Privacy Policy
Privacy Policy
Effective date: May 5, 2025
Effective date: May 5, 2025
Our Commitment to Your Privacy
At DirectOD, safeguarding your privacy is a core part of how we do business. We are committed to handling your personal information with integrity, transparency, and in full compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), and others.
This Privacy Policy explains how we collect, use, store, and share your personal data when you interact with our website, platform, and services. By using the DirectOD platform, you consent to the practices described in this Policy.
If you have any questions or requests, contact us at admin@directod.com.
Scope of This Policy
This Privacy Policy applies to:
Information We Collect
We may collect the following categories of personal information:
We collect this information directly from you, your practice, or automatically through our website and tools such as Google Analytics or other integrated services.
How We Use Your Information
We use your information for the following business purposes:
Cookies and Tracking Technologies
We use cookies and similar technologies (such as web beacons and pixels) for:
How We Share Personal Information
DirectOD does not sell personal information for monetary gain. However, we may disclose your data in the following scenarios:
Third-Party Links and Integrations
Our website or platform may contain links to third-party websites or tools. DirectOD is not responsible for the privacy practices, content, or security of those third-party services. We encourage you to review their privacy policies before providing any personal information.
Data Transfers Outside the United States
Our platform is designed for users within the United States. If you access the Services from outside the U.S., please be aware that your information may be transferred to and processed in the United States, where privacy laws may be less stringent than those in your jurisdiction.
HIPAA and Medical Privacy
DirectOD is not a covered entity under HIPAA. However, when acting as a service provider to healthcare practices, we may receive limited protected health information (PHI) in connection with membership plan administration. We maintain strict controls and access limitations around such data and comply with all applicable healthcare privacy obligations as required by law or business associate agreements (BAAs).
Data Security and Retention
We use administrative, technical, and physical safeguards to protect your data, including:
Your Rights Under U.S. Privacy Laws
Depending on your state of residence, you may have the following rights:
Children’s Privacy
DirectOD does not knowingly collect personal data from children under 13. If we become aware that such information has been submitted, we will take prompt steps to delete it. If you believe we may have collected data from a child under 13, please contact us immediately.
Business Continuity and Ownership Changes
In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to a successor entity. Any acquiring party will be bound by the terms of this Privacy Policy or one with equivalent protections.
Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Your continued use of our Services after changes are posted constitutes your acceptance of those changes.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
DirectOD LLC
#1010, 2321 Sir Barton Way, Suite 140
Lexington, KY 40509
admin@directod.com
https://directod.com
At DirectOD, safeguarding your privacy is a core part of how we do business. We are committed to handling your personal information with integrity, transparency, and in full compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), and others.
This Privacy Policy explains how we collect, use, store, and share your personal data when you interact with our website, platform, and services. By using the DirectOD platform, you consent to the practices described in this Policy.
If you have any questions or requests, contact us at admin@directod.com.
Scope of This Policy
This Privacy Policy applies to:
- Visitors to our website (https://directod.com)
- Independent eye care providers and their staff who use DirectOD
- Patients enrolled in a vision membership plan administered through DirectOD
Information We Collect
We may collect the following categories of personal information:
| Category | Examples |
|---|---|
| Contact Data | Name, email address, phone number, mailing address |
| Patient Enrollment Data | Birthdate, plan selections, eligibility, transaction history |
| Payment Data | Card type, last four digits, payment activity (via JP Morgan Chase Bank) |
| Account & Usage Data | Login activity, IP address, session timestamps |
| Device & Technical Data | Browser type, device type, operating system, geolocation |
| Marketing & Analytics Data | Referral sources, ad engagement, cookie identifiers |
| Communication Records | Emails, chats, support tickets, survey responses |
We collect this information directly from you, your practice, or automatically through our website and tools such as Google Analytics or other integrated services.
