Privacy Policy

1. INFORMATION WE COLLECT

1.1 Information You Provide

1.2 Information Automatically Collected

• Usage Data: IP address, device info, browser type, pages visited
• License Validation: License key, hardware ID, software version
• Performance Data: System metrics, error logs, feature usage

2. HOW WE USE YOUR INFORMATION

3. HOW WE SHARE YOUR INFORMATION

3.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

• Cloud hosting and infrastructure (AWS, Google Cloud)
• Payment processing (Stripe, PayPal)
• Email delivery (SendGrid, Mailgun)
• Analytics and monitoring

These providers are contractually obligated to protect your data and use it only for specified purposes.

3.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes (subpoenas, court orders)
• Respond to government requests
• Protect our rights and property
• Prevent fraud or illegal activity

4. PATIENT DATA PROTECTION

4.1 Your Responsibilities as Data Controller

4.2 Our Role as Data Processor

We act as a data processor for patient data. We:

• Process patient data only on your instructions
• Implement appropriate security measures
• Assist with data subject requests
• Notify you of data breaches
• Do not use patient data for our own purposes

4.3 HIPAA Compliance

For U.S. customers, we comply with HIPAA requirements:

• We execute Business Associate Agreements (BAAs)
• We implement required safeguards
• We report breaches as required
• We cooperate with compliance audits

4.4 GDPR Compliance

For EU customers, we comply with GDPR requirements:

• We process data lawfully and transparently
• We honor data subject rights
• We implement data protection by design
• We conduct Data Protection Impact Assessments

5. DATA SECURITY

5.1 Data Breach Response

In the event of a data breach, we will:

• Investigate and contain the breach
• Notify you within 72 hours
• Provide details about the breach
• Assist with breach response
• Implement corrective measures

6. DATA RETENTION

6.1 Retention Periods

We retain data for as long as:

• Your account is active
• Needed to provide the Service
• Required by law or regulation
• Necessary for legitimate business purposes

6.2 Data Deletion

Upon account termination:

• We will retain your data for 30 days
• You may export your data during this period
• After 30 days, data may be permanently deleted
• Some data may be retained as required by law

7. YOUR RIGHTS AND CHOICES

8. COOKIES AND TRACKING

8.1 Cookies We Use

• Essential Cookies: Session management, authentication, security
• Performance Cookies: Analytics, error monitoring, optimization
• Functional Cookies: User preferences, language settings

8.2 Cookie Management

You can control cookies through browser settings or system preferences. Note: Disabling essential cookies may affect System functionality.

9. INTERNATIONAL DATA TRANSFERS

Your data may be stored and processed in different locations. If data is transferred internationally, we ensure:

• Adequate protection through Standard Contractual Clauses
• Compliance with applicable data protection laws
• Appropriate safeguards are in place

10. CHILDREN'S PRIVACY

The System is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it immediately.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Email to your registered address
• Notice within the System
• Posting on our website

Changes become effective 30 days after notification for material changes, or immediately for minor updates.

12. CONTACT US