Last updated: 1 May 2025
Notice of Privacy Practices
Pandora Biosciences Inc. (d/b/a “Pandora Health”)
Effective Date: [Month Day, 2025]
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice applies to Pandora Biosciences Inc. and all of its affiliated professional entities and business units that operate under the trading name Pandora Health (collectively, “Pandora Health,” “we,” “our,” or “us”). Our services include—but are not limited to—home-collected gut test kits, telehealth consultations with licensed clinicians, AI-powered symptom analysis, personalized care plans, digital health coaching, community forums, and related wellness products and research activities.
Pandora Health is required by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and applicable state law to maintain the privacy of your protected health information (“PHI”), to give you this Notice of our legal duties and privacy practices, and to abide by the terms of the Notice that is currently in effect.
We may use or disclose your PHI for the following purposes:
| Purpose | Examples |
|---|---|
| Treatment | Sharing lab results with a Pandora Health Gut Guru health coach or a physician so they can tailor nutritional or medication recommendations. |
| Payment | Submitting claims to your health-plan or processing your credit-card payment for a service, consultation session, webinar, gut test kit or other product. |
| Health-Care Operations | Quality-improvement analytics on anonymized visit transcripts to enhance our AI decision-support engine. |
| As Required by Law | Reporting certain communicable-disease findings to public-health authorities. |
| Individuals Involved in Your Care | With your permission, discussing care plans with a caregiver or family member assisting you. |
| Business Associates | Allowing a secure cloud-hosting vendor to store encrypted visit recordings under a Business Associate Agreement (BAA). |
We may also disclose PHI for public-health activities, health-oversight reviews, organ-donation efforts, workers’-compensation claims, law-enforcement requests, subpoenas or court orders, and certain specialized government functions.
Except for the situations listed above, we will not use or disclose your PHI—especially for marketing purposes or any sale of PHI—without your prior written authorization. You may revoke an authorization at any time by emailing us at [email protected], except to the extent we have already relied on it.
We may remove identifiers from your PHI so that the remaining information cannot reasonably identify you. Once de-identified, the information is no longer PHI and may be used or disclosed for research, benchmarking, product development, or other purposes permitted by law.
You have the right to:
Request Restrictions on certain uses or disclosures. We will try to honor reasonable requests, although we are not required to do so in all cases.
Receive Confidential Communications at an alternate address, phone number, or email you specify.
Inspect and Obtain Copies of your PHI, including an electronic copy if readily producible.
Request an Amendment of PHI you believe is inaccurate or incomplete.
Receive an Accounting of Disclosures of PHI made in the prior six years (excluding disclosures for treatment, payment, operations, and certain other exempt categories).
Obtain a Paper Copy of this Notice upon request.
Choose Someone to Act for You (e.g., a medical power of attorney).
To exercise any of these rights, please email [email protected] or write to:
Pandora Health – Privacy Office
1309 Coffeen Avenue, STE 1200
Sheridan, WY 82801
