Privacy Policy
Effective Date: June 15, 2026
Seraphin Medical and Wellness (“Seraphin,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website or receive services from our practice.
As a healthcare provider, we are also subject to the Health Insurance Portability and Accountability Act (HIPAA). Where applicable, your rights under HIPAA govern your protected health information (PHI). Our Notice of Privacy Practices, provided separately, describes those rights in full.
1. Information We Collect
Personal Information
When you interact with Seraphin — whether by scheduling an appointment, completing intake forms, or contacting us — we may collect:
- Full name, date of birth, and contact information (email, phone, address)
- Payment and billing information
- Insurance information (collected for reference only; we do not bill insurance)
- Communications you send to us via email, text, or patient portal
Protected Health Information (PHI)
In the course of providing medical services, we collect health-related information including:
- Medical history, current medications, supplements, and allergies
- Treatment records, progress notes, and clinical photographs
- Laboratory results and diagnostic information
- Aesthetic treatment records, product usage, and outcomes
- Hormone therapy panels, weight loss program data, and functional medicine findings
Website and Technical Information
When you visit our website, we may automatically collect:
- IP address, browser type, and device information
- Pages visited, time spent on pages, and referral URLs
- Cookie and session data (see our Cookie Policy section below)
2. How We Use Your Information
We use the information we collect for the following purposes:
- To provide, personalize, and coordinate your medical care
- To schedule appointments and send confirmations and reminders
- To process payments and manage your account
- To communicate with you about your treatment plan, lab results, and follow-up care
- To comply with legal and regulatory obligations, including Tennessee state law and HIPAA
- To improve our services and patient experience
- To send informational or wellness content if you have opted in
3. How We Share Your Information
Seraphin does not sell, rent, or trade your personal or health information. We may share your information in limited circumstances, including:
Treatment and Care Coordination
We may share PHI with other healthcare providers involved in your care, including laboratory services, pharmacies, and specialists, as permitted under HIPAA.
Business Associates
We work with third-party vendors who assist in operating our practice, including our electronic health record (EHR) platform, payment processors, and scheduling software. These vendors are required to sign Business Associate Agreements (BAAs) and to protect your PHI in accordance with HIPAA.
Legal Obligations
We may disclose your information when required by law, such as in response to a court order, subpoena, or public health authority requirement.
With Your Authorization
We will share your information in any other circumstance only with your explicit written authorization, which you may revoke at any time.
4. Your HIPAA Rights
As a patient, you have the following rights regarding your PHI under HIPAA:
- Right to access and receive a copy of your health records
- Right to request corrections to inaccurate or incomplete records
- Right to request restrictions on how we use or share your information
- Right to receive a list of disclosures we have made of your PHI
- Right to request confidential communications (e.g., contact you only at a specific number or address)
- Right to receive our Notice of Privacy Practices
To exercise any of these rights, please contact us in writing at the address provided below.
5. Data Security
We implement administrative, technical, and physical safeguards to protect your personal and health information from unauthorized access, disclosure, or misuse. These measures include:
- Encrypted electronic health records and secure patient portal
- Role-based access controls limiting staff access to PHI
- Secure transmission of sensitive information using SSL/TLS protocols
- Regular staff training on privacy and data security practices
No method of electronic transmission or storage is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security.
6. Clinical Photography
As part of our aesthetic and wellness services, Seraphin may take before-and-after photographs to document treatment outcomes. These images are:
- Stored securely within your medical record
- Used only for clinical documentation and quality of care purposes
- Never shared publicly, on social media, or used for marketing without your separate, explicit written consent
You have the right to decline clinical photography. Refusal will not affect the quality of care you receive.
7. Cookies and Website Tracking
Our website uses cookies and similar technologies to enhance your browsing experience, analyze site traffic, and understand how visitors interact with our content. You may adjust your browser settings to refuse cookies; however, some features of our website may not function properly without them.
We do not use cookies to collect PHI or link website activity to your medical record.
8. Text and Email Communications
With your consent, we may contact you via text message or email for appointment reminders, wellness tips, and clinic updates. Standard messaging and data rates may apply for text communications. You may opt out of marketing communications at any time by replying STOP to a text message or clicking unsubscribe in an email.
Please note that email and SMS are not fully secure channels. We recommend using our secure patient portal for sensitive health communications.
9. Retention of Information
We retain medical records in accordance with Tennessee state law, which generally requires retention for a minimum of 10 years from the date of last treatment (or until a minor patient reaches age 19, whichever is longer). Financial and billing records are retained as required by applicable law and our operational needs.
10. Children's Privacy
Our services are intended for adults aged 18 and older. We do not knowingly collect personal information from individuals under 18 without verified parental or guardian consent. If you believe we have inadvertently collected information from a minor, please contact us immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify patients of material changes via our patient portal or email. We encourage you to review this Policy periodically.
12. Contact Us
For questions, concerns, or to exercise your privacy rights, please contact:
Seraphin Medical and Wellness
Nashville, Tennessee
You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights if you believe your privacy rights have been violated. We will not retaliate against you for filing a complaint.