SUPERIOR HEALTH & WELLNESS

PRIVACY POLICY

Last Updated: April 15, 2026

LegitScript Certified  |  HIPAA Compliant  |  Serving Texas & Florida

Superior Health and Wellness, PLLC (“Superior,” “we,” “our,” or “us”), a physician-led telemedicine practice owned and operated by Russell Skinner, MD, is deeply committed to protecting your privacy. We understand that health information is among the most sensitive data you can share, and we take that responsibility seriously.

This Privacy Policy explains — in plain language — exactly what information we collect from you, why we collect it, how we use and protect it, who we may share it with, and what choices and rights you have. This Policy applies to all visitors, users, and patients who interact with our website (www.superiorhealthwellness.com), our patient member hub, and any telemedicine services we provide via HIPAA compliant platforms..

Superior is LegitScript Certified, reflecting our commitment to safe, transparent, and legally compliant online healthcare practices. We comply with all applicable federal and state privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Texas Medical Privacy Act, Florida medical privacy regulations, and the California Consumer Privacy Act (CCPA), among others.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you have questions at any time, please reach out to our Privacy Officer at security@superiorhealthwellness.com.

TABLE OF CONTENTS

1. Who This Policy Applies To

2. Limitations on Use by Minors

3. Protected Information

4. Collection of Personal Information

5. Use of Personal Information

6. Disclosure of Personal Information

7. Your Privacy Choices and Rights

8. Cookies, Tracking Technologies & Behavioral Advertising

9. Email Marketing & Communications

10. Data Security

11. Data Retention

12. Telemedicine & State Compliance

13. Third-Party Websites

14. LegitScript Certification

15. Policy Updates

16. Contact Us & Data Complaints

1. WHO THIS POLICY APPLIES TO

This Privacy Policy applies to all current and former patients, prospective patients, website visitors, and anyone who provides personal information to Superior Health and Wellness through any channel, including:

• Our website: www.superiorhealthwellness.com

• Our patient Member Hub

• Virtual consultations and telemedicine sessions

• Forms, intake questionnaires, and health assessments

• Email, SMS, phone, or any other communications with our team

This Policy does not apply to third-party websites, applications, or platforms that you may access via links on our site. Those services have their own privacy policies that govern their practices.

2. LIMITATIONS ON USE BY MINORS

2.1 Age Requirements

Our services are generally intended for adults who are at least 18 years of age, or the age of majority in the applicable state. Certain states may require a higher age threshold for specific services. However, we only service Texas and Florida as of: April 15th, 2026. 

Our website is not directed toward, designed for, or intended to attract children under the age of 18. We do not knowingly collect personal information from anyone under 18. If we discover that we have inadvertently collected information from a child under 18, we will promptly delete it.

2.2 Requests to Remove Minor Information

If you are under the age of 18 (or your parent or guardian if you are under 13), you may request the removal of your personal information or content posted on our platform by contacting our Privacy Officer:

• Email: security@superiorhealthwellness.com (Subject line: “Removal of Minor Information”)

• Mail: Superior Health and Wellness, Attn: Privacy Officer, Plano, TX

Your request should include: your full name and contact information, a description of the content or information to be removed, and where it is located on the platform. Please note that we cannot remove information in certain circumstances, such as when required by law, when it is part of your medical record, or when it has been anonymized so that you cannot be individually identified.

3. PROTECTED INFORMATION

3.1 What “Protected Information” Means

Some of the information you share with us is subject to special legal protections. We refer to this collectively as “Protected Information,” which includes:

• Protected Health Information (PHI): Health and medical information protected under HIPAA

• Medical Information: Health data protected under applicable state laws (e.g., Texas, Florida, California)

Examples of Protected Information include your diagnoses, treatment plans, lab results, prescription history, clinical notes, and communications with our healthcare providers.

3.2 How We Handle Protected Information

We treat Protected Information with the highest level of care and legal compliance. Specifically:

• We never sell your Protected Information

• We never use your Protected Information for advertising or marketing purposes

• We only share it when necessary to provide your care, as permitted by HIPAA, or as required by law

• All third parties who receive Protected Information must sign a HIPAA-compliant Business Associate Agreement (BAA)

3.3 Information That Is Not “Protected Information”

Not all information you provide to us is Protected Information under the law. For example, your name, email address, shipping address, phone number, and account credentials — when provided solely for account registration purposes — are generally not considered Protected Information. However, we still handle all of your information with care and in accordance with this Privacy Policy.

Our Medical Groups and licensed Providers have adopted a Notice of Privacy Practices that more fully describes how Protected Information is used and disclosed. By using our services, you acknowledge receipt of that Notice.

