Legal

Privacy Policy

OnPointPerformance PLLC  ·  Effective Date: April 28, 2026  ·  Last Updated: April 28, 2026

1. Introduction

OnPointPerformance PLLC ("OnPoint," "we," "us," or "our") is committed to protecting the privacy of our patients and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website or use our telehealth services.

Please read this policy carefully. If you disagree with its terms, please discontinue use of our services.

Note regarding health information: Health information collected in connection with your medical care as a patient of OnPointPerformance PLLC is protected under the Health Insurance Portability and Accountability Act (HIPAA). Please see our separate HIPAA Notice of Privacy Practices for information about how we handle your protected health information (PHI).

2. Information We Collect

We may collect the following categories of information:

  • Personal identification information — name, date of birth, address, phone number, email address
  • Health and medical information — medical history, symptoms, laboratory results, medications, and treatment records (governed by HIPAA when collected in the context of care)
  • Payment information — credit or debit card details, billing address (processed through secure third-party payment processors; we do not store full card numbers)
  • Technical data — IP address, browser type, device information, and website usage data collected through cookies and analytics tools
  • Communications — messages sent through our patient portal or email

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve our telehealth services and patient care
  • Communicate with you about your care, appointments, and membership
  • Process payments and manage your subscription
  • Comply with legal and regulatory obligations, including HIPAA
  • Send administrative communications, service updates, and — with your consent — wellness information
  • Analyze website usage to improve our online presence and patient experience

We do not sell your personal information to third parties. We do not use your health information for marketing purposes without your explicit consent.

4. Disclosure of Your Information

We may share your information with:

  • Healthcare partners — labs, pharmacies, and other providers involved in your care, as necessary to provide services and as permitted by HIPAA
  • Service providers — third-party vendors who assist in operating our website, patient portal, payment processing, and communications (e.g., Practice Better, Square); these vendors are contractually required to protect your information
  • Legal authorities — when required by law, court order, or to protect the rights and safety of our patients and staff

We require all third-party service providers who handle protected health information to sign a Business Associate Agreement (BAA) in compliance with HIPAA.

5. Cookies & Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your experience, analyze site traffic, and understand how visitors interact with our content. You may set your browser to refuse cookies, though some features of the website may not function properly as a result.

We do not use tracking technologies to target advertising based on your health information.

6. Data Security

We implement administrative, technical, and physical safeguards designed to protect your information from unauthorized access, use, or disclosure. Our patient portal is powered by Practice Better, a HIPAA-compliant platform with industry-standard encryption and security practices.

No method of data transmission or storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach affecting your protected health information, we will notify you as required by HIPAA and applicable law.

7. Data Retention

We retain your personal and health information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations (including medical record retention requirements under Texas law), resolve disputes, and enforce our agreements. Medical records are retained for a minimum of ten (10) years from the date of service, or as otherwise required by applicable law.

8. Your Rights

Depending on your state of residence and the nature of your information, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of certain personal information (subject to legal and medical record retention requirements)
  • Opt out of non-essential communications
  • Exercise your HIPAA rights as described in our Notice of Privacy Practices

To exercise any of these rights, contact us at info@onpointperformancepllc.com.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Your continued use of our services after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

OnPointPerformance PLLC
OnPointPerformance PLLC
Privacy Officer  |  Texas & Florida Concierge Telehealth
Email: info@onpointperformancepllc.com