Privacy Policy
Effective Date: February 15, 2026 — Version 1.0
1. Introduction
Clinic Harmony ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
2. Information We Collect
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email, phone number | Account creation and verification |
| Organization Data | Company name, clinic details | Multi-tenant domain setup |
| Usage Data | Features used, timestamps, IP | Analytics and improvement |
| Communication Data | Call records, chat messages | Service functionality |
| Device Information | Browser type, OS, device type | Compatibility and security |
3. How We Use Your Information
- Provide, operate, and maintain the Service.
- Verify your identity and authenticate your account.
- Send transactional communications (verification codes, password resets).
- Improve and personalize the Service.
- Comply with legal obligations.
- Detect and prevent fraud or security incidents.
4. Data Isolation
Clinic Harmony employs a multi-tenant architecture where each organization's data is logically isolated using unique domain identifiers. Users within one organization cannot access data belonging to another organization.
5. Data Sharing
We do not sell your personal information. We may share data with:
- Service Providers: Third-party vendors who assist in operating the Service (e.g., cloud hosting, SMS delivery, email services).
- Legal Requirements: When required by law, court order, or governmental request.
- Business Transfers: In connection with a merger, acquisition, or sale of assets.
6. Data Security
We implement industry-standard security measures including:
- Encryption of data in transit (TLS/SSL) and at rest.
- Access controls and authentication mechanisms.
- Regular security audits and vulnerability assessments.
- Secure password hashing using industry-standard algorithms.
7. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. Upon account termination, data is retained for 30 days for recovery purposes and then permanently deleted, unless legal retention is required.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access your personal data.
- Correct inaccurate data.
- Request deletion of your data.
- Export your data in a portable format.
- Object to or restrict processing of your data.
To exercise these rights, contact us at privacy@clinicharmony.ca.
9. Cookies and Tracking
We use essential cookies for session management and authentication. We do not use advertising trackers. Analytics cookies may be used for Service improvement, with your consent where required by law.
10. International Data Transfers
Your data may be stored and processed in Canada and the United States. We ensure appropriate safeguards are in place for any cross-border data transfers.
11. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes constitutes acceptance.
For privacy-related questions: privacy@clinicharmony.ca
For general support: support@clinicharmony.ca