Privacy Policy

Somira Health LLC (“Somira Health LLC,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, and safeguard information collected through our website and explains how health information is handled within the Somira Health LLC ecosystem.

Scope of this Privacy Policy

This Privacy Policy applies to information collected directly by Somira Health LLC through our website and related non-clinical services. It does not apply to health or medical information submitted through the health intake, patient portal, or telehealth services accessed via third-party providers and platforms.

Somira Health LLC does not provide medical care and does not independently collect, store, or maintain Protected Health Information (“PHI”).

Information We Collect

Information You Provide to Us.
We collect limited personal information directly from you, including:

Email address, when you voluntarily sign up for a waitlist, newsletter, or updates.

We do not collect names, phone numbers, medical information, or health history directly through our website.

Payment Information

Somira Health LLC does not collect or store payment card information. Payments related to access, provider consultations, and prescription fulfillment are processed through third-party platforms operated by our technology partners. Payment processing, including the use of Stripe, is handled entirely within those third-party systems and is subject to their respective privacy policies and terms.

Automatically Collected Information

When you visit our website, we may automatically collect certain information through cookies and analytics tools, including:

• IP Address
• Browser type and device information
• Pages visited and interactions with the site
• Approximate location based on IP address

We use Google Analytics to help us understand how visitors use our website and to improve site performance and content.

How We Use Information

We use the information we collect to:

Communicate with users who have joined our waitlist or requested updates.
Provide information about Somira Health LLC services and availability.
Improve our website, content, and user experience.
Monitor website performance and usage trends.
Maintain the security and integrity of our website.

We do not sell or rent personal information collected through our website.

Health Information and HIPAA

Health and medical information submitted in connection with healthcare services accessed through Somira Health LLC is collected, stored, and governed by independent, licensed healthcare providers and regulated pharmacies using third-party technology platforms.

These entities are subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and provide their own Notices of Privacy Practices. Somira Health LLC does not use health information for treatment, payment, or healthcare operations.

For additional information, please review the HIPPA Notice of Privacy Practices available on our website.

Cookies Policy

Somira Health LLC does not use cookies to collect or store information about users who visit the website. We do not collect, track, or store any data through cookies or track with analytics-based cookies.

As a result, no cookie consent or cookie preference management is required for use of the Services. If this practice changes in the future, Somira Health LLC will update this Cookie Policy and provide any legally required notices or consent mechanisms at that time.

Google Analytics collects information in accordance with Google’s privacy policies. You may learn more about how Google uses data from sites that use its services by visiting Google’s privacy resources.

Data Security

We use reasonable administrative, technical, and organizational safeguards to protect the limited information we collect through our website. However, no method of transmission over the Internet or electronic storage is completely secure.

Third-Party Links

Our website may contain links to third-party websites or platforms. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing any information.

Children’s Privacy

Somira Health LLC does not knowingly collect personal information from individuals under the age of 18. If you believe that a child has provided personal information to us, please contact us so we can take appropriate action.

Changes to This Privacy Policy

Somira Health LLC may update this Privacy Policy from time to time. Any changes will be effective when posted on this page, and the effective date will be updated accordingly.

HIPAA Compliance SOMIRA HEALTH LLC

HIPPA Privacy Statement:

Notice of Privacy Practices for Protected Health Information (PHI)

Effective Date: 05/22/2026

This Notice of Privacy Practices (“Notice”) describes how Somira Health LLC (“we”, “us”, or “our”) may use and disclose your Protected Health Information (PHI) to carry out treatment, payment, or healthcare operations and for other purposes that are permitted or required by law. This Notice also describes your rights regarding your PHI. We are required by law to maintain the privacy of your PHI, provide you with this Notice of our legal duties and privacy practices, and to abide by the terms of this Notice.

