Privacy Policy

1. Introduction

StayConnected Health Technologies ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our clinical mental health practice management platform.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email, professional credentials
• Practice Information: Practice name, address, specialty
• Patient Information: Names, contact details, health records
• Communications: Messages and notes within the platform

2.2 Information Collected Automatically

• Usage Data: Features used, time spent, actions taken
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and preferences

3. How We Use Your Information

We use collected information to:

• Provide and maintain the Platform
• Process and manage your account
• Enable you to manage patient care
• Generate AI-assisted clinical insights
• Send service-related communications
• Improve our services and develop new features
• Comply with legal obligations

4. Protected Health Information (PHI)

We handle PHI in accordance with the Health Insurance Portability and Accountability Act (HIPAA). As a Business Associate:

• We only use PHI as permitted by our Business Associate Agreement
• We implement appropriate security safeguards
• We do not sell PHI under any circumstances
• We require subcontractors to comply with HIPAA

5. Data Security

We protect your data using:

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Multi-factor authentication
• Regular security audits and penetration testing
• Access controls and audit logging
• SOC 2 Type II compliant infrastructure

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. For PHI, we follow retention requirements specified in our Business Associate Agreement and applicable law.

7. Your Rights

Depending on your location, you may have rights to:

• Access your personal data
• Correct inaccurate data
• Delete your data (subject to legal retention requirements)
• Export your data in a portable format
• Object to certain processing activities
• Withdraw consent where applicable

8. International Data Transfers

[Details about international data transfers and applicable safeguards will be added based on final infrastructure decisions.]

9. Third-Party Services

We use the following categories of service providers:

• Cloud Infrastructure: Google Cloud Platform
• Authentication: Firebase Authentication
• Payment Processing: Stripe
• AI Services: Google Gemini (de-identified data only)

10. Children's Privacy

Our Platform is intended for licensed healthcare professionals. We do not knowingly collect personal information from individuals under 18 years of age for account registration purposes.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

12. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at: