Privacy policy

Effective Date: 03/19/2026

The website at summaup.com is owned and operated by SummaUp LLC, an Arkansas limited liability company (“SummaUp”, “Company,” “we,” “us,” or “our”). Our website links to other websites that are owned by third parties but that we control. This Privacy Policy and Terms of Use (“Privacy Policy”) describes how we collect information from you through our website and the linked third-party websites (collectively, the “Websites”), why we collect information about you, how we use or disclose this information, and how you may update, delete, or request identifiable information about you from our records. In addition, this Privacy Policy provides the terms and conditions of your use of the Websites. By using the Websites, you agree to the provisions of this Privacy Policy, and if you do not agree to the provisions hereof, please do not use any of the Websites.

At SummaUp, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.

By creating, registering, or logging into an account through the Service, or otherwise accessing or using the Service, you are acknowledging the most recent version of this Privacy Policy.

If you are using the Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to act on such individual's behalf and that such individual acknowledges the practices and policies outlined in this Privacy Policy

Remember that your use of SummaUp’s Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.

We respect your privacy and are committed to protecting your personal information. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Personal Identifiable Information (PII) is never shared, sold, or conveyed to third parties for marketing purposes unless you have explicitly opted in. All text messaging data, including opt-in data and consent, will not be shared with any third parties unless required by law

Protected Health Information

When you set up an account with SummaUp, you are creating a direct customer relationship with SummaUp that enables you to access and/or utilize the various functions of the Platform and the Service as a user. As part of that relationship, you provide information to SummaUp, including but not limited to, your name, email address, shipping address, phone number and certain transactional information, that we do not consider to be "protected health information" or "medical information".

However, in using certain components of the Service, you may also provide certain health or medical information that may be protected under applicable laws. SummaUp is not a "covered entity" under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, and its related regulations and amendments from time to time (collectively, " HIPAA"). One or more of the Labs, Pharmacies or Medical Groups (as defined in our Terms and Conditions) may or may not be a "covered entity" or "business associate" under HIPAA, and SummaUp may in some cases be a "business associate" of a Pharmacy or Medical Group. It is important to note that HIPAA does not necessarily apply to an entity or person simply because there is health information involved, and HIPAA may not apply to your transactions or communications with SummaUp, the Medical Groups, the Providers, the Labs, or the Pharmacies. To the extent SummaUp  is deemed a "business associate" however, and solely in its role as a business associate, SummaUp, may be subject to certain provisions of HIPAA with respect to "protected health information," as defined under HIPAA, that you provide to SummaUp, the Medical Group or the Providers (" PHI"). In addition, any medical or health information that you provide that is subject to specific protections under applicable state laws (collectively, with PHI, "Protected Information" ), will be used and disclosed only in accordance with such applicable laws. However, any information that does not constitute Protected Information under applicable laws may be used or disclosed in any manner permitted under this Privacy Policy. Protected Information does not include information that has been de-identified in accordance with applicable laws.

The Medical Groups and Providers have adopted a Notice of Privacy Practices that describes how they use and disclose Protected Information. By accessing or using any part of the Service, you acknowledge receipt of the Notice of Privacy Practices from your Medical Group and Provider(s).

By accessing or using any part of the Service, you understand that even if HIPAA does apply to SummaUp, the Medical Groups, the Providers, the Labs, or the Pharmacies, any information that you submit to SummaUp that is not intended and used solely for the provision of diagnosis and treatment by the Medical Group and Providers, laboratory services by the Labs or prescription fulfillment by the Pharmacies, is not considered Protected Information, and will only be subject to our Privacy Policy and any applicable state laws that govern the privacy and security of such information. For purposes of clarity, information you provide to SummaUp in order to register and set up an account on the Platform, including name, username, email address, shipping address and phone number, are not considered Protected Information

Tracking Technologies and Explicit Consent for Health Data Sharing

We use cookies and tracking technologies (including Meta Pixel) to collect information about your use of our websites and apps. Some collection is required for the platform to function and cannot be disabled.

By clicking “I Agree” on our consent banner, you give your prior express written consent to us sharing your personal and health information (including sensitive data from intake quizzes, weight, medical history, or prescriptions) with third-party advertising and analytics partners such as Meta and Google. This consent applies even if your number or data is on any do-not-contact list.