Uses and Disclosures of PHI

We may use and disclose your PHI for the following purposes:

1. Treatment: We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. This may include communication with other healthcare providers about your treatment and coordinating your care with other providers.
2. Payment: We may use and disclose your PHI to obtain payment for healthcare services provided to you. This may include contacting your insurance company to verify your coverage, billing and collection activities, and sharing PHI with other healthcare providers, insurance companies, or collection agencies.
3. Healthcare Operations: We may use and disclose your PHI for healthcare operations, including quality assessment, improvement activities, case management, accreditation, licensing, credentialing, and conducting or arranging for medical reviews, audits, or legal services.
4. As Required by Law: We may use and disclose your PHI when required to do so by federal, state, or local law.
5. Public Health and Safety: We may use and disclose your PHI to prevent or control disease, injury, or disability, to report child abuse or neglect, to report reactions to medications or problems with products, and to notify persons who may have been exposed to a communicable disease or may be at risk of spreading a disease or condition.
6. Health Oversight Activities: We may disclose your PHI to health oversight agencies for activities authorized by law, such as audits, investigations, inspections, and licensure.
7. Judicial and Administrative Proceedings: We may disclose your PHI in response to a court or administrative order, subpoena, discovery request, or other lawful process.
8. Law Enforcement: We may disclose your PHI for law enforcement purposes, such as to report certain types of wounds or injuries, or to comply with a court order, warrant, or other legal process.
9. Research: We may use and disclose your PHI for research purposes when the research has been approved by an institutional review board and privacy protections are in place.
10. Organ and Tissue Donation: If you are an organ donor, we may disclose your PHI to organizations that handle organ procurement, transplantation, or donation.
11. Workers’ Compensation: We may disclose your PHI for workers’ compensation or similar programs that provide benefits for work-related injuries or illnesses.
12. Military and Veterans: If you are a member of the armed forces, we may disclose your PHI as required by military authorities.
13. Inmates: If you are an inmate, we may disclose your PHI to the correctional institution or law enforcement official having custody of you.

Your Rights Regarding PHI

You have the following rights with respect to your PHI:

1. Right to Inspect and Copy: You have the right to inspect and copy your PHI that we maintain, with certain exceptions. To request access, submit a written request to our Privacy Officer. We may charge a reasonable fee for the costs of copying, mailing, or other supplies associated with your request.
2. Right to Amend: You have the right to request an amendment to your PHI if you believe it is incorrect or incomplete. To request an amendment, submit a written request to our Privacy Officer, specifying the information you believe is incorrect and why. We may deny your request if we believe the information is accurate and complete, or if we did not create the information.
3. Right to an Accounting of Disclosures: You have the right to request an accounting of disclosures of your PHI made by us in the past six years, except for disclosures made for treatment, payment, or healthcare operations, and certain other disclosures. To request an accounting, submit a written request to our Privacy Officer.
4. Right to Request Restrictions: You have the right to request a restriction on our use or disclosure of your PHI for treatment, payment, or healthcare operations. We are not required to agree to your request but will consider it. To request a restriction, submit a written request to our Privacy Officer, specifying the restriction you are requesting and to whom it applies.
5. Right to Request Confidential Communications: You have the right to request that we communicate with you about your PHI in a certain way or at a certain location. To request confidential communications, submit a written request to our Privacy Officer, specifying how or where you wish to be contacted.
6. Right to a Paper Copy of This Notice: You have the right to receive a paper copy of this Notice, even if you have agreed to receive it electronically. To obtain a paper copy of this Notice, contact our Privacy Officer.
7. Right to be Notified of a Breach: You have the right to be notified in the event that we discover a breach of your PHI.

Transmission of PHI

We are committed to protecting the privacy of your PHI and will ensure that any electronic transmission of PHI complies with the Health Insurance Portability and

Accountability Act (HIPAA) Privacy Rule (45 CFR 164). This includes the use of Secure-Socket Layer (SSL) or equivalent technology for the transmission of PHI, as well as adherence to all applicable security standards for online transmissions of PHI.

Changes to This Notice

We reserve the right to change this Notice and the revised Notice will be effective for PHI we already have about you, as well as any information we receive in the future. We will post a copy of the current Notice in our office and on our website. The Notice will contain the effective date on the first page.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or with the Secretary of the Department of Health and Human Services. You will not be retaliated against for filing a complaint.

