Loading...
We accept FSA, HSA & OTC Flex Cards
We use cookies to analyze site traffic and improve your experience. Essential cookies (authentication, payments) are always active. Learn more
Transparency about how TADA Medical Supply collects, uses, and protects your data.
| Encryption | All data is encrypted in transit (HTTPS/TLS) and at rest |
| Data deletion | You can request deletion of your account and personal data at any time |
| Data sharing | We never sell your data. Shared only with essential service providers |
| Health data | We do NOT collect any Protected Health Information (PHI) |
| Independent review | Payment processing audited by Stripe (PCI DSS Level 1) |
We collect only standard e-commerce information necessary to process orders and provide customer service. We do not collect medical records, prescriptions, diagnoses, or insurance member IDs.
| Data Type | Collected | Required | Purpose |
|---|---|---|---|
| Email address | Yes | Yes | Account, order confirmations, support |
| Full name | Yes | Yes | Shipping, account identification |
| Shipping address | Yes | Yes | Order delivery |
| Payment info | Via Stripe | Yes | Payment processing (never stored on our servers) |
| Order history | Yes | Automatic | Order tracking, HCPCS receipts for self-filing |
| Phone number | Optional | No | Delivery updates, subscription reminders |
| Usage data | Yes | Automatic | Website improvement, product recommendations |
We use the following third-party services to operate our platform. Each has its own privacy policy and security certifications:
| Service | Purpose | Security |
|---|---|---|
| Supabase | Database, authentication, file storage | SOC 2 Type II, encryption at rest, RLS |
| Stripe | Payment processing (credit, FSA/HSA, OTC) | PCI DSS Level 1 |
| Resend | Transactional email delivery | TLS encryption, DKIM/SPF |
| Vercel | Website hosting, CDN, edge functions | SOC 2 Type II, automatic HTTPS |
| Data Type | Retained For | Reason |
|---|---|---|
| Account data | Until deletion requested | Active account maintenance |
| Order records | 7 years | Tax & legal compliance |
| Payment records | Per Stripe policy | Managed by payment processor |
| Analytics | 26 months | Website improvement |
| Support tickets | 2 years | Customer service quality |
You have full control over your data:
To exercise any of these rights, contact us at support@tadamedicalsupply.org. We will respond within 30 days.
If you have questions about data safety or our privacy practices: