Privacy Policy

Last updated: January 22, 2025

Interpretation and Definitions

Interpretation

Words with initial capital letters have meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural.

Definitions

For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by, or is under common control with a party, where “control” means ownership of 50% or more of voting shares/equity/securities.
Business (for CCPA/CPRA) refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of processing, and that does business in California.
CCPA and/or CPRA refers to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).
Company (also “We,” “Us,” or “Our”) refers to Musa Functional Medicine PLLC, 5540 Centerview Dr Suite 200, Raleigh, NC 27606. For GDPR purposes, the Company is the Data Controller.
Consumer (for CCPA/CPRA) means a natural person who is a California resident (as defined by law).
Cookies are small files placed on Your computer, mobile device, or other device by a website, containing details of browsing history and other uses.
Country refers to: North Carolina, United States
Data Controller (GDPR) refers to the Company as the legal person determining purposes and means of processing Personal Data.
Device means any device that can access the Service (computer, cellphone, tablet).
Do Not Track (DNT) is a concept promoted by U.S. regulatory authorities for allowing internet users to control tracking across websites.
GDPR refers to the EU General Data Protection Regulation.
Personal Data is any information relating to an identified or identifiable individual.
- For GDPR: includes information like name, ID number, location data, online identifier, or identity factors.
- For CCPA/CPRA: includes information that identifies, relates to, describes, or could reasonably be linked to You, directly or indirectly.
Service refers to the Website.
Service Provider means any person/entity processing data on behalf of the Company, including vendors or individuals that support, deliver, or analyze the Service. For GDPR, Service Providers are Data Processors.
Usage Data refers to data collected automatically from use of the Service or Service infrastructure (example: duration of page visits).
Website refers to Musa Functional Medicine, accessible from https:// musafunctionalmedicine.com
You means the individual accessing/using the Service, or the company/legal entity on behalf of which the individual is accessing/using the Service. Under GDPR, You may be referred to as the Data Subject or User.

Interpretation and Definitions
Interpretation
Words with initial capital letters have meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural.
Definitions
For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by, or is under common control with a party, where “control” means ownership of 50% or more of voting shares/equity/securities.
Business (for CCPA/CPRA) refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of processing, and that does business in California.
CCPA and/or CPRA refers to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).
Company (also “We,” “Us,” or “Our”) refers to Musa Functional Medicine PLLC, 5540 Centerview Dr Suite 200, Raleigh, NC 27606. For GDPR purposes, the Company is the Data Controller.
Consumer (for CCPA/CPRA) means a natural person who is a California resident (as defined by law).
Cookies are small files placed on Your computer, mobile device, or other device by a website, containing details of browsing history and other uses.
Country refers to: North Carolina, United States
Data Controller (GDPR) refers to the Company as the legal person determining purposes and means of processing Personal Data.
Device means any device that can access the Service (computer, cellphone, tablet).
Do Not Track (DNT) is a concept promoted by U.S. regulatory authorities for allowing internet users to control tracking across websites.
GDPR refers to the EU General Data Protection Regulation.
Personal Data is any information relating to an identified or identifiable individual.
- For GDPR: includes information like name, ID number, location data, online identifier, or identity factors.
- For CCPA/CPRA: includes information that identifies, relates to, describes, or could reasonably be linked to You, directly or indirectly.
Service refers to the Website.
Service Provider means any person/entity processing data on behalf of the Company, including vendors or individuals that support, deliver, or analyze the Service. For GDPR, Service Providers are Data Processors.
Usage Data refers to data collected automatically from use of the Service or Service infrastructure (example: duration of page visits).
Website refers to Musa Functional Medicine, accessible from https:// musafunctionalmedicine.com
You means the individual accessing/using the Service, or the company/legal entity on behalf of which the individual is accessing/using the Service. Under GDPR, You may be referred to as the Data Subject or User.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide personally identifiable information, including but not limited to:

Email address
First name and last name
Phone number
Usage Data

Usage Data

Usage Data is collected automatically when using the Service and may include:

Your device IP address (e.g., IP address)
Browser type and version
Pages visited and time/date of visit
Time spent on pages
Unique device identifiers and other diagnostic data

If You access the Service by mobile device, We may also collect:

Type of mobile device
Mobile device unique ID
Mobile device IP address
Mobile operating system
Mobile internet browser type
Unique device identifiers and other diagnostic data

We may also collect information Your browser sends whenever You visit our Service or access it via mobile device.

Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide personally identifiable information, including but not limited to:

Email address
First name and last name
Phone number
Usage Data

Usage Data
Usage Data is collected automatically when using the Service and may include:

Your device IP address (e.g., IP address)
Browser type and version
Pages visited and time/date of visit
Time spent on pages
Unique device identifiers and other diagnostic data

If You access the Service by mobile device, We may also collect:

Type of mobile device
Mobile device unique ID
Mobile device IP address
Mobile operating system
Mobile internet browser type
Unique device identifiers and other diagnostic data

We may also collect information Your browser sends whenever You visit our Service or access it via mobile device.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track activity and store certain information. Technologies may include beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.

Technologies We Use May Include

Cookies (Browser Cookies)

A cookie is a small file placed on Your device. You can instruct Your browser to refuse Cookies or indicate when a Cookie is being sent. If You do not accept Cookies, some parts of the Service may not work. Unless You adjust browser settings to refuse Cookies, our Service may use Cookies.

Web Beacons

Certain sections of our Service and emails may contain small electronic files known as web beacons (clear gifs, pixel tags, single-pixel gifs) used to:

Count users who have visited pages or opened emails
Track related website statistics
Record popularity of sections and verify system and server integrity

Cookie Types

Persistent Cookies remain on Your device when You go offline.
Session Cookies are deleted when You close Your browser.

We use both Session and Persistent Cookies for:

Necessary / Essential Cookies

Type: Session Cookies
Administered by: Us
Purpose: Provide services/features, authenticate users, prevent fraud.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies
Administered by: Us
Purpose: Identify if users accepted cookie use.

Functionality Cookies

Type: Persistent Cookies
Administered by: Us
Purpose: Remember choices (login details, language preference) for a more personal experience.

For more information, visit our Cookies Policy or the Cookies section of this Privacy Policy.

Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track activity and store certain information. Technologies may include beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.
Technologies We Use May Include
Cookies (Browser Cookies)
A cookie is a small file placed on Your device. You can instruct Your browser to refuse Cookies or indicate when a Cookie is being sent. If You do not accept Cookies, some parts of the Service may not work. Unless You adjust browser settings to refuse Cookies, our Service may use Cookies.
Web Beacons
Certain sections of our Service and emails may contain small electronic files known as web beacons (clear gifs, pixel tags, single-pixel gifs) used to:

Count users who have visited pages or opened emails
Track related website statistics
Record popularity of sections and verify system and server integrity

Cookie Types

Persistent Cookies remain on Your device when You go offline.
Session Cookies are deleted when You close Your browser.

We use both Session and Persistent Cookies for:

Necessary / Essential Cookies

Type: Session Cookies
Administered by: Us
Purpose: Provide services/features, authenticate users, prevent fraud.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies
Administered by: Us
Purpose: Identify if users accepted cookie use.

Functionality Cookies

Type: Persistent Cookies
Administered by: Us
Purpose: Remember choices (login details, language preference) for a more personal experience.

For more information, visit our Cookies Policy or the Cookies section of this Privacy Policy.

Use of Your Personal Data

The Company may use Personal Data to:

Provide and maintain the Service (including usage monitoring)
Manage Your Account and registration
Perform a contract (purchases/services/contracts)
Contact You (email, calls, SMS, push notifications for updates, security notices, etc.)
Provide news, special offers, and info about similar goods/services/events (unless You opt out)
Manage Your requests to Us
Business transfers (merger, sale, financing, acquisition, bankruptcy, etc.)
Other purposes like analysis, usage trends, campaign effectiveness, and improving Service/products/marketing/experience

When We May Share Your Information

We may share Your personal information:

With Service Providers (analytics, payments, contacting You)
For business transfers
With Affiliates (who must honor this Privacy Policy)
With business partners (to offer products/services/promotions)
With other users (if You share info in public areas)
With Your consent for other purposes

Mobile / Text Messaging Restriction (Kept Exactly In Meaning)

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.
Sharing to subcontractors for support services (like customer service) is permitted.
All other use case categories exclude text messaging originator opt-in data and consent; that information will not be shared with any third parties.

Use of Your Personal Data
The Company may use Personal Data to:

Provide and maintain the Service (including usage monitoring)
Manage Your Account and registration
Perform a contract (purchases/services/contracts)
Contact You (email, calls, SMS, push notifications for updates, security notices, etc.)
Provide news, special offers, and info about similar goods/services/events (unless You opt out)
Manage Your requests to Us
Business transfers (merger, sale, financing, acquisition, bankruptcy, etc.)
Other purposes like analysis, usage trends, campaign effectiveness, and improving Service/products/marketing/experience

When We May Share Your Information
We may share Your personal information:

With Service Providers (analytics, payments, contacting You)
For business transfers
With Affiliates (who must honor this Privacy Policy)
With business partners (to offer products/services/promotions)
With other users (if You share info in public areas)
With Your consent for other purposes

Mobile / Text Messaging Restriction (Kept Exactly In Meaning)

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.
Sharing to subcontractors for support services (like customer service) is permitted.
All other use case categories exclude text messaging originator opt-in data and consent; that information will not be shared with any third parties.

Retention of Your Personal Data

We retain Personal Data only as long as necessary for the purposes in this Privacy Policy, including to:

Comply with legal obligations
Resolve disputes
Enforce agreements and policies

Usage Data is generally retained for a shorter period unless needed for security, functionality improvements, or legal obligations.

Retention of Your Personal Data
We retain Personal Data only as long as necessary for the purposes in this Privacy Policy, including to:

Comply with legal obligations
Resolve disputes
Enforce agreements and policies

Usage Data is generally retained for a shorter period unless needed for security, functionality improvements, or legal obligations.

Transfer of Your Personal Data

Your data may be processed at the Company’s operating offices and other locations where parties involved in processing are located. This may include transfer to computers outside Your jurisdiction where data protection laws may differ.

Your consent to this Privacy Policy and submission of information represents agreement to the transfer.

We will take reasonable steps to ensure Your data is treated securely and in accordance with this Privacy Policy, and transfers will not occur unless adequate controls are in place.

Transfer of Your Personal Data
Your data may be processed at the Company’s operating offices and other locations where parties involved in processing are located. This may include transfer to computers outside Your jurisdiction where data protection laws may differ.
Your consent to this Privacy Policy and submission of information represents agreement to the transfer.
We will take reasonable steps to ensure Your data is treated securely and in accordance with this Privacy Policy, and transfers will not occur unless adequate controls are in place.

Delete Your Personal Data

You have the right to delete or request that We assist in deleting Personal Data We have collected about You.

You may be able to delete certain info within the Service
You may update/amend/delete by signing into Your Account (if you have one) and using account settings
You may contact Us to request access, correction, or deletion

We may need to retain certain information if required by law or lawful basis.

Delete Your Personal Data
You have the right to delete or request that We assist in deleting Personal Data We have collected about You.

You may be able to delete certain info within the Service
You may update/amend/delete by signing into Your Account (if you have one) and using account settings
You may contact Us to request access, correction, or deletion

We may need to retain certain information if required by law or lawful basis.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition, or asset sale, Your Personal Data may be transferred. We will provide notice before the transfer and before it becomes subject to a different Privacy Policy.

Law Enforcement

We may be required to disclose Personal Data if required by law or valid public authority requests.

Other Legal Requirements

We may disclose Personal Data in good faith belief it is necessary to:

Comply with a legal obligation
Protect and defend Company rights or property
Prevent/investigate wrongdoing
Protect safety of users/public
Protect against legal liability

Disclosure of Your Personal Data
Business Transactions
If the Company is involved in a merger, acquisition, or asset sale, Your Personal Data may be transferred. We will provide notice before the transfer and before it becomes subject to a different Privacy Policy.
Law Enforcement
We may be required to disclose Personal Data if required by law or valid public authority requests.
Other Legal Requirements
We may disclose Personal Data in good faith belief it is necessary to:

Comply with a legal obligation
Protect and defend Company rights or property
Prevent/investigate wrongdoing
Protect safety of users/public
Protect against legal liability

Security of Your Personal Data

We care about security, but no method of transmission or storage is 100% secure. We use commercially acceptable means to protect Personal Data but cannot guarantee absolute security.

Security of Your Personal Data
We care about security, but no method of transmission or storage is 100% secure. We use commercially acceptable means to protect Personal Data but cannot guarantee absolute security.

Detailed Information on Processing

Service Providers may access Personal Data and may collect/store/use/process/transfer it under their own Privacy Policies.

Email Marketing

We may contact You with newsletters, marketing/promotional materials, and other information of interest. You may opt out by using the unsubscribe link in emails or by contacting Us.

We may use Email Marketing Service Providers, including:

Scalerize (privacy policy listed in your text)

Payments

We may offer paid products/services and may use third-party payment processors. We do not store payment card details; that info goes directly to processors whose privacy policies apply, including:

Stripe
Square

Detailed Information on Processing
Service Providers may access Personal Data and may collect/store/use/process/transfer it under their own Privacy Policies.
Email Marketing
We may contact You with newsletters, marketing/promotional materials, and other information of interest. You may opt out by using the unsubscribe link in emails or by contacting Us.
We may use Email Marketing Service Providers, including:

Scalerize (privacy policy listed in your text)

Payments
We may offer paid products/services and may use third-party payment processors. We do not store payment card details; that info goes directly to processors whose privacy policies apply, including:

Stripe
Square

GDPR Privacy

Legal Basis for Processing

We may process Personal Data under these conditions:

Consent
Performance of a contract
Legal obligations
Vital interests
Public interests
Legitimate interests

We can clarify what legal basis applies and whether providing Personal Data is required.

Your Rights Under GDPR

If You are in the EU, You have the right to:

Request access to Personal Data
Request correction
Object to processing (including direct marketing)
Request erasure
Request transfer (data portability)
Withdraw consent

Exercising GDPR Rights

Contact Us to exercise your rights. We may ask You to verify identity. You may also complain to a Data Protection Authority (EEA local authority).

GDPR Privacy
Legal Basis for Processing
We may process Personal Data under these conditions:

Consent
Performance of a contract
Legal obligations
Vital interests
Public interests
Legitimate interests

We can clarify what legal basis applies and whether providing Personal Data is required.
Your Rights Under GDPR
If You are in the EU, You have the right to:

Request access to Personal Data
Request correction
Object to processing (including direct marketing)
Request erasure
Request transfer (data portability)
Withdraw consent

Exercising GDPR Rights
Contact Us to exercise your rights. We may ask You to verify identity. You may also complain to a Data Protection Authority (EEA local authority).

Do Not Sell My Personal Information

If You are a California resident, You can opt out of the sale of personal information by contacting Us. Once we confirm a verifiable request, we will stop selling Your personal information.

Do Not Sell My Personal Information
If You are a California resident, You can opt out of the sale of personal information by contacting Us. Once we confirm a verifiable request, we will stop selling Your personal information.

Limit the Use or Disclosure of My Sensitive Personal Information

California residents may request limits on use/disclosure of sensitive personal information to what is necessary to provide expected services. We use/disclose sensitive personal information as necessary to provide the Service. Contact Us for more information.

Limit the Use or Disclosure of My Sensitive Personal Information
California residents may request limits on use/disclosure of sensitive personal information to what is necessary to provide expected services. We use/disclose sensitive personal information as necessary to provide the Service. Contact Us for more information.

“Do Not Track” Policy (CalOPPA)

Our Service does not respond to Do Not Track signals. You can enable/disable DNT in your browser settings.

“Do Not Track” Policy (CalOPPA)
Our Service does not respond to Do Not Track signals. You can enable/disable DNT in your browser settings.

California Shine the Light Law

California residents with an established business relationship may request (once per year) information about sharing Personal Data for third parties’ direct marketing purposes by contacting Us.

California Shine the Light Law
California residents with an established business relationship may request (once per year) information about sharing Personal Data for third parties’ direct marketing purposes by contacting Us.

California Privacy Rights for Minor Users

California residents under 18 who are registered users can request removal of content they publicly posted by contacting Us with the email associated with the account.

California Privacy Rights for Minor Users
California residents under 18 who are registered users can request removal of content they publicly posted by contacting Us with the email associated with the account.

Children’s Privacy

Our Service does not address anyone under 13. We do not knowingly collect data from children under 13. If we learn we collected such data without parental consent verification, we remove it. If consent is required by law, we may require parent consent before collection/use.

Children’s Privacy
Our Service does not address anyone under 13. We do not knowingly collect data from children under 13. If we learn we collected such data without parental consent verification, we remove it. If consent is required by law, we may require parent consent before collection/use.

Links to Other Websites

Our Service may link to third-party sites we do not operate. We are not responsible for their content or privacy practices. Review their privacy policies.

Links to Other Websites
Our Service may link to third-party sites we do not operate. We are not responsible for their content or privacy practices. Review their privacy policies.

Changes to this Privacy Policy

We may update this policy. We will notify You by posting the updated policy and may notify via email and/or prominent notice before changes take effect. The “Last updated” date will be updated.

Changes to this Privacy Policy
We may update this policy. We will notify You by posting the updated policy and may notify via email and/or prominent notice before changes take effect. The “Last updated” date will be updated.

Contact Us

If you have questions about this Privacy Policy, you can contact us:

By email: team@musafunctionalmedicine.com

Contact Us
If you have questions about this Privacy Policy, you can contact us:

By email: team@musafunctionalmedicine.com

Privacy Policy

Interpretation and Definitions

Interpretation

Definitions

Interpretation and Definitions Interpretation Words with initial capital letters have meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural. Definitions For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.

Affiliate means an entity that controls, is controlled by, or is under common control with a party, where “control” means ownership of 50% or more of voting shares/equity/securities.

Business (for CCPA/CPRA) refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of processing, and that does business in California.

CCPA and/or CPRA refers to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA).

Company (also “We,” “Us,” or “Our”) refers to Musa Functional Medicine PLLC, 5540 Centerview Dr Suite 200, Raleigh, NC 27606. For GDPR purposes, the Company is the Data Controller.

Consumer (for CCPA/CPRA) means a natural person who is a California resident (as defined by law).

Cookies are small files placed on Your computer, mobile device, or other device by a website, containing details of browsing history and other uses.

Country refers to: North Carolina, United States

Data Controller (GDPR) refers to the Company as the legal person determining purposes and means of processing Personal Data.

Device means any device that can access the Service (computer, cellphone, tablet).

Do Not Track (DNT) is a concept promoted by U.S. regulatory authorities for allowing internet users to control tracking across websites.

GDPR refers to the EU General Data Protection Regulation.

Personal Data is any information relating to an identified or identifiable individual.

For GDPR: includes information like name, ID number, location data, online identifier, or identity factors.

For CCPA/CPRA: includes information that identifies, relates to, describes, or could reasonably be linked to You, directly or indirectly.

Service refers to the Website.

Service Provider means any person/entity processing data on behalf of the Company, including vendors or individuals that support, deliver, or analyze the Service. For GDPR, Service Providers are Data Processors.

Usage Data refers to data collected automatically from use of the Service or Service infrastructure (example: duration of page visits).

Website refers to Musa Functional Medicine, accessible from https:// musafunctionalmedicine.com

You means the individual accessing/using the Service, or the company/legal entity on behalf of which the individual is accessing/using the Service. Under GDPR, You may be referred to as the Data Subject or User.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

Usage Data

Collecting and Using Your Personal Data Types of Data Collected Personal Data While using Our Service, We may ask You to provide personally identifiable information, including but not limited to:

Email address

First name and last name

Phone number

Usage Data

Usage Data Usage Data is collected automatically when using the Service and may include:

Your device IP address (e.g., IP address)

Browser type and version

Pages visited and time/date of visit

Time spent on pages

Unique device identifiers and other diagnostic data

If You access the Service by mobile device, We may also collect:

Type of mobile device

Mobile device unique ID

Mobile device IP address

Mobile operating system

Mobile internet browser type

Unique device identifiers and other diagnostic data

We may also collect information Your browser sends whenever You visit our Service or access it via mobile device.

Tracking Technologies and Cookies

Technologies We Use May Include

Cookies (Browser Cookies)

Web Beacons

Cookie Types

Count users who have visited pages or opened emails

Track related website statistics

Record popularity of sections and verify system and server integrity

Cookie Types

Persistent Cookies remain on Your device when You go offline.

Session Cookies are deleted when You close Your browser.

We use both Session and Persistent Cookies for:

Necessary / Essential Cookies

Type: Session Cookies

Administered by: Us

Purpose: Provide services/features, authenticate users, prevent fraud.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: Identify if users accepted cookie use.

Functionality Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: Remember choices (login details, language preference) for a more personal experience.

For more information, visit our Cookies Policy or the Cookies section of this Privacy Policy.

Use of Your Personal Data

When We May Share Your Information

Mobile / Text Messaging Restriction (Kept Exactly In Meaning)

Use of Your Personal Data The Company may use Personal Data to:

Provide and maintain the Service (including usage monitoring)

Manage Your Account and registration

Perform a contract (purchases/services/contracts)

Interpretation and Definitions
Interpretation
Words with initial capital letters have meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural.
Definitions
For the purposes of this Privacy Policy:

Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide personally identifiable information, including but not limited to:

Usage Data
Usage Data is collected automatically when using the Service and may include:

Use of Your Personal Data
The Company may use Personal Data to:

When We May Share Your Information
We may share Your personal information:

Retention of Your Personal Data
We retain Personal Data only as long as necessary for the purposes in this Privacy Policy, including to:

Delete Your Personal Data
You have the right to delete or request that We assist in deleting Personal Data We have collected about You.

Security of Your Personal Data
We care about security, but no method of transmission or storage is 100% secure. We use commercially acceptable means to protect Personal Data but cannot guarantee absolute security.

Payments
We may offer paid products/services and may use third-party payment processors. We do not store payment card details; that info goes directly to processors whose privacy policies apply, including:

GDPR Privacy
Legal Basis for Processing
We may process Personal Data under these conditions:

We can clarify what legal basis applies and whether providing Personal Data is required.
Your Rights Under GDPR
If You are in the EU, You have the right to:

Exercising GDPR Rights
Contact Us to exercise your rights. We may ask You to verify identity. You may also complain to a Data Protection Authority (EEA local authority).