Privacy Policy

1. Introduction and Legal Framework

StoicGuard ("Company," "we," "us," or "our") operates this website and related services (collectively, the "Services"). This Privacy Policy describes our practices regarding the collection, use, and disclosure of personal information in accordance with applicable laws and regulations.

Legal Basis: We collect and process personal information based on legitimate business interests, contractual necessity, and when required, consent. Our privacy practices are designed to comply with:

• California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
• State privacy laws in Colorado, Connecticut, Utah, and Virginia
• Federal Trade Commission regulations on privacy and data security
• Health Insurance Portability and Accountability Act (HIPAA) privacy principles where applicable

2. Information Collection and Processing

2.1 Personal Information Collected

We collect the following categories of personal information:

• Identifiers: Name, email address, phone number, practice name, NPI number
• Professional Information: Dental practice details, specialty, practice size, location
• Commercial Information: Payment information, subscription details, service usage
• Internet Activity: IP address, browser type, device information, usage analytics
• Geolocation Data: Approximate location based on IP address for service delivery

2.2 Sources of Information

Information is collected from:

• Direct input from users through our website and services
• Automated collection through cookies and similar technologies
• Third-party verification services for professional credentials
• Publicly available professional directories and databases

2.3 Sensitive Personal Information

We do not collect or process sensitive personal information as defined by applicable privacy laws, including protected health information (PHI), biometric data, or precise geolocation data.

3. Use of Personal Information

We use personal information for the following business and commercial purposes:

• Service Delivery: Providing compliance scanning, risk assessment, and reporting services
• Account Management: Creating and maintaining user accounts and subscriptions
• Communication: Responding to inquiries, sending service updates, and transactional emails
• Analytics and Improvement: Analyzing usage patterns to improve our services
• Legal Compliance: Complying with legal obligations and regulatory requirements
• Fraud Prevention: Detecting and preventing fraudulent activities

We do not sell personal information as defined by the CCPA or similar state laws.

4. Information Sharing and Disclosure

We may share personal information in the following circumstances:

• Service Providers: With third-party vendors who provide services on our behalf (hosting, payment processing, analytics)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with mergers, acquisitions, or sales of business assets
• Safety and Security: To protect our rights, property, or safety, or that of our users

All service providers are contractually obligated to protect personal information and are only permitted to use it for specified purposes.

5. Data Security and Retention

5.1 Security Measures

We implement reasonable and appropriate security measures including:

• Encryption of data in transit and at rest
• Access controls and authentication systems
• Regular security assessments and monitoring
• Employee training on privacy and security practices

5.2 Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected, or as required by applicable law. Uploaded documents are processed temporarily and deleted immediately after analysis completion.

6. Consumer Rights (CCPA and Similar Laws)

Residents of California and other states with comprehensive privacy laws have the following rights:

• Right to Know: Request disclosure of categories and specific pieces of personal information collected
• Right to Delete: Request deletion of personal information held by us
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Direct us not to sell or share personal information for targeted advertising
• Right to Portability: Request transfer of personal information to another service provider

To exercise these rights, contact us at stoicguard.leads@gmail.com. We will respond within the timeframes required by applicable law.

7. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly.

8. International Data Transfers

Personal information may be transferred to and processed in countries other than the United States. When such transfers occur, we ensure appropriate safeguards are in place to protect personal information in accordance with applicable laws.

9. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or business operations. Material changes will be communicated through:

• Email notification to registered users
• Notice on our website
• Other appropriate communication channels

Continued use of our Services after such changes constitutes acceptance of the updated Privacy Policy.

10. Contact Information

For questions about this Privacy Policy, to exercise your rights, or to report privacy concerns, please contact: