Privacy Policy

Last Updated: May 27, 2026

SofiaRX LLC ("SofiaRX," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what information we collect, how we use and share it, and what choices you have.

This Privacy Policy covers non-clinical personal information collected through our website and platform. Health information that qualifies as Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA) is governed by our separate Notice of Privacy Practices (NPP), which is available at [sofiarx.com/legal/hipaa-notice]. To the extent any provision of this Privacy Policy conflicts with our NPP with respect to PHI, the NPP controls.

Contact:

SofiaRX LLC
8 The Green, Suite 25729
Dover, DE 19901
legal@sofiarx.com

1. Who This Policy Covers

This policy applies to:

  • Visitors to our website (sofiarx.com) and any associated web pages;
  • Individuals who create an account or complete our intake questionnaire;
  • Patients who subscribe to and use the SofiaRX Services; and
  • Anyone who contacts us by email, phone, or through the platform.

This policy does not apply to information collected by third-party websites, applications, or services that may be linked from our platform.

2. Information We Collect

2.1 Information You Provide Directly

  • Account and contact information: Name, email address, phone number, date of birth, billing address, shipping address.
  • Health and medical information: Health history, weight, height, BMI, medications, family history, reproductive health information, GLP-1 history, fitness goals, and other information you provide during the intake process or clinical communications. This information may constitute PHI under HIPAA and is also governed by our NPP.
  • Payment information: Credit card or debit card details, HSA/FSA card details. Payment processing is handled by our third-party payment processor (currently Stripe, Inc.), and we do not store your full card number on our servers.
  • Communications: Messages you send to your care team, notes, and feedback you provide.
  • Subscription and order information: Your plan selection, order history, and shipment details.

2.2 Information Collected Automatically

When you visit our website or use our platform, we and our service providers may automatically collect:

  • Device and browser information: IP address, browser type, operating system, device identifiers.
  • Usage data: Pages visited, time spent on pages, links clicked, referring URLs, and other interactions with the platform.
  • Cookies and similar technologies: See Section 6 (Cookies) for more detail.
  • Location data: General location inferred from your IP address. We do not collect precise GPS location unless you explicitly provide it.

2.3 Information from Third Parties

  • Pharmacy partners: Licensed compounding pharmacies may share prescription status, dispensing records, and shipment tracking information with us.
  • Laboratory partners: Partner laboratories share your lab results and sample processing information with us.
  • Payment processors: We receive confirmation of payment transactions from Stripe.
  • Analytics providers: Third-party analytics services may provide aggregated or pseudonymized data about how users interact with our platform.

3. How We Use Your Information

We use your information for the following purposes:

  • Providing and operating the Services: Processing your intake, facilitating clinical evaluations, coordinating prescription fulfillment, delivering lab results, and managing your account.
  • Sofia AI health coach: Your health and activity data is used to personalize Sofia's responses and provide relevant coaching. See Section 4 for important disclosures about AI data use.
  • Clinical coordination: Sharing relevant information with licensed prescribers, compounding pharmacies, and lab partners to deliver your care.
  • Billing and payments: Processing subscription charges, refunds, and resolving billing disputes.
  • Communications: Sending appointment reminders, order updates, lab results, clinical follow-up messages, and service-related notifications.
  • Safety and compliance: Monitoring for adverse events, addressing safety concerns, and complying with applicable law.
  • Marketing (with your consent): Sending promotional emails, product updates, and other marketing communications.
  • Analytics and improvement: Understanding how users interact with the platform to improve our Services.
  • Legal obligations: Complying with court orders, subpoenas, legal process, or regulatory requirements.

4. Sofia AI Health Coach — Data Use Disclosure

The Sofia AI health coach uses information from your profile, health history, and prior interactions to provide personalized coaching responses. Specifically:

  • What data Sofia uses: Your intake information, lab results, order history, protocol details, and your conversation history with Sofia.
  • AI model improvement: SofiaRX may use de-identified or aggregated conversation data to improve the underlying AI models that power Sofia. We will not use individually identifiable PHI to train AI models without your separate authorization.
  • Sofia is not a clinician: Sofia's outputs are informational and do not constitute medical advice. Your clinician retains responsibility for your clinical care.
  • Opting out of AI coaching: You may request to limit or discontinue use of the Sofia AI coach by contacting legal@sofiarx.com.

5. How We Share Your Information

We share your information only as described below. We do not sell your personal information for monetary compensation.

5.1 Licensed Clinicians and Care Team

We share your health and account information with the licensed physicians and care team members involved in your care, as necessary to provide clinical services.

5.2 Pharmacy Partners

We share your name, address, prescription details, and relevant health information with licensed compounding pharmacies to fulfill your prescriptions.

5.3 Laboratory Partners

We share your name, address, and test orders with laboratory partners to process at-home lab kits and return results to your care team.

5.4 Service Providers (Vendors)

We share information with third-party vendors who help us operate the platform, including:

  • Payment processing (Stripe, Inc.)
  • Cloud infrastructure and hosting (Supabase, Vercel)
  • Analytics and error monitoring
  • Customer support tools
  • Email and SMS communication providers

6. Cookies and Tracking Technologies

We use cookies, pixels, and similar tracking technologies on our website and platform. These include essential cookies, analytics cookies, and marketing/advertising cookies.

7. Data Retention

We retain your information for as long as necessary to provide the Services and meet our legal obligations. Health and medical records are retained for a minimum of seven (7) years.

8. Security

We implement administrative, technical, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, or destruction.

9. Children's Privacy

The Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children.

10. Third-Party Links

Our website and platform may contain links to third-party websites, applications, or services. We are not responsible for their privacy practices.

11. Your Privacy Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information, including the right to access, correct, or delete your information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice on our website or by email.

13. Contact Us

For questions, concerns, or requests related to this Privacy Policy or your personal information, contact:

SofiaRX LLC — Privacy Team
8 The Green, Suite 25729
Dover, DE 19901
legal@sofiarx.com