Updated on: 12/02/2026
This Privacy Policy describes how Avinity Health Clinic, LLC ("Avinity Health," "we," "us," or "our") collects, uses, discloses, and protects information about you when you visit our website (avinityhealth.com) or receive clinical or wellness services at our Scottsdale, Arizona location. This Policy applies to all individuals who interact with Avinity Health, including website visitors, registered users, patients, and prospective patients.
Avinity Health is committed to protecting the privacy, confidentiality, and security of your personal information and health information. We comply with applicable federal and Arizona privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Arizona Online Privacy Protection Act (A.R.S. § 18-551 et seq. ["AzOPPA"]), the Arizona data breach notification statute (A.R.S. § 44-7501), and the Federal Trade Commission Act.
PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY ACCESSING OR USING OUR WEBSITE OR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY. IF YOU DO NOT AGREE, PLEASE DO NOT USE OUR WEBSITE OR SERVICES.
Avinity Health is a physician-guided longevity, wellness, and medical aesthetics clinic located at 11000 N. Scottsdale Road, Suite 100, Scottsdale, AZ 85254. We provide in-person and telehealth clinical services, including PlasmaRestore™ Therapeutic Plasma Exchange (TPE), IV therapy, injectable neurotoxins, dermal fillers, and medical-grade microneedling, among other wellness services.
Avinity Health operates as a cash-pay, physician-guided clinic. We are the data controller for personal information we collect directly from you. For Protected Health Information (PHI) collected in connection with the delivery of clinical services, Avinity Health is a health care provider subject to HIPAA. Our Notice of Privacy Practices (NPP), which is provided to patients separately, governs the use and disclosure of your PHI and is incorporated herein by reference.
Contact information for privacy-related inquiries:
Avinity Health Clinic, LLCWe collect information about you from multiple sources and in different ways, depending on how you interact with us.
When you visit our clinic, create an account, schedule an appointment, complete intake forms, or communicate with us, you may provide:
In connection with the delivery of clinical services, we collect and maintain Protected Health Information as defined by HIPAA. PHI includes any health information that identifies or could reasonably be used to identify you and relates to your physical or mental health condition, the provision of health care to you, or payment for that care. PHI collected by Avinity Health may include:
The use and disclosure of your PHI is governed by HIPAA, the HITECH Act, and our Notice of Privacy Practices. Please refer to Section 6 of this Privacy Policy and your NPP for a full description of your rights regarding your PHI.
When you visit the Avinity Health website, we automatically collect certain technical and usage information, including:
This information is collected through cookies, web beacons, pixel tags, and similar tracking technologies, as described in Section 7 of this Privacy Policy.
We may receive information about you from third parties, including:
Avinity Health uses the information we collect for the following purposes:
We use your health information and PHI to evaluate your clinical needs, develop and implement individualized treatment plans, schedule and manage appointments, document clinical care, communicate with you about your treatment, and coordinate with other healthcare providers as permitted by HIPAA and with your authorization.
We use technical and account information to operate, maintain, and improve the Avinity Health website, process account registrations, authenticate users, provide customer support, and troubleshoot technical issues.
We use your contact information to send appointment reminders and confirmations, clinical follow-up communications, post-treatment instructions, and responses to your inquiries. With your consent, we may also send promotional communications, including information about services, events, and offers, as well as requests for reviews or feedback regarding your experience. These communications may be delivered via email, text message, or other electronic means. You may opt out of promotional communications at any time using the unsubscribe mechanism provided in the communication or by contacting us directly. Transactional and service-related communications are not subject to marketing opt-out.
We may use non-PHI information to deliver targeted advertising on third-party platforms (such as Google and Meta) and to analyze the effectiveness of our marketing campaigns. We do not use or disclose Protected Health Information (PHI) for targeted advertising without your explicit written authorization. We implement technical and operational safeguards to prevent the transmission of PHI to advertising platforms. We may use your contact information to request reviews, testimonials, or feedback regarding your experience with Avinity Health. These requests will not include Protected Health Information unless you have provided separate authorization. We do not use Protected Health Information to personalize advertising or marketing communications without your explicit written authorization.
We may use your information to comply with applicable law, respond to legal process or government inquiries, enforce our Terms of Service, investigate suspected fraud or misconduct, and protect the safety, rights, and interests of Avinity Health, our staff, our patients, and the public.
We may use de-identified or aggregated information (from which all personal identifiers have been removed in accordance with HIPAA's de-identification standards) for quality improvement, clinical outcomes analysis, staff training, and business reporting.
The Digital Platform is not intended to provide medical advice. Information available through the website is for informational purposes only and does not constitute medical advice, diagnosis, or treatment.
Where applicable law requires a legal basis for processing your personal information, Avinity Health relies on one or more of the following:
Avinity Health does not sell your personal information or PHI. We share your information only as described in this Privacy Policy and, for PHI, only as permitted or required by HIPAA and our Notice of Privacy Practices.
We share information with trusted third-party vendors and service providers who assist us in operating our business and providing the Services. These providers include, without limitation, electronic health record (EHR) systems, patient relationship management (CRM) platforms, appointment scheduling and booking systems, telehealth platforms, payment processors, communications platforms (including email and messaging providers), and analytics or marketing service providers. These providers may also include:
Where any service provider processes PHI on our behalf, we enter into a HIPAA-compliant Business Associate Agreement (BAA) before sharing any such information. All service providers are required to maintain the confidentiality and security of your information and to use it only for the purposes we authorize.
With your authorization or as otherwise permitted by HIPAA, we may share your PHI with other healthcare providers, specialists, or laboratories involved in your care to ensure coordinated, appropriate treatment.
We may disclose your information (including PHI, as permitted by HIPAA) to comply with a court order, subpoena, regulatory investigation, or other legal obligation; to report suspected child abuse or neglect as required by Arizona law (A.R.S. § 13-3620); to respond to public health reporting requirements; or to protect the safety of you, our staff, or the public in circumstances permitted by HIPAA.
If Avinity Health is involved in a merger, acquisition, restructuring, or sale of all or substantially all of its assets, your personal information may be transferred as part of that transaction. We will provide notice of any such transfer and, where required by law, obtain consent before transferring PHI.
We may share aggregate, de-identified data (data that cannot reasonably be used to identify you) with partners, researchers, or the public for quality improvement, educational, or analytical purposes. Such data will not include your PHI and will be de-identified in accordance with HIPAA's de-identification standards (45 C.F.R. § 164.514).
We may share your information for purposes not described in this Privacy Policy with your explicit prior consent, which may be required to be in writing depending on the nature of the disclosure.
IMPORTANT: As a health care provider, Avinity Health is subject to HIPAA and the HITECH Act. Your Protected Health Information (PHI) is also governed by our Notice of Privacy Practices (NPP), which describes your rights and our obligations regarding your PHI in greater detail. The NPP is provided to you at or before your first clinical visit and is available upon request.
Avinity Health is a covered health care provider under HIPAA to the extent it provides clinical services and transmits health information electronically in connection with covered transactions. As such, Avinity Health maintains appropriate administrative, physical, and technical safeguards to protect the privacy and security of your PHI in compliance with the HIPAA Privacy Rule (45 C.F.R. Part 164, Subpart E) and Security Rule (45 C.F.R. Part 164, Subpart C).
Avinity Health may use and disclose your PHI without your specific authorization for the following purposes, as permitted by HIPAA:
All other uses and disclosures of your PHI require your written authorization, which you have the right to revoke at any time by notifying Avinity Health in writing, except to the extent that action has already been taken in reliance on the authorization.
As a patient, you have the following rights with respect to your PHI under HIPAA:
To exercise any of your HIPAA rights, please submit a written request to info@avinityhealth.com or in person at our Scottsdale clinic. Avinity Health will respond to your request within thirty (30) days, or as otherwise required by HIPAA.
The HITECH Act supplements HIPAA by strengthening privacy and security protections for electronic health information. Avinity Health complies with HITECH provisions applicable to health care providers, including requirements for timely breach notification and enhanced penalties for violations.
Avinity Health uses the following categories of cookies and tracking technologies on the website:
Avinity Health takes steps to prevent the inadvertent transmission of PHI to third-party advertising platforms through tracking pixels or similar technologies. We do not knowingly allow advertising pixels to access or collect PHI. Consistent with guidance from the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and FTC regulations, we configure tracking technologies to minimize the collection of health-related information without patient authorization.
You may control non-essential cookies through your web browser settings or by using the opt-out mechanisms provided by third-party analytics and advertising providers:
Please note that opting out of certain tracking technologies does not mean you will stop seeing advertisements; it means that those advertisements will not be personalized based on your online behavior.
Our website does not currently respond to "Do Not Track" (DNT) signals from web browsers. We encourage you to manage your cookie preferences directly through your browser settings.
Avinity Health implements administrative, physical, and technical safeguards designed to protect your personal information and PHI from unauthorized access, use, disclosure, alteration, and destruction. These measures include:
Despite these safeguards, no electronic transmission or storage system is completely secure. Avinity Health cannot guarantee the absolute security of your information. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at info@avinityhealth.com.
In the event of a security incident involving your personal information, Avinity Health will investigate and provide notification as required by applicable law, including Arizona's data breach notification statute (A.R.S. § 44-7501). Under Arizona law, individuals whose "personal information" (as defined in A.R.S. § 44-7501(A)(5)) has been compromised in a security incident must be notified in the most expedient manner possible and without unreasonable delay, but not later than forty-five (45) calendar days after we confirm that a breach has occurred and affected Arizona residents. Where required, we will also notify the Arizona Attorney General and consumer reporting agencies. For breaches involving PHI, we will additionally comply with the HIPAA Breach Notification Rule (45 C.F.R. Part 164, Subpart D), which generally requires notification within sixty (60) calendar days of discovery of the breach.
