top of page

PRIVACY POLICY

Effective Date: 01/01/2024

​

Welcome to GetMeOnPrEP.com (the “Website”). Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Website. It also describes your rights and choices concerning your personal information and how you can contact us if you have any questions or concerns.

​

Using our Website, you consent to the data practices described in this policy. If you do not agree with these practices, please do not use the Website.

​

1. Scope of this Policy

This Privacy Policy applies to personal information collected through our Website and any affiliated digital properties. We are dedicated to maintaining the privacy and security of all visitors, including patients seeking information about HIV/STD prevention and care (PrEP, PEP, DoxyPEP) and other sexual health-related services.

​

Because we are a health center (STAR Health Center at SUNY Downstate Health Sciences University) offering medical services, we are subject to specific federal and state regulations—including the Health Insurance Portability and Accountability Act (HIPAA)—that govern the confidentiality and security of health information.

​

2. Information We Collect

We may collect two main categories of information from you when you use our Website:

​

  1. Personal Information You Voluntarily Provide

    • Contact Information: When you fill out forms or request more information, please provide your name, email address, phone number, and mailing address.

    • Health-Related Information: If you submit any health-related inquiries, appointment requests, or other medical information (e.g., details about HIV/STD prevention, testing history, or medication questions), that information may be protected health information (PHI) subject to HIPAA.
       

  2. Automatically Collected Information

    • Log Data: We automatically collect information about your device and how you interact with the Website, such as IP address, browser type, device identifiers, and pages visited.

    • Cookies and Similar Technologies: We may use cookies or similar tracking technologies to improve Website functionality, analyze usage patterns, and enhance the user experience. You can control cookies through your browser settings.
       

3. How We Use Your Information
 

3.1 Providing Services and Information

  • To respond to inquiries and requests regarding PrEP, PEP, DoxyPEP, HIV/STD Prevention/Care, testing options, or appointments.

  • To connect you with our health center staff for medical appointments, follow-up, or other relevant services.

  • To send you important administrative information, such as changes to our terms, conditions, and policies.

​

3.2 Health-Related Communications

  • We may use your personal and health-related information to provide you with educational materials, appointment reminders, or relevant health updates by HIPAA regulations.

  • Any communication regarding personal health or medical records will be conducted in a manner consistent with applicable privacy laws and regulations (e.g., HIPAA).

​

3.3 Website Improvement and Analytics

  • To analyze how users interact with the Website.

  • To maintain, personalize, and improve our Website’s functionality and performance.

​

3.4 Legal Obligations and Rights

  • To comply with legal and regulatory requirements, including HIPAA and state medical privacy laws.

  • To protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others.

​

4. HIPAA Compliance

We are committed to protecting the privacy and confidentiality of your protected health information (PHI) as required by HIPAA (the Health Insurance Portability and Accountability Act) and other applicable laws. This includes:

  • Safeguards: We implement physical, technical, and administrative safeguards to ensure the confidentiality, integrity, and security of PHI.

  • Use and Disclosure: We will not use or disclose your PHI without your authorization, except as permitted or required by law (e.g., treatment, payment, healthcare operations, or public health activities).

  • Individual Rights: Under HIPAA, you have the right to access, amend, or receive an accounting of disclosures of your PHI. You also have the right to request restrictions on specific uses and disclosures or alternative communications. For information on how to exercise these rights, please contact us directly.

​

5. Sharing and Disclosure of Information

We do not sell, rent, or lease your personal information to third parties. We may share your information in limited circumstances:

  1. Service Providers: With trusted third-party vendors who assist us in operating the Website or providing our services (e.g., IT support, analytics providers), under strict confidentiality obligations.

  2. Healthcare Providers: With healthcare professionals, laboratories, or other entities as necessary for your treatment or care, in compliance with HIPAA.

  3. Legal Requirements: If required by law, court order, or subpoena, or if we believe that disclosure is necessary to protect our rights or comply with a legal obligation.

  4. Business Transfers: Your personal information may be transferred as part of a reorganization, merger, acquisition, or asset transfer.

​

6. Data Security

We maintain reasonable and appropriate administrative, technical, and physical safeguards to protect the personal information and PHI you provide against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use.

  • Encryption: We use encryption and secure servers to safeguard sensitive data.

  • Access Controls: Only authorized personnel with a valid business need are granted access to personal or health-related data.

However, no security system is impenetrable. We cannot guarantee the security of our databases or the complete security of data transmissions over the Internet.

​

7. Children’s Privacy

Our services are not directed to children under 13 (or any other age as required by local law), and we do not knowingly collect information from children. Suppose we discover that we have inadvertently collected personal information from anyone under the minimum legal age. In that case, we will delete it as soon as possible unless we are legally obligated to retain such information.

​

8. Cookies and Tracking Technologies

We use cookies, beacons, and similar technologies to track user activity on our Website and to remember certain user preferences. You can set your browser to reject cookies or notify you when a cookie is placed on your device. However, disabling cookies may affect the functionality of certain website features.

​

9. Third-Party Websites

Our Website may contain links to external sites or resources we do not operate or control. We are not responsible for those third parties' privacy practices or content. We encourage you to review the privacy policies of any external sites you visit.

​

10. Retention of Information

We retain personal information and PHI only for as long as needed to fulfill the purposes outlined in this Privacy Policy (or as otherwise required by law). We will securely dispose of your information following applicable laws and regulations when it is no longer needed.

​

11. Changes to this Privacy Policy

We may update this Privacy Policy occasionally to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we do, we will revise the “Effective Date” at the top of this page. We encourage you to review this page periodically for the latest information on our privacy practices.

​

12. Your Rights and Choices

  • Access and Correction: You have the right to request access to the personal information we hold about you and to request corrections if you believe any information is inaccurate or incomplete.

  • Opt-Out: You can opt out of receiving specific marketing or informational communications from us by following the unsubscribe link in the email or contacting us directly.

  • HIPAA-Related Requests: For PHI, you have additional rights under HIPAA as noted above (e.g., request restrictions on use/disclosure, request confidential communications, request an accounting of disclosures, etc.).

  • California Residents: If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). Please get in touch with us for more information.

​​

13. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our practices regarding your personal information, don't hesitate to get in touch with us using the details below:

​

STAR Health Center at SUNY Downstate Health Sciences University
470 Clarkson Avenue, Suite J
Brooklyn, NY 11203
Phone: 718-270-4504
Email: playsure@downstate.edu 

​

We are committed to addressing any concerns you may have and to resolving them promptly.

Thank you for choosing GetMeOnPrEP.com. We value your privacy and appreciate your trust in us to handle your information responsibly.

bottom of page