Algoricum, Inc. (“Algoricum,” “we,” “our”) values your privacy. This policy explains how we collect, use, and protect your information when you use our platform, applications, or services (the “Services”).
If you are a healthcare provider using Algoricum, our handling of Protected Health Information (“PHI”) is also governed by our Business Associate Agreement (BAA).
We collect only the data necessary to provide and improve our Services.
Customer & Account Data: Clinic name, address, contact information, user credentials (name, email, role), and billing information.
Patient & Lead Data: Information you input or import into the Services, including PHI as defined by HIPAA.
Website & Device Data: IP addresses, browser type, operating system, cookies, and related technologies for analytics and functionality.
SMS Data: Phone numbers provided to Algoricum for appointment confirmations, reminders, scheduling updates, and post-visit check-ins.
We use your data to operate, secure, and improve the Services. We do not sell personal data.
Provide, maintain, and improve the Services.
Communicate updates, support, and new features.
Process payments and manage subscriptions.
SMS Communications: If you provide your phone number, you consent to receive SMS messages related to appointments, reminders, updates, and feedback requests. Message frequency varies. Standard message and data rates may apply. You may opt out at any time by replying STOP, or text HELP for assistance. Phone numbers are used only for these purposes and are not shared with third parties for marketing.
For PHI: Deliver Services in compliance with HIPAA as your Business Associate.
Create and use de-identified data for analytics, benchmarking, and product development (per HIPAA de-identification standards).
We share information only with trusted partners or when legally required.
Subprocessors: Service providers such as hosting and communication vendors (current list at algoricum.com/subprocessors).
Legal: As required by law, regulation, or legal process.
Business Transfers: In connection with mergers, acquisitions, or sales.
We do not sell personal data or use it for cross-context behavioral advertising.
We implement industry-standard safeguards to protect your data.
Encryption of PHI in transit and at rest.
Role-based access controls.
Ongoing security monitoring and audit logging.
We retain data only as long as needed to provide Services or comply with law.
PHI is retained for the duration of our agreement with you.
Upon termination, you may request return or secure deletion of PHI within 60 days unless legal retention applies.
Depending on your jurisdiction, you may have rights to access, correct, or delete your data.
GDPR/UK GDPR: Access, rectification, erasure, or restriction of processing.
CCPA: Know, delete, or correct personal data.
To exercise these rights, email [email protected].
When processing PHI, we do so only under HIPAA as your Business Associate.
We comply with the HIPAA Privacy and Security Rules.
A signed Business Associate Agreement (BAA) is provided to each Covered Entity before Services begin.
We use cookies to support functionality and improve Services.
Maintain login sessions.
Provide analytics on feature usage.
Improve site performance.
We do not use cookies for advertising or cross-site tracking.
If a security breach affects your data, we will notify you without unreasonable delay, and no later than 10 business days for PHI – significantly faster than the 60 days HIPAA allows.
Our Services are not directed at children under 13.
We may update this policy from time to time. Significant changes will be communicated via email or in-app notifications.