Track 3 platforms and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is the privacy policy for Hims & Hers Health, Inc., covering personal data collected across the hims.com and forhers.com platforms, including telehealth consultations, prescription services, and consumer wellness products. The policy authorizes collection of health and medical information, sexual orientation data, financial information, precise geolocation, device identifiers, and behavioral data, and discloses sharing of certain data with advertising and analytics partners in ways that may qualify as a sale or sharing of personal information under California law. The policy separately states that information processed through its HIPAA-covered clinical operations is governed by a distinct Notice of Privacy Practices, meaning health data processed in a clinical context may be subject to different protections and disclosure rules than consumer data collected through the broader platform.
This document is the privacy policy of Hims & Hers Health, Inc., governing collection, use, and disclosure of personal information across its telehealth platform, e-commerce services, and affiliated brands, with stated legal bases including consent, contractual necessity, and legitimate interests depending on jurisdiction. The policy states the company collects identifiers (name, email, phone, address), financial information (payment card data), health and medical information submitted through intake forms and provider consultations, device and usage data, precise geolocation, inferences drawn from user behavior, and sensitive personal information including sexual orientation and health conditions. The policy discloses sharing of personal data with advertising and analytics partners, including through pixel technologies and cookies that may constitute a 'sale' or 'sharing' of personal information under California law, and separately asserts that health information submitted through clinical workflows may be governed by HIPAA where applicable, though the boundary between HIPAA-covered and non-HIPAA-covered data flows is not uniformly specified throughout the document. The policy engages HIPAA, CCPA/CPRA, and state consumer health data statutes such as Washington's My Health MY Data Act, and acknowledges California residents' rights to know, delete, correct, and opt out of sale or sharing; compliance exposure is heightened by the dual nature of Hims & Hers as both a consumer brand and a telehealth entity, creating intersecting federal health privacy obligations and state consumer privacy obligations. The document provides opt-out mechanisms for targeted advertising and data sale, offers California-specific rights request procedures, and references a Notice of Privacy Practices for HIPAA-covered information.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Get ComplianceMonitoring
Hims & Hers has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Get ComplianceCross-platform context
See how other platforms handle Advertising Pixel Data Sharing as Potential CCPA Sale or Sharing and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.