Our Commitment: Flore is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal information in compliance with HIPAA, GDPR, and CCPA.
1. Information We Collect
From Healthcare Providers
- Name, credentials, and license information
- Contact information (email, phone, address)
- Practice/clinic information
- Portal usage and payment data
Patient Information (via Providers)
- Name and date of birth
- Health conditions and symptoms
- Microbiome test results
- Formulation history and outcomes
2. How We Use Information
| Purpose | Data Used |
|---|---|
| Create personalized formulations | Health data, microbiome results |
| Process and ship orders | Contact, shipping, payment |
| Improve algorithms | Aggregated, de-identified data |
3. Data Protection
- End-to-end encryption (TLS 1.3)
- Encryption at rest (AES-256)
- Role-based access controls
- Regular security audits
Patient health information (PHI) is handled in accordance with HIPAA. See our HIPAA Notice.
4. Data Sharing
We do not sell your personal information. We may share data with:
- Service providers: Payment processors, shipping carriers
- Healthcare providers: Patient data accessible only to submitting provider
- Legal requirements: When required by law
5. Your Rights
- Access your personal data
- Correct inaccurate data
- Request deletion (subject to legal retention)
- Opt out of marketing communications
6. Contact
Email: craig.rouskey@flore.com (Subject: Privacy Request)
Location: California & Illinois