Privacy Policy
Effective Date: April 10, 2026
Introduction
Wellby, Inc. ("Wellby," "we," "us," "our") respects your privacy. This policy explains how we collect, use, share, and protect your personal information when you use our website, submit a care request, or receive our services. By using Wellby, you agree to the practices described in this policy.
Information We Collect
Information You Provide
- Care intake form: name, email, phone number, ZIP code, relationship to care recipient, recipient's age range, care timeline, additional notes
- Waitlist form: email address, ZIP code
- Communications: any information you share when contacting us by phone, email, or through the website
Information Collected for Care Delivery
When you become a Wellby client, we may collect additional information necessary for providing care:
- Health information: diagnoses, medications, allergies, cognitive status, mobility level
- Care preferences: scheduling preferences, caregiver preferences, care plan details
- Emergency contacts
This information is provided by you or your authorized representative and is used solely for care planning and delivery.
Information Collected Automatically
- Device and browser information (type, operating system, browser version)
- IP address
- Pages visited and usage patterns
- Referring website
We collect this through our hosting and security providers' built-in analytics tools.
Payment Information
Payments are processed by Stripe. Wellby does not store your credit card number, debit card number, or bank account details. Stripe's handling of your payment information is governed by Stripe's own privacy policy.
How We Use Your Information
We use the information we collect for the following purposes:
- Evaluating and responding to care requests
- Creating and managing personalized care plans
- Matching you with an appropriate caregiver
- Scheduling and coordinating care services
- Processing payments and sending invoices
- Communicating with you about your care
- Sending transactional emails (confirmations, updates)
- Improving our website and services
- Complying with legal obligations
- Protecting the safety and security of our clients, caregivers, and the public
How We Share Your Information
Service Providers
We share information with trusted service providers who help us operate, including providers for:
- Database hosting and storage
- Transactional email delivery
- Payment processing
- Website hosting, security, and performance
These providers are contractually obligated to protect your information and may only use it to perform services on our behalf.
Caregivers
When you are matched with a caregiver, we share only the information necessary for them to provide care. This includes relevant health information, care plan details, and scheduling information. Caregivers are prohibited from copying or retaining client health data outside of Wellby's systems, and their access to your information ends when the caregiver relationship ends.
Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, safety, or property of Wellby, our clients, or the public.
Business Transfers
If Wellby is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
We Do Not Sell Your Information
Wellby does not sell, rent, or trade your personal information to third parties for marketing or advertising purposes. We do not share your information for cross-context behavioral advertising.
Health-Related Information
We understand that health information is especially sensitive. While Wellby is not a HIPAA-covered entity (we provide non-medical home care and do not bill insurance), we treat all health-related information with the highest level of care.
Specifically:
- Health data is collected only when necessary for care delivery
- Access is restricted to authorized Wellby staff and your assigned caregiver(s) on a need-to-know basis
- Health data is never used for marketing or advertising
- Health data is never sold or shared with third parties for their own purposes
Cookies and Tracking Technologies
We use essential cookies necessary for the website to function (such as session management). We do not use advertising cookies or tracking pixels.
Our hosting and security providers collect aggregated usage data to help us improve website performance. This data is not used to build individual user profiles or target advertising.
Data Retention
We retain your personal information for as long as necessary to provide our services, maintain our business relationship with you, and fulfill the purposes described in this policy. We may also retain information as required by applicable tax, financial, or legal obligations.
You may request deletion of your personal information at any time by contacting legal@wellbyhealth.com. We will process your request within 45 days, subject to any legal obligations requiring us to retain certain records.
Data Security
We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information. We also require our service providers to maintain appropriate data protection measures.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
Your Rights and Choices
We honor all applicable privacy rights under the laws of your state of residence. To make a request regarding your personal information, contact us at legal@wellbyhealth.com.
California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act:
- Right to know: You may request the categories and specific pieces of personal information we have collected, the sources, our business purposes for collecting it, and the categories of third parties with whom we share it.
- Right to delete: You may request that we delete your personal information, subject to certain exceptions.
- Right to correct: You may request correction of inaccurate personal information.
- Right to limit use of sensitive personal information: Health-related data may qualify as sensitive personal information under the CPRA. You have the right to limit its use to what is necessary for providing our services.
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
We do not sell personal information. We do not share personal information for cross-context behavioral advertising.
To submit a request, email legal@wellbyhealth.com. We will verify your identity and respond within 45 days.
| Category of PI | Sources | Purpose | Third Parties |
|---|---|---|---|
| Identifiers (name, email, phone, ZIP code) | You, via intake/waitlist forms | Provide services, communicate, process requests | Database, email, and payment service providers |
| Health information (diagnoses, medications, allergies, cognitive/mobility status) | You or your authorized representative | Care planning and delivery | Assigned caregivers only |
| Commercial information (payment history, services received) | You, Stripe | Billing, service records | Payment service provider |
| Internet/electronic activity (IP address, browser info, pages visited) | Automatic collection | Website improvement, security | Hosting and security providers |
| Geolocation (ZIP code, derived coordinates) | You, via forms | Determine service area availability | Database service provider |
FTC Health Breach Notification Rule
As a non-HIPAA entity that handles health-related information through our website and services, Wellby complies with the Federal Trade Commission's Health Breach Notification Rule. In the event of a breach involving your health data, we will notify affected individuals and the FTC as required by law.
Children's Privacy
Wellby's services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from anyone under the age of 18. If we learn that we have collected information from a person under 18, we will promptly delete it. If you believe we have inadvertently collected information from a minor, please contact us at legal@wellbyhealth.com.
Third-Party Links
Our website may contain links to third-party websites or services. Wellby is not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.
Changes to This Policy
We may update this Privacy Policy from time to time. Your continued use of Wellby after changes are posted constitutes your acceptance of the updated policy. The "Effective Date" at the top of this page indicates when this policy was last revised.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:
Email: legal@wellbyhealth.com
We will respond to your inquiry in a timely manner.