Privacy Policy

1. INTRODUCTION

Fortify Practice ("we," "our," or "us") operates the dental practice management platform available at [website] (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and maintaining HIPAA compliance for protected health information (PHI) handled through our platform.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

Account Information: Name, email address, phone number, practice information, billing details

Profile Data: Job title, role, practice specialties, preferences

Communication Data: Messages, calls, chat interactions, support requests

Content: Files, documents, training materials, patient communications you upload

2.2 Patient Information (PHI)

When used by covered entities under HIPAA:

Patient contact information

Appointment scheduling data

Treatment plans and notes

Communication logs and recordings

Insurance information

Medical history relevant to dental care

2.3 Automatically Collected Information

Usage Data: Features used, time spent, interaction patterns

Device Information: IP address, browser type, device identifiers

Log Data: Access times, error logs, security events

Analytics: Performance metrics, conversion tracking, user behavior

2.4 Third-Party Information

Calendar integration data

Payment processing information

Social media profile data (if connected)

Review platform data

3. HOW WE USE YOUR INFORMATION

3.1 Service Provision

Operate and maintain the Fortify Practice platform

Process transactions and manage billing

Provide customer support and technical assistance

Enable communication features (AI caller, chat, SMS)

3.2 Service Improvement

Analyze usage patterns to enhance functionality

Develop new features and services

Conduct research and analytics

Optimize AI and automation systems

3.3 Communications

Send service-related notifications

Provide platform updates and announcements

Deliver marketing communications (with consent)

Respond to inquiries and support requests

3.4 Legal and Security

Comply with legal obligations

Protect against fraud and security threats

Enforce our Terms of Service

Resolve disputes and investigate issues

4. INFORMATION SHARING AND DISCLOSURE

4.1 We Do Not Sell Personal Information

We do not sell, rent, or trade your personal information to third parties.

4.2 Service Providers

We may share information with trusted third-party service providers who assist us in:

Cloud hosting and data storage

Payment processing

Analytics and performance monitoring

Customer support tools

AI and machine learning services

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.4 Legal Requirements

We may disclose information when required by law, court order, or government request, or to protect our rights and safety.

4.5 With Your Consent

We may share information for other purposes with your explicit consent.

5. HIPAA COMPLIANCE

5.1 Business Associate Agreement

For healthcare providers subject to HIPAA, we serve as a Business Associate and will execute a Business Associate Agreement (BAA).

5.2 PHI Protection

We implement appropriate safeguards to protect PHI including:

Encryption in transit and at rest

Access controls and authentication

Audit logging and monitoring

Staff training on HIPAA requirements

5.3 Patient Rights

We support covered entities in fulfilling patient rights under HIPAA, including access, amendment, and accounting of disclosures.

6. DATA SECURITY

6.1 Security Measures

End-to-end encryption for sensitive data

Multi-factor authentication

Regular security audits and penetration testing

SOC 2 Type II compliance

Secure data centers with 24/7 monitoring

6.2 Incident Response

We maintain an incident response plan to address potential security breaches and will notify affected parties as required by law.

7. DATA RETENTION

Account Data: Retained for the duration of your account plus 7 years for legal compliance

PHI: Retained according to healthcare record retention requirements

Usage Data: Retained for 3 years unless longer retention is required

Support Communications: Retained for 2 years

8. YOUR RIGHTS AND CHOICES

8.1 Access and Control

Access your personal information

Update or correct your data

Delete your account and associated data

Export your data in common formats

8.2 Communication Preferences

Opt-out of marketing communications

Control notification settings

Manage consent preferences

8.3 Do Not Track

We currently do not respond to Do Not Track signals.

9. INTERNATIONAL DATA TRANSFERS

If you are located outside the United States, your information may be transferred to and processed in the United States where our servers are located.

10. CHILDREN'S PRIVACY

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

11. UPDATES TO THIS POLICY

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification.

12. CONTACT INFORMATION

For privacy-related questions or requests:

Email: [email protected]

Address: 3500 Oak Lawn Ave Ste 232, Dallas, Texas, 75240

Phone: +1 469-949-5815