Large Call to Action Headline

Vital Radiance Wellness (“Vital Radiance,” “we,” “us,” or “our”) operates clinical services (in-person and virtual care) and an e-commerce site offering skincare products, including our physician-developed Vital Rituals line (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and protect information across our clinical and retail operations.

HIPAA NOTICE: When we provide clinical services, some information we collect is Protected Health Information (“PHI”) governed by the Health Insurance Portability and Accountability Act (“HIPAA”). Our use and disclosure of PHI are described in our Notice of Privacy Practices (“NPP”), not this Privacy Policy. To request a copy of our NPP, contact us at [email protected].

1) Who We Are & How to Contact Us

Controller/Provider: Vital Radiance Wellness
Email: [email protected]
Phone: 407-974-3500
Address: 29 W. Smith St. Winter Garden, FL 34787

2) Scope: PHI vs. Non-PHI

PHI (Clinical): Information created or received in the course of your medical care (e.g., diagnoses, treatment plans, lab results, prescriptions, clinical photos) is handled per HIPAA and our NPP.

Non-PHI (E-commerce/Marketing/Website): Information collected on our websites, online store, marketing channels, product quizzes not used for clinical care, and general customer support is covered by this Privacy Policy and applicable privacy laws (e.g., CCPA/CPRA, state privacy laws, GDPR where applicable).

3) Information We Collect (Non-PHI)

We collect personal information when you browse, purchase, create an account, engage with marketing, or contact us:

Identifiers & Contact: name, email, phone, billing/shipping address.

Account & Order Data: login credentials (hashed), order history, preferences, saved items.

Payment Data: processed by our payment providers (e.g., Shopify/Stripe/PayPal/Apple Pay/Google Pay). We do not store full card numbers.

Device/Usage Data: IP address, device/browser type, pages visited, referring URLs, timestamps, approximate location, and cookies/pixels.

Marketing & Communications: newsletter/SMS opt-ins, campaign interactions, preferences.

Support & UGC: messages to support, product reviews, survey/quiz responses (e.g., skin or hair goals), and optional photos you upload.

Inferences: derived preferences to personalize products or content.

If you submit health-related details on our retail site outside clinical care, we treat it as sensitive and use it only as described here. To receive medical advice, please book a visit—at which point HIPAA applies.

4) Sources of Information

Directly from you (forms, checkout, support, events).

Automatically from your device (cookies, pixels, SDKs, analytics).

From service providers/partners (e.g., e-commerce, advertising, shipping).

From social networks if you connect or interact with our pages

5) How We Use Non-PHI

Operate & fulfill: process orders, payments, shipping/returns, account management.

Customer support: respond to inquiries and troubleshoot.

Personalize & recommend: tailor products, content, and offers.

Marketing & communications: send emails/SMS/ads with your consent where required.

Analytics & improvement: measure site performance, enhance Services and user experience.

Security & fraud prevention: detect and prevent fraud, abuse, or illegal activity.

Compliance: meet legal, tax, and regulatory obligations; enforce terms; defend claims.

GDPR legal bases (where applicable): contract performance, legitimate interests (e.g., security, analytics, personalization), legal obligations, and consent (e.g., for certain cookies/marketing).

6) Cookies, Pixels & Similar Technologies

We use cookies and similar tech (e.g., Google Analytics, Meta Pixel) to run the site, remember your preferences, personalize content/ads, and measure effectiveness.

Manage preferences via our cookie banner or your browser/device settings.

Interest-based ad choices: visit DAA/NAI opt-out tools and mobile “Limit Ad Tracking/Ad Personalization.”

7) How We Share Information (Non-PHI)

We do not sell your information in the traditional sense. We may “share” data for cross-context behavioral advertising as defined by some laws.

Service Providers/Processors: e-commerce platforms, payment processors, shipping partners, email/SMS vendors, analytics, hosting/IT, security.

Advertising/Analytics Partners: to personalize content/ads and measure performance (subject to your choices).

Affiliates/Corporate Transactions: if we undergo a merger, acquisition, or asset transfer.

Legal/Safety: to comply with law or protect rights, property, or safety.

With Your Consent: e.g., when you connect third-party apps or post public reviews.

Clinical Partners (PHI): When you receive clinical care, we may share PHI with laboratories, pharmacies/compounding pharmacies, EMR/telehealth platforms, and other health providers as permitted by HIPAA and our NPP.

8) Clinical Services & Telehealth (PHI)

For appointments, telehealth visits, treatment, payment, and healthcare operations, we collect and use PHI per HIPAA. This includes intake forms, clinical photos (with consent), lab orders/results, prescriptions, and communications in patient portals.

Patient Portal & Telehealth: Use is subject to HIPAA and the platform’s security controls.

Research/Quality Improvement: We may use de-identified data for quality improvement, analytics, or research as permitted by law.

Please review our NPP for full details or contact [email protected] to request a copy.

9) SMS, Email & Push Communications

By opting into SMS or email, you consent to receive messages (e.g., order updates, promotions, appointment reminders). Msg/data rates may apply. Frequency varies.

Opt-out: reply STOP to SMS; click unsubscribe in emails; adjust app/browser notifications; or contact us. Consent is not required to purchase.

10) Your Privacy Rights

Depending on your location, you may have the right to request:

Access/Know what personal information we hold,

Correction of inaccurate information,

Deletion of information (subject to legal exceptions),

Portability (a portable copy),

Opt-out of “sale”/“sharing” of personal information, targeted advertising, or certain profiling,

Limit use/disclosure of sensitive information (where applicable),

Withdraw consent, and

Non-discrimination for exercising rights.

How to exercise: Email privacy@[yourdomain].com with your request and sufficient details to verify your identity. You may authorize an agent (additional verification may apply). Where required, you may appeal a denial by replying “APPEAL” to our response.

California (CPRA): You may opt-out of “sale”/“sharing” via our cookie banner/preferences tool or by contacting us. We provide categories of data collected, sources, purposes, and disclosures upon request. We do not knowingly sell/share data of consumers under 16.

11) Data Retention

We retain information as needed to provide Services and meet legal obligations:

Orders/Transactions: typically 7 years (or as required by law).

Accounts/Marketing: while your account/consent is active, then deleted or de-identified within a reasonable period.

Clinical Records (PHI): retained per HIPAA/state medical record retention laws.

Support/Logs: per operational and legal requirements.

We may retain and use de-identified or aggregated data.

12) Security

We implement administrative, technical, and physical safeguards proportional to risk (e.g., encryption in transit, access controls, least-privilege). No system is 100% secure. Please protect your account credentials and notify us of any suspected unauthorized access.

13) Children’s Privacy

Our retail site is not intended for children under 13 (or the age of digital consent in your country). We do not knowingly collect children’s personal information online. If you believe a child has provided information, contact us to request deletion. Clinical pediatric care, if offered, is governed by HIPAA and our NPP.

14) Third-Party Sites & Social Media

Our Services may link to third-party websites or social platforms we do not control. Their practices govern any data you provide there.

15) International Data Transfers

If you access our Services from outside the United States, your information may be transferred to and processed in the U.S. and other countries. Where required, we use appropriate safeguards for international transfers (e.g., Standard Contractual Clauses).

16) Do Not Track

There is no industry standard for responding to “Do Not Track” signals; we do not respond to DNT at this time. We honor state opt-out mechanisms where applicable and provide cookie/ad preference tools.

17) Financial Incentives & Loyalty

If we offer discounts, referrals, or loyalty programs that may be considered a “financial incentive” under certain laws, we will disclose program terms at enrollment (including the categories of personal information involved and how to opt-in/opt-out).

18) State-Specific Disclosures (Summary)

California “Notice at Collection” (summary):

Categories collected: identifiers (contact), commercial info (orders), internet activity (usage data), geolocation (approximate), inferences (preferences).

Purposes: to operate the site, fulfill orders, personalize content, marketing/ads, analytics, security, legal compliance.

Disclosures: service providers (e-commerce, shipping, payment, IT/hosting), advertising/analytics partners, affiliates (as applicable).

Sale/Sharing: we may share for cross-context behavioral advertising (opt-out available).

Retention: as described in Section 11.

Sensitive data: generally not sought; if provided outside clinical care, used only as described here. PHI handled under HIPAA/NPP.

For detailed state notices (e.g., CO/CT/VA/UT), contact [email protected].

19) Changes to This Policy

We may update this Privacy Policy from time to time. The Effective Date reflects the latest revision. Material changes will be posted here and, where required, we will notify you.

20) Contact Us

Questions, requests, or concerns about privacy?
Email: [email protected]
Mail: 29 W Smith St. Winter Garden, FL 34787
Phone: 407-974-3500

For clinical PHI matters, request our Notice of Privacy Practices via the contact above.

Cookie Banner Language (Website)

We use cookies to improve your experience, analyze performance, personalize content/ads, and for marketing. Click “Accept All” to consent, or manage preferences in Cookie Settings. See our Privacy Policy for details.