Introduction and scope

Holvex Pty Ltd trading as Hormn (ABN 32 688 453 858) is an Australian telehealth clinic providing men's health services, including testosterone replacement therapy (TRT), weight management programs, and erectile dysfunction (ED) treatments.

This Privacy Policy explains how we collect, use, disclose, and store personal information in the course of our business, as well as your rights regarding that information. It applies to all users of Hormn's services, including patients who engage with our telehealth consultations and visitors to our website (www.hormn.com).

We are committed to protecting your privacy and we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which set out rules on the collection, use, disclosure, quality and security of personal information. We are also bound by relevant state health privacy laws and health record retention requirements – for example, health information we collect may need to be retained for certain periods by law, even if you request its deletion.

For the purposes of this policy, *personal information* means any information or opinion about an identifiable individual. This includes sensitive information such as health and medical details. By using our services or providing your information, you consent to the practices described in this Privacy Policy, including the collection, use, and disclosure of your personal and health information as outlined here.

We only collect and handle personal information that is necessary for our functions and activities (primarily delivering healthcare services to you) or as otherwise permitted by law. Only authorised personnel (such as doctors, pharmacists and required support staff) will have access to your personal information on a need-to-know basis.

If we ever need to use your personal information for a purpose not covered by this policy or not reasonably expected by you, we will seek your consent to do so (unless an exception under the law applies).

Personal information we collect

We collect a range of personal and health information in order to provide our services effectively. This includes, but is not limited to:

• Identity and Contact Details: Information that identifies you, such as your full name, date of birth, residential/postal address, telephone number, email address, and other contact details.

• Medical and Health Information: Detailed health information relevant to your care. This may include your medical history, current and past health conditions, medications and prescriptions, allergies and adverse reactions, test results (e.g. blood tests, pathology or diagnostic imaging reports), lifestyle and social history, family medical history, and any other health or medical information you or your other healthcare providers supply to us. We also collect clinical notes and records from consultations, treatment plans, and follow-up information related to the services we provide.

• Medicare and Insurance Details: Your Medicare number or Individual Healthcare Identifier and any related identifiers needed for identification or electronic prescribing purposes. This helps us verify eligibility for certain services.

• Payment and Billing Information: If you make payments for our services, we collect necessary billing details such as credit or debit card information or other payment data. (Note: we do not store full credit card numbers on our own systems when using third-party payment processors, except as needed to process transactions securely.)

• Account and Login Information: If you create an online account with Hormn, we collect the username, password, and other registration information you provide. We also maintain your user preferences and any information you save in your profile on our platform.

• Communications: Records of your communications with us are kept, including emails, text/SMS or chat messages, and voice call recordings or notes (for example, if you call our support line). This also includes any feedback you provide, responses to questionnaires, or survey answers which you choose to give.

• Website Usage Data: When you use our website or online services, we may collect certain technical information through cookies and analytics tools. This can include your IP address, device type, browser type, operating system, pages or content viewed, links clicked, and timestamps of visits. This data is generally collected on an aggregate level and helps us understand user engagement (see Cookies and Website Analytics below for more details). However, some of this information (such as IP address) may be considered personal information and will be treated in accordance with this Privacy Policy.

Note: You have the right to interact with us anonymously or under a pseudonym if you prefer, wherever that is feasible. For example, you may browse our website without identifying yourself. However, if you are seeking to use our telehealth services, it is often impracticable for us to provide medical care without knowing your identity. In most cases – such as when we prescribe medications or arrange pathology tests – we are required by law to deal with identified individuals only (e.g. to verify your identity for Medicare or prescription purposes). We will inform you if an option to remain anonymous or use a pseudonym is available in a particular interaction, but please understand that for full medical services we will need your real identifying information.

How we collect personal information

We collect personal information through a variety of means. The main ways we gather information include the following:

1. Directly from You – Initial Sign-Up: We collect information directly from you when you first engage our services. For example, when you register as a patient or make an initial appointment, you will typically provide personal and demographic details via online forms or during a sign-up process (this may include filling out a medical questionnaire or patient registration form). We also collect information you give us when you create an account on our website, complete an online health assessment or quiz, or otherwise submit information through our platform.

2. During Consultations and Treatment: Throughout the course of providing telehealth medical services, we will collect further personal and health information. Your treating doctor or nurse practitioner will obtain information during consultations – for instance, through questions about your symptoms or medical history. They will document notes about diagnoses, treatments, and any prescriptions or referrals made. We may also update your record as you undergo tests (e.g. blood tests) or as you report results and progress over time. All information you discuss with us in a consultation or submit through follow-up forms is collected to manage your healthcare.

3. Through Communications and Digital Interactions: We collect personal information when you interact with us or our platform, aside from consultations. This includes when you visit our website (where certain data is collected via cookies and analytics as described), when you send us emails or text messages, when you call us on the phone, or if you communicate with us via social media or other channels. For example, if you fill out a "contact us" form, we will collect the details you provide. If you subscribe to our newsletter or respond to a marketing communication, we collect that information as well.

4. From Third Parties and Other Sources: In some cases, we may obtain personal information about you from other sources besides direct interactions with you, especially where it is not practical or possible to get it from you directly. We will do so only in accordance with the law and, where required, with your consent. Such sources may include:

• Other Healthcare Providers: We might receive information from healthcare professionals who have been involved in your care. For example, with your consent, we could obtain a specialist's report, your GP's referral letter, or results from a pathology lab or radiology (imaging) service that conducted tests for you. This is to ensure continuity of care and a complete understanding of your health needs.
• Your Authorized Representative: If someone legally acting on your behalf (such as a legal guardian, medical power of attorney, or a parent if you are under 18) provides information about you, we will collect that as needed.
• Medicare, Health Insurers, and Government Agencies: We may collect or verify information with government agencies or health funds. For instance, we might use the Medicare system (or the Department of Veterans’ Affairs, if applicable) to check your Medicare number or eligibility for certain services.
• Public Sources or Other: In rare situations, we might collect personal information from publicly available sources or external registries, but only if allowed by law. For example, we could verify your medical registration status (if you are a practitioner interacting with us) or check a publicly available database for updated contact details, etc. Such collection would only be done in compliance with privacy laws and if necessary for providing our services.

In all cases, we only collect information by lawful and fair means (not in an unreasonably intrusive way). If we receive unsolicited personal information (information we didn't ask for) about you, we will determine if it is needed for our services. If not, we will de-identify or destroy it as required by law. We will also notify you as soon as practicable if we need to collect significant information from third parties rather than from you, and obtain your consent when required.

Use and disclosure of personal information

How We Use Personal Information
We primarily use the personal information we collect to provide you with high-quality healthcare and related services. In general, Hormn will only use your personal and health information for purposes that are directly related to our services or otherwise in accordance with the Privacy Act. The main purposes for which we use personal information include:

• Providing Healthcare Services: We use your information to manage your health and medical care – this is our main purpose. For example, our doctors review your medical history and symptoms to diagnose conditions and recommend treatments. We use your health information to prescribe appropriate medications, develop treatment plans (such as TRT or weight loss programs tailored to you), and provide medical advice during consultations.

• Healthcare Coordination: Your information may be used to coordinate further services on your behalf. This includes ordering and reviewing pathology tests or other investigations, writing referrals to specialists, issuing prescriptions, and liaising with pharmacies to dispense medications. We will use and share necessary details (like your identity and relevant health info) with these providers to ensure you receive the correct medicines or tests.

• Administrative and Business Operations: We use personal information for administrative tasks related to running our clinic. This includes scheduling appointments and sending you reminders or notifications, verifying your identity when you log in or request services, handling billing and payment processing, and managing our accounts and records. We also use your details for internal processes like auditing, compliance checks, quality assurance, staff training, and clinic accreditation requirements. These uses are all directly related to providing healthcare to you or maintaining the quality of our service.

• Communication and Customer Support: We may use your contact information to communicate with you about your appointments, treatment, and any follow-up care. For example, we might email or SMS you appointment confirmations, telehealth links, or follow-up instructions from your doctor. We also use your information to respond to any inquiries or support requests you send us. If you contact our support team, we will review your records as needed to assist you.

• Service Improvement and Research: We are continuously striving to improve our services. We may use personal information in aggregated or de-identified form to analyze how our services are being used and how effective our treatments are. For instance, we might review anonymized patient outcomes to refine our programs, or look at usage patterns on our website to improve user experience. Any research or analysis we perform on patient data will use de-identified information whenever possible, meaning individuals will not be identifiable in the results. De-identified data (data stripped of personal identifiers) may be used to generate insights, compile statistics, or help improve men’s health outcomes on a broader scale. (If we ever wish to use your identified health information for research that goes beyond improving our own services – for example, publishing a study – we would seek your explicit consent or an ethics approval as required by law.)

• Marketing (with Consent): Like many businesses, we may engage in marketing communications, but only with your consent. If you opt-in or if it is otherwise lawful, we might use your contact details to inform you about new services, treatment options, special offers, or health-related information that may be relevant to you. For example, we might send a newsletter with men's health tips or notify you of a new program we offer. **We will not send you marketing emails or texts if you have not agreed to receive them.**And even if you initially consent, you can opt out of marketing communications at any time by using the unsubscribe link in our messages or contacting us to withdraw consent. We do not use sensitive health information for direct marketing without your explicit consent.

• Legal Compliance and Protection: In certain cases, we will use your information as necessary to comply with legal obligations or to protect your vital interests. This includes using and retaining records as required by health regulations, responding to lawful requests from courts or government agencies, or using information to investigate and prevent fraud or other misuse of our services. For example, if there is a public health requirement to report a particular diagnosis to authorities, we will use the relevant data to make that report, in compliance with the law. We may also use information to enforce our terms of service or to ensure the safety of our patients and staff (for instance, using contact or health information to mitigate a serious emergency).

We will not use your personal information for any purpose unrelated to the provision of our services, unless you have consented or we are otherwise permitted by law to do so. In particular, we do not sell your personal information to any third party for their own use.

Disclosure of Personal Information
Hormn will only disclose (share) your personal information to third parties for purposes that are consistent with your care or as otherwise permitted or required by law. The types of third parties we may share information with, and the circumstances of disclosure, include:


• Healthcare Providers Involved in Your Care: We may share relevant information with other health professionals who are involved in providing you with treatment. For example, our telehealth doctors might communicate with your regular GP or a specialist to whom you are referred, in order to coordinate care (with your consent). If we arrange a consultation with a pathology lab or diagnostic imaging service, we will send the necessary details (your identifying information and test request) to that provider. Similarly, if a pharmacist is dispensing medication prescribed to you through our service, we will disclose the prescription details and necessary personal info to that pharmacy. Such disclosures are made to ensure you receive seamless and effective healthcare.

• Service Providers (Business Operations): We employ trusted third-party service providers to help us run our business. These may include information technology providers (for secure data hosting or software support), cloud infrastructure services, appointment scheduling platforms, payment processors, mailing or communication services, and professional advisors (auditors, legal counsel). These third parties may **have access to personal information** strictly to perform functions on our behalf – for example, to maintain our IT systems or to process a credit card transaction. We only share the information that is necessary for them to provide their service, and we require all such providers to handle your data confidentially and in compliance with applicable privacy laws (for instance, through contractual agreements requiring them to uphold privacy protections and the APPs).

• Other Health Institutions: With your consent or as required for your treatment, we might disclose information to hospitals, laboratories, or other clinics. For instance, if we refer you for a blood test, we send the lab your details and the test order, and later we may receive your results from them. If we identify that you need urgent in-person medical attention, we may share information with an emergency department or advise you to share your telehealth records with them. We will coordinate with other healthcare providers as necessary to facilitate continuity of care.

• Required or Authorized by Law: We will disclose personal information when we are required or allowed to do so by law. This can include:
  
  • Compliance with Court Orders or Legal Processes: If we receive a subpoena, court order, or other mandatory legal demand for your information, we may be obligated to provide the requested data. We will only do so after verifying the request is valid and only disclose what is required by the order.
  • Mandatory Reporting: Certain health information may need to be reported to government authorities under public health laws. For example, doctors must notify authorities about diagnoses of certain communicable diseases or other conditions for public health surveillance. If such laws apply, we will disclose the minimum necessary information to comply with our legal reporting obligations. Similarly, if you are prescribed certain controlled substances (like particular medications), we might be required to record that prescription in a government register.
  • Law Enforcement and Regulatory Bodies: If law enforcement (police) or a regulatory agency (like the Australian Health Practitioner Regulation Agency, AHPRA, or the Therapeutic Goods Administration, TGA) lawfully requests information (for instance, to investigate an offense or a serious breach of law), we may provide assistance as required by law. We would ensure any such disclosure is properly authorised.

• Serious Threats to Health or Safety: We may disclose personal information where it is necessary to prevent or lessen a serious threat to your life, health or safety, or to public health or safety, and it is unreasonable or impracticable to obtain your consent. For example, if during a consultation our clinician believes you are at imminent risk of self-harm or of harming others, we might contact emergency services or another appropriate authority with relevant information to help prevent harm. This kind of disclosure is allowed under privacy law in emergency situations. We will only ever do so in good faith and only to those necessary to address the threat (e.g., disclosing relevant information to paramedics or police in an emergency).

• Missing Persons, Legal Claims, and Other Special Cases: In limited circumstances, privacy law permits disclosure to assist in specific public interest matters. For instance, we may share information with the police to help locate a missing person (if the rules under the Privacy Act are met). We might also disclose information to establish, exercise or defend a legal or equitable claim – for example, sharing records with our legal advisors or insurers if a legal dispute or claim arises involving us or our clinicians. Additionally, if a dispute involving your care goes to mediation or another confidential dispute resolution process, we may use or disclose necessary information as part of that process as allowed by law. Any such disclosures would be done very carefully and only as permitted under the relevant provisions of the Privacy Act.

• With Your Consent or At Your Direction: In all other cases, we will seek your consent if we need to share your information. For example, if you ask us to provide a copy of your medical records to another healthcare provider or to a family member, we will do so with your authorization. We may also disclose information to other third parties if you have explicitly consented (in writing or verbally) to that disclosure.

Aside from the situations described above, we will not disclose your personal information to any third party unless you have given your consent, or the disclosure is required or permitted by law. We do not share your personal information with any external parties for their own marketing purposes. Furthermore, all our staff and any contractors with access to personal information are bound by strict confidentiality obligations. We also maintain an audit trail of access to health records to ensure that only appropriate access occurs.
(For information on cross-border disclosures – i.e., sending data outside Australia – please see the next section.)

Cross-border disclosure of personal information

• Hormn is based in Australia and we predominantly store and process personal information within Australia. Our policy is that we do not routinely disclose your personal information to overseas recipients. We understand that keeping your health information in Australia is important for privacy and security. We will not send your personal information overseas without your consent, unless an exception under the Privacy Act applies (for example, if we are required by Australian law or a court/tribunal order, or in some rare emergency where overseas disclosure is necessary for your care).
• In practical terms, this means all your medical records and personal details are stored on secure servers located in Australia, or in cloud services that are contractually required to store data in Australia. If in the future we need to use a service provider that operates in another country (for example, a secure cloud backup or an email newsletter service with servers in the USA or EU), we will ensure that we either obtain your consent for this or that the transfer is otherwise in compliance with APP 8 (cross-border disclosure requirements). In doing so, we would take reasonable steps to ensure any overseas recipient protects your information to at least the standard required in Australia. This might include having agreements in place that mirror the Australian Privacy Principles for handling your data.
• If you are located outside Australia and use our services, or if you request us to send your information to an overseas entity, we will of course comply with your request and consider that as consent to transfer your information to that jurisdiction. In all cases, we will remain accountable for the protection of your personal information. Our aim is to safeguard your data no matter where it is stored or accessed, and we will update this policy to reflect any new cross-border data arrangements if they arise in the future.

Data storage and security of personal information

We take the security of your personal information very seriously. Hormn stores personal information in a combination of electronic and (in some cases) physical formats. Electronic records are kept in secure cloud-based systems and databases that are protected by industry-standard security protocols. Any paper records (if generated, such as signed forms or written notes) are stored in locked premises or secure cabinets with controlled access. We have implemented a range of technical and organizational measures to protect personal information from misuse, loss, unauthorised access, modification, or disclosure, including:


• Access Controls: Personal information is accessible only by authorized personnel who require access to perform their duties. Each staff member has unique login credentials, and access to health records or systems is limited based on role. We use multi-factor authentication and audit logging to prevent and detect any unauthorized access.

• Encryption and Security Technology: Our electronic systems employ encryption (both in transit and at rest, where applicable) to protect sensitive data. For instance, communications between your device and our website are secured via HTTPS (SSL/TLS encryption), and sensitive fields in our databases may be encrypted at rest. We maintain firewalls and network security monitoring to guard against external threats or intrusions.

• Secure Hosting: We utilize reputable hosting providers and data centers with strong security credentials. Our cloud infrastructure meets stringent security standards and certifications (for example, ISO 27001 for information security management). These providers are subject to contractual privacy and security obligations. Regular backups are performed to prevent data loss, and those backups are stored securely.

• Training and Confidentiality: All Hormn employees and contractors who handle personal information are trained in privacy and information security practices. They are required to sign confidentiality agreements and to adhere to our internal privacy policies, which align with the APPs. We emphasize patient privacy in all aspects of our operations.

• Monitoring and Maintenance: We regularly review and update our security measures to respond to new threats or changes in technology. Security patches and updates are applied to our software and systems in a timely manner. We may also engage independent experts to conduct security assessments or audits of our systems. In the unfortunate event of a data breach involving your personal information, we have a response plan in place and will notify affected individuals and authorities as required by the Notifiable Data Breaches scheme under the Privacy Act.

Data Retention: We will retain your personal information for as long as it is needed for the purposes described in this policy, or as long as is required by law, whichever is longer. In the context of health records, Australian laws often mandate retention for a minimum period. For example, private health practitioners in some jurisdictions must keep medical records for at least 7 years from the last patient interaction (and longer in the case of records created when the patient was a minor). We adhere to all such health record retention requirements. This means that even if you cease using our services, we might be legally obligated to keep your health data on file for a certain time. We will not delete or destroy health information earlier than permitted by law, especially where it may be needed for any future treatment, medico-legal purposes, or compliance with record-keeping regulations.

When your personal information is no longer required and we are not legally obliged to retain it, we will take reasonable steps to destroy or permanently de-identify the information in a secure manner. For instance, paper records would be shredded or incinerated, and electronic records would be deleted from our active systems and securely wiped from storage media. (Do note, however, that residual copies might remain in backups for a short period until those backups cycle out, but such backups are also protected and eventually deleted.) We also maintain policies to periodically review the data we hold and ensure we are not keeping information longer than necessary.

Access and correction of personal information

We respect your rights to access the personal information we hold about you and to request corrections if needed. The following outlines how you can exercise these rights:

Access: You may request access to your personal information (including your health records) at any time by contacting us – for example, by emailing or writing to us (see Contact Details at the end of this policy). To protect your privacy, we will need to verify your identity before releasing any information (for instance, we may ask you to submit the request from your registered email or provide certain identifying details). In some cases, we might ask that you put your request in writing, specifying the information you wish to access, so that we can process it efficiently. We will respond to your access request within a reasonable timeframe, which is typically within 30 days. If the request is straightforward, we may provide the information sooner. We will either provide you (or your authorized representative) with access to the requested information, or in some cases, provide an explanation if there is a legal or administrative reason we cannot give you certain information. There are limited circumstances under Australian privacy law where we may refuse access, such as if giving access would pose a serious threat to life or health, have an unreasonable impact on someone else’s privacy, or if the request is frivolous or vexatious. If any such exception applies, we will inform you of the reasons (unless prohibited by law) and inform you of any available review mechanisms. Generally, we do not charge a fee for an access request, but if significant resources are required (e.g., for photocopying a large file or retrieving information from archive), we may charge a reasonable cost-recovery fee. We will let you know in advance if any fee might apply.

Correction: If you believe that any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, you have the right to request that we correct the information. You can contact us with details of what needs to be corrected. We may ask you to make the request in writing (for clarity and record-keeping). Our commitment is to take reasonable steps to correct any incorrect or incomplete information without undue delay. Where appropriate, we may verify the new information you provide (for example, asking for supporting documentation) to ensure accuracy. If for some reason we are unable to action a correction (for instance, if we disagree that the information is wrong, or if we are legally required to keep the original record unchanged), we will explain the reason to you and we can, upon request, add a note to the record indicating that you dispute its accuracy. We also routinely take steps to keep your information up-to-date. For example, at the start of a telehealth program or during follow-ups we might confirm your contact details or ask if there have been changes to your health status. Please help us keep your information current by notifying us of any changes (such as a new address, phone number, or any changes to your medical condition). We greatly appreciate your involvement in making sure the information we have is correct and complete.

Complaints and privacy concerns

We take all privacy concerns and complaints seriously and view them as an opportunity to improve our practices. If you have a question about our Privacy Policy, or if you believe that we have not handled your personal information in accordance with this policy or our legal obligations, please let us know. We encourage you to contact us first so that we have the chance to resolve your concerns.

Making a Complaint to Hormn: You can lodge a privacy complaint by contacting our Privacy Officer or support team (see contact details below). Please provide as much detail as possible about your concern, so that we can investigate it thoroughly. We may ask you to put your complaint in writing (if you have not already), especially if it is complex, so that we fully understand the issue and have a record of your complaint. Once we receive a complaint, we will acknowledge it and then conduct an internal investigation. Our team will review relevant documents, speak with the people involved (if needed), and assess whether any error or breach may have occurred. We will then provide you with a response. We aim to respond to privacy complaints within a reasonable time – generally this will be within 30 days of receiving the complaint. If we need more time (for example, if the matter is complex), we will let you know the reason for the delay and an expected timeframe. If the complaint is substantiated, we will take appropriate steps to address the issue. This could include changing our processes or training, and we will inform you of the outcome and any actions taken. If you are not satisfied with our response, you have further avenues to pursue.

External Resolution – Office of the Australian Information Commissioner (OAIC): Our goal is to resolve all privacy complaints directly. However, if you feel that your concerns have not been adequately addressed by us, or you prefer to have the matter handled externally, you have the right to escalate the issue to the OAIC. The Office of the Australian Information Commissioner is the independent government body that oversees privacy compliance. The OAIC can investigate complaints about interferences with privacy under the Privacy Act. Generally, the OAIC will expect that you have first given the organization (us) a chance to respond to your complaint before they will investigate. If you wish to contact the OAIC, you can do so as follows:


• Website: Visit the OAIC’s website at www.oaic.gov.au for information on how to submit a complaint online.

• Mail: You can write a letter to GPO Box 5218, Sydney NSW 2001, addressing it to the "Office of the Australian Information Commissioner."

• Telephone: You can call the OAIC's Enquiries Line at 1300 363 992 to discuss your complaint or get advice on the process.

The OAIC may investigate the matter and has the power to make determinations and direct us to take certain actions if they find a breach. Alternatively, you may have rights under state privacy or health records laws (e.g., in some states there are Health Complaints Commissioners who can also address health information issues). We can provide you with the relevant contact details for those bodies if needed. Rest assured, your privacy is important to us, and we will never penalize you for raising a concern. We appreciate the opportunity to improve and will maintain communication with you throughout the complaint resolution process.

Cookies and website analytics

When you visit Hormn’s website or use our online services, we may use cookies and similar tracking technologies to enhance your experience and gather data about how our site is used. Cookies are small text files that are placed on your computer or device when you visit a website. They serve a variety of functions, like remembering your preferences and helping us understand which parts of our website are popular. In addition to cookies, we might use technologies like web beacons or pixels in our emails or site – these work in conjunction with cookies to further analyze usage or ensure emails are delivered and opened. By using our site, you agree to our use of cookies as described in this policy.

Types of Cookies Used: The cookies we utilize fall into a few categories, outlined below:


• Essential Cookies: These cookies are necessary for the basic functioning of our website. They enable core features such as site navigation, secure login, and access to protected pages (for example, your user account dashboard or online consultation room). Without these cookies, certain services you request (like adding items to a cart or maintaining your logged-in session) cannot be provided. These cookies do not gather information about you for marketing or remembering where you’ve been on the internet; they are only used for fundamental service delivery.

• Performance & Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting information anonymously. They allow us to count visits and traffic sources so we can measure and improve the performance of our site. For example, analytics cookies may track which pages are most frequently visited, how long users spend on each page, and if any error messages were encountered. This data helps us identify areas of our website that are working well and areas that may need improvement. All information these cookies collect is aggregated and not used to personally identify individuals. We may use third-party analytics tools (such as Google Analytics) which set their own cookies to assist with this analysis – however, those third parties only receive usage data and not any personally identifiable information from us.

• Functionality Cookies: These cookies allow our website to remember choices you make and provide enhanced, more personalized features. For instance, they might recall your username for a future visit so you don’t have to re-enter it, remember your preferences (like language or region selection), or keep track of certain settings (such as text size). Functionality cookies can also enable optional features like live chat support or content personalization based on your past interactions. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites. While not strictly essential, these cookies improve your user experience by making the site more convenient and tailored to you.

• Advertising Cookies (if used): Advertising or targeting cookies are employed to deliver content that is more relevant to your interests. As of the latest update of this policy, Hormn’s own site is focused on our services and we do not host third-party ads; however, we may use cookies to track the effectiveness of our own marketing campaigns on third-party platforms. For example, we might use a Facebook Pixel or Google Ads cookie to know if someone who saw our advertisement later signed up on our site. These cookies record your visit to our site, note if you came via an advertisement, and may allow us to serve follow-up ads on other platforms (a practice known as remarketing). They may also limit the number of times you see a particular Hormn ad and help measure the performance of our ads. Any advertising cookies used will typically come from third-party networks and are subject to those third parties’ privacy policies. We will not collect through these cookies personally identifying information like your name or medical details; they mainly recognize your device and browser information. You can opt out of targeted advertising cookies as described below.

Third-Party Analytics and Tools: We may use third-party service providers for analytics (such as Google Analytics, as mentioned) and possibly for advertising/retargeting. These providers might set and access their own cookies on your device in the course of providing their services to us. For example, Google Analytics will drop cookies to collect usage data and compile reports for us about website activity. Similarly, if we use Facebook or Google Ads for marketing, those platforms may deploy cookies or similar tech when you interact with our site or our ads. We do not share personally identifiable information (like your name or contact info) with these analytics or advertising providers; however, they may collect information about your device or browsing session on our site and combine it with data from other sites if you also use their services elsewhere. We advise you to review the privacy policies of any third-party services we use (e.g., Google or Facebook) to understand how they handle data collected via cookies. If you prefer not to have your site activity collected by Google Analytics, Google provides an opt-out mechanism (such as a browser add-on). We respect any such preferences.


Your Choices – Managing Cookies: You have the ability to control or delete cookies on your device. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline some or all cookies, or to notify you when a cookie is being placed on your device. For instance, you can typically find options in your browser’s Settings or Preferences menu under a section like "Privacy" or "Cookies." There, you might choose to block third-party cookies (which often are advertising cookies), or clear all cookies when you close the browser. If you disable or delete certain cookies, please note that you might affect the functionality of our website – for example, you may not be able to log in or use some interactive features if cookies are completely blocked. Essential cookies are, by their nature, needed for the service to work, so blocking those might cause parts of the site to break. However, it is your right to control cookies, and we provide as much support as possible for you to exercise that choice.

We also provide a cookie consent notice when you first visit our site (where required by law or best practice), which may allow you to manage your preferences (for example, to opt out of non-essential cookies). If at any time you have questions about our use of cookies or how to manage them, you can contact us for assistance.

For further information on cookies and how to manage or disable them, you can visit sites like AboutCookies.org or consult your browser's help documentation. Keep in mind that removing cookies will not completely prevent device identification or related data collection techniques, but it will significantly limit the data that can be collected by those technologies.

Changes to this policy

We may update or amend this Privacy Policy from time to time to reflect changes in our practices, services, legal obligations or for other operational reasons. We reserve the right to change the terms of this Privacy Policy at any time. If we make an update, we will publish the revised policy on our website and update the "last updated" date at the bottom of the policy. The updated version will be effective from the time it is posted. We encourage you to check our website periodically to ensure you are aware of the current Privacy Policy. If the changes are significant, we may also take additional steps to notify you of the update (such as by email or by a notice on the homepage) – however, it remains your responsibility to review the Privacy Policy regularly. By continuing to use our services or site after a revised Privacy Policy has been posted, you are deemed to have accepted the changes. Rest assured, we will not reduce your rights under this Privacy Policy or the Privacy Act without your consent. Any future changes will not retroactively affect how we handled your data in the past unless you agree, but will apply to all information collected after the effective date of the new policy.

This Privacy Policy is effective as of the date listed below and supersedes any previous privacy policy. We will maintain an archive of former versions that can be provided upon request.

Contact details

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us. We are here to help and will respond as promptly as possible.


• Mail: Privacy Officer – Hormn, Unit 515 Level 2, 100 Cubitt St, Cremorne VIC 3121, Australia

• Email: support@hormn.com

• Website: www.hormn.com (you may also contact us through the contact forms or support channels on our website)