Centralize,
Analyze, Optimize.

Login Schedule a Demo

Privacy Policy

At The Data Co. (“we”, “our”, “us”), we are committed to protecting the confidentiality and security of your data. You trust us with both your corporate information and the personal health information (PHI) of your patients, and we take that responsibility seriously.

In compliance with the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, we have implemented strong privacy practices to safeguard the sensitive information you share with us.

This Privacy Policy outlines how we collect, use, protect, and manage your data when you visit our website, schedule a demo, or use our services.

What Information We Collect

We collect two main types of information: corporate and personal information and patient health information (PHI).

Corporate and Personal Information

When you interact with The Data Co., we collect specific types of business-related and personal data to provide our services effectively.

  • Registration and Contact Information: When you sign up for a demo, request support, or engage with our platform, we collect your name, email address, phone number, company name, and job title to facilitate communication and deliver services.
  • Transaction Information: If you subscribe to or purchase our services, we collect payment details, billing history, and other transaction-related data to process your payments securely.
  • Geographic Information: We may collect business location data, including country, region, and city, to customize service availability and comply with regional regulations.
  • Medical Information: Our platform may process non-PHI medical data related to your business operations, such as treatment categories, service offerings, and patient flow trends.
  • Appointment Information: We collect and analyze data related to appointment scheduling, cancellations, and attendance patterns to provide you with insights into business efficiency.
  • Website Analytics Information: To improve our website and services, we collect data such as IP addresses, browser types, device details, and site interaction data through cookies and tracking technologies.

Patient Health Information (PHI)

As part of our services, we process PHI on behalf of your business in compliance with HIPAA and PIPEDA. This may include:

  • Patient demographic details necessary for analytics and reporting.
  • Treatment records and service history processed to provide consolidated insights.
  • Appointment and scheduling data used to enhance operational efficiencies.

We handle all PHI with strict security protocols and never use it for marketing or advertising purposes.

HIPAA and PIPEDA Compliance: How We Protect Personal & Patient Data

At The Data Co., protecting your data goes beyond compliance—it is fundamental to our service. We fully adhere to HIPAA in the U.S. and PIPEDA in Canada, ensuring that all corporate data and PHI remain private, secure, and accessible only to authorized parties.

How We Protect Your Data

To maintain the highest level of security, we implement industry-leading safeguards:

  • Data Encryption: We encrypt all sensitive data, including PHI, both in transit and at rest using AES-256 encryption, the industry standard for securing confidential data.
  • Access Controls: We enforce role-based access controls (RBAC) to ensure that only authorized personnel can access sensitive data. Multi-factor authentication (MFA) is required for system access.
  • Secure Storage: All customer data is hosted in HIPAA-compliant cloud environments with redundant, highly secure data centers.
  • Audit Logging: We track all access to PHI and personal data through detailed logging mechanisms that monitor and detect unauthorized activity.
  • Confidentiality Agreements: Any third-party service providers assisting in operations are required to sign strict confidentiality agreements to maintain the integrity of your data.

We are committed to continuously improving our security infrastructure to protect your business and your patients.

How We Use Your Information

We use the information we collect in the following ways:

  • To provide the services you’ve requested: We use your data to set up and manage your account, deliver analytics, and provide insights that help optimize your business performance.
  • To communicate with you about your inquiries or support requests: If you reach out to us, we use your contact details to respond, offer assistance, and provide relevant updates about our services.
  • To improve our website and services: We analyze website traffic, feature usage, and feedback to enhance our offerings and user experience.
  • To aggregate, anonymize, or derive insights from your data: We may freely use, disclose, and otherwise leverage de-identified PHI for our business purposes, including developing and improving our products and services, conducting analytics, benchmarking, and producing white papers and other publications relating to our business or technology. This data helps us enhance our services, generate insights, and provide analytics that support our customers in making informed business decisions. All such data will be in an aggregated, anonymized form that does not personally identify our customer, their patients, or any other individual.
  • To comply with legal obligations: We process data in accordance with HIPAA, PIPEDA, and other relevant regulations to protect your business and patient information.

Data Security

We prioritize the security of your data through advanced encryption, strict access controls, and continuous monitoring. Our security measures include:

  • Encryption Methods: We encrypt all sensitive data using AES-256 encryption at rest and TLS 1.2 encryption in transit, ensuring that unauthorized parties cannot intercept or access your data.
  • Multi-Factor Authentication (MFA): We require MFA for all administrative and privileged access, reducing the risk of unauthorized logins.
  • Regular Security Audits: We conduct ongoing security assessments, vulnerability scans, and penetration testing to identify and address potential risks proactively.
  • 24/7 Threat Monitoring: We continuously monitor system activity and logs for suspicious behavior, using real-time threat detection systems to respond to any potential security incidents.

While no system is completely invulnerable, we adhere to the highest security standards to safeguard your business data.

Cookies and Tracking Technologies

We use cookies and tracking technologies to enhance your experience, analyze website performance, and improve our services.

  • Essential Cookies: These cookies are necessary for the website to function properly, such as enabling secure logins and remembering session preferences.
  • Analytics Cookies: We use Google Analytics and other tools to track site traffic, engagement metrics, and usage patterns. This data is anonymized and used solely for improving user experience.
  • Preference Cookies: These allow us to remember user settings, such as preferred language and interface customizations.
  • Advertising and Third-Party Cookies: We do not use cookies for third-party advertising or data tracking beyond what is necessary for service functionality.

You can control cookie settings through your browser preferences, but disabling certain cookies may impact your experience on our website.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or regulatory requirements. Any updates will be posted here with the revised date so you can always review the latest version.

Contact Us

If you have any questions about this Privacy Policy, how we handle your data, or if you need to exercise your rights, please don’t hesitate to contact us at privacy@thedataco.com.

Last Updated: February 10, 2025