ClinicaMind

1. Introduction

ClinicaMind Co. ("ClinicaMind", "Company", "Us", or "We") respects your privacy and is committed to protecting it through our compliance with this policy. ClinicaMind is an AI-powered healthcare platform designed to assist specialty medical practices with clinical documentation, patient communication, and operational workflows. This Privacy Policy details the types of information we may collect or that you may provide when you access, use, or register with ClinicaMind's website or online platform ("Services") and our practices for using, maintaining, protecting, and disclosing that information.

We understand that as a user, you are concerned with your privacy and the privacy of your patients, and We take that seriously. This Privacy Policy describes ClinicaMind's policies and practices regarding its collection and use of personal data, and sets forth your privacy rights. Please read this carefully to understand our policies and practices regarding your information and how we will treat it. By using or registering with our Services, you agree to this Privacy Policy. We recognize that information privacy is an ongoing responsibility, and so We will from time to time update this Privacy Policy. Your continued use of our Services after we make changes is deemed to be acceptance of those changes.

2. Data Protection Manager

ClinicaMind is headquartered in Connecticut in the United States. ClinicaMind has appointed an internal data protection manager for you to contact if you have any questions or concerns about ClinicaMind's personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to:

3. How We Collect and Process Your Personal Information

ClinicaMind collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:

• Name
• Date of birth
• Insurance information
• Insurance card image (front and back)
• Patient chart information (visit notes, lab tests, orders, results, medications, and all data under the patient's chart in the provider's EHR)
• Home address
• Payment method
• Job title and employer name
• Work address, work email, and work phone number

We use this information to provide prospects and customers with services. The amount we collect has been minimized wherever possible to respect your privacy. We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of Our services.

4. Use of the ClinicaMind Website

Like most websites, ClinicaMind's website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system, and other usage information about your use of ClinicaMind's website, including a history of the pages you view. We use this information to help improve Our site to better suit Our users' needs.

5. Sharing Information with Third Parties

The personal information ClinicaMind collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. A list of our third-party sub-processors includes:

• Stripe (payment processing)
• Google (cloud infrastructure and analytics)
• Twilio (communications and appointment reminders)
• OpenAI / Anthropic (AI model providers)
• EHR integration partners (TalkEHR, Practice Fusion, and others as applicable)

We do not otherwise reveal your personal data to non-ClinicaMind persons or businesses for their independent use unless:

• You request or authorize it;
• The information is provided to comply with the law (for example, to comply with a search warrant, subpoena, or court order), to enforce an agreement We have with you, or to protect Our rights, property or safety, or the rights, property or safety of Our employees or others;
• The information is provided to Our agents, vendors or service providers who perform functions on Our behalf;
• To address emergencies or acts of God; or
• To address disputes, claims, or to persons demonstrating legal authority to act on your behalf.

6. Transferring Personal Data to the United States

ClinicaMind has its headquarters in the United States. Information We collect about you will be processed in the United States. By using ClinicaMind's services, you acknowledge that your personal information will be processed in the United States. ClinicaMind is providing for appropriate safeguards by entering binding, standard data protection clauses enforceable by data subjects in the EEA and the UK, in accordance with applicable law.

7. Data Subject Rights

If you or a user are a resident of the European Economic Area (EEA), you have the following data protection rights:

• You may access, correct, update, or request deletion of your personal information.
• You can object to the processing of your personal information, ask us to restrict processing, or request portability of your personal information.
• You have the right to opt-out of marketing communications we send you at any time by clicking the "unsubscribe" link in the marketing emails we send you.
• If we collected and processed your personal information with your consent, you can withdraw your consent at any time.
• You have the right to complain to a data protection authority about our collection and use of your personal information.

To confirm that ClinicaMind is processing your personal data, or to have access to the personal data ClinicaMind may have about you, please contact us at privacy@clinicamind.com.

8. Your Data Protection Rights Under the CCPA

The California Consumer Privacy Act ("CCPA") provides consumers with specific rights regarding their Personal Information. If you are a California resident, you have the right to:

• Request we disclose the categories of Personal Information collected about you, the sources, the purpose, the categories of third parties to whom it was disclosed, and the specific pieces of Personal Information collected — covering the 12 months preceding your request;
• Request we delete Personal Information we collected from you, unless the CCPA recognizes an exception;
• Opt-out of any sale of Personal Information.

If you are a California resident and wish to exercise your rights under the CCPA, please contact us at privacy@clinicamind.com.

9. Updating and Accessing Your Personal Information

If your Personal Information changes, we invite you to correct or update your information. We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or delete your Personal Information, please contact us at privacy@clinicamind.com.

10. Security of Your Personal Information

The security of your Personal Information is important to us. When you enter sensitive information (such as a credit card number) on our Services, we encrypt that information using secure socket layer technology (SSL). ClinicaMind takes reasonable security measures to protect your Personal Information against loss, misuse, unauthorized access, disclosure, alteration, and destruction. Please be aware, however, that despite our efforts, no security measures are impenetrable.

11. Legal Basis for Processing Personal Information

Our legal basis for collecting and using personal information will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only (i) where we need it to perform a contract with you; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so.

12. Data Storage & Retention

Your personal data is stored by ClinicaMind on its servers, and on the servers of the cloud-based database management services ClinicaMind engages, located in the United States. Data subject to the Health Insurance Portability and Accountability Act ("HIPAA") will be retained for a minimum of six (6) years from the date of its creation, or the date when it last was in effect, whichever is later. All personal data that ClinicaMind controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information, contact: privacy@clinicamind.com.

13. Children's Data

ClinicaMind and the ClinicaMind Services are not directed to children under the age of 13 and do not intentionally collect any information from children under the age of 13. Please contact us if your child has provided Personal Information to us and we will delete the information.

14. Appointment and Service Reminders

To provide a high level of service, ClinicaMind may contact you via email, text, or phone call to remind you about scheduled appointments, demos, or other related engagements. By providing your contact information, you consent to receiving these reminders. You may opt out at any time by contacting us at the address below.

15. Changes to This Policy

ClinicaMind may change this Policy from time to time. If we make changes, we will update the "Last Updated" date and may notify you by email. We encourage you to review this policy whenever you visit the Services.

16. Contact Information

If you have questions, concerns, or complaints, or would like to exercise your rights, please contact us at: