HSA | FSA CARDS ARE NOW ACCEPTED

Privacy Policy

PlexusDx Privacy Policy for genetic testing, wellness services, and telehealth.

This Privacy Policy explains how PlexusDx, Inc. collects, uses, discloses, stores, and protects personal information when you use PlexusDx.com, purchase PlexusDx products, access genetic or blood biomarker services, receive personalized wellness recommendations, or engage with telehealth services supported by CareValidate, independent healthcare providers, pharmacies, laboratories, and other service providers.

Effective

May 20, 2026

Applies to PlexusDx.com and related services

Telehealth

CareValidate

Provider, portal, and pharmacy workflows

Health data

Privacy-first

Genetic, biomarker, and consumer health data

  • Explains how PlexusDx handles genetic, biomarker, wellness, ecommerce, and telehealth-related information.
  • Clarifies that independent licensed providers, not PlexusDx, make clinical decisions, diagnoses, treatment decisions, and prescribing decisions.
  • Includes a consumer health data supplement for state health privacy transparency.

Scope

Privacy Policy Overview

PlexusDx, Inc. is dedicated to protecting your privacy and providing a safe online experience. This Privacy Policy applies to PlexusDx.com and related pages, features, content, products, tests, reports, subscriptions, telehealth-related pathways, customer support, and other services offered by PlexusDx or its affiliates, partners, vendors, and service providers.

By using the Site or Services, you agree to the data practices described in this Privacy Policy. If you do not agree, please discontinue use of the Site and Services.

Important: PlexusDx is not a medical practice and does not diagnose, treat, prescribe, or provide medical advice. Telehealth consultations, clinical assessments, diagnosis, treatment, prescribing, and follow-up are performed by independent licensed healthcare providers where available and clinically appropriate.

Navigation

Table of Contents

  1. Important Privacy Points
  2. Key Definitions
  3. Information We Collect
  4. Telehealth, CareValidate, Providers, and Pharmacies
  5. How We Use Information
  6. How We Disclose Information
  7. Genetic Testing, Biomarkers, and Wellness Reports
  8. Cookies, Pixels, and Tracking Technologies
  9. Marketing, Email, Direct Mail, and SMS
  10. Your Privacy Rights and Choices
  11. Consumer Health Data Supplement
  12. Security, Retention, Children, Updates, and Contact

Key Points

Important Privacy Points

  • PlexusDx offers consumer-facing precision health products and services, including genetic testing, blood biomarker testing, wellness reports, personalized supplements, educational content, and telehealth-related pathways.
  • PlexusDx may collect initial qualifying information and other information you provide, which may be shared with CareValidate-supported systems, healthcare providers, laboratories, pharmacies, and service providers to support Services you request.
  • Healthcare providers may request additional medical information through patient portals, intake forms, telehealth systems, or other provider-operated or provider-supported channels. Those systems may be operated by or supported through CareValidate or other third-party providers.
  • Your relationship with healthcare providers, patient portals, CareValidate, pharmacies, laboratories, and third-party suppliers may be governed by their privacy notices and practices, in addition to this Privacy Policy.
  • We do not sell, lease, or rent identifiable genetic information without explicit consent. We may use aggregate or de-identified information as permitted by law.
  • Text messaging originator opt-in data and consent will not be shared with third parties for their own marketing purposes.

Definitions

1. Key Definitions

Personal Information means information that identifies, relates to, describes, or could reasonably be linked to you.

Registration Information means information provided when creating an account, ordering, registering a kit, or purchasing Services.

Genetic Information means information about genetic markers, genotypes, variants, DNA samples, or genetic report results.

Biomarker Information means information from blood, laboratory, or other biological testing, including lab results and related interpretations.

Self-Reported Information means information you provide directly, such as medications, health goals, demographics, symptoms, lifestyle information, forms, or messages.

Consumer Health Data means personal information defined as consumer health data, personal health data, or similar terms under applicable state privacy laws.

Aggregate Information means information combined with other users' information so that no specific individual can reasonably be identified.

Web-Behavior Information means information collected through cookies, pixels, web beacons, log files, device identifiers, and similar technologies.

Collection

2. Information We Collect

The information we collect depends on how you interact with PlexusDx and which Services you use.

Information You Provide

  • Identifiers and contact information, including name, email address, mailing address, billing address, shipping address, phone number, account credentials, and support information.
  • Order and transaction information, including products purchased, subscriptions, payment status, fulfillment details, kit registration, discounts, refunds, and customer service history.
  • Health, wellness, or medical-related information you choose to provide, including medications, conditions, symptoms, allergies, height, weight, BMI, health goals, lifestyle information, questionnaires, telehealth intake information, and product interests.
  • Genetic testing information, including kit identifiers, sample status, genotype data, genetic report results, and related interpretation data.
  • Blood biomarker and laboratory information, including orders, test panels, specimen status, lab results, measurements, and related interpretation data.
  • Supplement, nutrition, and personalization inputs, including diet preferences, supplement preferences, allergies, intolerances, and recommendation inputs.
  • Communications and user content, including emails, chats, messages, survey responses, reviews, uploaded documents, form submissions, and support requests.

Information Collected Automatically

When you visit PlexusDx.com or interact with our digital Services, we and third parties may collect information by automated means, including cookies, pixels, web beacons, local storage, JavaScript, device functionality, and other technologies. This may include IP address, browser type, operating system, device identifiers, advertising identifiers, pages viewed, links clicked, referring pages, shopping cart activity, search activity, content interactions, and date and time stamps.

Information from Third Parties

We may receive information about you from healthcare providers, CareValidate-supported systems, pharmacies, laboratories, payment processors, shipping carriers, marketing partners, analytics providers, advertising partners, customer service tools, identity or fraud prevention services, and other sources permitted by law.

Telehealth Operations

3. Telehealth, CareValidate, Healthcare Providers, and Pharmacies

PlexusDx may help individuals access telehealth-related Services through third-party technology and clinical partners, including CareValidate-supported systems, independent healthcare providers, pharmacies, laboratories, and other service providers.

  • PlexusDx may collect initial qualifying information and transmit or make that information available to relevant providers or CareValidate-supported systems for review.
  • If appropriate, a healthcare provider or provider-supported patient portal may request additional medical information, identity information, consent forms, payment information, or other information necessary for clinical review.
  • Diagnosis, consultation, treatment, prescribing, medication management, and clinical follow-up are provided by independent licensed healthcare providers, not PlexusDx.
  • Medication dispensing, compounding, packaging, shipping, refill support, and related pharmacy communications may be handled by pharmacies or third-party suppliers, subject to their own privacy practices.
  • CareValidate-supported systems and patient portals may have separate privacy notices, consent flows, HIPAA notices, terms, and data practices. Please review those notices carefully.

Telehealth privacy note: Information collected by or through healthcare providers, patient portals, CareValidate-supported systems, pharmacies, and laboratories may be governed by their own privacy notices, HIPAA notices, contracts, and applicable laws. PlexusDx is not responsible for the privacy practices of independent third parties except as required by applicable law or contract.

Use

4. How We Use Information

We may use Personal Information to:

  • Provide, manage, personalize, coordinate, fulfill, and improve the Services you request.
  • Process payments, ship kits or products, create accounts, authenticate logins, register kits, analyze samples, generate reports, deliver results, and support subscriptions.
  • Coordinate telehealth-related intake, provider review, CareValidate-supported workflows, pharmacy fulfillment, laboratory services, prescription status updates, and customer support.
  • Develop new reports, tools, product recommendations, user experiences, and services.
  • Respond to questions, send confirmations, updates, alerts, support messages, administrative messages, educational materials, and service-related communications.
  • Conduct marketing, analytics, research and development, auditing, invoicing, accounting, security, fraud prevention, and business operations.
  • Customize content, offers, recommendations, advertising, and website experiences, subject to applicable law and your choices.
  • Protect against, identify, investigate, and respond to misuse, fraud, security incidents, unlawful behavior, legal claims, or violations of contracts or policies.
  • Comply with legal obligations, establish, exercise, or defend legal rights, and create aggregate or de-identified information that we may use and disclose as permitted by law.

Disclosure

5. How We Disclose Information

We may disclose information as follows:

  • Healthcare providers, CareValidate-supported systems, pharmacies, laboratories, and patient portals: to support intake, eligibility review, telehealth services, prescriptions, lab testing, fulfillment, billing, support, and related Services.
  • Service providers and vendors: including ecommerce, hosting, data storage, analytics, marketing, customer service, payment, security, fraud prevention, shipping, fulfillment, email, SMS, and technology providers.
  • Affiliates and commonly controlled entities: where permitted by law and consistent with this Privacy Policy.
  • Legal, safety, and compliance recipients: when required or permitted by law, legal process, court order, subpoena, regulatory request, or to protect rights, property, safety, security, and lawful interests.
  • Business transaction recipients: in connection with a sale, merger, acquisition, financing, restructuring, divestiture, bankruptcy, or similar corporate transaction.
  • At your direction or with your consent: including sharing with healthcare providers, caregivers, representatives, partners, or other recipients you authorize.

PlexusDx does not sell, lease, or rent identifiable genetic information without your explicit consent. We may disclose aggregate or de-identified information as permitted by law.

Genetics and Biomarkers

6. Genetic Testing, Biomarkers, and Wellness Reports

With your consent, PlexusDx or its laboratory partners may process a biological sample, such as a cheek swab or blood specimen, to produce Genetic Information, Biomarker Information, or related wellness reports. We may use this information to provide reports, interpretations, personalized wellness recommendations, customer support, quality control, analytics, service improvement, and other purposes described in this Privacy Policy.

Genetic, biomarker, and wellness information may be sensitive. We use reasonable administrative, technical, and physical safeguards designed to protect this information. We may share such information with laboratories, report technology providers, healthcare providers, CareValidate-supported systems, pharmacies, service providers, and other recipients as necessary to provide Services, comply with law, or as otherwise authorized by you.

Unless otherwise stated for a specific Service, PlexusDx reports and educational content are intended for informational and wellness purposes and are not a substitute for professional medical advice, diagnosis, or treatment.

Tracking Technologies

7. Cookies, Pixels, and Tracking Technologies

We and third parties may use cookies, web beacons, pixels, local storage, JavaScript, advertising identifiers, and similar technologies to operate the Site, remember preferences, understand website use, measure marketing performance, personalize content, prevent fraud, and deliver relevant advertising.

Necessary cookies

Support core website functions such as navigation, checkout, secure areas, account access, and fraud prevention.

Performance cookies

Help us understand how visitors use the Site and improve website performance and user experience.

Functional cookies

Remember choices such as preferences, account details, or region and provide more personalized features.

Advertising cookies

Help deliver, limit, measure, and improve advertisements and marketing campaigns.

You can control cookies through browser settings and, where available, cookie preference tools. Blocking cookies, local storage, JavaScript, or similar technologies may affect website functionality. We do not currently respond to browser-based do-not-track signals.

Communications

8. Marketing, Email, Direct Mail, and SMS

Email and Marketing Communications

We may use your Personal Information, including your email address, to send service communications, educational content, promotional offers, product updates, and other communications that may be of interest to you. You can opt out of marketing emails by using the unsubscribe link in an email or contacting us at info@plexusdx.com. Even if you opt out of marketing emails, we may still send non-marketing messages related to your account, orders, subscriptions, test kits, reports, telehealth-related Services, customer support, security, or legal notices.

Direct Mail and Advertising

We may work with third-party providers to send offers by mail or to help measure, personalize, or improve advertising. Where required, we will honor applicable opt-out rights and consent requirements.

SMS and Cart Reminders

If you provide your mobile phone number and opt in, we may send SMS messages, including informational messages, account or order updates, customer support messages, cart reminders, health or wellness tips, promotional offers, and other messages related to our Services. We may use cookies, pixels, and similar technologies to identify abandoned cart activity and, with appropriate consent, send cart reminder messages.

You may opt out of SMS messages by replying STOP to a message. After opting out, you may receive one final confirmation message. Message and data rates may apply. If you change or deactivate your mobile phone number, please update your account information to avoid messages being sent to the wrong number.

We do not share text messaging originator opt-in data and consent with third parties for their own marketing purposes. We may share phone numbers and related data with service providers that help us deliver SMS messages, but they are authorized to use the information only to provide services to us.

Rights and Choices

9. Your Privacy Rights and Choices

Depending on your state, country, and the nature of your relationship with PlexusDx, you may have rights to know, access, correct, delete, restrict, withdraw consent, object to certain processing, opt out of certain sales, sharing, targeted advertising, or profiling, receive a portable copy of information, or appeal a privacy request denial.

To submit a privacy request, email info@plexusdx.com with the subject line Privacy Request. We may need to verify your identity before fulfilling a request. Authorized agents may be required to provide proof of authorization.

You may also have privacy rights directly with healthcare providers, pharmacies, laboratories, patient portals, CareValidate-supported systems, or other third-party service providers, as described in their privacy policies or notices.

AccessDeleteCorrectOpt outAppeal

Consumer Health Data

10. Consumer Health Data Privacy Policy Supplement

This Consumer Health Data Privacy Policy Supplement applies to personal information that may be defined as consumer health data, personal health data, or a similar term under applicable state privacy laws, including laws in Washington, Nevada, Connecticut, California, Colorado, Virginia, Utah, Oregon, Texas, Minnesota, Tennessee, Maryland, Indiana, Kentucky, Rhode Island, Montana, Nebraska, Iowa, Florida, Delaware, New Hampshire, New Jersey, and other states as applicable.

Some information processed by healthcare providers, pharmacies, laboratories, or provider portals may be subject to HIPAA or other healthcare privacy laws. In the spirit of transparency, this supplement describes consumer health data practices that may apply to PlexusDx Services.

Categories of Consumer Health Data We May Collect

  • Health conditions, treatment interests, symptoms, diagnoses, health goals, lifestyle information, and medical history you provide.
  • Medication, allergy, contraindication, pharmacy, prescription, refill, and fulfillment information.
  • Height, weight, BMI, vital signs, lab values, biomarker results, specimen status, genetic testing information, and wellness report information.
  • Reproductive, sexual health, hormone-related, gender-related, or similar information, if you choose to provide it or if it is relevant to a Service you request.
  • Information that identifies you as seeking healthcare services, prescription services, genetic testing, biomarker testing, supplements, wellness recommendations, or telehealth-related Services.
  • Information that may be used to infer, derive, or extrapolate information related to health or wellness.

Sources, Purposes, and Sharing of Consumer Health Data

We may collect Consumer Health Data directly from you, automatically through your use of the Services, and from healthcare providers, CareValidate-supported systems, pharmacies, laboratories, payment processors, service providers, marketing platforms, analytics providers, and other third-party sources. We may use it to provide, coordinate, personalize, support, protect, analyze, and improve Services; process orders and transactions; coordinate genetic testing, biomarker testing, telehealth intake, provider review, pharmacy fulfillment, laboratory services, and customer support; send service-related and marketing communications; conduct analytics, auditing, fraud prevention, security, and business operations; comply with legal obligations; and for other purposes you authorize.

Subject to applicable law and required consent, we may share Consumer Health Data with healthcare providers, CareValidate-supported systems, patient portals, pharmacies, laboratories, vendors, affiliates, payment processors, shipping providers, customer support providers, technology providers, marketing and analytics providers, professional advisors, government or regulatory entities, courts, transaction counterparties, and others at your direction or with your consent.

Consumer Health Data Rights

Depending on your jurisdiction, you may have the right to confirm whether we collect, share, or sell Consumer Health Data; access Consumer Health Data; receive a list of categories or specific third parties and affiliates with whom Consumer Health Data has been shared; delete Consumer Health Data; withdraw consent; and appeal a denial of a request. To exercise these rights, email info@plexusdx.com with the subject line Consumer Health Data Request.

PlexusDx does not sell identifiable Consumer Health Data without authorization where such authorization is required by applicable law. PlexusDx does not knowingly use geofencing technology to identify, track, collect information from, or send targeted advertising to consumers based on visits to in-person healthcare facilities where prohibited by consumer health data laws.

Implementation note: Some consumer health data laws may require a separate consumer health data privacy policy link. PlexusDx may choose to publish this supplement as a standalone footer-linked page in addition to including it here.

Security and Administration

11. Security, Retention, Children, Updates, and Contact

Security

PlexusDx uses reasonable administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized access, disclosure, alteration, misuse, loss, or destruction. No method of transmission, website operation, cloud storage, electronic communication, or data storage is completely secure. We cannot guarantee absolute security of information transmitted to or stored by PlexusDx, our vendors, healthcare providers, CareValidate-supported systems, laboratories, pharmacies, or other third parties.

Data Retention

We retain information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, provide Services, manage accounts and subscriptions, comply with legal and regulatory obligations, maintain laboratory or telehealth-related records where applicable, resolve disputes, enforce agreements, support security and fraud prevention, and meet business needs.

Children

The Services are intended for adults who are at least 18 years old unless a specific Service expressly permits otherwise under applicable law. We do not knowingly collect Personal Information from children under 13. Telehealth-related Services are not intended for individuals under 18 unless expressly permitted under the applicable program and law.

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, technology, privacy practices, legal obligations, or business operations. When we update this Privacy Policy, we will revise the effective or last updated date and post the updated version on this page or a similarly accessible page.

Contact Us

PlexusDx, Inc.
Privacy Administrator
Email: info@plexusdx.com
Website: https://plexusdx.com

You may also have the right to make privacy requests directly to your healthcare provider, pharmacy, laboratory, CareValidate-supported patient portal, or other third-party service provider, as described in their applicable privacy policies or notices.

— Why visitors trust PlexusDx

Built on credentials, not promises.

Compliance

503A pharmacy partner

State-licensed compounding facility, regulated by FDA and state boards.

Coverage

All 50 states

Telehealth-prescribed by licensed providers in every U.S. state.

Privacy

HIPAA-secure data

Health records, intake, and DNA results encrypted end-to-end.

Pricing

All-inclusive monthly

No membership, no platform fee, no per-dose markup. One price.

Important information

Compounded medications are not approved by the FDA or reviewed for quality, safety, or efficacy.

Novo Nordisk, Inc. is the only United States company with FDA-approved products containing semaglutide, identified under the trade names Rybelsus®, Ozempic®, and Wegovy®.

Lilly USA LLC is the only United States company with FDA-approved products containing tirzepatide, identified under the trade names Zepbound® and Mounjaro®.

The Precision Peptide Genetic Test analyzes how your genes influence peptide-related biological pathways. It does not recommend, prescribe, or determine which peptides you should use. Consult a qualified healthcare provider before beginning any peptide protocol.