You are responsible for maintaining the security of your own devices, accounts, and login credentials. Avinity Health is not responsible for unauthorized access resulting from your failure to safeguard your credentials or devices.
Avinity Health retains your personal information and PHI for as long as necessary to fulfill the purposes described in this Privacy Policy, to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our agreements. Retention periods are determined by:
When personal information is no longer needed, we destroy or de-identify it in accordance with applicable law and secure data disposal practices.
Avinity Health complies with the Arizona Online Privacy Protection Act (A.R.S. § 18-551 et seq. ["AzOPPA"]), which requires operators of commercial websites and online services that collect personally identifiable information from Arizona residents to post a conspicuous privacy policy. This Privacy Policy satisfies that requirement. Under AzOPPA, Arizona residents may request information about the categories of personal information we collect and how it is used. To submit such a request, contact us at info@avinityhealth.com.
Regardless of your state of residence, you may have the right to:
Residents of certain states, including California, may have additional privacy rights under applicable law. To the extent such laws apply, Avinity Health will comply with those requirements. Please contact us to exercise any applicable rights.
To submit any privacy request, contact us at info@avinityhealth.com. We will respond within a reasonable time and may require verification of your identity before processing your request. Note that certain rights may be limited or unavailable where information is PHI governed by HIPAA, in which case the procedures described in Section 6.3 apply.
Avinity Health's Services are directed to adults age eighteen (18) and older. We do not knowingly collect personal information from children under the age of thirteen (13) through the website. Our website is not designed for or directed to children under 13.
In compliance with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq., and the FTC's COPPA Rule, if we discover that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will promptly delete that information. If you believe your child under 13 has provided personal information to us without your consent, please contact us immediately at info@avinityhealth.com.
Note: Clinical services for individuals under 18 may be available in appropriate circumstances with parental or guardian consent and physician evaluation. Any such services, and related PHI, are governed by our Notice of Privacy Practices, applicable Arizona minor consent statutes (including A.R.S. § 44-132 et seq.), and HIPAA.
The website may contain links to third-party websites, social media pages, or services. This Privacy Policy does not apply to those third-party sites or services. We encourage you to review the privacy policies of any third-party services you access through links on our website.
We use the following categories of third-party service providers that may have access to certain information about your interactions with the website:
Avinity Health does not control the privacy practices of these third-party providers beyond our contractual agreements with them.
All commercial email communications sent by Avinity Health comply with the Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act, 15 U.S.C. § 7701 et seq. Our commercial emails will:
To unsubscribe from promotional communications, use the unsubscribe link in any promotional email or contact us at info@avinityhealth.com. Transactional emails such as appointment confirmations, treatment reminders, and clinical communications may not be subject to marketing opt-out.
Avinity Health's privacy practices are consistent with the Arizona Consumer Fraud Act (A.R.S. § 44-1521 et seq.), which prohibits unfair or deceptive acts or practices in connection with consumer transactions, including misrepresentations about data privacy practices. We represent that our actual data practices are consistent with the representations made in this Privacy Policy.
Patient medical records maintained by Avinity Health are subject to Arizona's medical records access statutes (A.R.S. §§ 12-2291 through 12-2296), which govern the right of patients to access and obtain copies of their medical records. Requests for medical records should be submitted in writing to info@avinityhealth.com or delivered in person to our Scottsdale clinic.
Telehealth consultations conducted by Avinity Health comply with Arizona's Telehealth Act (A.R.S. § 36-3601 et seq.), including requirements for informed consent, patient confidentiality, and secure transmission of health information during telehealth encounters.
Avinity Health reserves the right to update or modify this Privacy Policy at any time. When we make changes, we will update the "Last Updated" date at the top of this Policy and, where changes are material, provide notice by posting a prominent announcement on the website or by sending an email notification to the address associated with your account.
Your continued use of the Services following the posting of a revised Privacy Policy constitutes your acknowledgment of the changes. If changes to this Privacy Policy involve a materially different use of your PHI, we will obtain your written authorization as required by HIPAA before implementing such changes with respect to your health information.
We encourage you to review this Privacy Policy periodically. Archived versions of prior Privacy Policies are available upon written request to info@avinityhealth.com.
If you have questions, concerns, or complaints about this Privacy Policy or our data practices, or if you wish to exercise any of your privacy rights, please contact our Privacy Officer:
Avinity Health Clinic, LLCHIPAA Complaints: If you believe your health information privacy rights have been violated, you have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights (OCR) at hhs.gov/ocr/privacy or by calling 1-800-368-1019. You will not be retaliated against for filing a complaint with Avinity Health or OCR.
Arizona Attorney General: If you believe your rights under Arizona law have been violated, you may also contact the Arizona Attorney General's Office Consumer Information and Complaints at azag.gov or (602) 542-5763.