Biome

Privacy Policy

Last Updated: April 14, 2026

1. Introduction

Biome Health, Inc. (“Biome,” “we,” “our,” or “us”) is committed to protecting your privacy and maintaining the confidentiality of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and related services (collectively, the “Service”). By using the Service, you agree to the practices described in this Privacy Policy.

2. Our Commitment to Your Privacy

We maintain appropriate physical, technical, and administrative safeguards to protect your personal and health information. We use and disclose your information only as permitted by applicable law and as described in this Privacy Policy.

3. Information We Collect

3.1 Information You Provide

We collect information you voluntarily submit to us, including:

  • Contact Information: Name, email address, phone number, and mailing address
  • Health Information: Medical history, current health conditions, medications, allergies, symptoms, and other health-related data you provide through intake forms or the app
  • Account Information: Credentials used to create and authenticate your account
  • Payment Information: Credit or debit card details and billing address, processed securely through our third-party payment processor
  • Communications: Messages, feedback, and other correspondence you send to us

3.2 Information Collected Automatically

When you use the Service, we may automatically collect:

  • Device Information: Browser type, operating system, device model, and unique device identifiers
  • Usage Data: Pages viewed, features used, time spent on pages, and navigation patterns
  • Log Data: IP address, access times, error reports, and referring URLs
  • Location Data: General geographic location derived from your IP address

3.3 Cookies

We currently use only essential cookies necessary for the Service to function properly (such as maintaining your session while logged in). We do not use third-party advertising or analytics cookies. If this changes in the future, we will update this policy and provide you with appropriate notice and controls.

4. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Facilitate clinical evaluations and connect you with licensed healthcare providers
  • Process orders and coordinate prescription fulfillment through our pharmacy partners
  • Send transactional communications including order confirmations, shipping updates, and account notifications
  • Send promotional communications about products and services, where you have opted in
  • Detect, investigate, and prevent fraud or unauthorized activity
  • Analyze usage patterns to improve user experience and develop new features
  • Comply with legal and regulatory obligations

5. Use of Artificial Intelligence

Biome uses artificial intelligence (“AI”) technologies to enhance certain aspects of the Service. This may include:

  • Generating personalized health insights and wellness recommendations
  • Analyzing health data to surface relevant trends and patterns
  • Assisting our clinical and support teams in responding to inquiries
  • Improving the Service and developing new features

AI-generated content is informational and does not replace professional medical advice. Clinical decisions, including prescriptions, are always made by licensed healthcare providers. We do not use AI to make automated decisions that produce legal effects or similarly significant outcomes for you without human oversight.

6. How We Share Your Information

We do not sell your personal information. We do not rent or share your information with third parties for their own marketing purposes.

We may share your information in the following circumstances:

  • Healthcare Providers: We share relevant health information with the licensed clinicians who evaluate and treat you through the Service
  • Pharmacy Partners: When you are prescribed medication, we share necessary information (name, contact details, prescription information, and shipping address) with our pharmacy partners for fulfillment. Our pharmacy partners are bound by their own privacy obligations and applicable regulations
  • Service Providers: We work with third-party companies that help us operate the Service, including payment processors, cloud hosting providers, email delivery services, and customer support tools. These providers only access your information as needed to perform their functions and are contractually obligated to protect it
  • With Your Consent: We may share information when you give us explicit permission
  • Legal Requirements: We may disclose information if required by law, subpoena, court order, or government regulation
  • Safety and Rights: We may share information when we believe it is necessary to protect the rights, property, or safety of Biome, our users, or others
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity

7. Text Messaging

If you opt in to receive text messages from us, we may send you transactional messages (such as order updates and appointment reminders) and, where separately consented to, promotional messages about our products and services.

  • Message frequency may vary. Message and data rates may apply.
  • You may opt out of text messages at any time by replying STOP to any message or by contacting us at hello@biome.you.
  • Your opt-in consent to receive text messages and the phone number you provide for that purpose will not be shared with any third parties for their own marketing use. This data is shared only with service providers who facilitate message delivery on our behalf.

8. Data Retention

We retain your information only as long as reasonably necessary to fulfill the purposes described in this policy and to comply with legal obligations. Our general retention periods are:

  • Account information: For the duration of your account and up to 7 years after closure for legal and regulatory purposes
  • Health records: A minimum of 6 years from the date of creation or the date last in effect, whichever is later, or longer if required by state law
  • Transaction records: Up to 7 years for tax and accounting compliance
  • Communications: Up to 3 years from the date of correspondence
  • Device and usage data: Up to 13 months

When retention periods expire, we securely delete or de-identify your information. If immediate deletion is not possible (for example, data stored in backup archives), we isolate the information from further processing until deletion can be completed.

9. Your Rights

Under applicable privacy laws, you have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate or incomplete information
  • Deletion: Request that we delete your personal information, subject to legal retention requirements
  • Restriction: Request that we limit how we use your information
  • Data Portability: Request a copy of your information in a structured, machine-readable format
  • Objection: Object to certain uses of your information
  • Communication Preferences: Request that we contact you through a specific channel or at a specific address

To exercise any of these rights, please contact us at hello@biome.you. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

10. Opt-Out Procedures

Marketing Emails

You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link at the bottom of any marketing email, or by emailing us at hello@biome.you.

Text Messages

Reply STOP to any text message or contact us at hello@biome.you.

Information Sharing

To opt out of certain information sharing practices, email us at hello@biome.you with the subject line “Opt Out” and specify which types of sharing you wish to opt out of.

11. Automated Decision-Making

We may use automated processes for purposes such as fraud detection, security monitoring, and generating personalized content and health insights based on your data.

You have the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significant consequences for you. All clinical decisions, including prescriptions and treatment plans, involve review by a licensed healthcare provider. If you have questions or concerns about automated processing, please contact us at hello@biome.you.

12. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on privacy and security practices
  • Physical security measures for our facilities and equipment

No method of electronic transmission or storage is completely secure. While we take reasonable measures to protect your information, we cannot guarantee absolute security.

13. Data Breach Notification

In the event of a security breach affecting your personal information, we will:

  • Notify affected individuals via email and/or a notice on our website within 72 hours of confirming the breach
  • Provide details about the nature of the breach, what information was involved, and what steps we are taking to investigate and resolve it
  • Notify applicable regulatory authorities as required by law
  • Offer appropriate remediation measures based on the nature of the compromised information

14. Third-Party Links

The Service may contain links to third-party websites, applications, or services that are not operated by us. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party services before providing them with your information.

15. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe we have collected information from your child, please contact us and we will promptly delete it.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of changes by posting the revised policy on this page and updating the “Last Updated” date above. For material changes, we will provide additional notice via email or a prominent notice within the Service.

17. Contact Us

If you have questions about this Privacy Policy, your rights, or our privacy practices, please contact us at:

Biome Health, Inc.
Privacy Team
Email: hello@biome.you

If you believe your privacy rights have been violated, please contact us at hello@biome.you.