This Privacy Policy describes how Medix Digital ("we," "us," or "our") handles information in connection with your use of our AI Lead Management and Practice Automation Platform (the "Service").

1. Our Role: Processor vs. Controller

Client (You): The medical practice that uses our Service. You are the Data Controller, as you determine the purposes and means of processing the Lead/Patient Data (defined below).

Medix Digital (Us): We are the Data Processor acting solely on your instructions. We process Lead/Patient Data only to provide the Service (e.g., qualifying leads, automated scheduling).

2. Information We Collect

We collect data from three primary sources:

A. Client/User Data (B2B)

This is information about the individual or entity that subscribes to and uses the Service.

Contact Information: Name, email address, phone number, and business address.

Account Information: Login credentials, subscription details, and billing information.

Usage Information: Data on how you access and use the platform, including feature usage, performance metrics, and IP addresses.

B. Lead/Patient Data (End-User)

This is the data your practice collects or inputs into the Service. We collect this data on your behalf.

Communication Records: AI chat transcripts, SMS/text message logs, call transcripts, and voicemail recordings.

Qualification Data: Patient names, phone numbers, email addresses, appointment requests, procedures of interest (e.g., "Botox," "Veneers," "Rhinoplasty"), and preliminary health screening answers.

PHI & HIPAA: If this data contains Protected Health Information (PHI), its processing is governed by the separate Business Associate Agreement (BAA) you execute with us.

C. Third-Party Data

Information received from third-party integrations (e.g., electronic health records systems, payment processors) at your instruction.

3. How We Use the Information

We use the information we collect for the following purposes:

To Provide the Service: To operate, maintain, and deliver the AI-driven qualification, communication, and scheduling features.

To Improve the Service: To monitor, analyze, and optimize platform performance, troubleshoot errors, and develop new automation features. We use aggregated, anonymized data for research and development.

Communication: To send you transactional messages (invoices, service updates, security alerts) and, with your consent, promotional and marketing communications about our services.

Security and Compliance: To detect and prevent fraud, enforce our Terms of Service and Acceptable Use Policy, and comply with legal obligations.

4. How We Share Information

We do not sell Client/User Data or Lead/Patient Data. We only share information as necessary to provide the Service or comply with the law.

Third-Party Vendors: We share data with third-party service providers (e.g., cloud hosting, server infrastructure, payment processors) who process data on our behalf under strict confidentiality agreements.

Integrations: Data is shared with third-party applications (e.g., your EHR or calendar system) when you authorize the integration.

Legal Compliance: We may disclose information if required by a subpoena, court order, or governmental request.

5. Data Security

We implement commercially reasonable security measures designed to protect both Client/User Data and Lead/Patient Data. These measures include encryption, access controls, internal audits, and disaster recovery planning. You remain responsible for maintaining the security of your account credentials and complying with all applicable privacy regulations (e.g., HIPAA).

6. Your Rights and Choices (Client/User)

Opt-Out: You can opt out of promotional emails by following the unsubscribe link in those communications. You cannot opt out of essential transactional emails.

Access and Update: You can access, review, and update your B2B account information directly through the Service settings.

Data Portability: You can export your Lead/Patient Data at any time while your subscription is active.

7. Changes to this Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Effective Date" at the top of the policy.

8. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Medix Digital

Email: [email protected]

Address: 1979, Morgantown Rd 1018, Bowling Green, KY 42101, Bowling Green, KY, United States, Kentucky