We also use session-replay software (such as CrazyEgg, Lucky Orange or Hotjar) to record your interactions with the site in real-time. This includes mouse movements, scrolls, clicks, keystrokes in intake fields, and form submissions. By clicking “I Agree,” you expressly consent to the interception, recording, and transmission of your interactions with the website, including sensitive health data entered during intake quizzes.

To learn exactly who we share your data with and why, go to our [Privacy Policy] (this section).

What this Privacy Policy Covers

This Privacy Policy covers how we treat any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules or regulations (collectively, “Personal Data”) that we gather when you access or use our Services.  This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage. The personal data we collect depends on how you interact with us, the services you use, and the choices you make.

We collect information about you from different sources and in various ways when you use our services, including information you provide directly, information collected automatically, information from third-party data sources, and data we infer or generate from other data.

Personal Data

Categories of Personal Data We Collect

This chart details the categories of Personal Data that we collect and have collected over the past 12 months:

Category of Personal Data 

Examples of Personal Data We Collect

Categories of Third Parties With Whom We Share this Personal Data: 

Profile or Contact Data

  • First and last name

  • Email

  • Phone number

  • Service Providers

  • Parties You Authorize, Access or Authenticate

Online Identifiers

  • Unique identifiers such as account name and passwords

  • Session management identifiers, browser input such as mouse and keyboard strokes

  • Service Providers

  • Analytics Partners

Device/IP Data

  • IP address

  • Device ID

  • Domain server

  • Type of device/operating system/browser used to access the Services

  • Service Providers

  • Analytics Partners

Web Analytics

  • Web page interactions

  • Referring webpage/source through which you accessed the Services

  • Non-identifiable request IDs

  • Statistics associated with the interaction between device or browser and the Services

  • Service Providers

  • Analytics Partners

Geolocation Data

  • IP-address-based location information

  • Service Providers

  • Analytics Partners

Visual Data

  • Photo for profile photo 

  • Audio/video for telehealth

  • Service Providers

Other Identifying Information that You Voluntarily Choose to Provide

  • Identifying information in emails or letters you send us

  • Service Providers

Categories of Sources of Personal Data

We collect Personal Data about you from the following categories of sources:

  • You

  • When you provide such information directly to us.

  • When you create an account or use our interactive tools and Services.

  • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.

  • When you send us an email or otherwise contact us.  

  • When you use the Services and such information is collected automatically.

  • Through Cookies (defined in the “Tracking Tools and Opt-Out” section below).

  • If you download our mobile application or use a location-enabled browser, we may receive information about your location and mobile device, as applicable.

  • If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices.

  • Third Parties

  • Vendors

  • We may use analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.

  • Advertising Partners

  • We receive information about you from some of our vendors who assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements or communications.

  • Social Networks 

  • If you provide your social network account credentials to us or otherwise sign in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us.

Our Commercial or Business Purposes for Collecting Personal Data

  • Providing, Customizing and Improving the Services

  • Creating and managing your account or other user profiles.

  • Processing orders or other transactions; billing

  • Providing you with the products, services or information you request.

  • Meeting or fulfilling the reason you provided the information to us.

  • Determining permission levels to access the Services.

  • Providing support and assistance for the Services.

  • Improving the Services, including testing, research, internal analytics and product development.

  • Personalizing the Services, website content and communications based on your preferences.

  • Doing fraud protection, security and debugging.

  • Carrying out other business purposes stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws.

  • Creating and managing user accounts or other user profiles.

  • Marketing the Services

  • Marketing and selling the Services.

  • Corresponding with You

  • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about SummaUp or the Services.

  • Sending emails and other communications according to your preferences or that display content that we think will interest you.

  • Meeting Legal Requirements and Enforcing Legal Terms

  • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.

  • Protecting the rights, property or safety of you, SummaUp or another party.

  • Enforcing any agreements with you.

  • Responding to claims that any posting or other content violates third-party rights.

  • Resolving disputes.

We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated or incompatible purposes without providing you notice.

How We Share Your Personal Data

We disclose your Personal Data to the categories of service providers and other parties listed in this section as we determine necessary to complete your transactions or provide the services you have requested or authorized. Depending on state laws that may be applicable to you, some of these disclosures may constitute a “sale” of your Personal Data. Subject to the limitations described in the Protected Health Information section above, we may disclose your information to third parties in connection with the provision of our Service or as otherwise permitted or required by law. For example, we may disclose your information to:

For more information, please refer to the state-specific sections below.

  • Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:

  • Hosting, technology and communication providers.

  • Security and fraud prevention consultants.

  • Support and customer service vendors.

  • Payment processors

  • Analytics Partners. These parties provide analytics on web traffic or usage of the Services. They include:

  • Companies that track how users found or were referred to the Services.

  • Companies that track how users interact with the Services.

  • Business Partners. These parties partner with us in offering various services. They include:

  • Businesses that you have a relationship with.

  • Parties You Authorize, Access or Authenticate.

  • Third parties you access through the services.

  • You may connect with other users of the Services, including for example, doctors of StartVim, LLC.

Additionally, we may use your browsing and other activity on the Service to promote and market SummaUp, the Service, and the products and/or services offered via the Service, as well as to measure our advertising and marketing efforts. Depending on your activity on the Service, this may include information related to you visiting health-related pages on the Service. In some states, we may be required to obtain your consent prior to using information that constitutes sensitive personal information. While we may use information about your browsing activity on health-related pages, we do not use Protected Information for advertising or marketing.

We may de-identify your information and use, create and sell such de-identified information or any business or other purpose not prohibited by applicable law.

Legal Obligations

We may share any Personal Data that we collect with third parties in conjunction with any of the activities set forth under “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting Personal Data” section above.

Business Transfers

All of your Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

Data that is Not Personal Data

We may create aggregated, de-identified or anonymized data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you. 

Tracking Tools and Opt-Out

The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser, tell us how and when you visit and use our Services, analyze trends, learn about our user base and operate and improve our Services. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone or similar device when you use that device to access our Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Services do not support “Do Not Track” requests sent from a browser at this time.

We use the following types of Cookies:

  • Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and services unavailable.

  • Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These Cookies help us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

  • Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Services. They do this by collecting information about the number of visitors to the Services, what pages visitors view on our Services and how long visitors are viewing pages on the Services. For example, Google LLC (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of Cookies by visiting the Google advertising opt-out page at www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.

To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/.

Data Security and Retention

We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with our Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

Limitations on Use by Minors

Our Service is generally intended for use by individuals who are at least twenty-one (21) years of age or such older age as may be required by applicable state laws in the jurisdiction in which an individual utilizes the Service. Individuals who are between the ages of thirteen (13) and twenty-one (21) (or such older age of majority) may use the Service for the sole purpose of obtaining a medical consultation for the treatment of acne using topical skincare products (to the extent made available) if a parent or legal guardian provides consent to such use in accordance with the requirements set forth in our Terms and Conditions and the Service. The Service is not designed or intended to attract, and is not directed to, children under thirteen (13) years of age. If we obtain actual knowledge that we have collected personal information through the Platform from a person under thirteen (13) years of age, we will use reasonable efforts to refrain from further using such personal information or maintaining it in retrievable form.

Furthermore, if you are under sixteen (16) years of age, then you (or your parent or legal guardian if you are under age 13) may at any time request that we remove content or information about you that is posted on the Platform. Please submit any such request ("Request for Removal of Minor Information") to either of the following:

 

By mail:

SummaUp, LLC.
Attn: Privacy Officer, 

519 W 22nd St Suite 300-59742, Sioux Falls, SD, 57105, with a subject line of "Removal of Minor Information. If you send by mail, please send by U.S. Certified Mail, Return Receipt Requested to allow for confirmation of mailing, delivery and tracking.

By email:
 help@startsumma.com, with a subject line of "Removal of Minor Information"

For each Request for Removal of Minor Information, please state "Removal of Minor Information" in the email or letter subject line, and clearly state the following in the body of the request:

The nature of your request
The identity of the content or information to be removed
The location of the content or information on the Platform (e.g. by providing the URL)
That the request is related to the "Removal of Minor Information"
Your name, street address, city, state, zip code and email address, and whether you prefer to receive a response to your request by mail or email


We will not accept any Request for Removal of Minor Information via telephone or facsimile. SummaUp is not responsible for failing to comply with any Request for Removal of Minor Information that is incomplete, incorrectly labeled or incorrectly sent.

State Law Privacy Rights

California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at help@startsumma.com. 

Nevada Resident Rights

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by contacting us at help@startsumma.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.

Changes to this Privacy Policy

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time, but we will alert you to any such changes by placing a notice on the SummaUp website, by sending you an email and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect is subject to the Privacy Policy in effect at the time such information is collected.

Miscellaneous

We strive to use reasonable physical, technical and administrative measures to protect information under our control. However, you must keep your Account password secure and your Account confidential, and you are responsible for any and all use of your Account. If you have reason to believe that the security of your Account has been compromised, please notify us immediately in accordance with the "Contacting Us" section below.

When using the Service, you may choose not to provide us with certain information, but this may limit the features you are able to use or may prevent you from using the Service all together. You may also choose to opt out of receiving certain communications (e.g., newsletters, promotions) by emailing us your preference. Please note that even if you opt out, we may still send you Service-related communications. We do not currently respond to web browser "do not track" signals or other mechanisms that provide a method to opt out of the collection of information across the networks of websites and online services in which we participate. If we do so in the future, we will describe how we do so in this Privacy Policy. SummaUp may supplement, amend, or otherwise modify this Privacy Policy at any time. Such supplements, amendments and other modifications will be posted on this or a similar page of the Service, and shall be deemed effective as of the "Last Updated" date; provided, however, that SummaUp will notify you and/or require you to accept the updated Privacy Policy if the supplemented, amended or otherwise modified Privacy Policy implements material changes from SummaUp' then-current Privacy Policy. It is your responsibility to carefully review this Privacy Policy each time you visit, access or use the Service.

Contact Information:

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data or your choices and rights regarding such collection and use, please do not hesitate to contact us at:

Email: help@startsumma.com
Address: 519 W 22nd St Suite 300-59742, Sioux Falls, SD, 57105

SMS TERMS & CONDITIONS:

SMS Terms & Conditions: By subscribing to SummaUp, LLC SMS services, you agree to receive text messages from us. SummaUp, LLC will send SMS messages to communicate with customers on the status of the projects they have requested to provide a better overall customer experience. For HELP, please contact us at (415) 467-1021. To opt-out of receiving messages, reply with “STOP” at any time. Message frequency may vary. Standard message and data rates may apply.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the stated categories in this privacy policy exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties. End users can opt out of receiving further messages by replying STOP or ask for more information by replying HELP. Message frequency may vary. Message and data rates may apply.

Text / SMS Marketing

If you choose to opt-in to SMS communications from SummaUp, LLC, you will receive text messages at the mobile number you provide. These messages might be automated and might include promotional offers, coupons, and/or information related to SummaUp, LLC or our affiliated brands, as well information related to your orders and account. 

Consent to Receive Automated Messages

You understand that consent to receive automated messages is not a condition of purchase or use of SummaUp, LLC’s services Messages may include but not limited to, order confirmations, updates, and special offers.

 Frequency of Messages

Message frequency may vary based on your orders, account activity, and ongoing promotions. You will receive messages relevant to your transactions and occasional promotional updates.

Opt-Out and Support Options

You may opt out of receiving text messages at any time by texting "STOP". Upon receipt of your opt-out request, you will be unsubscribed and will no longer receive text messages from us. A confirmation message will be sent to confirm your that you have unsubscribed. Should you wish to re-subscribe, you may text "START" to receive SMS messages again. For assistance with the messaging service, text "HELP" or contact help@startsumma.com

Wireless Carrier Rates and Services Wireless message and data rates may apply. Wireless carriers are not liable for delayed or undelivered messages.

Confidentiality

 We will maintain the confidentiality of your mobile number. Your mobile number will not be shared with third parties for their own marketing purposes. However, for operational purposes, your name and mobile number may be shared with our service providers who assist in the delivery of our SMS communications. These providers use your personal information solely to carry out the services they provide to SummaUp LLC