Effective Date of Policy: May 6, 2016



We collect certain information through the HIPAAgps website, located at www.hipaagps.com (our “Website”), including through the products, services, licensing and subscription ordering features provided on the Website. In some cases, the reason for collecting this information is to fulfill the requirements of the Uniform Electronic Transactions Act (UETA) of 1999, or the Electronic Signatures in Global and National Commerce Act (E-SIGN) of 2000.

This Privacy Policy lays out our policies and procedures surrounding the collection and handling of any such information that identifies an individual user or that could be used to contact or locate him or her (“Personally Identifiable Information” or “PII”).

We do not collect and indeed prohibit the submission of protected health information (“PHI”) anywhere on our Website.

This Privacy Policy applies only to our Website and to the products and services provided through our Website. It does not apply to any provisioned third party hosting or cloud service providers, or any third party site, app or service linked to our Website or recommended or referred by our Website, through our products or services, or by our staff. And it does not apply to any other website, product, or service operated by our company, our partner affiliates, or to any of our offline activities.

      1. PII We Collect

We collect the following Personally Identifiable Information from users who buy our products or services: name, e-mail address, telephone number, address.

We also use “cookies” to collect certain information from all users, including Web visitors who don’t buy anything through our Website. A cookie is a string of data our system sends to your computer and then uses to identify your computer when you return to our Website. Cookies give us usage data, like how often you visit, where you go at the site, and what you do.

      1. We Use Third Parties

We use a third party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any financial information such as credit card numbers. Payment processing information is provided directly to our third party processor, iPayHere which is owned and operated by Switch Commerce, LLC, whose use of your personal information is governed by their privacy policy, which may be viewed on their website at http://www.ipayhere.com/privacy-policy.html.

We use a third party hosting provider, WP Engine, which hosts this site built in the WordPress content management system (CMS.) We also utilize a web developer and SaaS performance manager, WickedThink Marketing, which manages our website and application. Data processing and data transmission flows across devices and network architecture maintained by WP Engine. Data routing across the WP Engine cloud service is the responsibility of WP Engine and is governed by their privacy policy, which may be viewed on their website at https://wpengine.com.

      1. Our Use of PII

We use your Personally Identifiable Information to create your account, to communicate with you about products and services you’ve purchased, to offer you additional products and services, and to bill you. We also use that information to the extent necessary to enforce our Website terms of service and to prevent imminent harm to persons or property.

Aggregate Data: We may utilize general information we gather from your Private Data, Public Data, Traffic Data, cookies, and the transactions we facilitate (the “Statistical Data”) for purposes of (i) allowing HIPAAgps and affiliates to conduct statistical analyses relating to use of our services, (ii) identifying broad demographic trends, (iii) improving our Website and services, (iv) sharing the Statistical Data (but not PII) to third parties for research purposes, (v) marketing or promoting the Website or our services, or (vi) any other lawful purpose. HIPAAgps does not utilize any Statistical Data to identify any parties, and you may not duplicate or disseminate the Statistical Data that you may receive from HIPAAgps. For instance, we may publish the total value of all transactions facilitated by us, including any transactions involving you, so long as such publication does not uniquely identify you.

Cookies: We use cookies so that our Website can remember you and provide you with the information you’re most likely to need. For instance, when you return to our Website, cookies identify you and prompt the site to provide your username (not your password), so you can sign in more quickly. Finally, we use information gained through cookies to compile statistical information about use of our Website, such as the time users spend at the site and the pages they visit most often. Those statistics do not include PII.

Log Files: As is true of most Websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. This data helps us improve our service to customers. We do not link this automatically collected data to personally identifiable information.

      1. Protection of PII

We employ the following data security tools to protect Personally Identifiable Information: Secure Sockets Layer (SSL) transmission with globally verified certificates issued by an authorized authority. Credit card information is not stored on our servers. Unfortunately, even with these measures, we cannot guarantee the security of PII. By using our Website, you acknowledge and agree that we make no such guarantee, and that you use our Website at your own risk.

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

      1. Contractor and Other Third Party Access to PII

We give certain independent contractors and business affiliates access to Personally Identifiable Information. Those contractors and affiliates assist us with business operations associated with delivery of HIPAAgps services and services of our affiliated partners. All contractors and affiliates are required to sign contracts in which they promise to protect PII using procedures reasonably similar to ours. (Users are not third party beneficiaries of those contracts.) We also may disclose PII to attorneys, collection agencies, or law enforcement authorities to address potential AUP violations, other contract violations, or illegal behavior. And we disclose any information demanded in a court order or otherwise required by law or to prevent imminent harm to persons or property. Finally, we may share PII in connection with a corporate transaction, like a merger or sale of our company, or a sale of all or substantially all of our assets or of the product or service line you received from us, or a bankruptcy.

As noted above, we compile Website usage statistics from data collected through cookies. We may publish those statistics or share them with third parties, but they don’t include PII.

Anti-Spam Policy: HIPAAgps is opposed to unsolicited commercial e-mail (“spam”). As part of our aggregated data analysis and efforts, or as part of our affiliated partner business relationships, HIPAAgps customers may receive e-mail related to HIPAA services. HIPAAgps does not provide interfaces or tools in support of unsolicited bulk email campaigns. If you believe that you have received unsolicited e-mail from us or an affiliate, please contact info@hipaagps.com

Except as set forth in this Privacy Policy, we do not share PII with third parties.

      1. Accessing and Correcting Your PII

You can access and change any Personally Identifiable Information we store through your “My Account” page.

      1. Amendment of This Privacy Policy

We may change this Privacy Policy at any time by posting a new version on this page or on a successor page. The new version will become effective on the date it’s posted, which will be listed at the top of the page as the new Effective Date.

      1. California Do Not Track

We abide by the disclosures and practices of WP Engine concerning its compliance with Do Not Track (DNT) settings. For additional information please direct your questions to info@hipaagps.com.


If you have any questions about our Privacy Policy, you may email your questions to info@hipaagps.com.