Privacy Policy

Last updated: February 17, 2026

Who We Are

Private MD Management, LLC ("Private MD," "we," "us") operates a Direct Primary Care practice in El Dorado Hills, California. This policy describes how we collect, use, and protect information submitted through this website.

What We Collect

When you submit a form on this website, we collect:

• Name
• Email address
• Phone number (if provided)
• Your interest selection and any message you include

We do not collect health information through this website. No medical records, diagnoses, or treatment information are transmitted through these forms.

How We Use Your Information

We use the information you provide solely to:

• Respond to your inquiry
• Provide information about our practice and services
• Notify you about programs you've expressed interest in

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Service Providers (Subprocessors)

We use the following service providers to operate the practice. Each receives only the categories of information necessary for its function. The website itself transmits information to the first item only; the others receive information once you become a patient or schedule a visit.

• Web3Forms — website contact form submissions (name, email, phone, message). Data forwarded to our email; not retained beyond delivery. See their privacy policy.
• Atlas.md — electronic medical records, patient portal, secure messaging, billing, and subscription management. Receives full clinical and demographic information once you become a patient. Atlas.md is HIPAA-compliant and operates under a Business Associate Agreement.
• Stripe — payment processing (via Atlas.md). Receives name, billing address, and card information. Does not receive clinical information.
• Cal.com — appointment scheduling (discovery calls and consultations). Receives name, email, and chosen time slot.
• Google Meet — video conferencing for discovery calls and some telemedicine visits.
• Quest Diagnostics — laboratory testing ordered as part of clinical care. Receives clinical orders and demographic information necessary to perform tests. HIPAA-compliant.
• RingCentral — telephone and SMS for the practice line. May receive voicemail and SMS content.

Cookies and Tracking

This website uses Google Analytics (Google Tag Manager) to measure aggregate site traffic. Google Analytics may drop cookies for session and visitor measurement. We do not use advertising trackers, behavioral profiling, or pixel-based remarketing. Embedded subprocessor widgets (such as Cal.com) may set their own cookies when their content loads on a page; refer to their respective privacy policies for details.

Data Security

This website is served over HTTPS. Form submissions are encrypted in transit. Patient health information is stored within Atlas.md, which is HIPAA-compliant and protected by access controls and audit logging. We take reasonable measures to protect the information you provide, but no internet transmission is completely secure.

HIPAA Notice of Privacy Practices

This website is not a patient portal and is not used to transmit protected health information (PHI). Once you become a patient, your medical information is governed by our HIPAA Notice of Privacy Practices, provided at intake and available on request by emailing drsahni@privatemd.clinic.

Your Rights

You may request that we delete any personal information you've submitted through this website by emailing drsahni@privatemd.clinic. Requests are honored within 30 days unless we are required to retain the information for clinical, billing, or legal reasons.

California Residents (CCPA / CPRA)

Under the California Consumer Privacy Act and the California Privacy Rights Act, California residents have the following rights:

• Right to know what categories of personal information we collect, the sources, the purposes, and the categories of third parties (subprocessors) with whom we share information. The full list of subprocessors is above.
• Right to delete personal information we have collected, subject to legal and clinical retention requirements.
• Right to correct inaccurate personal information.
• Right to limit use of sensitive personal information.
• Right to non-discrimination for exercising any of these rights.

We do not sell or share personal information for cross-context behavioral advertising. To exercise any of these rights, email drsahni@privatemd.clinic.

Changes to This Policy

We may update this policy as our practice evolves. Changes will be posted on this page with an updated date.

Contact

Questions about this policy? Email drsahni@privatemd.clinic.