Last revised: August 2025
Purpose. The purpose of this Privacy Policy is to describe how Mend VIP, Inc. (“Mend”) collects, uses and shares information about you through our U.S. online interfaces (e.g., websites and mobile applications) owned and controlled by us, including the websites located at mend.com, portal.mend.com, and portal.mendfamily.com (collectively referred to herein as the “Site”). Please read this Privacy Policy carefully to understand what we do. If you do not understand any aspects of our Privacy Policy, please feel free to contact us using the methods described at the end of this Policy.
Information You Submit to Your Healthcare Provider. Mend is a technology company. Mend is not a healthcare provider. Mend is not affiliated with any healthcare provider. Mend does not provide any healthcare services, medical advice, diagnosis, treatment or endorsements, or recommendations with respect to any healthcare providers, services, products, or treatments.
When you use Mend’s Site to interact with your healthcare provider, the information you provide is subject to confidentiality obligations contained in the agreement between Mend and the healthcare provider, which includes or incorporates confidentiality obligations imposed by applicable law. All such information is used by Mend strictly in the manner authorized by your healthcare provider, including for the purpose of permitting you to interact with or make payment to your Provider and for such other purposes as your Provider may authorize in its agreement with Mend. Nothing contained in this Privacy Policy shall permit Mend to make use of such information in any other way. Your communications with your healthcare provider through the Site are kept secure by Mend using measures designed to comply with applicable privacy regulations.
This Privacy Policy is the privacy policy of Mend and not the privacy policy of any healthcare provider or other third party. Mend is not responsible for the privacy policies or privacy practices of healthcare providers that you interact with using our Site. Please consult the separate privacy policies and/or notices of privacy practices provided to you by those healthcare providers for a description of how they use your information.
Other Information Mend Collects. This Privacy Policy applies to information Mend collects at and through the Site that is not collected for purposes of your interactions with healthcare providers (including information collected when you use the Site before or after your interaction with a healthcare provider, create or modify your Mend account, register to use Mend Services, purchase products or services from Mend, request information from Mend, contact Mend customer support, or otherwise communicate with Mend). This Privacy Policy may permit the collection or use of your personal information in ways not permitted under the confidentiality obligations contained in agreements between Mend and health care providers or the protections provided under laws and regulations with respect to health care records.
Third-Party Sites. Our Site also contains links to third-party sites that are not owned or controlled by Mend. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our Site and to read the privacy statements of each and every website that collects personal information.
Terms of Use. Please note that your use of our Site is also subject to our Terms of Use.
Information You Provide to Us. When you use our Site for purposes other than interacting with a healthcare provider, we may collect the following information:
Payment Information. Payments to healthcare providers may be facilitated through the Site. In addition, products and services may be offered for purchase within the Site. We use a third-party service for payment processing. Currently, payments are processed through the Site using the Authorize.Net payments platform. We will not store or collect your payment card details. That information is provided directly to our third-party payment processor whose use of your personal information is governed by its privacy policy. Payment processors are required to adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
Information Collected Through Cookies and Similar Technologies. We, our service providers, and our advertising partners use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our Site through your computer or mobile device. A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the Site again, the cookie allows the Site to recognize your browser. Cookies may store unique identifiers, user preferences, and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some Site features or services may not function properly without cookies. We use cookies to improve the quality of our service, including storing user preferences, tracking user trends, and providing relevant advertising to you. (See, “Advertising” below.) Cookies related to marketing and advertising purposes are not used in those portions of the Site dedicated to your interaction with healthcare providers.
To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads on our Site, but they will not be based on how you browse.
We use the following third-party technologies in connection with our website and services:
Google Analytics (Universal Analytics): Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our services. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Google Fonts: Google Fonts is a typeface visualization service provided by Google LLC that allows us to incorporate content of this kind on our pages. This service collects usage data and various types of data as specified in Google’s privacy policy. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Google Tag Manager: Google Tag Manager is a tag management service provided by Google LLC. The service uses trackers to manage and deploy marketing tags. In order to understand Google’s use of data, consult their partner policy: https://www.google.com/policies/privacy/partners/ and their Business Data page. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
HubSpot Analytics: HubSpot provides analytics and tracking services to help understand website visitor behavior and improve user experience. The service collects data about how visitors interact with our website. For more information about HubSpot’s privacy practices, please visit their Privacy Policy: https://legal.hubspot.com/privacy-policy
HubSpot Banner/Advertising: HubSpot provides marketing automation and advertising banner services. This service may track user interactions with marketing content and advertisements. For more information about HubSpot’s privacy practices, please visit their Privacy Policy: https://legal.hubspot.com/privacy-policy
HubSpot Ads Pixel: HubSpot Ads Pixel is a tracking tool that helps measure the effectiveness of advertising campaigns and provides insights into user behavior after clicking on ads. For more information about HubSpot’s privacy practices, please visit their Privacy Policy: https://legal.hubspot.com/privacy-policy
HubSpot Forms: HubSpot Forms is a form management service provided by HubSpot that allows us to collect user information through web forms. Data collected through these forms may include contact information and other details you voluntarily provide. For more information about HubSpot’s privacy practices, please visit their Privacy Policy: https://legal.hubspot.com/privacy-policy
LeadManager FX: LeadManager FX is a lead generation and management tool that may track visitor behavior and help qualify potential leads. This service may collect information about your interactions with our website for sales and marketing purposes.
