Sippa

Privacy Policy | Sippa

Privacy Policy

Effective May 15, 2026 · Last updated May 15, 2026

Sippa by Rhodes Med (“Sippa,” “Rhodes Med,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website, communicate with us, sign up for updates, interact with our advertising, or access links to our patient intake and patient management tools.

Sippa provides physician-led midlife and menopause medical care for adult women. We currently serve adult patients located in Utah.

This Privacy Policy applies to information collected through our website, including joinsippa.com, related landing pages, website forms, emails, texts, advertising, and other digital interactions that link to this Privacy Policy.

This Privacy Policy does not replace our Notice of Privacy Practices. Medical information created, received, maintained, or transmitted by Sippa or Rhodes Med in connection with your care may be protected health information under HIPAA and is addressed in our Notice of Privacy Practices.

1. Information We Collect

We may collect information directly from you, automatically through website technologies, and from third-party service providers.

Information you provide to us

You may provide information when you:

  • Visit our website
  • Click “Get Started”
  • Contact us by email, phone, text, website form, or another communication channel
  • Sign up for emails, newsletters, or marketing updates
  • Interact with our advertisements
  • Schedule or begin intake through Athena or another patient management system
  • Request information about Sippa services
  • Submit feedback, questions, or requests

The information you provide may include:

  • Name
  • Email address
  • Phone number
  • State of residence
  • Communication preferences
  • General questions or comments
  • Information you voluntarily include in messages to us
  • Marketing preferences
  • Appointment or intake-related information, if you choose to begin the patient process

Please avoid sending sensitive medical details through ordinary website contact forms or general email unless specifically directed to do so through a secure channel. Patient intake and medical communications should occur through Athena or another secure system provided by Sippa.

Information collected through Athena

Sippa uses Athena as its patient management system. If you begin intake, schedule a visit, complete forms, sign consents, communicate with the care team, or access patient services through Athena, the information you provide may be collected and processed through Athena.

Information collected through Athena may include health information, intake responses, demographic information, billing information, consent forms, clinical notes, prescriptions, lab information, and patient communications.

Information collected in connection with patient care may be subject to HIPAA and our Notice of Privacy Practices.

Information collected automatically

When you visit our website, we may automatically collect certain information, such as:

  • IP address
  • Browser type
  • Device type
  • Operating system
  • Pages viewed
  • Links clicked
  • Referring website
  • Date and time of visit
  • General location derived from IP address
  • Website interactions and usage patterns
  • Advertising and analytics identifiers
  • Cookies and similar technologies

We currently use Google Analytics and Google Ads. These tools may collect information about website activity and interactions for analytics, measurement, and advertising purposes.

We do not knowingly use tracking technologies to collect protected health information or transmit protected health information to advertising or analytics vendors. We do not intend to place advertising or analytics tracking on authenticated patient portal pages or Athena intake pages unless reviewed and approved for compliance.

Information from third parties

We may receive information from third-party service providers, such as:

  • Website hosting providers
  • Analytics providers
  • Advertising platforms
  • Email marketing platforms
  • SMS/text messaging providers
  • Scheduling or patient management systems
  • Payment processors
  • Pharmacy, lab, or clinical service partners, when applicable
  • Security, fraud prevention, and technical support providers

2. How We Use Information

We may use information for the following purposes.

To provide and support our services

We may use information to:

  • Respond to questions
  • Help you begin intake
  • Route you to Athena or another secure patient system
  • Schedule visits
  • Manage patient communications
  • Support care coordination
  • Process payments
  • Send administrative messages
  • Provide patient support
  • Improve access to Sippa services

To communicate with you

We may use your information, including through Athena or other approved communication systems, to send or support:

  • Appointment-related messages
  • Intake reminders
  • Account or patient portal reminders
  • Payment or membership-related messages
  • Service updates
  • Patient care communications
  • Refill or follow-up reminders
  • Email newsletters
  • Educational content
  • Marketing messages
  • SMS/text messages, if you provide consent or otherwise opt in

Some communications may be sent through Athena, our patient management system. Other communications may be sent through email, SMS/text messaging, website tools, or other service providers we use to operate Sippa.

You can unsubscribe from marketing emails using the unsubscribe link in the email. You may opt out of SMS/text messages by replying STOP, where supported, or by contacting us at [email protected].

Even if you opt out of marketing communications, we may still send non-marketing messages related to appointments, intake, patient care, billing, account status, legal notices, safety-related matters, or other transactional or healthcare-related purposes.

To improve our website and services

We may use information to:

  • Understand how visitors use our website
  • Improve website performance
  • Analyze marketing effectiveness
  • Troubleshoot technical issues
  • Develop new content, services, or patient resources
  • Improve user experience
  • Measure advertising campaigns

For advertising and marketing

We may use limited website interaction data to:

  • Measure Google Ads performance
  • Understand which campaigns bring visitors to the website
  • Improve landing pages
  • Show or measure relevant advertising
  • Avoid showing irrelevant messages where possible

We do not sell patient medical records. We do not use protected health information from Athena or other patient care systems for targeted advertising unless specifically permitted by law and authorized as required.

For legal, safety, and compliance purposes

We may use information to:

  • Comply with applicable laws and regulations
  • Protect patient safety
  • Detect, prevent, or investigate fraud, misuse, or security issues
  • Enforce our Terms of Use
  • Protect the rights, safety, and property of Sippa, Rhodes Med, patients, users, clinicians, and others
  • Maintain records as required by law
  • Respond to lawful requests, subpoenas, court orders, or government requests

3. How We Share Information

We may share information with the following categories of recipients.

Service providers and vendors

We may share information with vendors who help us operate our website, communications, marketing, analytics, patient management, payment processing, scheduling, security, and support functions. These may include:

  • Website hosting providers
  • Google Analytics
  • Google Ads
  • Email marketing providers
  • SMS/text messaging providers
  • Athena
  • Payment processors
  • IT and security providers
  • Customer support tools
  • Professional advisors

These vendors may only use information as permitted by their agreements with us and applicable law.

Clinical and operational partners

When clinically appropriate or necessary to provide services, information may be shared with:

  • Sippa clinicians
  • Medical advisors
  • Labs
  • Pharmacies
  • Compounding pharmacies
  • Payment processors
  • Patient management systems
  • Other healthcare providers involved in your care, when permitted

Health information shared for treatment, payment, and healthcare operations is addressed in our Notice of Privacy Practices.

Advertising and analytics partners

We may share limited website activity information with analytics and advertising partners, including Google Analytics and Google Ads, to understand website performance and measure advertising.

We do not intend to disclose protected health information to advertising or analytics partners. If we learn that tracking tools may collect information that could be considered sensitive health information or protected health information, we will evaluate and adjust our practices as appropriate.

Legal and safety disclosures

We may disclose information if we believe it is necessary to:

  • Comply with law
  • Respond to legal process
  • Cooperate with regulators or law enforcement
  • Protect patient safety
  • Prevent fraud or abuse
  • Protect our rights or property
  • Enforce our policies
  • Investigate security incidents

Business transfers

If Sippa, Rhodes Med, or part of our business is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, information may be transferred as part of that transaction, subject to applicable law.

4. Cookies, Analytics, and Advertising Technologies

Our website may use cookies, pixels, tags, scripts, and similar technologies. These technologies may help us:

  • Keep the website functioning
  • Understand visitor behavior
  • Measure traffic and performance
  • Improve website design
  • Measure advertising campaigns
  • Remember preferences
  • Prevent fraud or misuse

You can control cookies through your browser settings. Some website features may not work properly if cookies are disabled.

We currently use Google Analytics and Google Ads. Google may use cookies and similar technologies to collect or receive information from our website and elsewhere on the internet to provide measurement services and advertising features.

5. Health Information and HIPAA

Some information collected through Sippa or Rhodes Med may be protected health information under HIPAA. Protected health information is handled in accordance with HIPAA and our Notice of Privacy Practices.

Examples of information that may be protected health information include:

  • Patient intake information submitted through Athena
  • Medical history
  • Symptoms
  • Treatment plans
  • Prescriptions
  • Lab results
  • Clinical notes
  • Patient portal communications
  • Billing information related to healthcare services

Our website may also collect non-HIPAA information, such as general website analytics, marketing preferences, or general contact requests. However, health-related information can be sensitive even when it is not protected health information under HIPAA.

We aim to treat health-related information with care and to limit collection, use, and disclosure to appropriate purposes.

6. Text Messages and Email Communications

If you provide your phone number or opt in to text messaging, Sippa may send SMS/text messages related to:

  • Intake
  • Scheduling
  • Appointment reminders
  • Patient portal reminders
  • Care coordination
  • Payment or membership reminders
  • Service updates
  • Marketing messages, if you have opted in or where otherwise permitted

Message and data rates may apply. Message frequency may vary.

You may opt out of text messages by replying STOP, where supported, or by contacting [email protected]. You may request help by replying HELP, where supported.

SMS/text messaging may not be fully secure. Please avoid sending sensitive medical information by ordinary text message unless specifically directed through a secure system.

If you sign up for emails or newsletters, we may send educational or promotional emails. You may unsubscribe from marketing emails at any time using the unsubscribe link in the email.

7. Payment Information

If you make a payment, payment information may be processed by a third-party payment processor. We do not intend to store full payment card information on our website.

Payment processors may collect and process your payment information according to their own privacy and security practices.

8. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, loss, misuse, disclosure, alteration, or destruction.

No website, internet transmission, email, text message, or electronic storage system is completely secure. We cannot guarantee absolute security.

If you believe your information may have been compromised, please contact us at [email protected].

9. Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

  • Provide services
  • Maintain records
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements
  • Support patient care
  • Maintain business records
  • Improve website and service operations

Medical records and patient information may be retained according to applicable healthcare record retention laws and professional requirements.

10. Your Choices and Privacy Rights

Depending on where you live and applicable law, you may have rights to:

  • Request access to certain personal information
  • Request correction of inaccurate information
  • Request deletion of certain information
  • Opt out of certain marketing communications
  • Opt out of certain targeted advertising or cookie-based tracking
  • Request information about categories of information collected, used, or shared
  • Withdraw consent where processing is based on consent

To make a privacy request, contact us at [email protected].

We may need to verify your identity before responding. Some information may be exempt from deletion or access requests, including information we must keep for legal, medical, compliance, billing, security, or recordkeeping reasons.

If your request relates to protected health information or medical records, it may be handled under HIPAA and our Notice of Privacy Practices.

11. Utah and State Privacy Notices

Sippa currently serves adult patients in Utah.

Certain state privacy laws may provide additional rights if they apply to us or to your information. If applicable, we will honor legally required privacy rights.

We do not intend to sell personal information. We may use advertising and analytics technologies that some privacy laws may define as targeted advertising or sharing. You may contact us at [email protected] to ask about available opt-out choices.

12. Children’s Privacy

Sippa services are intended for adults only.

Our website and services are not directed to children or minors. We do not knowingly collect personal information from individuals under 18. If we learn that we have collected personal information from a minor without appropriate authorization, we will take steps to delete it or otherwise address it as required by law.

13. Third-Party Websites and Services

Our website may link to third-party websites or services, including Athena, payment processors, labs, pharmacies, email platforms, or other tools.

We are not responsible for the privacy practices of third-party websites or services that we do not control. Please review the privacy policies of those third parties.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we update it, we will revise the “Last Updated” date above.

If changes are material, we may provide additional notice, such as by posting a notice on our website or contacting you through available communication channels.

Your continued use of the website after changes are posted means you acknowledge the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or your privacy choices, please reach out.

Sippa by Rhodes Med [email protected]