Loading...
We accept FSA, HSA & OTC Flex Cards
Transparency about how TADA Medical Supply collects, uses, and protects your data.
| Encryption | All data is encrypted in transit (HTTPS/TLS) and at rest |
| Data deletion | You can request deletion of your account and personal data at any time |
| Data sharing | We never sell your data. Shared only with essential service providers |
| Health data | We do NOT collect any Protected Health Information (PHI) |
| Independent review | Payment processing audited by Stripe (PCI DSS Level 1) |
We collect only standard e-commerce information necessary to process orders and provide customer service. We do not collect medical records, prescriptions, diagnoses, or insurance member IDs.
| Data Type | Collected | Required | Purpose |
|---|---|---|---|
| Email address | Yes | Yes | Account, order confirmations, support |
| Full name | Yes | Yes | Shipping, account identification |
| Shipping address | Yes | Yes | Order delivery |
| Payment info | Via Stripe | Yes | Payment processing (never stored on our servers) |
| Order history | Yes | Automatic | Order tracking, HCPCS receipts for self-filing |
| Phone number | Optional | No | Delivery updates, subscription reminders |
| Usage data | Yes | Automatic | Website improvement, product recommendations |
We use the following third-party services to operate our platform. Each has its own privacy policy and security certifications:
| Service | Purpose | Security |
|---|---|---|
| Supabase | Database, authentication, file storage | SOC 2 Type II, encryption at rest, RLS |
| Stripe | Payment processing (credit, FSA/HSA, OTC) | PCI DSS Level 1 |
| Resend | Transactional email delivery | TLS encryption, DKIM/SPF |
| Vercel | Website hosting, CDN, edge functions | SOC 2 Type II, automatic HTTPS |
| Data Type | Retained For | Reason |
|---|---|---|
| Account data | Until deletion requested | Active account maintenance |
| Order records | 7 years | Tax & legal compliance |
| Payment records | Per Stripe policy | Managed by payment processor |
| Analytics | 26 months | Website improvement |
| Support tickets | 2 years | Customer service quality |
You have full control over your data:
To exercise any of these rights, contact us at tada.medsupply@gmail.com. We will respond within 30 days.
If you have questions about data safety or our privacy practices: