Skip to main content
Riku HealthRiku Health
Book an Appointment

Effective Date: June 1, 2026

Privacy Policy

1. About Riku Health

Riku Health is a telehealth platform operated by Riku Health MSO, LLC ("Riku Health," "we," "us," or "our") that connects patients with licensed healthcare providers for ADHD evaluation, behavioral health care, and medically supervised weight management. Our clinical services are delivered through a licensed Professional Corporation.

This Privacy Policy explains how we collect, use, disclose, and protect information when you visit rikuhealth.com or use our services.

2. Information We Collect

We may collect the following types of information:

Contact and account information: name, email address, phone number, mailing address, and date of birth.

Health and clinical information: information you provide when requesting an appointment through our SimplePractice patient portal, including reason for visit, symptoms, and medical history.

Payment information: billing details processed securely through Stripe. We do not store full payment card numbers on our servers.

Technical data: IP address, browser type, device identifiers, and pages visited, collected automatically through standard server logs and analytics.

3. How We Use Your Information

We use your information to:

• Schedule and facilitate telehealth appointments through our clinical partner, SimplePractice. • Communicate with you about your care, appointments, and account. • Process payments for services. • Comply with applicable federal and California state law. • Improve our website and services.

We do not sell your personal information to third parties.

4. Protected Health Information (PHI)

Clinical services are provided through a licensed Professional Corporation (the "Practice"), which is the HIPAA-covered entity. Riku Health MSO, LLC is a Business Associate of the Practice. Health information collected in connection with your care, including appointment records, clinical notes, and treatment information, constitutes Protected Health Information (PHI) and is handled in accordance with the Health Insurance Portability and Accountability Act (HIPAA).

For a full description of how we use and disclose your PHI, your rights as a patient, and how to file a complaint, please review our Notice of Privacy Practices.

5. SimplePractice

Appointment scheduling and clinical management are handled through SimplePractice, a HIPAA-compliant electronic health records (EHR) platform. When you request an appointment, your information is submitted to and stored within SimplePractice's secure systems. SimplePractice acts as a Business Associate under HIPAA. Please review SimplePractice's Privacy Policy for additional details.

6. Payment Processing

Payments are processed through Stripe, Inc. Stripe is a PCI-DSS-compliant payment processor. Your payment card information is transmitted directly to Stripe and is not stored on Riku Health's servers. Stripe's use of your payment information is governed by Stripe's Privacy Policy.

7. Disclosure of Information

We do not sell, rent, or trade your personal information. We may disclose information in the following limited circumstances:

• To our licensed healthcare providers to deliver clinical services. • To Business Associates (such as SimplePractice and Stripe) who assist us in operating our platform under HIPAA Business Associate Agreements. • As required by law, court order, or government authority. • To protect the safety of patients or the public in emergency circumstances.

8. California Privacy Rights (CCPA)

California residents may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information.

Note: We do not sell personal information. To exercise your CCPA rights, contact us at hello@rikuhealth.com. We will respond within 45 days as required by law.

Note for patients: Health information regulated by HIPAA is exempt from CCPA. Your rights regarding PHI are governed by our Notice of Privacy Practices.

9. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your information. Our systems use encryption in transit and at rest. Access to patient information is restricted to authorized personnel.

No method of transmission over the internet is 100% secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security.

10. Children's Privacy

Our services are intended for adults 18 years of age and older. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Effective Date" at the top of this page. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or requests regarding this Privacy Policy, please contact us at:

Riku Health MSO, LLC Email: hello@rikuhealth.com