PRIVACY POLICY

1. Introduction

Chattycare ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our HIPAA-compliant AI chat widget service.

We understand the sensitive nature of healthcare information and have implemented robust safeguards to protect all data processed through our platform.

2. Information We Collect

Information You Provide

• Account registration information (name, email, practice details)
• Payment and billing information
• Chat widget configuration and customization preferences
• Support communications

Information Collected Through the Widget

• Patient inquiries and chat conversations
• Appointment scheduling information
• Contact information provided by patients
• Device and browser information for functionality purposes

3. How We Use Your Information

• To provide and maintain our AI chat widget service
• To process appointments and patient inquiries on behalf of healthcare practices
• To improve and optimize our services
• To communicate with you about your account and services
• To comply with legal obligations and HIPAA requirements
• To detect and prevent fraud or abuse

4. Data Protection & Security

We implement industry-standard security measures to protect your data:

• End-to-end encryption for all data transmission (TLS 1.3)
• AES-256 encryption for data at rest
• Regular security audits and penetration testing
• Access controls and authentication requirements
• Comprehensive audit logging
• Secure cloud infrastructure with SOC 2 compliance

5. Data Sharing & Disclosure

We do not sell your personal information. We may share information only in the following circumstances:

• With healthcare practices you interact with through our widget
• With service providers who assist in operating our platform (under strict confidentiality agreements)
• When required by law or to comply with legal process
• To protect our rights, privacy, safety, or property

6. Data Retention

We retain data only as long as necessary to provide our services and comply with legal obligations. Healthcare practices may configure retention periods in accordance with their own policies and applicable regulations. Upon termination of service, data can be exported or deleted upon request.

7. Your Rights

You have the right to:

• Access your personal information
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Opt out of marketing communications

8. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: