1. Introduction

MediVerteX ("we," "our," or "us") is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Services").

We design our app to minimize the collection and storage of sensitive data on our servers. All patient data, sessions, and notes remain on your device, with an option for practitioners to backup and restore their data locally or via third-party services like iCloud or Google Drive.

2. Compliance with HIPAA

We comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by ensuring that we implement appropriate safeguards for authentication information stored on our servers and provide secure mechanisms for practitioners to manage their own data.

3. Information We Collect

We only collect the following information from practitioners:

We do not collect or store patient information, session data, or audio files on our servers.

4. How We Use Your Information

We use the authentication information to:

• Verify and authenticate your account.
• Provide access to the app's functionality.
• Allow practitioners to securely backup and restore their data using third-party services (e.g., iCloud or Google Drive).

We do not process or store any other personal or patient data.

5. Data Storage and Security

• Practitioner authentication information is encrypted and securely stored on our servers.
• Patient data, session files, and notes are stored locally on your device. Practitioners can optionally back up this data to their chosen third-party services (e.g., iCloud, Google Drive).
• Backup and restore operations are encrypted during transit using secure transmission methods such as TLS/SSL.

6. Sharing and Disclosure of Information

We do not share or disclose any collected information except:

We do not access, store, or process patient data, session files, or notes, as these remain under the practitioner's control.

7. Data Retention

We retain practitioner authentication information as long as the account is active or as required by law. Upon account deletion, authentication information is permanently removed from our servers.

All other data remains solely on the practitioner's device or their chosen backup/restore service.

8. Practitioner Responsibilities

To ensure the security of your account and data:

• Use strong, unique passwords.
• Securely manage your local device storage.
• Use the backup and restore feature responsibly, ensuring it aligns with your organization's data policies.

9. Third-Party Backup Services

Practitioners may choose to back up their data using third-party services such as iCloud or Google Drive. These services are governed by their own privacy policies. We recommend reviewing their policies before using these services.

10. International Data Transfers

If you are accessing our Services from outside the United States, your authentication information will be transferred to and processed in the United States. By using our Services, you consent to this transfer.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We encourage you to review this policy periodically.