Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last Updated: November 22, 2025

Table of Contents

Information We Collect

We collect information you provide directly to us, such as when you:

  • Fill out our contact forms or request information
  • Subscribe to our newsletter or updates
  • Participate in our free HIPAA assessment
  • Engage with our services or support
  • Communicate with us via email, phone, or other means

Types of Information

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, job title, organization name
  • Business Information: Company size, industry, compliance needs, service interests
  • Technical Information: IP address, browser type, device information, website usage data
  • Communication Records: Records of our interactions and correspondence

How We Use Information

We use the information we collect to:

  • Provide and improve our HIPAA compliance services
  • Respond to your inquiries and provide customer support
  • Send you relevant information about our services and industry updates
  • Conduct assessments and provide compliance recommendations
  • Process transactions and manage our business relationship
  • Comply with legal obligations and protect our rights
  • Analyze website usage and improve our online presence

Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our business
  • Legal Requirements: When required by law or to protect our rights and interests
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Consent: When you have given us explicit consent to share your information

Third-Party Services

We may use third-party services for:

  • Email marketing and communication
  • Website analytics and performance monitoring
  • Customer relationship management
  • Payment processing (if applicable)

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Employee training on data protection practices
  • Incident response procedures

Note: While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Improve website functionality and performance
  • Provide personalized content and recommendations

Types of Cookies

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Help us understand how visitors use our site
  • Marketing Cookies: Used to deliver relevant advertisements

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect website functionality.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your information to another service
  • Objection: Object to certain processing of your information
  • Restriction: Request restriction of processing

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

GDPR Compliance

If you are located in the European Union (EU), European Economic Area (EEA), or United Kingdom (UK), the General Data Protection Regulation (GDPR) provides you with additional rights and protections regarding your personal data.

Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you have given clear consent for us to process your data for specific purposes
  • Contract: When processing is necessary for the performance of a contract with you
  • Legitimate Interest: When we have a legitimate business interest in processing your data
  • Legal Obligation: When processing is required to comply with legal obligations

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Specifically:

  • Contact Information: Retained for 3 years after last contact
  • Assessment Data: Retained for 7 years for compliance purposes
  • Marketing Data: Retained until you opt out or for 2 years of inactivity
  • Legal Records: Retained as required by applicable law

Data Transfers

Your personal data may be transferred to and processed in countries outside the EU/EEA. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other appropriate safeguards as required by GDPR

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection practices. You can contact our DPO at:

Email: dpo@hipaaauditors.com
Subject Line: "GDPR Data Protection Inquiry"

CCPA Compliance (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information.

Your CCPA Rights

  • Right to Know: Request information about the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of your personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information We Collect

  • Identifiers (name, email, phone number)
  • Commercial information (service interests, transaction history)
  • Internet activity (website usage, cookies)
  • Professional information (job title, organization)

To exercise your CCPA rights, please contact us using the information provided in the "Contact Us" section below.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@hipaaauditors.com
Phone: +1 (512) 555-0100
Address:
HIPAA Auditors
2383 Healthcare Ave
Austin, Texas 78701

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification (if applicable)
  • Updating the "Last Updated" date at the top of this policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.