Privacy Policy

Introduction

Augmented Advisors LLC ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website augmentedadvisors.com (the "Site") or use our services.

As a healthcare technology consulting firm, we understand the importance of data privacy and security, particularly in compliance with HIPAA, GDPR, and CCPA regulations.

Information We Collect

Personal Information You Provide

We collect information that you voluntarily provide to us, including:

• Name, email address, phone number, and company name (via contact forms)
• Healthcare practice details (clinic type, locations, EHR/EMR system)
• Assessment responses and operational maturity data
• Communication preferences and inquiry details

Automatically Collected Information

When you visit our Site, we may automatically collect:

• Device information (browser type, operating system)
• Usage data (pages viewed, time spent, navigation patterns)
• IP address and geographic location
• Referral source and exit pages

Important Notice: No PHI Collection

We do NOT collect, store, or process Protected Health Information (PHI) or any patient-identifiable health data through this website. Our assessments focus solely on operational and technology maturity of healthcare practices, not patient information.

How We Use Your Information

We use the information we collect to:

• Respond to your inquiries and provide requested services
• Generate personalized assessment results and recommendations
• Send follow-up communications about our services
• Improve our website functionality and user experience
• Analyze website performance and visitor behavior
• Comply with legal obligations and enforce our terms

How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

• Service Providers: Third-party vendors who assist with email delivery (Resend), analytics (Plausible Analytics, Google Tag Manager, Azure Application Insights), and hosting (Azure Static Web Apps)
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Legal Requirements: When required by law, subpoena, or to protect our rights
• With Your Consent: Any other disclosure made with your explicit permission

Data Security

We implement industry-standard security measures to protect your personal information:

• SSL/TLS encryption for all data transmission
• Secure cloud hosting with Azure Static Web Apps (Microsoft Azure SOC 2 Type II compliant)
• Regular security audits and vulnerability assessments
• Access controls and authentication for internal systems
• Data encryption at rest and in transit

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

HIPAA Compliance and Healthcare Data

Important Notice for Healthcare Clients:

Augmented Advisors is NOT a HIPAA-covered entity. Our website and contact forms do NOT collect or process Protected Health Information (PHI).

Before Formal Engagement

• Do NOT submit PHI through website contact forms
• Do NOT include patient names, medical record numbers, or treatment details
• General practice information (clinic size, EHR system, operational challenges) is acceptable

During Consulting Engagements

• We execute Business Associate Agreements (BAAs) before accessing any PHI
• All PHI access follows HIPAA Security Rule requirements
• Formal engagements include comprehensive HIPAA compliance protocols

Our website analytics and communication tools (listed above) are selected for privacy compliance, but they are NOT HIPAA-compliant services. BAA-covered communication channels are established separately for client engagements.

Your Privacy Rights

GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Opt-out of certain data processing activities
• Right to Withdraw Consent: Revoke previously given consent

CCPA Rights (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of data collection and sharing practices
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of your personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: Exercise your rights without discriminatory treatment

To exercise any of these rights, please contact us at [email protected]

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience:

We use minimal tracking technologies:

• Plausible Analytics: Privacy-focused analytics that does NOT use cookies or collect personal data (Privacy Policy: plausible.io/privacy)
• Google Tag Manager: Conversion tracking and website optimization (Privacy Policy: policies.google.com/privacy)
• Azure Application Insights: Performance monitoring (no personal identification)

We do NOT use cookies for behavioral advertising or third-party tracking beyond these services.

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect site functionality.

Third-Party Services and Data Processors

We use the following specific third-party services to operate our website and business:

Website Hosting and Infrastructure

Analytics Services

Communication Services

How Contact Form Data Is Handled

When you submit our contact form, we process your information as follows:

• Transmission: Form data is transmitted securely via HTTPS to our Azure-hosted API
• Email Delivery: Your inquiry is immediately delivered to our business email via Resend (transactional email service)
• Storage: We do NOT store contact form submissions in a database or cloud storage
• Retention: Form data exists only in email format, retained according to our business records retention policy (7 years)
• No PHI Collection: Our contact forms do NOT collect Protected Health Information (PHI). Do not include patient names, medical records, or treatment details in your inquiry.

These services have their own privacy policies and may collect data independently. We recommend reviewing their policies for more information.

Data Retention

We retain your personal information only as long as necessary to:

• Provide services and respond to inquiries
• Comply with legal and regulatory requirements
• Resolve disputes and enforce agreements
• Maintain business records for tax and accounting purposes

After the retention period, we securely delete or anonymize your data.

Children's Privacy

Our website is not intended for children under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected]

International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. By using our Site, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page with a new "Last Updated" date. Your continued use of our Site after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: