Skip to main content
ByAven
Legal

Privacy Policy

Last updated: May 1, 2026
Effective: May 1, 2026

1. Introduction

ByAven LLC (“ByAven,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through this Privacy Policy. This policy describes the types of information we may collect from you when you use our website byaven.com (the “Site”) and our telehealth services (the “Services”), and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Privacy Policy applies to information we collect:

  • On this Site
  • Through our Services and any related applications
  • In email, text, and other electronic messages between you and us
  • From third-party providers and partners

By using our Site or Services, you agree to this Privacy Policy. If you do not agree, please do not use our Site or Services.

2. Information We Collect

Information You Provide to Us

We collect information you provide directly, including:

  • Account Information: Name, email address, phone number, date of birth, and account password.
  • Health Information: Medical history, current symptoms, medications, allergies, family medical history, lifestyle information, and treatment preferences provided through our quiz and ongoing care.
  • Payment Information: Credit card details, billing address, and other payment-related information processed by our secure payment partners.
  • Communications: Messages you send to providers, customer support, or through our platform.
  • Identity Verification: Information needed to verify your identity, including state of residence.

Information Collected Automatically

When you use our Site, we automatically collect:

  • Device Information: Type of device, operating system, browser type, and IP address.
  • Usage Information: Pages visited, features used, time spent, and clickstream data.
  • Location Information: General geographic location based on IP address.
  • Cookies and Similar Technologies: See Section 10 for details.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Connect you with appropriate licensed healthcare providers
  • Process and fulfill your treatment plan and prescription orders
  • Communicate with you about your care, account, and our Services
  • Send important notices and service updates
  • Process payments and manage your subscription
  • Personalize your experience based on your needs
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Conduct research and analytics to improve our Services (using de-identified data)

4. How We Share Information

We share your information in limited circumstances:

With Healthcare Providers

We share your health information with the licensed healthcare providers who review your case and create your treatment plan. This sharing is essential for providing care.

With Service Providers

We work with third parties that help us operate, including payment processors, hosting providers, analytics services, and shipping partners. These providers are bound by confidentiality and HIPAA Business Associate Agreements where applicable.

For Legal Reasons

We may disclose information when required by law, including:

  • To comply with legal processes (subpoenas, court orders)
  • To protect our rights, safety, or property
  • To prevent fraud or security threats
  • In connection with mergers, acquisitions, or sale of assets

What We Do NOT Do

We never sell your personal information. We do not sell health data, identity information, or contact details to advertisers, marketers, or data brokers.

5. HIPAA & Protected Health Information

Your health information collected through our Services is considered Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA). We treat PHI with strict confidentiality:

  • PHI is encrypted in transit and at rest
  • Access is limited to authorized personnel and your healthcare providers
  • We maintain HIPAA Business Associate Agreements with all relevant partners
  • Our staff receives ongoing HIPAA compliance training
  • We conduct regular security audits and risk assessments

For more details, see our HIPAA Notice of Privacy Practices.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • End-to-end encryption for sensitive communications
  • HTTPS/TLS encryption for all data transmission
  • Secure cloud infrastructure with HIPAA-compliant providers
  • Multi-factor authentication for staff access
  • Regular security audits and penetration testing
  • Employee background checks and confidentiality agreements

However, no system is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

7. Data Retention

We retain your information as follows:

  • Active Accounts: For as long as your account is active
  • Medical Records: As required by applicable medical record retention laws (typically 7–10 years after last service)
  • Payment Records: As required for tax and accounting purposes (typically 7 years)
  • Account Closure: Personal information is deleted within 90 days of account closure, except where retention is legally required
  • De-identified Data: May be retained indefinitely for research and analytics purposes

8. Your Privacy Rights

You have the following rights regarding your information:

  • Access: Request a copy of the information we hold about you
  • Correction: Request that we correct inaccurate information
  • Deletion: Request that we delete your information (subject to legal retention requirements)
  • Portability: Receive your data in a machine-readable format
  • Opt-Out: Opt out of marketing communications at any time
  • Restrict Processing: Limit how we use your information in certain circumstances

To exercise these rights, contact us at privacy@byaven.com.

9. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to correct inaccurate personal information
  • Right to opt-out of the sale or sharing of personal information (we do not sell information)
  • Right to limit use and disclosure of sensitive personal information
  • Right to non-discrimination for exercising these rights

California residents may submit requests through privacy@byaven.com or by contacting us using the information in Section 14. You may also visit our Do Not Sell or Share My Personal Information page to exercise your opt-out rights.

Global Privacy Control (GPC): ByAven recognizes and honors the GPC signal. If your browser or extension sends a GPC opt-out signal, we automatically treat your visit as an opt-out of analytics and marketing cookies — no additional action is required on your part.

10. Cookies and Tracking

We use cookies and similar technologies to operate our Site, remember your preferences, analyze usage, and improve our Services. Types of cookies we use:

  • Essential Cookies: Required for Site operation
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand Site usage
  • Marketing Cookies: Used for relevant advertising (only with consent)

You can control cookies through your browser settings. Disabling cookies may affect Site functionality.

11. Children's Privacy

Our Services are intended for adults aged 18 and over. We do not knowingly collect information from children under 13. If we learn we have collected information from a child under 13, we will delete it promptly. Parents who believe their child has provided information to us should contact us immediately.

12. International Users

Our Services are intended for use within the United States. If you access our Site from outside the U.S., your information will be transferred to and processed in the United States. By using our Services, you consent to this transfer.

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes are effective when posted to this page with an updated “Last Updated” date. We will notify you of material changes via email or through our Site. Your continued use of our Services after changes constitutes acceptance.

14. Contact Us

For questions about this Privacy Policy or our privacy practices, contact us at:

ByAven LLC
Privacy Officer
30 N Gould St Ste R
Sheridan, WY 82801
United States

Email: privacy@byaven.com
General inquiries: hello@byaven.com

Take the first step toward feeling like yourself again.

Personalized menopause care, designed by experts. Start with our free assessment.

Take the QuizLearn More