4. COLLECTION OF PERSONAL INFORMATION

4.1 Information You Provide Directly

When you register for an account, request a consultation, submit intake forms, or otherwise interact with us, you may provide:

• Identity information: full name, date of birth, gender

• Contact information: email address, phone number, mailing and shipping address

• Payment information: credit card or debit card numbers, billing address, and financial account details

• Health and medical information: health history, medications, diagnoses, lab results, symptoms, and treatment preferences

• Communications: messages sent through our patient portal, Member Hub, or other channels

• Identification documents: government-issued ID (e.g., driver’s license) used to verify your identity

• Sensitive demographic data: racial or ethnic origin (where relevant to clinical care)

• Sexual health information: information about your sexual health or orientation when relevant to specific treatment services such as hormone therapy or ED treatment

4.2 Information Collected Automatically

When you visit our website or use our digital services, we automatically collect certain technical and usage data, including:

• Device and connection data: IP address, browser type, device type, operating system

• Usage data: pages visited, links clicked, time on page, referring URLs, search behavior

• Location data: general geographic location inferred from your IP address

• Cookie and tracking data: see Section 8 for full details

4.3 Sensitive Personal Information We May Collect

In providing healthcare services, we may collect certain categories of sensitive personal information, including:

• Health and medical data (including health assessments, clinical notes, prescriptions, and lab results)

• Biometric information (for identity verification purposes)

• Account credentials (username, password, security codes)

• Contents of communications through our platform

• Information related to sexual health or orientation (only when clinically relevant)

We collect sensitive personal information only for legitimate clinical, operational, or legal purposes, and we take additional steps to safeguard it. In states where your consent is required before we use sensitive personal information for certain purposes, we will seek that consent.

4.4 Information From Third-Party Sources

We may also receive information about you from:

• Healthcare partners: laboratories, pharmacies, and diagnostic services who are part of your care

• Credit Card providers: for billing and claims verification

• Third-party analytics providers: who help us understand how our website performs

• Social networks: if you connect your account or interact with us through a social platform

• Public sources: such as publicly available health licensing and regulatory databases

You can choose not to provide certain information to us, but doing so may limit your access to some services or features of the platform.

5. USE OF PERSONAL INFORMATION

We use the information we collect for the following purposes, always subject to the protections described in Section 3 for Protected Information:

5.1 Providing and Delivering Healthcare Services

• Conducting virtual consultations and telemedicine services

• Creating and managing your patient records

• Coordinating care with licensed providers, labs, and pharmacies

• Processing and fulfilling prescription orders through licensed third-party pharmacies

• Sending appointment reminders, care updates, and clinical communications

5.2 Business and Account Operations

• Processing payments for services

• Verifying your identity and maintaining account security

• Detecting and preventing fraud or unauthorized access

• Administering your account and responding to support requests

• Meeting our legal and regulatory obligations

5.3 Website Performance and Improvement

• Analyzing site traffic and user behavior (using anonymous and aggregate data)

• Improving platform features, content, and user experience

• Developing new services or products based on patient needs

• Conducting internal research and quality improvement activities

5.4 Personalization

• Tailoring your experience on our platform based on your preferences and history

• Providing relevant educational content and wellness resources

5.5 Marketing and Communications (With Your Consent)

• Sending newsletters, promotions, and health updates if you have opted in

• Delivering targeted advertising through third-party ad platforms (using non-PHI data only)

• Informing you about new services, special offers, or relevant partnerships

Important: We do not use your Protected Health Information (PHI) for advertising or marketing purposes. All targeted advertising is based only on non-protected, anonymized, or aggregate information.

5.6 Legal and Compliance Purposes

• Complying with HIPAA, state medical privacy laws, and other applicable regulations

• Responding to lawful requests from government agencies, courts, or law enforcement

• Enforcing our Terms and Conditions and protecting the rights of our patients and staff

5.7 De-Identified and Aggregate Data

We may de-identify your information in accordance with applicable law and use that de-identified data for research, quality improvement, AI model training, or business analytics. De-identified data cannot be linked back to any individual. We do not attempt to re-identify de-identified data except for limited testing of the de-identification process itself.

