PRIVACY POLICY

‍

1. overview
   Bookealo respects privacy and is designed to support healthcare professionals with privacy conscious systems. This policy explains how information is collected, used, stored, and protected.
2. information collected
   Information may include account details, business information, usage data, communications metadata, and when applicable, protected health information processed on behalf of covered entities.
3. role under HIPAA
   When applicable, Bookealo acts as a business associate and processes protected health information only as instructed by the covered entity. A separate business associate agreement may apply.
4. use of information
   Information is used to provide services, improve performance, support customers, ensure security, comply with legal obligations, and communicate service related updates.
5. data storage and security
   Bookealo uses industry standard administrative, technical, and physical safeguards to protect data. No system is completely secure, and absolute security is not guaranteed.
6. data sharing
   Information is not sold. Data may be shared with vetted subprocessors solely to deliver services, such as hosting, messaging, or payment processing, under confidentiality obligations.
7. retention
   Data is retained only as long as necessary to provide services, comply with legal obligations, or as instructed by the healthcare client.
8. user rights
   You may request access, correction, or deletion of your data, subject to legal and contractual obligations.
9. cookies and tracking
   The platform may use cookies and tracking technologies for functionality, analytics, and performance optimization.
10. changes
    This policy may be updated periodically. Continued use constitutes acceptance of updates.

Healthcare guided and focused use policy

1. purpose
   Bookealo is built to guide patients through educational, booking, and administrative journeys before clinical care, improving preparedness, trust, and attendance while reducing administrative burden.
2. non clinical boundary
   All guided journeys, educational content, and automations are non clinical by default unless explicitly created and approved by the healthcare provider. Bookealo does not validate medical accuracy.
3. patient education responsibility
   Healthcare providers are responsible for reviewing, approving, and maintaining all patient facing content to ensure it is accurate, ethical, compliant, and appropriate for their specialty.
4. informed consent
   Providers are responsible for obtaining informed consent where required and ensuring that digital communications do not replace required clinical evaluations.
5. ethical marketing
   Providers must use the platform in a truthful, non deceptive manner and avoid exaggerated claims, guarantees of outcomes, or improper inducements.
6. automation safeguards
   Automations should be monitored regularly. Providers remain responsible for missed messages, scheduling errors, or patient misunderstandings resulting from automation misuse.
7. emergency disclaimer
   The platform is not designed for emergency communications. Providers must clearly instruct patients not to use digital systems for urgent or emergency medical needs.
8. continuous improvement
   Bookealo may update workflows and systems to reflect best practices in healthcare operations, privacy, and patient experience without altering clinical responsibility.

‍