Skip to main content

Privacy Notice

Last Updated: May 16, 2024

Curology makes customized skincare affordable and accessible. We use the information you share with us to help provide you with a customized experience from when you start interacting with us to when you receive your own personalized treatment plan.

Curology, Inc., David Lortscher, MD, P.C. , David Lortscher, MD, P.A., Lortscher Health of Hawaii, Professional Corporation, David Lortscher, MD, S.C., Lortscher Health of New Jersey, P.C., David Lortscher, MD, Professional Association, our fully owned and operated brands, including Agency, and our contracted health care entities (collectively, “Curology,” “we,” “us,” or “our”) take your privacy and trust in us seriously. We are committed to protecting the privacy and security of your information.

The purpose of this Privacy Notice (“Privacy Notice”) is to explain how we may collect, use, store, disclose, or otherwise process your personal information when you interact with us through the Curology website located at http://curology.com and https://shop.curology.com (the “Website”), our products and Services, and/or other communication channels under our control such as email, telephone, or social media that link to this Privacy Notice (collectively, the “Services”). All capitalized terms not otherwise defined in this Privacy Notice have the same meaning as set forth in the Curology Terms of Service, available here: https://curology.com/terms/. If you are a resident of California, Colorado, Connecticut, or Virginia, please view our State Privacy Notice Addenda.  

When you access or use the Services, you are creating a customer relationship with Curology that enables you to access and use the Services as a “Website User”. As part of that relationship, Website Users can review our products and Services, our resources, and provide information, including personal information that we do not consider to be health information. Once a Website User completes and submits our patient intake process and agrees to the Informed Consent to Treatment via Telehealth (or, if applicable, the Parent/Guardian Informed Consent to Treatment via Telehealth), that user is treated as a “Patient User.”  

The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States. All capitalized terms not otherwise defined in this Privacy Notice have the same meaning as set forth in the Curology Terms of Service, available here: https://curology.com/terms/.  

Employees, job applicants and independent contractors who are California residents receive a supplemental privacy notice that applies to their relationship with Curology.  In the event of any conflict or inconsistency with this Privacy Notice, the terms of that supplementary privacy notice will control.

Table of Contents

  1. Collection of Information

  2. Sources of Information

  3. Use of Information

  4. Sharing of Information

  5. Cookies and Other Tracking Technology

  6. Persons Under the Age of 16

  7. Security of Information

  8. Retention of Information

  9. Your Choices

  10. International Transfers

  11. Updates

  12. Contact Us

1. Collection of Information

Curology collects and stores a variety of information when you use our Services so that we can provide the Services to you. If we do not have this information, you may not be able to access or use part or all of our Services. 

The specific types of information we collect will depend on the Services you use (e.g., Website User, Patient User), but may include the following:

Personal Information

Personal information means information associated with or used to identify or contact a specific person. Personal information we collect about Website Users and Patient Users may include:

  • Identifiers such as first and last name, date of birth, sex or gender, physical address, email address, phone number, etc.

  • Audio, visual, and other electronic information such as photographs for purposes other than diagnosis or treatment 

  • Commercial information such as order history, subscriptions, products purchased or considered, payment information, and shipping history

  • Internet and network activity information such as IP address, geolocation information, device information, log data, and cookies and similar technologies

  • Inferences drawn from any of the information collected, such as a user’s preferences, characteristics, and behavior, etc.

Health Information

Health information is a type of personal information that includes any identifying information we collect relating to your medical history, including symptoms, diagnoses, treatment and outcomes. Health information we collect about Patient Users may include:

  • Audio, visual, and other electronic information such as photographs for purposes of diagnosis or treatment

  • Medical history such as medical conditions, medications, allergies, treatment options, prescriptions, and any other health-related information for purposes of diagnosis or treatment.

2. Sources of Information

This Privacy Notice applies to information we collect information about you from the following categories of sources: 

You (Actively)

You may actively provide us information when you use our Services such as through our Website, emails or other electronic communications, social media, surveys, sweepstakes and promotions, customer support, or any other online or offline interactions.

You (Passively)

You may also passively provide us information through your interactions and use of our Services such as your IP address, access times, hardware and software information, device information, device event information (e.g., crashes, unsuccessful logins, browser type), the web pages you’ve viewed or engaged with before and/or after using the Services, and other relevant information. We may use cookies and other tracking technology to collect this information. For more information on the cookies and other tracking technology we use, please see the Cookies and Other Tracking Technology section below. If you actively provide information, but do not complete the sign up for Services, our website cookies may store the data provided.

Third Parties

We may receive information from third parties such as affiliates, business partners, and service providers to operate our business and improve your experience and interactions with us.

Publicly Available Databases

We may receive information that is available publicly, either online or offline, to operate our business and improve your experience and interactions with us.