Microsoft Advertising: Microsoft Advertising is an advertising service provided by Microsoft Corporation. This service collects trackers and usage data to provide targeted advertising. For more information about Microsoft’s privacy practices and to opt-out of personalized advertising, please visit: https://account.microsoft.com/privacy/ad-settings/
NextRoll: NextRoll is an advertising service provided by NextRoll, Inc. NextRoll performs a hash of the user’s email address in order to serve targeted advertising to other devices connected to them (i.e., cross-device tracking). This service collects trackers, usage data, device information, purchase history, and unique device identifiers for advertising. You can opt-out of NextRoll’s advertising by visiting: https://www.nextroll.com/privacy. For more information on NextRoll’s privacy practices, please visit their Privacy Policy: https://www.nextroll.com/privacy
Omniconvert: Omniconvert is a conversion rate optimization and website personalization platform that may track user behavior to help improve website performance and user experience. For more information about their privacy practices, please visit Omniconvert’s Privacy Policy.
Salesforce: Salesforce is an advertising service provided by Salesforce.com, Inc. This service collects trackers and usage data for advertising purposes. For more information about Salesforce’s privacy practices, please visit their Privacy Policy: https://www.salesforce.com/company/privacy/
Sentry: Sentry is a monitoring service provided by Functional Software, Inc. that helps us monitor application performance and identify errors. This service collects various types of data as specified in their privacy policy to provide infrastructure monitoring. For more information about Sentry’s privacy practices, please visit their Privacy Policy: https://sentry.io/privacy/
Information from Children Under Age 13. If you are under the age of 13, please do not attempt to register with us at this Site or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 13, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 13, please Contact Us or call us at 866-934-2618. Interactions between a healthcare provider and a child under the age of 13 using the Site are subject to the policies of the healthcare provider.
To Provide Products, Services, and Information. When you visit the Site for purposes other than interacting with your healthcare provider, we may collect information from you in order to provide products and services that you access or purchase using the Site and to provide information that you request from us. We use such personal information to contact you about your orders, process credit card and debit card transactions, and ship products to you. We may send you promotional materials or advertisements about our products and services, as well as new features and offerings.
Sharing with Third Parties. We may provide information to third-party service providers that help us operate and manage our Site. These service providers will have access to your personal information in order to provide these services, but when this occurs we implement reasonable contractual and technical protections to limit their use of that information to helping us provide the service.
Disclosure of De-identified Data. Mend may use or disclose de-identified data in some instances. Mend either maintains such data without attempting to re-identify it or treats such data as personal information subject to applicable law.
Advertising. We may use how you browse and use the parts of our Site that are not used for your interactions with healthcare providers in order to show you ads for Mend or our advertising partners that are more relevant to your interests. We may use cookies and other information to provide relevant interest-based advertising to you. Interest-based ads are ads presented to you based on your browsing behavior in order to provide you with ads more tailored to your interests. These interest-based ads may be presented to you while you are browsing our site or third-party sites not owned by Mend.
We belong to ad networks that may use your browsing history across participating websites to show you interest-based advertisements on those websites. Currently, our Site does not recognize if your browser sends a “do not track” signal or a similar mechanism to indicate you do not wish to be tracked or receive interest-based ads. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt-out, you will continue to see ads on our Site, but they will not be based on how you browse.
No Sale of Personal Information. Mend does not sell any personal information that has not been de-identified.
Text Message Information. No information you transmit to us by text message will be shared with third parties or affiliates for marketing or promotional purposes. All categories of information we may share with third parties or affiliates exclude any opt-in or consent you may provide when interacting with us by text messaging, and this information will not be shared with any third parties or affiliates.
Your Consent. In addition to the sharing described elsewhere in this Policy, we will share personal information with companies, organizations or individuals outside of Mend when we have your consent to do so.
Legal Proceedings. Subject to the confidentiality obligations in place with your healthcare provider and applicable laws protecting the privacy of healthcare information, we will share personal information with third-party companies, organizations, or individuals outside of Mend if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
Transfer in the Event of Sale or Change of Control. If the ownership of all or substantially all of our business changes or we otherwise transfer assets relating to our business or the Site to a third party, such as by merger, acquisition, bankruptcy proceeding, or otherwise, we may transfer or sell your personal information to the new owner. In such a case, unless permitted otherwise by applicable law, your information would remain subject to the promises made in the applicable privacy policy unless you agree differently.
You can access and update certain information we have relating to your online account by signing into your account and going to the Mend Portal section of our Site. If you have questions about the personal information we have about you or need to update your information, you can Contact Us or call us at 866-934-2618. You can opt out of receiving marketing and promotional e-mails from Mend by using the opt-out or unsubscribe feature contained in the e-mails.
You can close your online account by Contacting Us. If you close your account, we will no longer use your online account information or share it with third parties. We may, however, retain a copy of the information for archival purposes, and to avoid identity theft or fraud.
We use industry-standard physical, technical, and administrative security measures and safeguards to protect the confidentiality and security of your personal information. These measures include encryption of information transmitted while using the Site to interact with your healthcare provider. Please note that, while communications with your healthcare provider using the Site are encrypted, e-mails and other communications you send to us through our Site may not be encrypted, and we strongly advise you not to communicate any confidential information through these means. It is your responsibility to protect the security of your login information.
Mend has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not received an “adequacy” finding from the European Union under Article 45 of the GDPR. We limit the transfer of personal information from the European Economic Area (EEA) to specific situations set forth in Article 49 of the GDPR. Specifically, we collect and transfer your personal data to the U.S. only with your consent, to perform a contract with you, or to fulfill a compelling legitimate interest in a manner that does not outweigh your rights and freedoms. By providing personal information to us, you are consenting to its transfer, storage, and use in the U.S. as described herein. We apply suitable safeguards to protect the privacy and security of personal data and to use it only as described in this privacy policy.
If you are a resident of certain states, the collection and use of your personal information may be subject to comprehensive state privacy laws. These laws generally do not apply to information collected for purposes of your interactions with healthcare providers.
States with Comprehensive Privacy Laws. As of 2025, the following states have enacted comprehensive consumer data privacy laws: California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia. Additional states continue to consider similar legislation.
Healthcare Provider Interaction Exception. The state privacy laws referenced above generally do not apply to information collected for purposes of your interactions with healthcare providers through our Site. This information remains subject to HIPAA protections and the confidentiality obligations described elsewhere in this Privacy Policy.
Your Rights Under State Privacy Laws. If a state privacy law is applicable to your use of the Site, you may have the following rights regarding your personal information:
Special Protections for Sensitive Data. Most state privacy laws provide enhanced protections for “sensitive personal data,” which may include information about health, race, religion, sexual orientation, precise geolocation, and other categories specified by state law. Mend does not solicit or collect sensitive personal information of this kind through the portions of our Site that are not used for healthcare provider interactions. Any health-related information you provide when interacting with your healthcare provider through our Site is subject to the confidentiality protections described in the “Information You Submit to Your Healthcare Provider” section above, rather than these state privacy law provisions.
Children’s Data. All state privacy laws classify children’s data (individuals under 13) as sensitive personal data requiring special protections. Some states, including New Jersey and Maryland, impose additional restrictions on the processing of personal data from minors (individuals between ages 13-17) for purposes such as targeted advertising.
How to Exercise Your Rights. Residents of states with applicable privacy laws can exercise their rights by sending a request by email to bestservice@mend.com or by writing to us at the physical address provided below. We will need to verify your identity and state of residence before fulfilling your request. You will not be denied goods or services for exercising any of these rights.
Processing Timeline. We will endeavor to process requests within the timeframe required by applicable state law, typically within 30 days. We will contact you if we need additional information regarding your request. Complex requests may take longer to process depending upon their nature and scope.
Note for Non-Residents. Even if you are not a resident of a state with a comprehensive privacy law, you may submit a privacy request and we will process it in a manner consistent with this policy to the extent feasible.
Our Privacy Policy may change from time to time. It will not, except as you otherwise consent, change in a way that reduces your rights under this Privacy Policy with respect to personal information collected before the changes take effect. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.
If you have any questions, concerns, complaints or suggestions regarding our Privacy Policy or otherwise need to contact us, please Contact Us, email us at bestservice@mend.com, call us at 866-934-2618, or contact us by US postal mail at the following address:
Mend VIP, Inc. 4767 New Broad St. Orlando, FL 32814