How We Use Your Information
We use your information for the following business purposes:
- To operate, manage, and maintain your vision membership plan
- To enroll patients and administer recurring renewals
- To communicate with you about your account or services
- To process and confirm payments securely
- To detect and prevent fraud, abuse, or security issues
- To generate performance reports and optimize platform functionality
- To comply with applicable laws and contractual obligations
- To send relevant product updates, practice resources, or marketing (with your consent)
Cookies and Tracking Technologies
We use cookies and similar technologies (such as web beacons and pixels) for:
- Essential functionality – keeping your session active and secure
- Analytics – measuring traffic and user behavior across our site
- Advertising – delivering relevant promotions and retargeting users
How We Share Personal Information
DirectOD does not sell personal information for monetary gain. However, we may disclose your data in the following scenarios:
- With service providers such as JP Morgan Chase Bank (for payment processing), Amazon Web Services (hosting), and analytics or email platforms that support our operations
- With your healthcare provider, if you are a patient enrolled in a membership plan
- With marketing and advertising partners, to improve engagement (in compliance with opt-out laws)
- To comply with legal obligations, such as subpoenas, court orders, or regulatory inquiries
- As part of a business transaction, such as a merger, acquisition, or restructuring
- With your consent, when you authorize us to share your information
Third-Party Links and Integrations
Our website or platform may contain links to third-party websites or tools. DirectOD is not responsible for the privacy practices, content, or security of those third-party services. We encourage you to review their privacy policies before providing any personal information.
Data Transfers Outside the United States
Our platform is designed for users within the United States. If you access the Services from outside the U.S., please be aware that your information may be transferred to and processed in the United States, where privacy laws may be less stringent than those in your jurisdiction.
HIPAA and Medical Privacy
DirectOD is not a covered entity under HIPAA. However, when acting as a service provider to healthcare practices, we may receive limited protected health information (PHI) in connection with membership plan administration. We maintain strict controls and access limitations around such data and comply with all applicable healthcare privacy obligations as required by law or business associate agreements (BAAs).
Data Security and Retention
We use administrative, technical, and physical safeguards to protect your data, including:
- SSL encryption for all communications
- Secure data storage in monitored data centers
- PCI-DSS compliant payment processing via JP Morgan Chase Bank
- Role-based access restrictions and internal audits
Your Rights Under U.S. Privacy Laws
Depending on your state of residence, you may have the following rights:
- Right to Access – request a copy of the personal data we have collected about you
- Right to Delete – request the deletion of your personal information (with some exceptions)
- Right to Correct – request correction of inaccurate personal data
- Right to Opt-Out – opt out of targeted advertising or third-party tracking
- Right to Limit – restrict the use of sensitive personal information
- Right to Portability – request your data in a machine-readable format
Children’s Privacy
DirectOD does not knowingly collect personal data from children under 13. If we become aware that such information has been submitted, we will take prompt steps to delete it. If you believe we may have collected data from a child under 13, please contact us immediately.
Business Continuity and Ownership Changes
In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to a successor entity. Any acquiring party will be bound by the terms of this Privacy Policy or one with equivalent protections.
Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Your continued use of our Services after changes are posted constitutes your acceptance of those changes.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
DirectOD LLC
#1010, 2321 Sir Barton Way, Suite 140
Lexington, KY 40509
admin@directod.com
https://directod.com
DirectOD Vision Membership Plans are NOT insurance. Members pay a monthly or annual fee directly to participating eye care providers in exchange for access to discounted services, benefits, and product savings as outlined in the provider’s custom membership plan. Members are responsible for paying their provider directly for any services or products received beyond the plan’s benefits. Plan features, pricing, and savings may vary by provider and location — please refer to your provider’s specific plan terms for full details. Vision membership plans offered through DirectOD do not qualify as insurance under the Affordable Care Act and do not satisfy minimum essential coverage requirements. DirectOD is not an insurance company, and does not pay or reimburse providers for services rendered. DirectOD exclusively supports eye care and does not operate in any other medical field or acknowledge outside industry technologies attempting to operate in the eye care industry . For questions regarding your plan, please contact your participating provider or reach out to us at admin@directod.com.
All Rights Reserved DirectOD LLC 2020-2025
Privacy Policy
Privacy Policy
Effective date: May 5, 2025
Effective date: May 5, 2025
Our Commitment to Your Privacy
At DirectOD, safeguarding your privacy is a core part of how we do business. We are committed to handling your personal information with integrity, transparency, and in full compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), and others.
This Privacy Policy explains how we collect, use, store, and share your personal data when you interact with our website, platform, and services. By using the DirectOD platform, you consent to the practices described in this Policy.
If you have any questions or requests, contact us at admin@directod.com.
Scope of This Policy
This Privacy Policy applies to:
Information We Collect
We may collect the following categories of personal information:
We collect this information directly from you, your practice, or automatically through our website and tools such as Google Analytics or other integrated services.
How We Use Your Information
We use your information for the following business purposes:
Cookies and Tracking Technologies
We use cookies and similar technologies (such as web beacons and pixels) for:
How We Share Personal Information
DirectOD does not sell personal information for monetary gain. However, we may disclose your data in the following scenarios:
Third-Party Links and Integrations
Our website or platform may contain links to third-party websites or tools. DirectOD is not responsible for the privacy practices, content, or security of those third-party services. We encourage you to review their privacy policies before providing any personal information.
Data Transfers Outside the United States
Our platform is designed for users within the United States. If you access the Services from outside the U.S., please be aware that your information may be transferred to and processed in the United States, where privacy laws may be less stringent than those in your jurisdiction.
HIPAA and Medical Privacy
DirectOD is not a covered entity under HIPAA. However, when acting as a service provider to healthcare practices, we may receive limited protected health information (PHI) in connection with membership plan administration. We maintain strict controls and access limitations around such data and comply with all applicable healthcare privacy obligations as required by law or business associate agreements (BAAs).
Data Security and Retention
We use administrative, technical, and physical safeguards to protect your data, including:
Your Rights Under U.S. Privacy Laws
Depending on your state of residence, you may have the following rights:
Children’s Privacy
DirectOD does not knowingly collect personal data from children under 13. If we become aware that such information has been submitted, we will take prompt steps to delete it. If you believe we may have collected data from a child under 13, please contact us immediately.
Business Continuity and Ownership Changes
In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to a successor entity. Any acquiring party will be bound by the terms of this Privacy Policy or one with equivalent protections.
Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Your continued use of our Services after changes are posted constitutes your acceptance of those changes.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
DirectOD LLC
#1010, 2321 Sir Barton Way, Suite 140
Lexington, KY 40509
admin@directod.com
https://directod.com
At DirectOD, safeguarding your privacy is a core part of how we do business. We are committed to handling your personal information with integrity, transparency, and in full compliance with applicable data protection laws, including the California Consumer Privacy Act (CCPA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), and others.
This Privacy Policy explains how we collect, use, store, and share your personal data when you interact with our website, platform, and services. By using the DirectOD platform, you consent to the practices described in this Policy.
If you have any questions or requests, contact us at admin@directod.com.
Scope of This Policy
This Privacy Policy applies to:
- Visitors to our website (https://directod.com)
- Independent eye care providers and their staff who use DirectOD
- Patients enrolled in a vision membership plan administered through DirectOD
Information We Collect
We may collect the following categories of personal information:
| Category | Examples |
|---|---|
| Contact Data | Name, email address, phone number, mailing address |
| Patient Enrollment Data | Birthdate, plan selections, eligibility, transaction history |
| Payment Data | Card type, last four digits, payment activity (via JP Morgan Chase Bank) |
| Account & Usage Data | Login activity, IP address, session timestamps |
| Device & Technical Data | Browser type, device type, operating system, geolocation |
| Marketing & Analytics Data | Referral sources, ad engagement, cookie identifiers |
| Communication Records | Emails, chats, support tickets, survey responses |
We collect this information directly from you, your practice, or automatically through our website and tools such as Google Analytics or other integrated services.
How We Use Your Information
We use your information for the following business purposes:
- To operate, manage, and maintain your vision membership plan
- To enroll patients and administer recurring renewals
- To communicate with you about your account or services
- To process and confirm payments securely
- To detect and prevent fraud, abuse, or security issues
- To generate performance reports and optimize platform functionality
- To comply with applicable laws and contractual obligations
- To send relevant product updates, practice resources, or marketing (with your consent)
Cookies and Tracking Technologies
We use cookies and similar technologies (such as web beacons and pixels) for:
- Essential functionality – keeping your session active and secure
- Analytics – measuring traffic and user behavior across our site
- Advertising – delivering relevant promotions and retargeting users
How We Share Personal Information
DirectOD does not sell personal information for monetary gain. However, we may disclose your data in the following scenarios:
- With service providers such as JP Morgan Chase Bank (for payment processing), Amazon Web Services (hosting), and analytics or email platforms that support our operations
- With your healthcare provider, if you are a patient enrolled in a membership plan
- With marketing and advertising partners, to improve engagement (in compliance with opt-out laws)
- To comply with legal obligations, such as subpoenas, court orders, or regulatory inquiries
- As part of a business transaction, such as a merger, acquisition, or restructuring
- With your consent, when you authorize us to share your information
Third-Party Links and Integrations
Our website or platform may contain links to third-party websites or tools. DirectOD is not responsible for the privacy practices, content, or security of those third-party services. We encourage you to review their privacy policies before providing any personal information.
Data Transfers Outside the United States
Our platform is designed for users within the United States. If you access the Services from outside the U.S., please be aware that your information may be transferred to and processed in the United States, where privacy laws may be less stringent than those in your jurisdiction.
HIPAA and Medical Privacy
DirectOD is not a covered entity under HIPAA. However, when acting as a service provider to healthcare practices, we may receive limited protected health information (PHI) in connection with membership plan administration. We maintain strict controls and access limitations around such data and comply with all applicable healthcare privacy obligations as required by law or business associate agreements (BAAs).
Data Security and Retention
We use administrative, technical, and physical safeguards to protect your data, including:
- SSL encryption for all communications
- Secure data storage in monitored data centers
- PCI-DSS compliant payment processing via JP Morgan Chase Bank
- Role-based access restrictions and internal audits
Your Rights Under U.S. Privacy Laws
Depending on your state of residence, you may have the following rights:
- Right to Access – request a copy of the personal data we have collected about you
- Right to Delete – request the deletion of your personal information (with some exceptions)
- Right to Correct – request correction of inaccurate personal data
- Right to Opt-Out – opt out of targeted advertising or third-party tracking
- Right to Limit – restrict the use of sensitive personal information
- Right to Portability – request your data in a machine-readable format
Children’s Privacy
DirectOD does not knowingly collect personal data from children under 13. If we become aware that such information has been submitted, we will take prompt steps to delete it. If you believe we may have collected data from a child under 13, please contact us immediately.
Business Continuity and Ownership Changes
In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to a successor entity. Any acquiring party will be bound by the terms of this Privacy Policy or one with equivalent protections.
Changes to This Policy
We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Your continued use of our Services after changes are posted constitutes your acceptance of those changes.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
DirectOD LLC
#1010, 2321 Sir Barton Way, Suite 140
Lexington, KY 40509
admin@directod.com
https://directod.com
#1010 2321 Sir Barton Way Suite 140
Lexington, KY
40509 US
Lexington, KY
40509 US
DirectOD Vision Membership Plans are NOT insurance. Members pay a monthly or annual fee directly to participating eye care providers in exchange for access to discounted services, benefits, and product savings as outlined in the provider’s custom membership plan. Members are responsible for paying their provider directly for any services or products received beyond the plan’s benefits. Plan features, pricing, and savings may vary by provider and location — please refer to your provider’s specific plan terms for full details. Vision membership plans offered through DirectOD do not qualify as insurance under the Affordable Care Act and do not satisfy minimum essential coverage requirements. DirectOD is not an insurance company, and does not pay or reimburse providers for services rendered. DirectOD exclusively supports eye care and does not operate in any other medical field or acknowledge outside industry technologies attempting to operate in the eye care industry . For questions regarding your plan, please contact your participating provider or reach out to us at admin@directod.com.
All Rights Reserved DirectOD LLC 2020-2025