Privacy First

Privacy Policy
Transparency in Data Protection

Your privacy and your patients' privacy are fundamental rights. This policy explains how we collect, use, protect, and respect your data with complete transparency and HIPAA compliance.

Last Updated: January 15, 2025
HIPAA Compliant
GDPR Ready

What Data We Collect

We only collect data necessary to provide our AI receptionist services and improve patient care

Practice Information

Retention: Duration of service + 7 years

Practice name, address, phone numbers, and staff contact details for account setup and service delivery.

Patient Communication Data

Retention: 7 years (HIPAA requirement)

Call recordings, SMS messages, and appointment booking information processed by our AI systems.

Appointment & Scheduling Data

Retention: 3 years after last contact

Appointment dates, times, patient preferences, and scheduling patterns for optimization.

System Usage Analytics

Retention: 2 years (anonymized)

Aggregated, anonymized usage statistics to improve our AI systems and service quality.

How We Use Your Data

Service Delivery

Provide AI receptionist services, appointment booking, and patient communication automation.

AI Training & Improvement

Improve our AI models using anonymized, aggregated data to enhance service quality.

Compliance & Legal

Meet HIPAA, legal, and regulatory requirements for healthcare data processing.

Security & Fraud Prevention

Detect and prevent unauthorized access, fraud, and security incidents.

We Never:

Sell patient or practice data to third parties
Use data for advertising or marketing purposes
Share identifiable patient information
Process data outside secure, compliant systems

Your Privacy Rights

You have full control over your data with comprehensive rights under HIPAA and GDPR

Right to Access

Request a copy of all personal data we hold about your practice and patients.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of personal data when legally permissible.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing of personal data for direct marketing purposes.

Right to Restrict Processing

Request limitation of processing under certain circumstances.

Data Sharing & Third Parties

Limited, secure sharing only with trusted partners under strict data protection agreements

Cloud Infrastructure

AWS (Amazon Web Services) for secure, HIPAA-compliant hosting and data storage.

SOC 2 Certified

Communication Services

Twilio for phone and SMS services, under Business Associate Agreement.

BAA Signed

Security Monitoring

Security partners for threat detection and incident response capabilities.

HIPAA Compliant

Privacy Requests & Questions

Exercise your privacy rights or get answers to your data protection questions

Privacy Officer
privacy@appointpanda.com
Privacy Hotline
+1 (833) 887-2632 ext. 101

Common Requests:

  • Data access and portability requests
  • Data correction and deletion requests
  • Privacy impact assessments
  • Business Associate Agreements

Privacy-First AI for Your Practice

Experience the most privacy-conscious AI receptionist platform. Start your free trial with complete data protection and HIPAA compliance from day one.

Start Private TrialView HIPAA Compliance