for any information permitted by law and any agreement between the Patient and the Physician, including for the collection of any outstanding balances.

 (c) Anonymous Information. We sometimes collect and use anonymous information to analyze our Services traffic. In addition, we may use anonymous information to help diagnose problems with our server, to administer our Services, or to display content according to your preferences. We may also strip your personal information from data about your use of the Services to create anonymized data that we aggregate with anonymized data of other users (for example, to determine the number of users we have in a particular region or the number of users who receive particular kinds of treatments from their Physicians). We may use anonymous and anonymized information for any legal purpose.

(d) Use of Cookies and Similar Technologies. We may use cookies or other similar technologies to deliver content specific to your interests, to save your username so you don’t have to re-enter it each time you use our Services, or for other purposes.

(e) Required Disclosure of Personal Information. We may disclose personal information, including Protected Health Information, if required to do so by law or in the good-faith belief that such action is necessary to (1) conform to the law or comply with legal process served on HintMD or any parent company, subsidiaries or affiliates, (2) protect and defend the rights or property of HintMD or the users of the Services, or (3) act under exigent circumstances to protect the safety of the public or users of the Services.

(f) Sale of HintMD. As businesses grow and evolve, another company can buy them (or some part of them). If HintMD or substantially all of its assets are acquired, user information, including personal information, will be one of the assets transferred to the acquirer. If a company that acquires HintMD gets access to your information, it will be bound by this Privacy Policy in its treatment of all such information.

Changes to and Deletion of Personal Information

If you are a Physician, you have the ability to access, modify, delete and/or add to the data you provide us, including Patient information.

If you are a Patient and would like to review or request changes to the information that we collect about you, please contact us at Because your account is a business record for your Physician, our ability to make changes to or delete account information may be limited. We will, however, make any changes and deletions that are required by applicable law, including HIPAA, or agreed to between you and your Physician.

If you are a Visitor, we do not collect any personal information about you.

Data Security

The Services have security measures in place to prevent the loss, misuse, and alteration of the information that we obtain from you, but we make no assurances about our ability to prevent any such loss or misuse to you or to any third party.

Areas We Do Not or Can Not Control

Our Services are used by you and your Physician. We do not input, electronically limit or control the input of any data by your Physician.

Not a Service for use by Children

We understand and are committed to respecting the sensitive nature of children’s privacy online. We provide our Services for use by adults 17 years old and older and do not direct any of our content or Services specifically at persons under 17 years of age. Accounts for Patients under 17 years of age may only be accessed and used by the Patient’s legal guardian. If we learn or have reason to suspect that a Services user is under age 13, we will block that person’s access to the account until it can be verified that the user is over 13. If we learn or have reason to suspect that a Services user is under age 17, we may exercise our right to terminate the account.

How to Contact Us

If you have any questions about this Privacy Policy, our practices related to this Services, or if you would like to have us remove your information from our database please feel free to contact us at

Updates and Changes

We may add to, change, update, or modify this Privacy Policy over time. If we change the Privacy Policy in a way that affects how your data will be used or the permissions you grant to HintMD, we will notify you and ask that you review the new Privacy Policy. At that time, you can elect to accept the new policy and continue using our Services, or you can stop using our Services. We may not notify you of changes that do not affect how your data will be used or the permission you grant us.

We ask that you review this Privacy Policy from time to time to ensure that you continue to agree with all of its terms, and your continued use of the Services after a change will constitute your agreement to the new terms.