Privacy Policy

Introduction

5DGENX LLC ("5DGENX," "we," "us," or "our") operates as a physician supervised telehealth practice based in Miami Beach, Florida. We provide regenerative medicine programs, compounded peptide therapies, and laboratory diagnostic services through our website and patient portal.

This Privacy Policy explains how we collect, use, store, share, and protect your personal information, including Protected Health Information (PHI) covered by the Health Insurance Portability and Accountability Act (HIPAA).

By using our services, you acknowledge that you have read and understood this Privacy Policy.

HIPAA Disclosure

5DGENX is a HIPAA covered entity. We collect, use, and disclose Protected Health Information (PHI) in accordance with HIPAA Privacy and Security Rules.

What PHI We Collect

• Intake questionnaire responses
• Medical history and current medications
• Blood panel and laboratory diagnostic results
• Biomarker measurements
• Photos uploaded for clinical review when applicable
• Treatment records and physician notes

Internal Access

Access to PHI is restricted to clinical staff, the prescribing physician network, and operations personnel with a legitimate need to know. All staff with PHI access have completed HIPAA training.

Physician Network as Business Associate

Our network of licensed physicians and compounding pharmacy partners are treated as Business Associates under HIPAA. Each has signed a Business Associate Agreement (BAA) with 5DGENX governing the protection and use of PHI.

Patient Rights Under HIPAA

• Right to Access: You may request a copy of your PHI we maintain
• Right to Amend: You may request corrections to your PHI
• Right to an Accounting of Disclosures: You may request a list of certain disclosures we have made
• Right to Request Restrictions: You may request limits on how we use or disclose your PHI
• Right to Confidential Communications: You may request communication through specific channels
• Right to a Paper Copy: You may request a paper copy of our Notice of Privacy Practices

Breach Notification

In the event of a breach affecting your PHI, we will notify you within 60 days of discovery in accordance with the HIPAA Breach Notification Rule. Breach notices will be sent to the email and physical address on file and may include guidance on protective steps you can take.

Information We Collect

Contact Information

• Full name
• Email address
• Phone number
• Shipping and billing address
• Date of birth

Payment Information

Payment card information is collected and processed exclusively by our third party payment processor. 5DGENX does not store full card numbers on our systems.

Health Information

See the HIPAA Disclosure section above for a full description of the PHI we collect.

Technical Data

• IP address
• Browser type and version
• Device identifiers
• Operating system
• Cookie data and session identifiers
• Pages visited and time spent on site

How We Use Your Information

• Order Fulfillment: Processing orders, coordinating with pharmacy and lab partners, arranging shipping
• Clinical Review: Routing your intake forms and lab results to a licensed physician for protocol assignment
• Patient Portal Access: Providing you secure access to your records, orders, and communications
• Customer Service: Responding to inquiries, providing support, troubleshooting issues
• Legal Compliance: Meeting regulatory requirements, including HIPAA, state medical board rules, and tax obligations
• Fraud Prevention: Detecting and preventing fraudulent transactions or account misuse
• Service Improvement: Analyzing usage patterns to improve our platform (using de identified data where possible)

Third Parties We Share Data With

We share your information only with third parties necessary to provide our services. Each is bound by a Business Associate Agreement or comparable confidentiality agreement.

• Payment Processor: For payment processing only. Payment data is handled directly by the processor.
• 503A Compounding Pharmacy Partners: For prescription fulfillment and shipping of compounded medications.
• Laboratory Partners: Including Quest Diagnostics and LabCorp, for blood panel processing and result reporting.
• Physician Network: Licensed physicians in our network who review intake, prescribe protocols, and provide clinical oversight.
• Shipping Carriers: UPS, FedEx, USPS for product and specimen delivery. Tracking information is shared as needed.
• Analytics and Infrastructure Providers: Hosting, security, and platform analytics providers under appropriate agreements.

We do not sell your personal information. We do not share PHI with third parties for marketing or advertising purposes.

Cookies and Tracking

We use cookies and similar technologies to operate the website and improve your experience.

Types of Cookies

• Session Cookies: Maintain your session as you navigate the site
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how visitors use the site
• Security Cookies: Detect and prevent fraudulent activity

Disabling Cookies

You may disable cookies in your browser settings. Note that disabling cookies may impact site functionality, including login and checkout.

CCPA and GDPR Rights

Residents of California, the European Union, and other jurisdictions with privacy laws have additional rights regarding their personal data.

Your Rights

• Right to Access: Request a copy of personal data we hold about you
• Right to Correct: Request correction of inaccurate or incomplete data
• Right to Delete: Request deletion of your data, subject to legal retention requirements
• Right to Data Portability: Receive your data in a portable, machine readable format
• Right to Opt Out of Sale: We do not sell personal information, but you may formally opt out
• Right to Non Discrimination: We will not discriminate against you for exercising these rights

To exercise any of these rights, contact us at [email protected]. We will verify your identity before fulfilling the request and respond within the timeframe required by applicable law.

Data Retention

We retain different categories of data for different periods, as required by law and as necessary to provide our services.

• Medical Records (adults): Retained for a minimum of 5 years from the last patient encounter, in accordance with Florida law
• Medical Records (minors, when applicable): Retained for 7 years or longer based on circumstances
• Order and Transaction Records: Retained for 7 years for tax and accounting purposes
• Account Information: Retained while your account is active and for 1 year after account closure unless legal retention applies
• Marketing Communications Preferences: Retained until you opt out or close your account
• Technical and Analytics Data: Retained in aggregated or de identified form indefinitely

Data Security

We use administrative, technical, and physical safeguards to protect your information.

• Encryption: Data is encrypted in transit using TLS and at rest using industry standard encryption
• Access Controls: Internal access to PHI and personal data is role based and audit logged
• Audit Logs: All access to PHI is recorded and monitored for suspicious activity
• Staff Training: All personnel with PHI access complete HIPAA training and annual refreshers
• Vendor Management: Third parties handling PHI are bound by Business Associate Agreements
• Breach Response: We maintain an incident response plan and will notify affected users in accordance with HIPAA and state law

No system is 100 percent secure. While we take reasonable measures to protect your information, we cannot guarantee absolute security.

Children's Privacy

5DGENX services are restricted to individuals 18 years of age or older. We do not knowingly collect personal information or PHI from individuals under 18.

If we become aware that we have collected personal information from a minor, we will delete that information promptly. If you believe we may have collected information from a minor, please contact us at [email protected].

Updates to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this page reflects the most recent revision.

Material changes will be communicated through email to your account address or through a prominent notice on our website. Continued use of our services after the effective date of an update constitutes acceptance of the updated policy.

Contact Us

For questions about this Privacy Policy, to exercise your rights, or to file a privacy concern, contact our designated privacy contact: