Privacy Policy

SentSafe, LLC
480 Renaissance Drive
Hoover, AL 35226
Email: rob@sentsafe.io

We collect and store the following types of information:
‍
- Account Information: Name, email address, mailing address.
‍
- User-Generated Content: Documents, messages, and other files uploaded to the platform, which may contain Protected Health Information (PHI).
‍
- Billing Information: May include payment-related documents containing sensitive data.
‍
- Authentication Information: Account credentials and session-related cookies (used only for login and security purposes).

SentSafe acts as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA) and signs a Business Associate Agreement (BAA) with all subscribing organizations. We maintain administrative, technical, and physical safeguards to ensure the confidentiality, integrity, and security of PHI.

We also sign BAAs with all third-party providers involved in processing or storing PHI on our behalf.

We use collected information solely for the following purposes:

- To provide and improve the Services.
- To authenticate users and secure access to data.
- To comply with applicable legal and regulatory obligations.
- To respond to customer support and data-related requests.

We do not sell or share personal information or PHI with third parties for advertising, marketing, or any unrelated purposes.

We implement industry-standard security measures to protect data:
- Encryption in Transit and at Rest
- Access Controls and Role-Based Permissions
- Audit Logs
- Regular Backups

‍While we take data protection seriously, users are responsible for maintaining the security of their login credentials and must not share account access. Failure to do so may compromise the confidentiality of information and is a violation of our terms of service.

To ensure the ongoing security of the platform, users must:

- Keep login credentials confidential.
- Use unique, strong passwords.
- Avoid sharing access codes or accounts.
- Log out after each session, especially on shared devices.
- Notify us immediately at rob@sentsafe.io of any suspected unauthorized access.

Users have the right to:
‍
- Request access to the personal data or PHI we store.
- Request correction or updates to inaccurate data.
- Request deletion of data, subject to legal and regulatory retention requirements.

To exercise these rights, contact us at rob@sentsafe.io.

We may use trusted third-party vendors for hosting, storage, email, analytics, and support. All third-party vendors who may access PHI are under active Business Associate Agreements and meet HIPAA compliance standards.

We do not use cookies for marketing, advertising, or behavioral tracking. We only use session cookies that are essential for secure login and user authentication.

We retain user data for as long as necessary to provide the Services, comply with legal obligations, and enforce our agreements. Upon request and subject to contractual terms, we can securely delete data as permitted by HIPAA and other applicable laws.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the platform or via email. Continued use of our Services after such updates constitutes acceptance of the revised policy.

If you have questions or concerns about this Privacy Policy or your data, please contact:

‍Rob
Email: rob@sentsafe.io
SentSafe, LLC
480 Renaissance Drive, Hoover, AL 35226