SovaSage Privacy Policy

We collect the categories of personal information listed below for the purposes described. We do not sell personal information and we do not share it for cross‑context behavioral advertising. If this changes, we will update this page and provide a “Your Privacy Choices” link.

• Identifiers (name, email, phone, IP address) — used to create/manage accounts, provide support, secure our services.
• Commercial information (service history, transactions) — used for billing, account management, and audits.
• Internet/Network activity (device, browser, cookies, usage analytics) — used to improve performance, troubleshoot, and secure our sites.
• Geolocation (approximate) — used for regional settings and security.
• Professional/Employment info (for providers/partners) — used to provision enterprise features.
• Inferences (basic service preferences) — used to personalize your experience.
• Sensitive personal information (if provided, e.g., health‑related data) — processed under HIPAA rules where applicable and only for permitted purposes.

Sources: directly from you, from your organization (if applicable), and automatically from your device when you use our sites/services.

Retention: we keep personal information only as long as needed to provide services, meet legal/contractual obligations, resolve disputes, and maintain security. Then we delete or de‑identify it.

Disclosures: we disclose personal information to trusted service providers (hosting, analytics, support, payment) under contracts that restrict use, and to comply with law or protect safety. We may transfer data in a merger/acquisition.

Depending on where you live, you may have rights to:

• Know/Access the data we have about you.
• Delete your personal information.
• Correct inaccurate personal information.
• Opt out of the sale or sharing of personal information (we don’t sell/share).
• Limit use of sensitive personal information.
• Data portability (receive a copy in a portable format).
• Non‑discrimination for exercising your rights.

How to submit a request:

• Email: privacy@sovasage.com
• Phone: [Insert Phone Number]
• Web form: [Insert URL if applicable]

Verification & agents: We may ask for information to verify your identity. Authorized agents may submit requests with proof of authority and (in some cases) the consumer’s verified permission.

Appeals (for states that require it): If we deny your request, you may appeal by emailing privacy@sovasage.com with “Appeal” in the subject. We’ll respond with our final decision and your options to contact your state Attorney General.

We use cookies and similar technologies to operate our sites, remember settings, and understand usage. You can control cookies in your browser settings.

• Essential cookies — required for core functionality.
• Analytics — help us improve performance and features.
• Advertising — not used for cross‑site targeted advertising by default.

Do Not Track: browsers offer a DNT signal; our site does not currently respond to DNT. If we support Global Privacy Control (GPC) signals in the future, we will note it here.

We use administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is 100% secure.

We retain information for the time needed to provide services and for legitimate business purposes (e.g., accounting, legal, security), then delete or de‑identify it.

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us to request deletion.

Where SovaSage acts as a business associate to covered entities, we handle Protected Health Information (PHI) in accordance with HIPAA privacy and security rules and applicable business associate agreements (BAAs). We use PHI only to deliver contracted services, and apply additional safeguards to sensitive data.

California (CalOPPA, CCPA/CPRA, Shine the Light): This policy serves as our privacy notice to California residents. We provide the rights listed above, post this privacy policy conspicuously, disclose our tracking practices, and respond to verified requests.

Other U.S. states (e.g., CO, CT, VA, UT, OR, TX): Where required, we also offer rights to access, delete, correct, and appeal, and we honor opt‑out rights for targeted advertising and profiling when applicable.

Shine the Light: California residents may request a list of third parties to whom we disclosed personal information for direct marketing in the prior year by emailing privacy@sovasage.com. We do not disclose personal information for third‑party direct marketing without your consent.

Contact to exercise rights: privacy@sovasage.com or [Insert Phone Number].

We may update this Privacy Policy from time to time. We will post the updated version with a new “Last Updated” date. Material changes will be highlighted for at least 30 days.

SovaSage Privacy Office
Email: privacy@sovasage.com
Phone: [Insert Phone Number]
Address: [Insert Mailing Address]

This page is intended to provide clear information about our practices. It is not legal advice. Please consult your counsel for specific guidance.

• Use our services lawfully and responsibly. Don’t copy, reverse‑engineer, or disrupt our systems.
• Our content, trademarks, and technology are protected. Please respect our intellectual property.
• Keep your account credentials confidential and notify us of suspected unauthorized use.
• Services are provided “AS IS” without warranties. Liability is limited to the maximum extent permitted by law.
• No medical advice: the Services support—but do not replace—professional clinical judgment.
• These terms are governed by California law unless a different agreement applies to your organization.

Full Terms & Conditions available on request or at: [Insert URL to full Terms].

Legal contact: legal@sovasage.com