Overview
NU Health Medical Wellness (“NuHealth,” “we,” or “us”) operates the website at nuhealthwellness.co and provides telehealth and in-person medical services in Michigan, Florida, Alabama, and Mississippi from our clinic at 30301 Woodward Ave, Suite 240, Royal Oak, MI 48073.
This Privacy Policy explains how we handle information collected through this website — including the health-assessment quiz, contact forms, and analytics — for visitors and prospective patients.
Important — HIPAA vs. this Policy. Once you become a patient, the health information your provider creates (visit notes, lab results, prescriptions, plan-of-care details) is Protected Health Information (PHI) governed by HIPAA. That information is covered by our HIPAA Notice of Privacy Practices, which controls in any conflict with this general Privacy Policy.
Information we collect
Information you give us directly
- Contact details— first name, last name, email address, phone number, and biological sex when you complete the assessment quiz.
- Health-related responses— the answers you choose in the assessment quiz (e.g., weight-loss goals, symptom screeners, medication history). These help our providers determine whether you may be a candidate for a program.
- Booking details— if you schedule a consultation, that flow runs through Decoda Health; we receive your booking confirmation and appointment status.
- Correspondence— if you email, call, or message us, we keep a record of the communication and our reply.
Information collected automatically
- Device & usage data— browser type, operating system, screen size, referring URL, pages viewed, time on page, approximate location (city/region inferred from IP).
- Cookies and similar technologies— small files stored in your browser to measure traffic, remember preferences (like dismissing the cookie banner), and attribute advertising performance. See Advertising & analytics below.
- Marketing identifiers— UTM parameters (e.g., utm_source, utm_campaign) and click identifiers (e.g., gclid, fbclid) that may be present in the URL when you arrive.
How we use your information
- To deliver the services you requested. Returning your assessment results, scheduling consultations, processing follow-ups from our care team.
- To communicate with you. Confirmation emails, appointment reminders, account notices, replies to your inquiries.
- To improve the site and our programs. Aggregated analytics to understand which pages are useful, where visitors drop off, which content drives qualified leads.
- To run our advertising responsibly. Measure which ad sources produce real consultations, so our budget supports formats and channels that work.
- To meet our legal obligations. Recordkeeping for healthcare regulation, tax, and audit purposes, including LegitScript certification compliance.
- To protect the site. Detect fraudulent submissions, abuse, and security threats.
Advertising & analytics technologies
We use the following technologies to understand site performance and measure ad effectiveness:
Google Analytics 4 (GA4)
Google Analytics measures how visitors use our site (pages viewed, time on page, traffic sources). It uses cookies and similar identifiers. We do not send identifiable health information to Google Analytics. You can opt out using the Google Analytics opt-out browser add-on.
Google Ads conversion tracking
When you arrive at the site from a Google ad and complete a meaningful action (e.g., starting or submitting the assessment), Google Ads records that conversion so we can measure campaign performance. This uses cookies and click identifiers (gclid).
Meta Pixel (Facebook / Instagram)
We use the Meta Pixel and Meta’s Conversions API to measure ad performance and reach people who may benefit from our programs. When you submit the assessment, we send a hashed (one-way encrypted) copy of your email and phone to Meta along with the event, which Meta uses to confirm the conversion and improve ad targeting. We do not send the content of your health responses to Meta. You can manage Meta’s ad personalization in your Facebook and Instagram account settings.
Google Tag Manager (GTM)
GTM is a container that loads the analytics and advertising tags above. It does not collect information on its own.
You can control non-essential cookies by adjusting your browser settings, by using the industry-wide opt-out tools at the Network Advertising Initiative and Digital Advertising Alliance, or by submitting a request as described in State-specific privacy rights below.
Your choices
- Email and SMS. Every marketing email includes an unsubscribe link. SMS messages include a STOP keyword to opt out. Transactional messages tied to your care (e.g., appointment confirmations) may continue after marketing opt-out.
- Browser controls. You can clear or block cookies in your browser settings. Blocking some cookies may break parts of the site.
- Do Not Track.Our site does not currently respond to browser “Do Not Track” signals, because there is no industry-wide standard for what compliance means. We do honor the Global Privacy Control (GPC) signal where required by state law — see below.
State-specific privacy rights
California (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what categories of personal information we collect, use, and disclose.
- Request a copy of the specific personal information we hold about you.
- Request that we delete personal information we collected from you, subject to limited exceptions.
- Request correction of inaccurate personal information.
- Opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising (we do not sell, but see the dedicated section below).
- Be free from retaliation for exercising any of these rights.
To exercise any of these rights, email info@nuhealthwellness.cowith the subject line “California Privacy Request” and a brief description of your request. We will verify your identity using information already on file before fulfilling sensitive requests.
Colorado, Connecticut, Virginia, Utah, and other state laws
Residents of states with comprehensive privacy laws have rights similar to California’s — access, deletion, correction, and opt-out of targeted advertising. To exercise your rights, use the same contact above and identify your state of residence.
Authorized agents
You may designate an authorized agent to submit a request on your behalf. We will ask for written confirmation from you that the agent is authorized, and we may verify your identity directly.
Appeals (where applicable)
If we decline your request, you may appeal by replying to our decision. We will respond to appeals within the timeframe required by your state’s law.
Do Not Sell or Share My Personal Information
We do not sell personal information for money.However, our use of the Meta Pixel and similar cross-context advertising tools may qualify as “sharing” under California’s CPRA. You have the right to opt out of this sharing.
To opt out, you can do one of the following:
- Email info@nuhealthwellness.co with the subject line “Do Not Sell or Share” from the address associated with your account or quiz submission.
- Enable the Global Privacy Control (GPC) signal in a supporting browser. We treat a GPC signal as a valid opt-out request under California law.
- Decline non-essential cookies via the cookie banner that appears on your first visit, or re-open it from the link in our website footer.
How long we keep information
We keep personal information only as long as needed for the purpose it was collected, to comply with our legal obligations, to resolve disputes, and to enforce our agreements. Specifically:
- Quiz lead records: retained while we may still be in contact with you about a consultation, then deleted on request or after a reasonable inactivity window.
- Clinical records: kept per Michigan and federal medical-records retention requirements (generally 7 years from the date of service, longer for minors).
- Marketing analytics: aggregated, de-identified usage data is kept indefinitely for trend analysis.
How we protect your information
We use commercially reasonable physical, electronic, and administrative safeguards, including:
- HTTPS / TLS encryption for all data transmitted between your browser and our site.
- Encryption at rest for our database (Neon Postgres) and admin systems.
- Role-based access controls so only authorized staff can view sensitive records.
- Regular review of vendors that process information on our behalf.
No system is perfectly secure. If we become aware of a security incident that affects your personal information, we will notify you as required by applicable law.
Children’s privacy
NuHealth’s services are for adults age 18 and older. We do not knowingly collect personal information from children under 13, and our marketing is not directed at children. If you believe a child has provided us information, please contact us and we will delete it.
Changes to this policy
We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of the page. Material changes will be communicated more prominently — for example, by an in-site notice or by email if we have your address.
Contact us
For privacy questions or to exercise any of the rights described above, contact us:
NU Health Medical WellnessAttn: Privacy
30301 Woodward Ave, Suite 240
Royal Oak, MI 48073
info@nuhealthwellness.co · (248) 677-3232
Related policies