6. DISCLOSURE OF PERSONAL INFORMATION

6.1 When and With Whom We Share Your Information

We share your personal information only as necessary to deliver your care, operate our business, or comply with the law. We do not sell your Protected Health Information. The following describes who may receive your information and why:

6.2 Healthcare Providers and Clinical Partners

• Licensed physicians, nurses, and clinical staff involved in your care

• Laboratories and diagnostic services fulfilling your test orders

• Licensed third-party pharmacies that fulfill your prescriptions

• Referral providers, specialists, or other healthcare professionals involved in your treatment

6.3 HIPAA Business Associates

Certain vendors and service providers handle your PHI as part of delivering our services. All such Business Associates must sign a HIPAA-compliant Business Associate Agreement (BAA). Current Business Associates include (but are not limited to):

• DrChrono (electronic health records)

• NextPatient (patient scheduling and communications)

• Stripe and Fortis (payment processing)

• Google Workspace (secure internal communications)

• GoTo Connect (secure sms messaging communications)

6.4 Service Providers

We share non-PHI personal information with vendors who help us operate our business, such as:

• Customer support platforms

• Analytics and website performance tools (e.g., Google Analytics)

• Email and SMS communication platforms

• Cybersecurity and fraud prevention services

6.5 Marketing and Advertising Partners

We may share non-PHI identifying information (such as device identifiers, browsing behavior on non-health pages, and demographic data) with advertising partners for the purpose of delivering targeted advertising. We do not share PHI for advertising. See Section 8 for opt-out options.

Third-party advertising platforms we may use include Google (DoubleClick), Facebook/Meta Audiences, and Microsoft (Bing Ads).

6.6 Insurance and Financial Partners

• Health insurance providers for billing, claims, and eligibility verification

• Payment processors and financial institutions for transaction processing and fraud prevention

6.7 Legal, Regulatory, and Safety Disclosures

We may disclose your information when we believe in good faith that doing so is necessary to:

• Comply with applicable laws, regulations, or legal process

• Respond to lawful requests from courts, law enforcement, or government agencies

• Protect the safety, rights, or property of Superior, our patients, or the public

• Respond to emergency situations involving risk of serious harm

• Comply with reporting obligations to the U.S. Department of Health and Human Services (HHS) or state health authorities

6.8 Corporate Transactions

If Superior is acquired, merges with, or transfers its assets to another entity, your personal information may be transferred as part of that transaction. We will notify you via email or notice on our website if such a change occurs, and any successor entity will be required to honor this Privacy Policy.

6.9 Notice Regarding Data Sales

Superior does not sell your Protected Health Information. However, certain disclosures of non-PHI data to advertising and analytics partners may be considered a “sale” or “sharing” of personal information under California and other state privacy laws. See Section 7 for information on how to opt out.

7. YOUR PRIVACY CHOICES AND RIGHTS

7.1 Rights for All U.S. Residents

Regardless of where you live, you have certain rights regarding your information:

• Access your PHI and personal data we hold about you

• Request correction of inaccurate or incomplete records

• Request restrictions on how we use or share your information

• Request confidential communications (e.g., by phone only)

• Revoke any authorization for data use at any time

• Request an accounting of disclosures of your PHI

• File a complaint with our Privacy Officer or with the U.S. Department of Health and Human Services (HHS)

7.2 Additional Rights for State Residents

Depending on your state of residence, you may have additional rights under applicable state privacy laws, including:

• California (CCPA/CPRA): Access, correction, deletion, portability, opt-out of sale/sharing, and limitation of sensitive data use

• Virginia (VCDPA): Access, correction, deletion, portability, and opt-out of targeted advertising or data sales

• Colorado (CPA): Access, correction, deletion, portability, and opt-out of targeted advertising

• Connecticut (CTDPA): Access, correction, deletion, portability, and opt-out of targeted advertising

• Utah (UCPA): Access, deletion, portability, and opt-out of targeted advertising

• Texas and Florida: Additional protections apply under state medical and health privacy laws

To exercise any of these rights, contact our Privacy Officer at security@superiorhealthwellness.com. We will respond within the timeframe required by applicable law and may ask you to verify your identity before processing your request. We will not discriminate against you for exercising your privacy rights.

7.3 Right to Appeal

If we deny your privacy request, in whole or in part, you have the right to appeal that decision. Please contact our Privacy Officer with “Privacy Request Appeal” in the subject line.

7.4 Authorized Agents

You may designate an authorized agent to submit privacy requests on your behalf. We will require the agent to provide written proof of your authorization and may require you to verify your identity directly.

7.5 International Residents (GDPR)

While Superior primarily serves U.S. patients, if you are located in the European Economic Area (EEA) or United Kingdom (UK) and access our website, your information may be processed in the United States. You may have rights under the General Data Protection Regulation (GDPR), including the right to access, correct, delete, and port your data, and to object to certain processing. To exercise these rights, contact us at security@superiorhealthwellness.com. You may also file a complaint with your local data protection authority, such as the UK’s Information Commissioner’s Office (ICO) at www.ico.org.uk.

