Contact Us
Loading...

Privacy Policy

Last Updated: 06-23-2026

1. Introduction

1.1 Purpose. This Privacy Policy describes how CureMD.com, Inc. and its parent, subsidiaries, and affiliated companies and brands (collectively, “CureMD,” “we,” “our,” or “us”) collect, use, disclose, retain, and protect Personal Information obtained through our websites, online services, applications, marketing activities, events, communications, and other interactions where it is made available (collectively, our “Services”). It also explains the privacy rights and choices that may be available to you under applicable law.

By accessing or using our Services, you acknowledge that your Personal Information may be collected, used, and disclosed as described in this Privacy Policy.

1.2 Scope. This Privacy Policy applies to Personal Information collected through:

  • CureMD websites;
  • Online forms, demos, webinars, events, surveys, and marketing activities;
  • Communications with our sales, support, customer success, recruiting, and business teams;
  • Mobile applications and digital services that link to this Privacy Policy; and
  • Offline interactions with CureMD representatives, partners, and authorized service providers.

This Privacy Policy applies regardless of whether information is collected online or offline, unless a separate privacy notice is provided for a specific service, program, or relationship.

1.3 Information Not Covered by this Privacy Policy. This Privacy Policy does not govern information processed by CureMD on behalf of healthcare providers, healthcare organizations, health systems, payers, or other customers in connection with CureMD’s healthcare related technology products and services.

Where CureMD processes information on behalf of its customers, including information that may constitute Protected Health Information (“PHI”) under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), such processing is governed by applicable customer agreements, our License and Services Agreement, Business Associate Agreements, contractual obligations, and applicable law.

If you are a patient of a healthcare provider that uses CureMD products or services, your healthcare provider controls how your medical and health information is collected, used, disclosed, and maintained. Questions regarding the privacy practices of your healthcare provider should be directed to that provider and reviewed in conjunction with the provider’s applicable Notice of Privacy Practices.

1.4 Relationship to Other Policies and Agreements. This Privacy Policy forms part of the terms governing your use of the Services and should be read together with any applicable Cookie Policy, Terms of Use, consent preferences, service-specific terms, and other agreements that may apply to your relationship with CureMD.

Certain Services may be subject to additional privacy disclosures, terms, notices, or consent requirements. In the event of a conflict between this Privacy Policy and a service-specific privacy notice, the service-specific notice will control with respect to that Service.

1.5 Compliance with Applicable Laws. CureMD is committed to complying with applicable privacy and data protection laws. Depending on your location and the nature of your relationship with CureMD, additional rights and disclosures may apply to you under applicable federal, state, and international laws, including consumer privacy laws and healthcare privacy regulations.

Additional disclosures regarding privacy rights, cookies and tracking technologies, and state-specific privacy requirements are provided in later sections of this Privacy Policy.

1.6 Changes to this Privacy Policy. We may update this Privacy Policy from time to time to reflect changes in our business practices, technologies, legal requirements, or Services. Any changes will become effective as of the “Last Updated” date. Your continued access to or use of the Services after any changes become effective constitutes your acceptance of the revised Privacy Policy.

1.7 Employment and Recruiting Information. Information collected from job applicants, employees, contractors, and other personnel may be subject to separate privacy notices or disclosures provided in connection with the employment or recruiting relationship. Where such notices apply, they will govern the processing of Personal Information within that context.

2. Personal Information We Collect

The types of Personal Information we collect depend on how you interact with our Services. We may collect the following categories of Personal Information:

2.1 Identifiers and Contact Information. We may collect identifiers and contact information, including:

  • First and last name;
  • Email address;
  • Telephone number;
  • Postal address;
  • Online identifiers;
  • Internet Protocol (IP) address; and
  • Other similar identifiers.

2.2 Professional and Business Information. We may collect professional and business-related information, including:

  • Employer or organization name;
  • Practice name;
  • Job title;
  • Medical specialty;
  • Number of providers within an organization;
  • State or geographic location; and
  • Information regarding products, services, or solutions that may be of interest to you.

2.3 Internet and Network Activity Information. We may collect information regarding your interaction with the Services, including:

  • Browser type and settings;
  • Device information;
  • Operating system information;
  • IP address;
  • Referral information;
  • Website usage information;
  • Cookie and tracking technology data; and
  • Other information regarding how you interact with our Services.

2.4 Geolocation Information. We may collect general location information, such as city, state, or country, which may be derived from your IP address or device information. We do not collect precise geolocation data. This information is used to understand where our visitors are located and to improve our Services and communications.

2.5 Communications and User-Submitted Information. We may collect information that you voluntarily provide when contacting us, requesting information, participating in live chat interactions, submitting inquiries, requesting demonstrations, registering for events, or otherwise communicating with us.

2.6 Event and Registration Information. We may collect information relating to your registration for, attendance at, or participation in webinars, demonstrations, conferences, events, surveys, and similar programs, including registration details, attendance information, and communications associated with such activities.

2.7 Marketing and Preference Information. We may collect information regarding your preferences, interests, marketing interactions, event participation, newsletter subscriptions, webinar registrations, communication preferences, and engagement with our communications.

2.8 Information We Do Not Intentionally Collect Through Our Services. Our Services are generally not intended to collect sensitive Personal Information, including Social Security numbers, driver’s license numbers, financial account information, insurance information, medical information, or PHI. Please do not submit such information through our Services unless specifically requested and authorized by CureMD.

2.9 Use of Personal Information for AI or Machine Learning. CureMD does not use Personal Information collected through the website-facing Services described in this Privacy Policy to train proprietary large language models or other artificial intelligence models owned or operated by CureMD. To the extent CureMD uses third-party AI tools or platforms in the course of its business operations, such use is subject to applicable contractual safeguards, data processing agreements (“DPAs”), and our vendor risk management program. Any Personal Information used in connection with such tools is processed only for the purposes described in this Privacy Policy and is not used to train third-party models without appropriate authorization.

3. How We Collect Personal Information

We may collect Personal Information from a variety of sources depending on how you interact with our Services.

3.1 Information You Provide Directly. We collect Personal Information that you voluntarily provide to us when you:

  • Complete forms available through our Services;
  • Submit inquiries through our Services;
  • Request a product demonstration;
  • Register for, or participate in a webinar, event, or other program;
  • Contact us by email, telephone, live chat, or other communication channels;
  • Subscribe to newsletters, marketing communications, or other updates;
  • Communicate with us through our live chat or support tools; and
  • Otherwise communicate or interact with us.

3.2 Information Collected Automatically. When you visit or interact with our Services, we and our service providers may automatically collect certain information using cookies, pixels, tags, log files, and similar technologies, subject to your preferences and applicable law.

This information may include:

  • IP address;
  • Browser type and settings;
  • Device information;
  • Operating system information;
  • General geographic location;
  • Referral information;
  • Website usage and interaction data; and
  • Other technical information regarding your use of our Services.

Additional information regarding our use of cookies and similar technologies is available in our Cookie Policy and within Cookie Preferences.

3.3 Information Obtained from Third-Parties. We may obtain Personal Information from third-party sources, including:

  • Existing customers and healthcare providers that refer prospective customers to us;
  • Advertising and marketing partners;
  • Lead generation providers;
  • Publicly available sources;
  • Third-parties from whom you have authorized the sharing of information; and
  • Other third-parties that assist us with business development, marketing, communications, events, or related business activities.

We may combine information obtained from third-party sources with information we collect directly from you or automatically through your use of our Services in order to improve our services, communications, marketing efforts, and business operations.

4. How We Use Personal Information

We may use Personal Information for the following purposes:

4.1 To Respond to Your Requests. We may use Personal Information to respond to inquiries, provide requested information, schedule demonstrations, process registrations, communicate regarding webinars or events, and otherwise provide the information, products, or services you request.

4.2 To Communicate With You. We may use Personal Information to send newsletters, marketing communications, event invitations and reminders, product updates, promotional materials, and other communications that may be of interest to you. You may opt-out of marketing communications at any time by following the ‘unsubscribe’ instructions included in such communications or by contacting us directly.

4.3 To Operate, Maintain, and Improve Our Services. We may use Personal Information to operate, maintain, analyze, troubleshoot, and improve our Services, content, products, additional services, marketing efforts, and user experience.

4.4 To Understand Website Usage and Improve Marketing Activities. We may use information collected through cookies and similar technologies to understand how visitors interact with our Services, measure the effectiveness of content, advertising, and marketing campaigns, analyze trends, improve the functionality and performance of our Services, and support our marketing and business development efforts.

4.5 To Support Events, Webinars, and Demonstrations. We may use Personal Information to administer, facilitate, record, and provide access to webinars, demonstrations, conferences, events, and similar programs, including related communications, registrations, attendance tracking, and educational or promotional materials.

4.6 To Personalize Communications and Marketing. We may use Personal Information to better understand your interests, evaluate potential business opportunities, identify products or services that may be relevant to you, personalize communications and marketing activities, and support lead generation, business development, and customer referral activities.

4.7 To Maintain Security and Prevent Misuse. We may use Personal Information to protect the security, integrity, and availability of our Services, systems, and information assets, detect and prevent fraud, unauthorized access, and other unlawful or prohibited activities, and enforce our legal rights.

5. How We Disclose Personal Information

5.1 Service Providers and Vendors. We may disclose Personal Information to service providers, contractors, consultants, and other vendors that perform services on our behalf, including website hosting, analytics, customer relationship management, marketing communications, webinar and communication services, customer support, security, consent management, and other business operations.

5.2 Advertising, Analytics, and Marketing Partners. Subject to your preferences and applicable law, we may disclose information to advertising, analytics, and marketing partners that assist us in measuring website performance, understanding visitor interactions, improving marketing efforts, delivering relevant advertising, and supporting audience measurement and retargeting activities.

Certain analytics, advertising, and marketing technologies used on our Services may constitute a “sale” or “sharing” of personal information under applicable privacy laws. Additional information regarding these activities and available privacy choices is provided in our Section 10, our Cookie Policy, and within Cookie Preferences.

5.3 At Your Direction. We may disclose Personal Information where you request, authorize, or direct us to do so.

5.4 Compliance With Law. We may use Personal Information to comply with applicable laws, regulations, legal processes, governmental requests, contractual obligations, and internal compliance requirements.

5.5 Business Transactions. We may use and disclose Personal Information in connection with an actual or proposed merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or other corporate transaction.

5.6 De-Identified and Aggregated Information. We may use information that has been aggregated, anonymized, or de-identified for any lawful purpose, including research, analytics, business planning, product development, and reporting.

6. Retention of Personal Information

We retain Personal Information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including providing requested services, responding to inquiries, communicating with users, evaluating business opportunities, maintaining business records, complying with legal obligations, resolving disputes, enforcing our agreements, and supporting educational, marketing, training, and business activities. Certain webinars, demonstrations, events, or other programs may be recorded using third-party platforms. Where recordings occur, participants may be notified in advance. Such recordings may be retained for ongoing educational, marketing, training, archival, historical, or business purposes, unless otherwise required by applicable law.

The retention period applicable to particular categories of Personal Information may vary depending on the nature of the information, the purpose for which it was collected, applicable legal requirements, contractual obligations, and operational needs.

Where Personal Information is no longer required for the purposes for which it was collected, we will take reasonable steps to delete, anonymize, or otherwise securely dispose of such information, unless a longer retention period is required or permitted by law. We may also retain limited information necessary to maintain suppression lists, honor opt-out requests, comply with legal obligations, resolve disputes, or enforce our agreements.

7. Cookies and Similar Technologies

We and our service providers may use cookies and similar technologies, including pixels, tags, web beacons, log files, and other tracking technologies, to operate our Services, understand how visitors use our Services, improve functionality, personalize user experiences, and support marketing activities.

Cookies are small text files stored on your device that help websites function properly and provide information regarding how visitors interact with websites.

The categories of cookies used on our Services may include:

7.1 Strictly Necessary Cookies. These cookies are required for the operation, security, and functionality of our Services and cannot be disabled.

7.2 Functional Cookies. These cookies enable enhanced functionality and personalization, including remembering preferences and supporting certain website features.

7.3 Analytics Cookies. These cookies help us understand how visitors interact with our Services, measure website performance, and improve content and user experience.

7.4 Advertising and Marketing Cookies. These cookies may be used to deliver relevant advertising, measure marketing campaign effectiveness, identify prospective customers, and support marketing and business development activities. Certain uses of these cookies may constitute a “sale” or “sharing” of Personal Information under applicable privacy laws, including the CCPA / CPRA. You may opt-out of such activities through Cookie Preferences, available on our website. CureMD also honors the Global Privacy Control (“GPC”) signal. Where a valid GPC signal is detected from your browser, we will treat it as a request to opt-out of the sale or sharing of your Personal Information for purposes of the CCPA / CPRA and other applicable laws that recognize this signal. Additional detail regarding GPC compliance is set out in our Cookie Policy.

Depending on your location, certain cookies and similar technologies may be used only with your consent or may be subject to applicable privacy rights, including the right to opt-out of certain processing activities.

You may manage your cookie preferences at any time through Cookie Preferences. Additional information regarding the cookies and similar technologies used on our Services is available in our Cookie Policy.

8. Social Media and Third-Party Websites

Our Services may contain links to websites, platforms, applications, or services operated by third-parties. We do not control and are not responsible for the privacy practices, content, or security of such third-party services.

Any information collected by third-party websites, platforms, or services is governed by their respective privacy policies and terms. We encourage you to review the privacy policies and terms of any third-party services that you access.

Certain advertising, analytics, and marketing technologies used on our Services may be provided by third-parties. Additional information regarding such technologies is available in our Cookie Policy and within Cookie Preferences.

9. Security of Personal Information

CureMD maintains administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized access, disclosure, alteration, loss, misuse, or destruction.

Our security measures are designed to help protect the confidentiality, integrity, and availability of Personal Information and may include access controls, encryption, monitoring, security testing, vendor risk management, and other reasonable safeguards appropriate to the nature of the information we process.

While we take reasonable steps to protect Personal Information, no method of transmission over the Internet or electronic storage system is completely secure. Accordingly, we cannot guarantee the absolute security of Personal Information.

In the event of a security incident involving Personal Information, nonetheless, CureMD will investigate the incident and take appropriate remediation steps. Where required by applicable law, we will notify affected individuals and, as applicable, relevant regulatory authorities, within the timeframes required by law. Notification obligations vary by jurisdiction. Under New York’s SHIELD Act, notification will be provided in the most expedient time possible and without unreasonable delay. Under California law, notification will be provided to affected California residents within forty-five (45) calendar days of discovery of a qualifying breach. CureMD will document all security incidents and maintain records consistent with its incident response program and applicable legal requirements.

If you believe that your Personal Information may have been accessed or disclosed without authorization, please contact us promptly using the information provided in the Contact Us section of this Privacy Policy.

10. U.S. State Privacy Rights

Depending on your state of residence and subject to applicable law, you may have certain rights regarding your Personal Information. These rights may include:

  • The right to confirm whether we process your Personal Information;
  • The right to access the Personal Information we maintain about you;
  • The right to request correction of inaccurate Personal Information;
  • The right to request deletion of Personal Information we have collected from or about you;
  • The right to obtain a copy of your Personal Information in a portable and readily usable format;
  • The right to opt-out of the sale or sharing of Personal Information, where applicable;
  • The right to opt-out of the processing of Personal Information for targeted advertising;
  • The right to opt-out of certain profiling or automated decision-making activities that produce legal or similarly significant effects;
  • The right to withdraw consent where we rely on consent as the basis for processing Personal Information.

CureMD does not currently engage in profiling or automated decision-making that produces legal or similarly significant effects on individuals. If this changes, we will update this Privacy Policy accordingly.

These rights are not absolute and may be subject to exceptions, limitations, and exemptions under applicable law.

10.1 Exercising Your Privacy Rights. To exercise any applicable privacy rights, please submit a request using the contact information provided in the Contact Us section of this Privacy Policy.

To protect your privacy and security, we may take reasonable steps to verify your identity before processing your request. We may request additional information necessary to verify your identity, evaluate your request, and prevent fraudulent or unauthorized requests.

Where permitted by law, you may designate an authorized agent to submit a request on your behalf. To use an authorized agent, the following is required: (a) the authorized agent must provide written documentation demonstrating that you have authorized the agent to act on your behalf; (b) we may require independent verification of your identity directly with you, in addition to verifying the agent’s authority; and (c) where a power of attorney has been executed that satisfies applicable legal requirements, we will honor such designation upon receipt. We may deny a request from an authorized agent who does not satisfy these requirements.

We will respond to verified requests within forty-five (45) days of receipt. Where reasonably necessary, we may extend this period by an additional forty-five (45) days, in which case we will notify you of the extension within the initial period and explain the reason for the delay. Where applicable law requires a shorter response period, we will respond within that shorter period.

10.2 Appeals. If we deny your request, in whole or in part, and applicable law provides a right to appeal, we will provide information regarding how to submit an appeal of our decision.

10.3 Non-Discrimination. We will not discriminate against you for exercising any privacy rights available under applicable law. Unless permitted by law, we will not deny you goods or services, charge different prices, provide a different level or quality of services, or otherwise treat you differently because you exercised your privacy rights.

10.4 Additional California Privacy Disclosures. California residents may have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA / CPRA”), including the right to request information regarding the categories of Personal Information collected, the sources from which such information is collected, the business or commercial purposes for collection, use, disclosure, sale, or sharing, and the categories of third-parties to whom Personal Information is disclosed. This information is provided throughout Sections 2 through 5 of this Privacy Policy, organized by category of Personal Information.

California residents may also request access to specific pieces of Personal Information collected about them, request correction of inaccurate Personal Information, request deletion of Personal Information, opt-out of the sale or sharing of Personal Information, and limit certain uses and disclosures of sensitive Personal Information where applicable.

CureMD does not sell Personal Information for monetary consideration. However, certain uses of cookies, pixels, analytics tools, and advertising technologies on our websites may constitute a “sale” or “sharing” of Personal Information under applicable privacy laws. You may exercise your right to opt-out of such activities through our Cookie Preferences banner or by activating the GPC signal on your browser. CureMD honors GPC signals as opt-out requests for purposes of the CCPA / CPRA.

We do not knowingly sell or share the Personal Information of individuals under sixteen (16) years of age.

10.5 Right to Limit Use of Sensitive Personal Information. To the extent CureMD collects Sensitive Personal Information as defined under applicable law, including general geolocation information derived from IP addresses, you have the right to direct CureMD to limit its use and disclosure of such information to uses that are necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services, or as otherwise permitted by applicable law. To exercise this right, please use the contact information provided in the Contact Us section or submit your request through our Cookie Preferences.

10.6 California “Shine the Light” Disclosure. California residents may request information under California Civil Code Section 1798.83 (“Shine the Light”) regarding CureMD’s disclosure of Personal Information to third-parties for their own direct marketing purposes during the immediately preceding calendar year. Such requests may be submitted once per calendar year. Upon receipt of a verifiable request, CureMD will provide, within 30 days, the categories of Personal Information disclosed and the names and addresses of the third-parties that received such information, or will inform you that no such disclosures were made. Requests may be submitted using the contact information provided in the Contact Us section of this Privacy Policy, with “Shine the Light Request” in the subject line.

11. Children’s Privacy

Our Services are intended for healthcare professionals, healthcare organizations, business representatives, and other adult users.

We do not knowingly sell, share, or use for targeted advertising the Personal Information of consumers under the age of 16. Under the CCPA / CPRA, selling or sharing the Personal Information of consumers between the ages of 13 and 16 requires opt-in consent from the consumer; for consumers under the age of 13, opt-in consent from a parent or legal guardian is required. We do not engage in such activities directed at individuals in these age groups.

If you are a parent or legal guardian and believe that a child under 13 has provided Personal Information to us in violation of applicable law, please contact us using the information provided in the “Contact Us” section. We will take reasonable steps to investigate the matter and delete the information as required by applicable law.

12. International Visitors

Our websites and services are intended for individuals and organizations located in the United States. CureMD does not currently direct its website-facing Services to individuals located in the European Economic Area, the United Kingdom, or other jurisdictions that require specific legal transfer mechanisms for cross-border data transfers.

If you access our websites from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other jurisdictions where we or our service providers operate. Data protection laws in the United States may differ from those in your jurisdiction.

By using our websites, you acknowledge that your information may be processed in accordance with this Privacy Policy and applicable laws. If you are located in a jurisdiction with specific data protection requirements that apply to our processing of your information, please contact us using the information in the Contact Us section.

13. Contact Us

If you have any questions, comments, or concerns regarding this Privacy Policy, our privacy practices, or your privacy rights, please contact us at:

CureMD.com, Inc.
Attn: Privacy Office
[email protected]
80 Pine Street, 21st Floor
New York, NY, 10005
USA

If you believe your Personal Information has been accessed, used, disclosed, or processed in a manner that is inconsistent with this Privacy Policy, or if you wish to report a privacy or security concern, please contact us using the information above.

If you are submitting a request to exercise privacy rights available under applicable law, please follow the instructions provided in Section 10 of this Privacy Policy.

Where required by applicable law, CureMD may provide notices relating to privacy or security incidents using the contact information associated with your account, inquiry, or relationship with us, or by any other method permitted by applicable law.