Privacy policy

Mentavi, Inc.

Privacy Policy

Last updated November 1, 2025

Effective June 15, 2018

1. Who We Are & What This Covers

Mentavi’s Role: Mentavi, Inc. operates websites (www.adhdonline.com, www.mentavi.com) and provides administrative services to independent medical groups, including ADO Medical, P.C. (collectively, “Medical Groups”). We do not provide medical services. Medical Services: All medical care is provided by independent Medical Groups and their healthcare providers, who comply with HIPAA and maintain separate Notices of Privacy Practices governing your protected health information (PHI). This Policy Covers: Information Mentavi collects through our websites and services.

Scope and Audience:

This Privacy Policy applies only to Mentavi’s U.S.-based websites, mobile apps, and administrative services. Mentavi’s Services are intended for use by U.S. residents only. If you access our Services from outside the United States, you acknowledge and agree that your information will be transferred to and processed in the United States, which may not offer the same level of data protection as your home jurisdiction.

Agreement:

By using our Services, you agree to this Privacy Policy. If you disagree, please do not use our Services.

Age Requirement:

Our Services are not intended for anyone under 18. We do not knowingly collect information from minors. If you believe a child has provided information to us, contact us at [email protected] immediately.

Conflicts with HIPAA Notice of Privacy Practices:

If any terms of this Privacy Policy conflict with the HIPAA Notice of Privacy Practices governing PHI for your healthcare provider, the HIPAA Notice controls for PHI.

2. Information We Collect

“Personal Information” means information that identifies or could reasonably be linked to you.

We collect the following categories of information:

We Collect:

“Personal Information” means information that identifies or could reasonably be linked to you.

We collect the following categories of information, with examples of what that information may be:

• Identifiers: Name, email, address, phone number, date of birth, IP address, device ID

• Account & Payment: Username, password, credit card number, driver’s license, insurance information

• Health-Related: Medical conditions, medications, mental health assessment responses, health records (as needed for services)

• Characteristics: Age, race, sex, national origin, marital status, disability status, veteran status

• Biometric Data: Photos, voice recordings, psychological characteristics

• Usage Data: Device type, browser type, pages visited, interactions, timestamps

• Location Data: Physical location, time zone, geographic region

• Commercial Data: Services used, appointment history, purchase history

• Inferences: Preferences, service interests, or likely characteristics derived from other data

• Third-Party Sources: Information received from partners, referring clinics, advertising networks, or service providers

Future PHI: If we begin collecting PHI, we will only collect the minimum necessary and handle it according to HIPAA and applicable laws.

Social Logins Disclosure

If you choose to register or sign in using a social login (e.g., Google or Facebook), we receive the information you authorize those platforms to share with us.

3. How We Collect Information

A. Directly From You

When you register, schedule appointments, complete assessments, or contact us. We may also collect information when you subscribe to newsletters, respond to surveys, or participate in promotional activities.

B. Automatically – Cookie Consent Required

We Operate on Strict Opt-In Consent. Only essential cookies are active by default. All other tracking requires your explicit consent.

Cookie Management via CookieYes:

When you first visit our site, CookieYes (our consent management platform) presents you with cookie choices. You can update preferences anytime via “Cookie Settings” in the footer.

CookieYes collects: Your consent selections, timestamps, IP address, browser/device info for compliance purposes. Learn more: https://www.cookieyes.com/privacy-policy/

Cookie Categories

*Advertisement cookies are disabled by default for California, Nevada, Maryland, Colorado, and Washington residents per state restrictions.

Third-Party Tools We Use (With Your Consent)

All tools below activate ONLY after you consent to the relevant cookie category

Advertising Tracking Tools

Email: If marketing emails are sent, they may include tracking pixels to measure open rates and engagement. You can disable images in your email client to prevent tracking. 

Learn More:

• Google’s data practices: https://policies.google.com/privacy/partners

• Meta’s privacy policy: https://www.facebook.com/privacy/policy/

• Microsoft’s privacy policy: https://privacy.microsoft.com/privacystatement

Industry Opt-Outs:

• National Advertising Initiative: https://optout.networkadvertising.org/

• Digital Advertising Alliance: https://optout.aboutads.info/

Server-Side Tracking (Stape.io)

We use server-side Google Tag Manager hosted by Stape.io, a business associate of Mentavi Health, to process analytics and advertising data on our servers before sending to third-party platforms. Your browser sends data to our server, which forwards only data you’ve consented to share. Learn more: https://stape.io/privacy-policy

We retain server logs and error reports for security and troubleshooting purposes for a limited period, then delete or anonymize them.

Support Ticket Tracking (Zendesk)

We use Zendesk to manage support tickets from current and prospective patients. Zendesk serves as a business associate of Mentavi Health, assisting in the speedy and accurate processing workflow of inquiries. Zendesk cookies are classified as Necessary.  Learn more about Zendesk’s privacy here: https://www.zendesk.com/company/agreements-and-terms/privacy-notice/

C. Aggregated Data

We collect anonymized, aggregated information (e.g., total visitors, popular pages, general demographics) that cannot identify you individually. This data may be shared with partners, affiliates, or for research purposes.

4. Use of Artificial Intelligence (AI)

We use AI technologies to support certain operational and administrative functions. These systems assist in improving efficiency, enhancing user experience, and supporting clinical and administrative processes. AI is not used to diagnose, treat, or make clinical decisions about any individual’s health. All medical evaluations, diagnoses, and treatment recommendations are conducted exclusively by licensed healthcare professionals.

The AI tools serve only to assist and optimize workflows — such as the user-journey chatbot on the public site, data organization, appointment management, and communication support — to help deliver high-quality care efficiently. Mentavi and the Medical Groups monitor these systems to ensure data security, accuracy, and compliance with applicable privacy and health information laws.

5. How We Use & Share Information

How We Use Your Information:

• Provide Services: Account management, appointment scheduling, payments, customer support

• Improve Services: Analytics, research, testing, product development, performance monitoring

• Communicate: Appointment reminders, newsletters, marketing (with consent), service updates

• Administer: Support Medical Groups, website maintenance, administrative operations

• Advertise: Marketing campaigns, targeted ads (with consent), campaign measurement

• Legal/Safety: Comply with laws, prevent fraud, protect rights, enforce terms, respond to legal requests

• Security: Personalize content and user experiences and to maintain the security and integrity of our Services

How We Share Your Information:

We do not engage in cross-context behavioral advertising without user consent and do not knowingly share sensitive personal information except as legally permitted.

6. Your Privacy Rights & Choices

Manage Cookies & Tracking

• Cookie Settings: Click “Cookie Settings” in footer or manage via browser settings.

• Withdraw Consent: Change preferences anytime through the CookieYes platform. 

• Browser Controls: Block/delete cookies, enable “Do Not Track”, adjust privacy settings. Note: Blocking Necessary cookies may prevent site functionality.

We honor Global Privacy Control (GPC) signals as valid opt-out requests for sale/sharing of personal information.

Marketing Communications

• Email: Unsubscribe link in emails or email [email protected]
  SMS: Reply STOP to any text message

• Advertising: Disable ad cookies or use NAI/DAA opt-outs

Access, Correct, or Delete Your Data

Verification Required: We verify your identity before fulfilling requests by matching provided information with our records or via biometric verification.

• Send requests by emailing [email protected]

• Response time: 30 days – 45 days (state variations apply)

You have the right to limit the use and disclosure of sensitive personal information.

If we deny a privacy rights request, you may appeal our decision by contacting [email protected] with “Privacy Appeal” in the subject line. 

Note: Mentavi must retain certain patient data for up to 10 years in accordance with federal and state laws. 

7. State-Specific Privacy Rights

California, Nevada, Maryland, Colorado, and Washington Residents

Automatic Opt-Out: Advertisement cookies are disabled for residents of these states, regardless of consent, in compliance with state privacy laws regarding “sale” of Personal Information.

California Residents (CCPA/CPRA)

Additional Rights:

• Right to Know: Categories and specific Personal Information collected, sources, purposes, third parties shared with

• Right to Delete: Request deletion (subject to legal limitations)

• Right to Correct: Request correction of inaccurate information

• Right to Opt-Out: Opt out of “sale” or “sharing” for targeted advertising

• Right to Non-Discrimination: Same service and prices regardless of privacy choices

Authorized Agents: May submit requests on your behalf with written authorization.

California “Shine the Light” Law: Request information about disclosures to third parties for direct marketing by emailing [email protected] with “Shine the Light Request” in subject.

Additional Rights: May vary by state. Contact [email protected] for state-specific requests.

8. Security, Retention & Other Important Information

Security Measures

Technical: Encryption (in transit and at rest), secure servers, access controls, intrusion detection, regular security testing

Administrative: Limited access on need-to-know basis, employee training, background checks

Physical: Secure data centers, controlled access, environmental monitoring

Your Responsibility: Use strong passwords, keep credentials confidential, log out on shared devices, report suspected security issues immediately.

Important: No system is completely secure. We cannot guarantee absolute security. In case of a breach, we will notify affected individuals as required by law.

In the unlikely event of a data breach, we will notify affected individuals and regulators as required by law.

Data Retention

We retain Personal Information only as long as necessary for stated purposes or as required by law.

Data stored in backups may persist for limited periods until replaced per retention schedules.

All data is stored and processed in the United States. We do not transfer data internationally.

Links to Other Sites

Our Services may link to third-party websites not controlled by Mentavi. This Privacy Policy does not apply to those sites. We are not responsible for their privacy practices. Review their privacy policies before sharing information.

Changes to This Policy

We may update this Privacy Policy periodically. When we do:

• We’ll post the revised policy here

• Update the “Last Updated” date

• Provide additional notice for material changes (email, banner, etc.)

Your continued use after changes indicates acceptance. Review regularly to stay informed.

9. Contact Us

Mentavi, Inc.

Privacy Inquiries & Requests

We make it easy to exercise your privacy rights and contact us with questions.

• Online Form (Preferred) 

• Toll-Free Phone: 888-493-ADHD (2343)  (Mon–Fri, 9 AM–5 PM ET)

• Email: [email protected] (please include “Privacy Request” in subject line)

• Mail: Mentavi, Inc., Privacy Request, 625 Kenmoor Ave SE Ste 301, Grand Rapids, MI 49546
   

This Privacy Policy is effective as of the date above and supersedes all prior versions.