Please note: Superior does not actively market to, provide healthcare services to, or fulfill prescriptions for patients outside the United States.

8. COOKIES, TRACKING TECHNOLOGIES & BEHAVIORAL ADVERTISING

8.1 What Are Cookies and Tracking Tools?

Cookies are small text files placed on your device when you visit a website. They help websites remember your preferences, keep you logged in, and analyze how you use the site. We also use related technologies including:

• Log files: Track actions on our site and capture IP addresses, browser type, and visit timestamps

• Web beacons, pixels, and tags: Electronic files embedded in pages or emails that track interactions

• Mobile analytics IDs: Identifiers used by iOS and Android to track app usage

8.2 How We Use These Technologies

We and our analytics and advertising partners use cookies and similar tools to:

• Keep you logged in and remember your preferences

• Analyze website traffic and improve user experience

• Understand how users navigate our site and interact with content

• Deliver relevant advertising based on your browsing activity (on non-PHI data only)

• Detect and prevent fraudulent activity

8.3 Third-Party Analytics and Advertising

We use the following third-party services that may collect data through our website. You can manage your preferences using the links below:

• Google Analytics: Helps us understand how users interact with our site. Learn more at google.com/policies/privacy/partners

• Google (DoubleClick): For advertising. Manage settings at adssettings.google.com

• Facebook/Meta Audiences: For advertising. Manage settings at facebook.com/settings/?tab=ads

• Microsoft Bing Ads: For advertising. Manage settings at advertise.bingads.microsoft.com

8.4 Your Cookie and Advertising Choices

You can control cookies and targeted advertising through several methods:

• Browser settings: Most browsers allow you to block or delete cookies. Visit allaboutcookies.org for guidance

• Global Privacy Control (GPC): If your browser supports GPC, we will honor your opt-out signal for applicable data uses

• NAI Opt-Out: Visit optout.networkadvertising.org

• DAA Opt-Out: Visit optout.aboutads.info

• Google Opt-Out: Visit tools.google.com/dlpage/gaoptout

Please note: Opting out of cookies may affect certain features of our website and does not opt you out of all advertising — it means you will see less targeted ads. We do not currently respond to browser-level “Do Not Track” (DNT) signals

9. EMAIL MARKETING & COMMUNICATIONS

9.1 Promotional Communications

If you make a purchase on our site or opt in to receive marketing communications, you consent to receive emails, SMS messages, and other communications from Superior, including newsletters, wellness tips, promotions, service updates, and announcements.

9.2 How to Unsubscribe

You can opt out of marketing communications at any time by:

• Clicking the “Unsubscribe” link at the bottom of any marketing email

• Replying “STOP” to any SMS message

• Emailing us at security@superiorhealthwellness.com with “Unsubscribe” in the subject line

Please note: Even if you unsubscribe from marketing messages, we may still send you important service communications, such as appointment confirmations, billing notices, prescription updates, or security alerts. These are not marketing emails and are necessary to provide your care.

10. DATA SECURITY

10.1 Our Security Safeguards

Superior implements robust administrative, technical, and physical safeguards to protect your personal information and PHI. These include:

• SSL/TLS encryption for all data transmitted through our website, patient portal, and communications

• Encryption of stored data on our secure, HIPAA-aligned infrastructure

• Role-based access controls so only authorized personnel can access your information

• Multi-factor authentication (MFA) for all staff and provider system access

• Continuous intrusion detection, active firewalls, and server monitoring

• Secure messaging platforms for provider-to-patient communications

• Regular vulnerability assessments and software security updates

• Annual HIPAA and privacy compliance training for all staff, contractors, and providers

10.2 Your Role in Security

While we take every reasonable precaution to protect your data, the security of your account also depends on you. We ask that you:

• Use a strong, unique password for your account

• Never share your password with anyone

• Log out of your account when using shared or public devices

• Notify us immediately if you suspect unauthorized access to your account

No system or transmission of data over the internet can be guaranteed to be 100% secure. By using our services, you acknowledge that data transmission carries inherent risk. We will notify you promptly in the event of any breach affecting your information, as described in Section 15.

11. DATA RETENTION

We retain your personal information for as long as necessary to:

• Provide your care and manage your patient relationship

• Comply with legal and regulatory retention requirements

• Resolve disputes and enforce our agreements

• Meet our operational and internal business needs

Specific retention timelines include:

• HIPAA requires a minimum retention period of 6 years for medical records

• Texas state law requires retention of medical records for 7 years

• Florida state law requires retention of medical records for 5 years

• Marketing contact lists are retained until you request deletion or as required by applicable law

When your information is no longer needed, we will securely delete or anonymize it in a manner that prevents recovery or re-identification. You may request deletion of your information at any time by contacting our Privacy Officer, subject to any retention obligations required by law.

12. TELEMEDICINE & STATE COMPLIANCE

12.1 Licensed Telemedicine Services

Superior Health and Wellness delivers all clinical services through secure, HIPAA-compliant telemedicine platforms. All care is provided by licensed healthcare providers and is governed by the laws of the state in which you are located at the time of your appointment.

We currently serve patients in Texas and Florida and comply with the applicable telehealth laws in those states, including:

• Texas Medical Board telemedicine and prescribing guidelines

• Florida Board of Medicine telehealth regulations

• Any additional state or federal requirements applicable to our services

We are only authorized to provide services and fulfill prescriptions in states where our providers are properly licensed and our partner pharmacies are authorized to ship. Telemedicine services are not available in states where we are not licensed.

12.2 Clinical Requirements

All products and treatments are available only following a medical consultation, clinical evaluation, and determination of medical necessity by a licensed provider. All prescriptions are fulfilled by licensed third-party compounding pharmacies. Compounded medications are not reviewed or approved by the FDA for safety or effectiveness.

13. THIRD-PARTY WEBSITES AND PUBLIC FORUMS

13.1 Third-Party Websites

Our website may contain links to third-party websites and platforms. These sites operate independently and are governed by their own privacy policies. Superior is not responsible for the privacy practices, content, or data collection of any third-party site. We encourage you to review the privacy policy of any site before providing your personal information.

13.2 Public Forums and Message Boards

Our platform may include interactive areas such as message boards, comment sections, or community forums. Any information you share in these areas may become publicly visible and is not protected in the same way as your private account information. Please exercise caution when sharing personal information in any public or community spaces on our platform.

14. LEGITSCRIPT CERTIFICATION

Superior Health and Wellness is proud to be LegitScript Certified. LegitScript is an independent certification organization that verifies online healthcare providers comply with applicable laws and industry standards for safety, transparency, and legality.

Our LegitScript certification confirms that we:

• Operate as a legitimate, licensed healthcare provider

• Prescribe medications only through proper medical evaluation by licensed providers

• Use licensed, legally operating pharmacies to fulfill prescriptions

• Comply with all applicable federal and state healthcare laws and regulations

• Maintain transparent and honest business and marketing practices

You can verify our LegitScript certification at legitscript.com/websites/?checker_keywords=superiorhealthwellness.com.

15. POLICY UPDATES & DATA BREACH NOTIFICATION

15.1 Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or privacy practices. When we make changes, we will update the “Last Updated” date at the top of this document. For material changes, we will notify you by email or by posting a prominent notice on our website, as required by applicable law.

Your continued use of our services after an update constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically.

15.2 Data Breach Notification

In the event of a data breach involving your Protected Health Information or personal data, we will:

• Notify affected individuals via email within 60 days of discovering the breach, or sooner if required by applicable law

• Notify the U.S. Department of Health and Human Services (HHS) as required under HIPAA

• Notify appropriate state authorities as required by state breach notification laws

• Take immediate steps to investigate the breach, contain the incident, and prevent future occurrences

• Provide affected individuals with information about what happened, what data was involved, steps taken, and what you can do to protect yourself

16. CONTACT US & DATA COMPLAINTS

16.1 How to Reach Our Privacy Officer

If you have questions, concerns, or requests related to this Privacy Policy or your personal information, please contact our Privacy Officer:

Superior Health and Wellness

Privacy Officer

Email: security@superiorhealthwellness.com

Phone: (855) 724-9355

Mailing Address:
5148 Village Creek Drive,
Suite 300 Plano, TX 75093

16.2 Filing a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us directly at the contact information above. We will investigate and respond promptly.

You may also file a complaint with applicable regulatory authorities:

• U.S. Department of Health and Human Services (HHS): hhs.gov/hipaa/filing-a-complaint

• Federal Trade Commission (FTC): ftc.gov/complaint

• Your state’s Attorney General office

• European/UK residents: Your local data protection supervisory authority (e.g., ICO at ico.org.uk)

You will not be penalized, denied services, or treated differently for filing a complaint or exercising your privacy rights.

Superior Health and Wellness, PLLC  |  LegitScript Certified  |  HIPAA Compliant

www.superiorhealthwellness.com  |  security@superiorhealthwellness.com  |  (855) 724-9355

© 2026 Superior Health and Wellness, PLLC. All rights reserved.