Contact Information

To exercise any of your rights, or if you have any questions about this Notice or our privacy practices, please contact our Privacy Officer at:

Somira Health LLC, 455 Market St Ste 1940 PMB 439913, San Francisco, CA 94105  , Hello@somirahealth.com

This Notice is provided in accordance with the Notice of Privacy Practices for Protected Health Information from the Department of Health and Human Services’ Model and is applicable across all US states. Rights of Specific Jurisdictions within the US Certain states may have additional privacy protections that apply to your PHI. The following is an example of specific rights in the state of California. If you reside in a state with additional privacy protections, you may have additional rights related to your PHI.

California Residents:

1. Right to Access: In addition to the rights described above, California residents have the right to request access to their PHI in a readily usable electronic format, as well as any additional information required by California law. To request access, submit a written request to our Privacy Officer.
2. Right to Restrict Certain Disclosures: California residents have the right to request restrictions on certain disclosures of their PHI to health plans if they paid out-of-pocket for a specific healthcare item or service in full. To request such a restriction, submit a written request to our Privacy Officer.
3. Confidentiality of Medical Information Act (CMIA): California residents are protected by the Confidentiality of Medical Information Act (CMIA), which provides additional privacy protections for medical information. We are required to comply with CMIA in addition to HIPAA.
4. Marketing and Sale of PHI: California residents have the right to request that their PHI not be used for marketing purposes or sold to third parties without their authorization. To request a restriction on the use of your PHI for marketing or the sale of your PHI, submit a written request to our Privacy Officer.
5. Minor’s Rights: If you are a minor (under the age of 18), you have the right to request that certain information related to certain sensitive services, such as reproductive health, mental health, or substance use disorder treatment, not be disclosed to your parent or guardian without your consent. To request a restriction on the disclosure of such information, submit a written request to our Privacy Officer.

If you reside in a state other than California, please consult your state’s specific privacy laws for information about any additional rights you may have regarding your PHI. You may also contact our Privacy Officer for more information about your rights under specific state laws.

Somira Health LLC Privacy Policy: Notice of Privacy Practices for Protected Health Information (PHI) – State-Specific Provisions

In addition to the privacy practices described in our Notice of Privacy Practices for Protected Health Information, we comply with applicable state-specific privacy laws related to PHI.

The following are examples of a few states with additional privacy protections:

New York:

For residents of New York, we comply with the New York State Confidentiality of Information Law, which provides additional privacy protections for HIV-related information, mental health records, and genetic testing results. We will obtain written consent before disclosing such information, even for treatment, payment, or healthcare operations.

Texas:

For residents of Texas, we comply with the Texas Medical Privacy Act, which offers privacy protections beyond HIPAA, including requiring consent for certain disclosures of PHI, additional safeguards for electronic PHI, and specific requirements for the destruction of PHI. We also adhere to Texas’s specific privacy protections for mental health records and substance use treatment records.

Florida:

For residents of Florida, we comply with Florida’s privacy laws, which offer additional protections for mental health records, HIV/AIDS-related information, and substance abuse treatment records. We will obtain written consent before disclosing such information, even for treatment, payment, or healthcare operations. We also implement specific security measures to protect electronic PHI, as required by Florida law.

Illinois:

For residents of Illinois, we comply with Illinois’s specific privacy laws related to mental health records, HIV/AIDS-related information, and genetic testing results. We will obtain written consent before disclosing such information, even for treatment, payment, or healthcare operations. In addition, we will notify patients of any unauthorized access to their electronic PHI, as required by Illinois law.

Massachusetts:

For residents of Massachusetts, we comply with Massachusetts’s specific privacy laws related to mental health records, HIV/AIDS-related information, and genetic testing results. We will obtain written consent before disclosing such information, even for treatment, payment, or healthcare operations. We also implement specific security measures to protect electronic PHI, as required by Massachusetts law.

California:

For residents of California, we comply with the Confidentiality of Medical Information Act (CMIA), as well as California’s specific privacy laws related to marketing, sale of PHI, and minors’ rights. We will obtain written consent before disclosing certain information and adhere to additional privacy protections, as required by California law.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, you may contact us at: