Privacy Policy

Overview

Cupula Health, Inc. (“Cupula,” “we,” “us”) operates a marketplace connecting patients with Direct Primary Care (DPC) physicians. This policy describes what information we collect, why we collect it, and the choices you have.

Information we collect

• From physicians who apply: name, email, practice name, NPI, specialty, location, website, and the information you choose to include in your application.
• From Google Sign-In: your name, email address, and profile picture, used solely to create and authenticate your Cupula account.
• From visitors: basic request metadata (IP, user agent, referring URL) for security and analytics.

How we use information

• Authenticate users and secure accounts.
• Review physician applications and communicate decisions.
• Power the public directory of approved practices.
• Send transactional email (status updates, invites).
• Detect abuse and comply with legal obligations.

Google user data

When you sign in with Google, we receive only the basic profile scopes (openid, email, profile). We do not read Gmail, Drive, Calendar, or any other Google services. Cupula's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Sharing

We do not sell personal information. We share data only with vendors who help us operate the service (hosting, authentication, email delivery, analytics) under contractual confidentiality, and when required by law.

Your choices

You can request access, correction, or deletion of your information by emailing privacy@cupula.health. Approved practice profiles are public by design; you can request removal at any time.

Contact

Questions? Reach us at hello@cupula.health.