3. Use of Information 

Curology and our service providers may use information (including personal information) for the following business or commercial purposes:

  • To provide teledermatology and related services to our Patient Users via our licensed medical providers (including those who provide healthcare services, drugs, or medical devices)

  • To verify your identity as the holder of an account with us

  • To administer your account, process payments, troubleshoot issues, and provide you with customer support

  • To communicate with you about the Services, and to deliver any administrative notices or alerts and communications relevant to your use of the Services

  • To allow you to participate in sweepstakes, contests, or other promotions

  • To market our Services that we believe may be of interest

  • To tailor the features, performance and support of the Services to you and your preferences

  • To provide, operate, analyze usage of, and improve the Services, including performing research and development

  • To investigate, detect, deter, prevent, report, defend against, or take other action regarding security incidents, abusive behavior, suspected fraud, malicious or illegal activities, or violations of our Terms of Service or other policies

  • To make sure our terms, policies, and agreements with you and any third parties are enforced

  • To comply with applicable laws and regulations.

4. Sharing of Information

We understand the importance of protecting the confidentiality of your information and limit our disclosure of your personal and/or health information to the following possible business or commercial purposes:

  • To third-party service providers acting on our behalf or to entities with whom we may collaborate with to offer and deliver the Services

  • To market and communicate about our products, Services, events and other offerings

  • To personalize communications and marketing (whether regarding our Services or third-party services we believe you may find interesting) and to measure the effectiveness of communications and marketing (directly or via third parties)

  • In order to protect the safety and security of Curology, the Services, our operations, our systems, our properties, our customers, or any other related person or entity

  • In order to investigate, detect, deter, prevent, report, defend against, or take other action regarding security incidents, abusive behavior, suspected fraud, malicious or illegal activities, or violations of our Terms of Service or other policies

  • In order to establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others

  • In order to comply with applicable laws or legal processes such as a court order or subpoena

  • In connection with any reorganization, restructuring, merger, sale, acquisition, financing, dissolution, or other transfer of assets under the condition that the recipient agrees to respect your information in a manner that is consistent with this Privacy Notice

5. Cookies and Other Tracking Technology

We use cookies and other tracking technologies to automatically collect information about your use of our Services. Cookies are small files containing a unique string of information that your computer or mobile device saves when you visit certain websites. A number of cookies we use will last only for the duration of your web session and expire when you close your browser. Other cookies last longer and are used to recognize your device when you return to the Website.

Generally, we use first-party and third-party cookies for the following purposes: to make our Services function properly; to provide a secure browsing experience during your use of our Services; to collect information about your use of our Services to help us improve and optimize our Services; to remember your preferences for your convenience; and to market our Services, including by showing ads or content on our Services or on third-party sites. To the extent permitted by applicable law, we may also use such technologies to deliver customized content and advertising to Website Users whose activity on the Website indicates that they are interested in particular products or Services.

We use the following types of cookies on our Services:

  • Essential/Strictly Necessary Cookies, which are needed for the Website or Services to operate as reasonably expected by you

  • Functional or Preference Cookies, which remember your name or choices.

  • Performance or Analytic Cookies, which collect passive information about your use of the Website or Services

  • Advertising or Targeting Cookies, which are used to make advertising messages more relevant and personalized to you based on your inferred interests

Note that we do not deploy non-essential third-party cookies or similar tracking technologies on our webpages that are made available after Patient log in.

Depending on whether you would like to manage a first-party or third-party cookie, you will need to take the following steps:

  • First-Party Cookies: You can enable, disable, or delete cookies via our Cookie Banner, or via the browser you are using to access our Services. To do this, follow the instructions provided by your browser (usually located within the “Settings”, “Privacy and Security” or “Help” tabs). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of our Services, and/or parts of the Services may not work properly for you. You can find more information about how to change your browser cookie settings at https://www.allaboutcookies.org.

  • Third-Party Cookies: You can disable cookies from third parties via our Cookie Banner or by using your browser settings or, if available, directly opting-out of cookie collection with the third-party cookie service provider via their website. The online advertising industry also provides websites from which you may opt-out of receiving targeted ads from our data partners and our other advertising partners that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at the following websites: Network Advertising Initiative, Ad Choices, Facebook, Google Ads.  California residents may also opt-out of sharing of information through these cookies by visiting https://curology.com/donotsell/ \ and following the instructions there, as described in our California and Other States Privacy Notice Addendum.

Other Third-Party Technologies. We may use other companies’ analytics, tracking and provided tools that receive information when you use our Services, including technology from Google, Meta and others, to help us track, segment, and analyze usage of the Services, and to help us or those companies serve more targeted advertising on the Services and across the Internet. These tools may use technology such as cookies, tags, pixels, SDKs, and similar technologies to track online activity. The companies may also combine information they collect from your interaction with the Services with information they collect from other sources. We may not have access to information these companies collect using cookies or other tracking technologies.

Location Information. You may be able to adjust the settings of your browser or device so that information about your precise physical location is not sent to us or third parties by (a) disabling location services within the browser or device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. See your device settings for more information. Certain web and mobile browsers allow you to send a signal to inform websites that you do not want your online activities tracked. Except as set forth in our California and Other States Privacy Notice Addendum with respect to global privacy control settings, at this time, we do not currently respond to “Do Not Track” signals or similar mechanisms.  

6. Persons Under the Age of 16

Persons under the age of 13 are prohibited from using our Services. Persons between the ages of 13 and 18 or the applicable state age of majority may only use our Services with the legal authorization of their parent or legal guardian. Curology does not knowingly collect any information from persons under the age of 13 (or from persons between the age of 13 and 18 or the applicable state age of majority without appropriate authorization). 

Please contact us if you believe we have collected user information about a child without the required consent from their parent or guardian so we can take corrective action. Requests should be sent to privacy@curology.com and include a description of the specific information (including information that will allow us to confirm it was created by persons under the age of majority without appropriate authorization. If we discover that we have collected user information about an individual under the age of 13, we will work to promptly delete this information. 

7. Security of Information

Curology understands the importance of securing your information. We are continuously implementing and updating our administrative, technical, and physical security measures to protect your information. For example, we use firewalls to monitor and control our network traffic, encryption to secure our data transmissions, and cryptographic hash functions to store or share certain data.

Please be aware that using the Internet comes with inherent risks. No method of data transmission or method of physical or electronic storage can be guaranteed to be perfectly secure. There is some risk that an unauthorized third party may find a way to circumvent our security or that a transmission of your information over the Internet will be intercepted. Curology takes the measures stated above to provide a level of security appropriate to the risks of processing your information. You acknowledge and accept that we cannot guarantee the security of your information.

Aside from our efforts in securing your information, it is your responsibility to protect the security of your account credentials and keep your password confidential. If you notice suspicious activity or believe that your account may have been compromised in some way, please contact us immediately at privacy@curology.com.

8. Retention of Information

We may retain your information as required or permitted by applicable laws and regulations. For example, if you are a resident of certain jurisdictions you may be able to request to have your personal information deleted. If your request is granted, we may still be required by medical laws to retain your health information for a period of time. If you are a Patient User, your medical records will be retained by Curology for a period of at least ten (10) years, unless a longer period is required by state or federal law, after which they may be destroyed. If you are younger than twenty-three (23) years of age on the date the records may potentially be destroyed, your records will be kept at least until you reach the age of 23 or as required by state or federal law.  Additional information for California residents about our data retention practices is available in our California and Other States Privacy Notice Addendum.  

9. Your Choices and Privacy Rights 

Transactional Communications. In order to provide our Services to you, we may send you communications related to your transactions, security, or the administration of this website. Transactional emails are emails we send you relating to your account or in connection with providing you the Services such as emails changing your password, emails in response to your support request, and emails from your medical provider(s). Please be aware that you cannot opt out of transactional emails.

Marketing Communications.  From time to time, Curology may also send you marketing emails to provide you with free newsletters, surveys, offers, and other promotional materials. If you wish to stop receiving marketing emails from us, you can opt out by clicking the unsubscribe link at the bottom of any marketing email or by contacting us at hello@curology.com.

Text Messages.  You may opt in to receive Curology transactional and/or Curology marketing text messages. If you decide you no longer wish to receive text messages (including operational, marketing, or transactional) from us, you can opt-out of receiving future Curology text messages by replying “STOP.” However, you acknowledge that opting out of receiving text messages may impact your use of the Services.

Your Account Information.  You may access your Curology account information by going to the “ Account Details” page. You can edit your account information as necessary, such as your email address, name, phone number, and more. When you update your account information, we may keep a copy of your previous account details for our records and to prevent fraud or other activities that violate our terms, policies and agreements. However, if you do not provide us with some of your personal information, such as your name or email, we will no longer be able to provide you with access to our Services.

Privacy Rights.  If you are a resident of California or other states with specific consumer privacy laws, please see our California and Other States Privacy Addendum.  In addition to the privacy rights we provide to residents of the states listed in our California and Other States Privacy Rights Addendum, we provide the following privacy rights:

  1. Access: You can submit a request for access to your personal information by emailing hello@curology.com or filling out our online form here. Prior to fulfilling your request, we will need to verify your identity, which may require additional pieces of information. We use the information submitted via the form strictly for verification purposes.

  2. To be removed from a mailing list, email us at hello@curology.com

  3. To unsubscribe from text marketing messages, please reply STOP to the message. To unsubscribe from marketing emails, please use the link located at the bottom of the marketing email.  

10. International Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it there. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use the Services.

11. Updates

We may update this Privacy Notice from at any time at our sole discretion. You can reference the date on the top to determine when this Privacy Notice was last updated. Any changes will become effective when we post the revised Privacy Notice. Your use of the Services following this notice means that you acknowledge and accept the revised Privacy Notice.

12. Contact Us

If you have questions or concerns about this Privacy Notice, please contact us at privacy@curology.com. For any other questions, please send an email to hello@curology.com.

Get StartedShop ProductsWhy CurologyGuidesOur StoryCommunity
All Rights Reserved 2014-2024 Curology Inc.
Terms of ServicePrivacy Notice
Do Not Sell or Share My Personal Information