Privacy Policy

1. Introduction
CompassAI (“Company,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://compassai.health) and use our products and services. We comply with all applicable healthcare privacy laws, including HIPAA and other relevant industry regulations.

2. Information We Collect
We may collect the following types of information:

  • Personal Information: Name, email address, phone number, billing details, and other identifying information.
  • Health Information: If applicable, medical history, treatment records, and other data related to our healthcare solutions.
  • Technical Information: IP address, browser type, device details, and usage data.
  • Cookies and Tracking Data: We use cookies and similar technologies to enhance user experience.
  • Usage Data: Information on how you interact with our website and services, such as pages visited, time spent, and navigation patterns.
  • Device Information: Type of device used, operating system, and unique device identifiers.

3. How We Use Your Information
We strictly use collected information for:

  • Providing, operating, and maintaining our services.
  • Basic analytics to improve user experience and optimize service performance.
  • Communicating with you regarding services, updates, and support.
  • Complying with legal and regulatory obligations.
  • Preventing fraud and enhancing security.
  • Ensuring compliance with HIPAA and other healthcare regulations where applicable.

We do not sell, rent, or share your personal information for advertising, marketing, or other commercial purposes. We also do not track users across third-party apps and websites for targeted advertising.

4. Data Sharing and Disclosure
We do not sell or share your personal data. However, we may share limited information with:

  • Service Providers: Third parties who assist in service delivery, strictly under confidentiality agreements.
  • Legal and Regulatory Bodies: If required by law or to protect our rights.
  • Business Transfers: In case of mergers, acquisitions, or similar events.
  • Healthcare Providers and Payers: If required for the provision of care under HIPAA compliance.

5. Data Security
We implement industry-standard security measures to protect your data, including:

  • Encryption of sensitive data.
  • Regular security audits and penetration testing.
  • Secure access control measures.
  • Employee training on data protection practices.
  • Compliance with HIPAA security and privacy requirements.

However, no transmission over the internet is completely secure, and we cannot guarantee absolute security.

6. HIPAA Compliance
As a healthcare technology provider, we take compliance with the Health Insurance Portability and Accountability Act (HIPAA) seriously. We implement safeguards to protect health information, ensuring:

  • Access Controls: Only authorized personnel can access protected health information (PHI).
  • Encryption: PHI is encrypted both in transit and at rest.
  • Audit Logs: Access to PHI is monitored and logged for security purposes.
  • Business Associate Agreements (BAAs): If we partner with third-party vendors, they must comply with HIPAA regulations.

7. Your Rights and Choices
Depending on your location, you may have rights such as:

  • Accessing, updating, or deleting your personal data.
  • Opting out of marketing communications (if applicable).
  • Restricting or objecting to data processing.
  • Exercising data portability rights.
  • Requesting information about data collection and usage.
  • HIPAA Rights: If you are a patient using our services, you have additional rights under HIPAA, including requesting restrictions on how your PHI is used and disclosed.

To exercise these rights, contact us at info@compassai.health or call 877-500-5959.

8. Data Retention
We retain your data only for as long as necessary to:

  • Provide the requested services.
  • Comply with legal obligations.
  • Resolve disputes and enforce agreements.
  • Maintain HIPAA-compliant retention policies for medical records where required.

When data is no longer required, we securely delete or anonymize it.

9. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices. We recommend reviewing the privacy policies of external websites before providing personal data.

10. Children’s Privacy
Our services are not intended for children under 13. We do not knowingly collect data from minors. If we learn that we have collected data from a minor without parental consent, we will take appropriate action to remove such data.

11. International Data Transfers
If you are accessing our services from outside the United States, your information may be transferred to, stored, and processed in the U.S. By using our services, you consent to such transfers.

12. Compliance with Apple’s App Store Policies
If you use our mobile application, we adhere to Apple’s App Store privacy guidelines, including:

  • Limited Data Collection: We only collect essential data for app functionality and analytics.
  • Transparency: We clearly disclose how data is used in our App Privacy section on the App Store.
  • User Control: Users can opt out of analytics tracking through device settings.
  • No Third-Party Tracking: We do not track users across third-party apps or websites.
  • Data Minimization: We only store data necessary for core functionality.

13. Updates to This Policy
We may update this Privacy Policy periodically. We will notify users of significant changes where required by law. Updates will be reflected by the “Effective Date” at the top of this document.

14. Contact Us
If you have any questions about this Privacy Policy, contact us at:

CompassAI
Email: info@compassai.health
Phone: 877-500-5959
Website: https://compassai.health