Privacy Policy

1.1 Information You Provide

We collect information you voluntarily provide when using our Service, including:

• Account Information: Name, email address, password, organization name, and profile information when you create an account
• Contact Information: Name, email, and message content when you contact us through our contact form or support channels
• Payment Information: Billing address and payment details processed through our third-party payment processor (we do not store full payment card numbers)
• User Content: Policy forms, endorsements, data models, templates, and other content you create using the Service
• Communications: Information you provide when communicating with us via email, chat, or other channels

1.2 Information Collected Automatically

When you use our Service, we automatically collect certain information, including:

• Device Information: Device type, operating system, browser type and version, and unique device identifiers
• Usage Information: Pages visited, features used, actions taken, time spent on pages, and navigation patterns
• Log Data: IP address, access times, request URLs, referrer URLs, and error logs
• Session Information: Authentication tokens and session data necessary to maintain your logged-in state

1.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect information and improve the Service. These include:

• Essential Cookies: Required for the Service to function properly, including authentication and security
• Analytics Cookies: Help us understand how users interact with the Service so we can improve it
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling certain cookies may limit your ability to use some features of the Service.

We use the information we collect to:

• Provide, maintain, and improve the Service
• Create and manage your account
• Process transactions and send related information
• Send administrative information, such as updates, security alerts, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze usage patterns and trends to improve user experience
• Detect, prevent, and address technical issues, fraud, and security threats
• Enforce our Terms of Use and comply with legal obligations
• Send promotional communications (with your consent, where required)
• Provide customer support and respond to inquiries

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with third-party vendors who perform services on our behalf, such as:

• Cloud hosting and infrastructure providers
• Payment processors
• Email delivery services
• Analytics providers
• Customer support tools

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

3.2 Business Transfers

If Pathience is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your information.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, such as subpoenas, court orders, or government regulations. We may also disclose information to:

• Comply with legal obligations
• Protect our rights, privacy, safety, or property
• Protect the rights, privacy, safety, or property of our users or others
• Enforce our Terms of Use
• Investigate potential violations or suspected illegal activity

3.4 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

3.5 Within Your Organization

If you use the Service as part of an organization, information such as your name, email, and activity within the Service may be visible to administrators and other authorized users within your organization.

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest
• Regular security assessments and audits
• Access controls and authentication requirements
• Secure data centers with physical security measures

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Specifically:

• Account Information: Retained while your account is active and for a reasonable period afterward for legal and business purposes
• User Content: Retained while your account is active. Upon account termination, you may request export of your content before deletion
• Log Data: Typically retained for up to 12 months for security and debugging purposes
• Analytics Data: Aggregated and anonymized analytics data may be retained indefinitely

We may retain certain information as required by law or for legitimate business purposes, such as resolving disputes or enforcing our agreements.

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You may request access to the personal information we hold about you and request a copy in a portable format.

6.2 Correction

You may request that we correct inaccurate or incomplete personal information. You can update much of your account information directly through your account settings.

6.3 Deletion

You may request that we delete your personal information, subject to certain exceptions required by law or legitimate business purposes.

6.4 Opt-Out of Marketing

You may opt out of receiving promotional emails by following the unsubscribe instructions in those emails. Even if you opt out, we may still send you non-promotional communications, such as service-related messages.

6.5 Cookie Preferences

You can manage cookie preferences through your browser settings or through any cookie consent tools we provide.

To exercise these rights, please contact us at [email protected]. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

Pathience is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using the Service, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

Where required by law, we implement appropriate safeguards for international data transfers, such as standard contractual clauses approved by relevant authorities.

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us at [email protected].

The Service may contain links to third-party websites or services that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access.

We are not responsible for the privacy practices or content of third-party websites or services.

We recommend using fictional or anonymized data when testing forms and data models within the Service.

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:

• Right to Know: Request information about the categories and specific pieces of personal information we have collected about you
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: We do not sell personal information, so there is no need to opt out of sales
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected]. We may need to verify your identity before processing your request.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date and, where appropriate, by sending you an email notification.

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

We will respond to your inquiry as soon as reasonably practicable and in accordance with applicable law.