Privacy Policy

Privacy Policy

Last Updated: February 13, 2026

Section A

I. Introduction

This Privacy Policy explains how ConnectedMD (“CMD,” “we,” “us,” or “our”) may gather, use, disclose, communicate, and otherwise handle personal information. The ConnectedMD website (the “Website”) consists of multiple pages managed and operated by CMD. BY ACCESSING OR USING THIS WEBSITE, YOU ACKNOWLEDGE AND ACCEPT THIS PRIVACY POLICY. Please review it carefully and discontinue use of the Website if you do not agree with any part of it.

The Website is a commercial platform that provides details about our business offerings (our “Services”). This Privacy Policy outlines how we may collect, store, process, track, transfer, share, utilize, and safeguard your company’s information, the data we collect (“Collected Data”), and information related to your Authorized Users when you interact with us, visit the Website, or use our Services.

This section applies only to non-Protected Health Information (non-PHI). Patient information and PHI are governed separately under Section B: Patient Information & HIPAA Compliance.

II. Categories of Information We Collect

When you visit the Website or send emails to ConnectedMD, you are engaging in electronic communication. We may collect:

A. Business & Account Information

  • Name

  • Company name

  • Business address

  • Email address

  • Phone number

  • Job title

  • Billing and payment information

B. Website & Technical Information

  • IP address

  • Browser type

  • Device type

  • Operating system

  • Usage data

  • Log files and diagnostic data

C. Communications Information

  • Messages submitted via contact forms

  • Customer support correspondence

  • SMS opt-in information (for recruiting or service updates)

We do not knowingly collect personal information from individuals under 18 years of age without parental consent.

III. How We Use Non-PHI Information

We may use non-PHI information to:

  1. Provide and maintain our Services

  2. Manage business accounts

  3. Process payments and contracts

  4. Provide customer support

  5. Improve functionality and user experience

  6. Send service-related notices

  7. Send marketing communications (with opt-out rights)

  8. Ensure security and prevent fraud

  9. Comply with legal obligations

  10. Enforce our agreements

We do not sell personal information.

IV. Marketing Communications, How We Use Collected Data, and Data Retention

We retain Collected Data for as long as it is needed to provide our Services effectively. Upon request, data associated with closed accounts may be deleted or anonymized. Once Collected Data is no longer required, we may securely destroy it unless we are legally obligated to retain it for a longer period.

We may use your phone number to contact you regarding your interest in CMD or our Services. Phone calls may be recorded for quality assurance.

We may send mail, email, or SMS communications regarding:

  • Service updates

  • Company news

  • Relevant products or services

Recipients may opt out at any time by:

  • Clicking unsubscribe in email communications

  • Replying STOP to SMS messages

  • Contacting us at privacy@connectedmd.vip and requesting removal from future marketing

We do not share mobile opt-in data with third parties for their marketing purposes.

V. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Improve website functionality

  • Analyze usage patterns

  • Support marketing analytics

You may control cookies through browser settings; however, disabling cookies may limit functionality.

VI. Sharing Data With Third Parties

We use third-party vendors to assist with:

  • Hosting and infrastructure

  • Payment processing

  • Marketing automation

  • Analytics

  • Customer support

  • SMS delivery

These providers may access personal information solely to perform services on our behalf and are contractually obligated to maintain confidentiality and security.

VII. International Data Storage and Transfers

Because CMD is based in the United States (“USA”), all Collected Data is initially stored in the USA. If you reside outside the USA, your information may be stored in a jurisdiction with data protection standards that differ from those in your home country.

Collected Data may be stored or processed in the USA or in any country where we or our affiliates, subsidiaries, or service providers operate. For the purposes outlined in this Privacy Policy, we may transfer your information across borders. BY USING OUR SERVICES OR CONSENTING TO THE TRANSFER OF YOUR PERSONAL INFORMATION, YOU AGREE TO SUCH INTERNATIONAL TRANSFERS.

VIII. Your Rights Regarding Collected Data

Subject to applicable law, you may have the right to:

  • Access your personal information

  • Request correction

  • Request deletion

  • Opt out of marketing communications

Requests may be submitted through our contact form or emailing privacy@connectedmd.vip.

IX. Security Measures

We implement reasonable administrative, technical, and physical safeguards to protect personal information from unauthorized access, use, or disclosure..

X. Updates to This Privacy Policy

We may revise this Privacy Policy periodically, so we encourage you to review it from time to time. When material changes are made, we will update the “last modified” date at the top of the Policy. Changes become effective once posted. YOUR CONTINUED USE OF THE WEBSITE OR SERVICES INDICATES YOUR ACCEPTANCE OF THE UPDATED POLICY.

XI. Indemnification

You agree to indemnify, defend, and hold harmless CMD and its officers, directors, employees, agents, affiliates, and third‑party partners (“Representatives”) from any losses, liabilities, costs, or expenses (including reasonable attorneys’ fees) arising from:

  • Your use or inability to use the Website or Services

  • Any content you submit

  • Your violation of this Agreement

  • Your infringement of another party’s rights

  • Your breach of applicable laws or regulations

XII. Disclaimer and Limit of Liability

THE INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES INCLUDED IN OR AVAILABLE THROUGH THE WEBSITE MAY INCLUDE INACCURACIES OR TYPOGRAPHICAL ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN. CONNECTEDMD AND/OR ITS SUPPLIERS MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE SITE AT ANY TIME.

CONNECTEDMD AND/OR ITS REPRESENTATIVES MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, AVAILABILITY, TIMELINESS, OR ACCURACY OF THE INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS CONTAINED ON THE SITE FOR ANY PURPOSE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ALL SUCH INFORMATION, SOFTWARE, PRODUCTS, SERVICES AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND. CONNECTEDMD AND/OR ITS SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, SOFTWARE, PRODUCTS, SERVICES, AND RELATED GRAPHICS, INCLUDING: ALL IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL CONNECTEDMD OR ITS REPRESENTATIVES BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OR PERFORMANCE OF THE WEBSITE, WITH THE DELAY OR INABILITY TO USE THE WEBSITE OR SERVICES, THE PROVISION OF OR FAILURE TO PROVIDE SERVICES, OR FOR ANY INFORMATION, SOFTWARE, PRODUCTS, SERVICES,OR RELATED GRAPHICS OBTAINED THROUGH THE WBSITE, OR OTHERWISE ARISING OUT OF THE USE OF THE SITE, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF CONNECTEDMD OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. IN NO EVENT SHALL CONNECTEDMD OR ITS REPRESENTATIVES BE LIABLE FOR ANY DAMAGES WHATSOEVER IN EXCESS OF $1,000. IF YOU ARE DISSATISFIED WITH ANY PORTION OF THE SITE, OR WITH ANY OF THESE TERMS OF USE, YOUR SOLE AND EXCLUSIVE REMEDY IS TO DISCONTINUE USING THE SITE.

XIII. Termination/Access Restriction

ConnectedMD reserves the right, in its sole discretion, to terminate your access to the Site and the related services or any portion thereof at any time, without notice.

XIV. Choice of Law/Dispute Resolution/Class Action Waiver

This Privacy Policy and your use of the Website and the Services shall be governed by and construed in accordance with the laws of the State of Alabama, without regard to its conflict of laws provisions. Any dispute arising out of or to enforce this Release shall be brought exclusively in a court located in the State of Alabama, County of Montgomery (the "Chosen Courts"). Releasor and Releasee consent to jurisdiction of the Chosen Courts and waive any objections as to forum non conveniens or lack of jurisdiction. If CMD prevails in any dispute arising out of or to enforce this Agreement, it shall be entitled to recover attorneys' fees and costs. No claims arising out of or to enforce this Agreement may be made more than six (6) months after the date by which the fault or failure should reasonably have been discovered; failure to make such a claim within the six (6) month period shall forever bar the claim. You irrevocably waive any right for any dispute to be brought, heard, decided, or arbitrated as a class and/or collective action. Use of the Website and the Services is unauthorized in any jurisdiction that does not give effect to all provisions of these terms, including, without limitation, this section.

Please note: Nothing in this Privacy Policy limits obligations imposed under applicable healthcare privacy laws, including HIPAA, where applicable.

XV. Contact Us

For any questions or concerns, please contact Us via our contact form or by emailing: privacy@connectedmd.vip.

SECTION B

Patient Information & HIPAA Compliance

I. Our Role as a Business Associate

ConnectedMD provides services to healthcare providers that are “Covered Entities” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

In providing these services, ConnectedMD may create, receive, maintain, or transmit Protected Health Information (“PHI”) on behalf of Covered Entities pursuant to a Business Associate Agreement (“BAA”).

ConnectedMD acts solely as a Business Associate and processes PHI only as permitted by applicable law and our BAA with the Covered Entity.

The healthcare provider remains the data controller and retains responsibility for determining how PHI is used and disclosed.

II. Protected Health Information We May Handle

Depending on the services provided, PHI may include:

  • Patient name

  • Phone number

  • Email address

  • Appointment details

  • Insurance information

  • Treatment-related communications

  • Messaging history

  • Identifiers associated with healthcare services

We do not use PHI for our independent marketing purposes.

III. Permitted Uses and Disclosures of PHI

We may use or disclose PHI only to:

  1. Perform services on behalf of the Covered Entity

  2. Support treatment, payment, and healthcare operations

  3. Provide technical support

  4. Maintain system security

  5. Comply with legal obligations

  6. Report breaches as required by law

We do not sell PHI.

We do not use PHI for targeted advertising.

IV. Safeguards

We implement administrative, technical, and physical safeguards in accordance with the HIPAA Security Rule to protect PHI against unauthorized access, use, alteration, or disclosure.

These safeguards include, but are not limited to:

  • Access controls

  • Encryption where appropriate

  • Workforce training

  • Vendor management procedures

  • Incident response protocols

V. Breach Notification

In the event of a breach of unsecured PHI, ConnectedMD will notify the applicable Covered Entity in accordance with HIPAA and the applicable Business Associate Agreement.

The Covered Entity is responsible for notifying affected individuals unless otherwise required by law.

VI. Patient Rights

Patients seeking to:

  • Access their PHI

  • Request corrections

  • Obtain copies

  • Restrict disclosures

  • File privacy complaints

Should contact their healthcare provider directly.

ConnectedMD does not independently determine patient rights regarding PHI and acts only at the direction of the Covered Entity.

VII. SMS Communications and PHI

If SMS communications are used for healthcare-related purposes:

  • Messages may include appointment reminders or service-related notifications.

  • Standard text messaging may not be encrypted.

  • By providing a mobile number to your healthcare provider, you acknowledge the inherent risks associated with SMS communications.

ConnectedMD transmits such messages only as directed by the Covered Entity.

VIII. Subcontractors

ConnectedMD may use subcontractors to perform services involving PHI. Any such subcontractors are required to enter into agreements that impose HIPAA-compliant obligations consistent with our Business Associate Agreement.

IX. Data Retention for PHI

PHI is retained only for the period necessary to fulfill our contractual obligations with the Covered Entity or as required by law. Upon termination of services, PHI will be returned or securely destroyed in accordance with the BAA.