Notice of Privacy Practices

1. Who We Are

AvataCore LLC (“AvataCore”) is a telehealth company that helps you access GLP-1 weight-management programs and related health services. We work with a network of licensed clinicians through our clinical partner, OpenLoop Health, to provide your care.

We are required by law to protect the privacy of your health information, follow the terms of this notice, and notify you if there is a breach of your unsecured health information.

2. What Is Protected Health Information (PHI)?

“Protected Health Information” or “PHI” is information about you — including your name, contact details, health conditions, medications, lab results, and payment details — that can identify you and relates to your health or the healthcare services you receive. This notice applies to all health information we hold about you.

3. How We Use and Share Your Health Information

For Your Treatment

We use your health information to provide, coordinate, and manage your care. This includes sharing information with the licensed providers in the OpenLoop Health network who evaluate and treat you, sending your prescription to a pharmacy to fill your GLP-1 medication, and coordinating follow-up care or referrals when needed.

For Payment

We use and share your health information to process payments and billing, including processing telehealth service payments and verifying insurance eligibility if applicable.

For Our Healthcare Operations

We use and share your health information to run our business and improve your care, including quality improvement, care coordination, staff training, audits, compliance reviews, and business operations.

4. Other Ways We May Use or Share Your Information

We may use or share your health information without your permission in these additional circumstances:

• As required by law — to comply with federal, state, or local laws
• Public health — to report diseases, injuries, or medication reactions to public-health authorities
• Safety — to prevent a serious and imminent threat to your health or safety, or the health or safety of others
• Government oversight — for audits, investigations, and inspections by government agencies that oversee healthcare
• Legal proceedings — in response to a court order or other lawful process
• Law enforcement — under specific legal circumstances
• Organ donation — to facilitate organ or tissue donation if relevant
• Workers’ compensation — as authorized by workers’ compensation laws
• Research — for certain research studies with required privacy protections

5. Uses That Require Your Written Permission

For anything not listed above, we will ask for your written authorization before using or sharing your health information. This includes:

• Marketing — we will not use your health information for marketing communications without your written permission
• Sale of your information — we do not sell your health information. Ever.
• Most research uses not covered by a privacy waiver

You may revoke your authorization at any time by writing to us at [email protected]. We will honor your revocation going forward, but cannot undo any uses or disclosures already made based on your prior permission.

6. Your Rights

You have the following rights regarding your health information. To exercise any of these rights, contact us at [email protected].

7. Our Responsibilities

We are required by law to:

• Maintain the privacy of your health information
• Provide you with this notice of our legal duties and privacy practices
• Follow the terms of this notice
• Notify you if a breach of your unsecured health information occurs

We reserve the right to change this notice. If we make a material change, we will post the new notice on our website. The new notice will apply to all health information we hold, including information created before the change.

8. How to File a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the federal government. We will not retaliate against you for filing a complaint.

9. About Our Clinical Partner

AvataCore works with OpenLoop Health to provide clinical telehealth services. OpenLoop Health is our Business Associate and operates under a signed Business Associate Agreement requiring them to protect your health information in accordance with HIPAA.

10. Contact Us

If you have questions about this notice or your privacy rights, contact our Privacy Officer: