Privacy Policy

Introduction

ClearCode Health Inc. ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services, including Triagify™.

Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us, including:

• Name and contact information (email address, phone number)
• Company name and professional information
• Resume and employment-related documents
• Communications you send to us

Protected Health Information (PHI)

For healthcare providers using Triagify™, we process PHI in accordance with PHIA/PIPEDA/HIPAA regulations. PHI is handled under separate Business Associate Agreements and is subject to strict security and privacy controls.

Automatically Collected Information

When you visit our website, we may automatically collect certain information:

• Browser type and version
• Operating system
• IP address
• Pages visited and time spent
• Referring website

How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our services
• Respond to your inquiries and requests
• Process employment applications
• Send administrative communications
• Improve our website and services
• Comply with legal obligations
• Detect and prevent fraud or security issues

PHIA/PIPEDA/HIPAA Compliance

As a healthcare technology provider, we are committed to PHIA/PIPEDA/HIPAA compliance:

• All PHI is encrypted in transit and at rest
• Access to PHI is logged and auditable
• We execute Business Associate Agreements (BAAs) with covered entities
• Our systems undergo regular security assessments
• Staff receive PHIA/PIPEDA/HIPAA training and sign confidentiality agreements

Data Security

We implement appropriate technical and organizational security measures to protect your information:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Multi-factor authentication for system access
• Regular security audits and penetration testing
• Role-based access controls
• Automated backup and disaster recovery procedures
• Intrusion detection and prevention systems

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. PHI retention follows PHIA/PIPEDA/HIPAA guidelines and applicable provincial, state, and federal regulations.

Information Sharing

We do not sell your personal information. We may share information with:

• Service Providers: Third-party vendors who perform services on our behalf (cloud hosting, email delivery)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers handling PHI sign Business Associate Agreements.

Your Rights

Depending on your location and applicable law, you may have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to legal obligations)
• Restriction: Request restriction of processing
• Portability: Request transfer of your data
• Objection: Object to certain processing activities

For healthcare data, PHIA/PIPEDA/HIPAA provide specific rights including the right to access, amend, and receive an accounting of disclosures.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: