Last Updated: December 31, 2025
www.everlywell.com (the "Website") is owned and operated by Everly Health, Inc. ("Everly") (collectively "Everly," "us," "we," or "our"). This Privacy Notice, together with our Terms and Conditions (collectively, the "Agreement"), forms a legally binding agreement between you ("you" or "your") and Everly, its parents, subsidiaries, affiliates, related companies, representatives, officers, and directors. By using the Website or our products and services (collectively, "Your Use"), you consent to this Agreement as if you had signed it.
1. SCOPE OF THE NOTICE
This notice applies to all visitors to the Website and users of Everly’s products and services, including apps, websites, and features. Your use of the Website is also subject to our Terms and Conditions.
HIPAA and Certain State Health Privacy Laws
Some of our products and services may involve the collection or use of protected health information (PHI) and may be subject to the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws governing the privacy of health information.
To the extent HIPAA applies, our HIPAA Notice of Privacy Practices describes how PHI may be used and disclosed and explains individuals’ rights with respect to PHI.
2. INFORMATION WE COLLECT
A. Information You Provide
We collect personal information you provide, such as your name, phone number, address, purchase history, health history, and messages or attachments sent to us.
We may also collect Consumer Health Data to the extent you provide information to us or third parties which includes, but is not limited to, health-related conditions, symptoms, diagnoses, treatments, medications, tests, and genetic data.
B. Information Collected Automatically
We collect data using cookies, tracking pixels, analytics tools (e.g., Google Analytics), software development kits (SDKs), and other technologies to improve your experience and provide relevant advertisements. You can modify cookie settings in your browser, though certain features may be affected.
We also collect anonymous data, including IP addresses, referral data, browser type, and platform information. Log files help us analyze trends, administer the Website, and improve user experience.
2. HOW WE USE YOUR INFORMATION
This section describes how we use personal information, including sensitive personal information, collected through our Website and products and services purchased online. It does not apply to personal information collected offline or through services we provide on behalf of our enterprise customers, which are governed by separate agreements and, where applicable, our HIPAA Notice of Privacy Practices.
We use your information to:
- Communicate with you about products, services, and inquiries.
- Provide products or services that you purchase.
- Provide customer support to assist with issues.
- Process transactions when you make a purchase.
- Personalize content for a better customer experience.
- Protect the security of our Website by processing personal information to prevent spam, malware, malicious activity, and other security risks.
- Develop new products or services based on customer need and demand.
- For any other purpose disclosed to you prior to providing the personal information which is reasonably necessary to provide products and services
Where required by law (e.g., California), you may have the right to limit the use and disclosure of sensitive personal information. To exercise this right, please submit a request using the contact methods listed in Section 6(C).
4. HOW WE SHARE YOUR INFORMATION
A. Business Purposes
Personal information may be shared with:
- Trusted businesses processing data on our behalf under confidentiality agreements.
- Affiliated services to provide a seamless experience.
- Third-party service providers for advertising and analytics.
- Carefully selected business partners offering complementary services, including laboratories, telehealth providers, and pharmacies.
B. Legal Requirements
We may disclose your data to comply with legal obligations, respond to legal processes, enforce our Terms, cooperate with law enforcement, or protect our rights and safety.
C. Corporate Transactions
Your data may be shared in connection with a merger, sale, or corporate restructuring.
D. With Your Consent
We may share your information as directed by you.
5. HOW WE STORE AND PROTECT YOUR INFORMATION
A. Security
We implement security measures to prevent unauthorized access, alteration, disclosure, or destruction of your data. Access to personal information is restricted to employees and service providers who require it for business operations.
B. Data Retention
We retain your personal information only for as long as reasonably necessary to fulfill our legitimate business purposes, including to meet legal, regulatory, tax, accounting, or reporting requirements.
To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information, and whether we can achieve those purposes through other means.
When personal information is no longer required, we will delete or de-identify it in accordance with applicable laws and internal policies.
6. YOUR RIGHTS AND CHOICES REG
A. All Users
- Reviewing and Updating Your Information: To review or update your personal data, contact [email protected].
- Email Preferences: You can unsubscribe from marketing emails via the unsubscribe link, but you will continue receiving transactional emails.
- Cookie Preferences: Adjust cookie settings in your browser to manage tracking.
- “Do Not Track” Signals: We honor "Do Not Track" browser requests and do not track users who enable this setting.
- SMS Communications: We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your data, including your SMS opt-in or consent status, with third parties that help us provide our messaging services, including but not limited to platform providers, phone companies, and any other vendors who assist us in the delivery of text messages
B. State-Specific Privacy Rights
Residents of California, Colorado, Connecticut, Delaware, Indiana, Iowa*, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia have additional rights regarding their personal information under their respective privacy laws. These rights generally include:
- Right to Know: You may request confirmation of whether we process your personal data and access details, including the categories of data collected, sources, purposes, and third-party sharing.
- Right to Correct: You may request corrections to inaccurate personal data we hold about you.
- Right to Delete: You may request the deletion of your personal information, subject to exemptions under state law.
- Right to Obtain a Copy: You may request a copy of the personal data we have collected about you.
- Right to Opt-Out: You may opt out of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling that produces legal or similarly significant effects.
- Right to Appeal: If we deny your request, you may appeal our decision. To appeal a decision, please reply to our original response or email [email protected] with the subject line “Privacy Request Appeal”.
- Non-Discrimination: You will not be discriminated against for exercising your privacy rights.
*Iowa does not require a right to correct.
C. California-Specific Rights
In addition to the rights above, California residents have:
Shine the Light: Under Cal. Civ. Code § 1798.83 (“Shine the Light”), you may request details about certain disclosures of personal information to third parties for their own direct marketing purposes during the prior 12 months. As noted herein, we permit customers to opt out of the “sharing” of their personal information for cross-context behavioral advertising and “sales” of their personal information, as such terms are defined under the CCPA. This opt out applies to any disclosures covered by Shine the Light if applicable and satisfies our obligations under Shine the Light. To exercise such rights, please follow the instructions in Section 6(F) below.
Do Not Share My Personal Information: We may share certain categories of personal information with marketing and advertising vendors to deliver targeted advertisements on our behalf or on behalf of third parties. These categories include identifiers (such as IP address, device or browser identifiers, and mobile ad IDs), internet or network activity information (such as browsing and search activity, interactions with websites, applications, or advertisements, page views, clicks, and time spent), and, to the extent inferred from your interactions, information related to health or diagnostic topics, including symptoms, conditions, treatments, or wellness-related interests reflected by the content you view, search for, or engage with.
You may request that we do not share your personal information, including for advertising purposes.
Limit the Use of My Sensitive Personal Information: You have the right to limit our use and disclosure of your sensitive personal information to purposes that are necessary to provide the services you request or that are reasonably expected by an average consumer, as permitted under California law.
To exercise this right, you may use the “Your Privacy Choices” link provided on our homepage or contact us at 888-813-0230 or [email protected]. We will verify and process your request as required by law and will honor your choice for at least 12 months before seeking additional authorization.
We may continue to use or disclose sensitive personal information only for the limited purposes allowed by the CCPA/CPRA, including but not limited to providing requested services and ensuring security and integrity. If we use or disclose sensitive personal information for any additional purposes, we will provide the required notice and offer you the right to limit such use.
Categories of Collected and Disclosed Personal Information: The below outlines the categories of personal information Everly and its affiliates may have collected from and about California residents over the past 12 months, as well as the categories of recipients to whom we have disclosed this information for business or commercial purposes.
| Category of Personal Information Collected | Categories of Sources | Business or Commercial Purpose for Collection | Categories of Third Parties to Whom Disclosed | Sold or Shared? |
|---|---|---|---|---|
| Identifiers (e.g., name, email, IP address) | Directly from consumer; cookies and analytics tools | To provide you with products and services and for internal purposes | Service providers, advertising partners, analytics vendors | Shared |
| Customer Records Information (e.g., name, phone, billing address) | Directly from consumer | Fulfilling transactions, verifying identity, providing services | Payment processors, logistics vendors | Shared |
| Commercial Information (e.g., purchase history) | Transaction history | Order fulfillment, internal analytics, marketing | Payment processors, advertising partners, analytics platforms, service providers | Shared |
| Internet/Network Activity (e.g., browsing history, ad interactions) | Cookies, pixels, tracking scripts | Site analytics, targeted advertising, fraud prevention | Ad networks, analytics platforms | Shared |
| Geolocation Data (e.g., IP-based location) | Device/browser tools | Localized services, site security, analytics | Service providers, analytics vendors, advertising partners | Shared |
| Inferences (e.g., profiles or scores) | Directly from consumer, cookies, pixels, tracking scripts | Internal analytics, targeted advertising | Service providers, advertising partners | Shared |
| Consumer Health Data (e.g., diagnoses, treatments, medications, genetic data, tests) | Directly from consumer, third parties (e.g., diagnostic labs, insurance companies, telehealth providers) | Providing services, customer support, marketing | Service providers | Shared |
D. Additional Rights for Nevada and Washington Residents
Residents of Nevada and Washington may exercise specific privacy rights related to their consumer health data as provided under the Washington My Health My Data Act and the Nevada Consumer Health Data Privacy Law. For more information, please see our Consumer Health Data Privacy Notice.
E. Global Privacy Control and Opt-Out Preference Signals
We recognize and honor browser-based opt-out preference signals, such as the Global Privacy Control (GPC), where required by law (including California, Colorado, and Connecticut). When we receive a valid GPC signal, we treat it as a request to opt out of the sale or sharing of your personal information and/or targeted advertising, as applicable.
F. Exercising Your Rights
To submit a request regarding your privacy rights, please contact us via:
- Email: [email protected] – Include your full name, residential address, email, phone number, and the nature of your request.
- Toll-Free Telephone Number: Call 888-813-0230 to make a request.
We will respond within 45 days and notify you if an extension is needed.
7. THIRD-PARTY LINKS AND BEHAVIORAL TRACKING
Third-Party Links
Our website may include links to third-party products or services. These external sites operate independently and have their own privacy policies. We are not responsible for their content or activities.
Third-Party Information Gathering
Everly may display content and advertisements from third parties that track user activity beyond what is described in this notice. These third parties may place cookies on your device, collect data, or solicit personal information. For details on third-party tracking, cookies, and how to opt out, please review the privacy policies of the respective third-party providers.
8. CHILDREN'S DATA
To use this website, you must:
- Be 18 years or older and legally able to enter a binding contract, or
- Be 13 years or older with parental or guardian consent.
The website is not intended for children under 13, and no one under 13 may use it. By using the website, you affirm that you meet the age requirement.
Please note that certain laws allow individuals aged 16 and older to purchase some of our products and services. In those cases, purchasers must be at least 16 years old.
We do not knowingly share the personal data of minors under 16 without required authorization.
9. CHANGES TO THIS PRIVACY NOTICE
We may update this notice periodically as our website evolves and privacy laws change. Updates will be posted online, and by continuing to use the website, you agree to the latest version of this notice.
10. CONTACT US
For any questions or concerns about this notice or your privacy, please contact us at:
Everly Health, Inc. Attn: Privacy Office 5209 Burnet Road, Suite 300 Austin, Texas 78756 888-813-0230 [email protected]