Privacy Policy
We are staunchly committed to protecting and meticulously safeguarding the privacy, confidentiality, and security of personal information relating to our website visitors and service users. This commitment extends across all our operations, systems, and processes.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for maintaining comprehensive oversight of how your personal information is collected, used, and protected throughout our systems.
We may process usage data (“usage data”), which comprehensively includes browser type and version, operating system details, page view timestamps, interaction patterns, feature utilization metrics, and navigation pathways. This information is collected through automated logging systems, cookie tracking, and analytics tools and may include time spent on pages, buttons clicked, and features accessed. The source of this data is our analytics software and server logs. We process this information for several important purposes, including improving website performance, enhancing user experience, analyzing trends, and optimizing service delivery, which enables us to provide better services, identify technical issues, and personalize user experiences. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.
We may process account data (“account data”), which comprehensively includes email address, username, password hash, account creation date, subscription status, and billing information. This information is collected through registration forms, account updates, and subscription processes and may include payment details, communication preferences, and account settings. The source of this data is direct user input during account creation and management. We process this information for maintaining user accounts, processing payments, providing service access, and managing user preferences, which enables us to authenticate users, deliver services, and maintain account security. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process profile data (“profile data”), which comprehensively includes name, profile picture, biographical information, preferences, and social media handles. This information is collected through profile creation forms, social media connections, and user preferences settings and may include professional information, interests, and customization choices. The source of this data is user-provided information and linked social accounts. We process this information for personalizing user experiences, enabling community features, facilitating connections, and improving service relevance, which enables us to enhance user interaction, provide personalized content, and improve community engagement. The legal basis for this processing is our legitimate interests in operating and improving our services.
User Rights:
Right to Access
You have the right to access your personal data, which means you can request and receive a comprehensive copy of all personal information we hold about you. This includes the ability to view your complete profile information, review your account history, and confirm what data is being processed. To exercise this right, you can submit a formal access request through our dedicated privacy portal or contact our privacy team directly. We will respond within 30 days and may require government-issued identification, proof of address, and account verification to verify your identity.
Right to Rectification
You have the right to rectification, which means you can request corrections or updates to any inaccurate or incomplete personal data we hold about you. This includes the ability to update contact information, correct profile details, and modify account preferences. To exercise this right, you can either use our self-service account settings or submit a formal correction request. We will process your request within 15 days and may require account verification, specific correction details, and supporting documentation to verify your identity.
Right to Erasure
You have the right to erasure, also known as the right to be forgotten, which means you can request the deletion of your personal data when there is no compelling reason for its continued processing. This includes the ability to delete your account, remove profile information, and erase usage history. To exercise this right, you can submit a deletion request through our privacy center or contact our support team. We will process your request within 30 days and may require password confirmation, written confirmation of deletion intent, and identity verification to verify your identity.
Right to Restrict Processing
You have the right to restrict processing, which means you can limit the way we use your personal data without deleting it entirely. This includes the ability to pause data processing, temporarily disable features, and limit data usage. To exercise this right, you can submit a processing restriction request through our privacy settings or contact our data protection team. We will respond within 15 days and may require account ownership proof, specific restriction parameters, and identity verification documents to verify your identity.
Right to Data Portability
You have the right to data portability, which means you can receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another service provider. This includes the ability to export your data, transfer information between services, and receive data copies. To exercise this right, you can use our data export tool or submit a portability request through our privacy portal. We will process your request within 30 days and may require account authentication, format specifications, and identity verification to verify your identity.Data Processing and Security
Data Types and Processing
We process Service Data which includes user account details, profile information, and service preferences. This processing involves automated collection and analysis, enabling us to provide personalized healthcare management services. For example, in the context of healthcare records management, this includes patient scheduling, medical history tracking, and appointment management. The legal basis for this processing is legitimate business interests and contractual necessity, specifically to facilitate efficient healthcare service delivery.
We process Technical Data which includes device information, IP addresses, browser types, and system logs. This processing involves automated collection through cookies and system analytics, enabling us to ensure optimal platform performance and security. For example, this includes monitoring system access patterns and maintaining secure user sessions. The legal basis for this processing is legitimate interests, specifically maintaining system security and functionality.
We process Communication Data which includes messages, support tickets, and feedback submissions. This processing involves storage and analysis of correspondence, enabling us to provide effective customer support and service improvement. For example, this includes handling patient inquiries and managing healthcare provider communications. The legal basis for this processing is consent and legitimate interests, specifically to maintain quality service delivery.
We process Transaction Data which includes service subscriptions, payment records, and billing information. This processing involves secure payment processing and financial record keeping, enabling us to manage service delivery and financial obligations. For example, this includes processing subscription payments and maintaining billing records. The legal basis for this processing is contractual necessity and legal obligations.
We process Preference Data which includes user settings, notification preferences, and customization options. This processing involves storing and applying user-defined parameters, enabling us to provide personalized service experiences. For example, this includes maintaining preferred communication methods and interface settings. The legal basis for this processing is consent and legitimate interests.
Security Measures
Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.
We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.
Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.
Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.
We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.
All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.
International Transfers
We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Binding Corporate Rules, and certified compliance frameworks. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies
International transfers are protected by ISO 27001, GDPR, and HIPAA standards, ensuring compliance with international data protection regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures
Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees
Data Retention
We maintain specific retention periods for different data categories:
Account Information: 7 years after account closure to comply with healthcare record requirements
Usage Data: 2 years for service improvement and analysis
Transaction Records: 7 years to meet financial regulations
Communication History: 3 years for support reference and quality assurance
Technical Logs: 1 year for security monitoring and system optimization
These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences
Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy
Essential cookies are fundamental to sickrms.com functionality. These cookies manage user authentication, maintain security protocols, and ensure basic site operations. We use them specifically for session management, protecting user data, maintaining technical stability, and ensuring seamless navigation throughout the platform.
Essential Cookies: These cookies serve essential functions for basic website operations. They process login credentials and session data to enable secure user access. For example, they maintain secure login sessions and verify user authentication status.
Functional Cookies: These cookies enhance your experience by remembering your preferences. They enable personalized settings like language preferences, region-specific content display, interface customization options, and feature optimization for improved usability.
Analytics Cookies: These cookies help us understand user behavior. They collect information about how you interact with sickrms.com, including page interactions, navigation patterns, feature usage, session duration, and user preferences to improve our services.
Performance Cookies: These cookies assess and improve website operation by monitoring site speed, identifying technical issues, optimizing content delivery, analyzing user experience, and tracking system performance to ensure optimal functionality.
Cookie Management
You can control cookie preferences through your browser settings, our cookie consent tools, privacy preferences center, and account settings. We respect your right to modify these settings at any time.
For EU residents, we ensure GDPR compliance through explicit consent mechanisms, data minimization practices, purpose limitation, defined storage limitations, and complete processing transparency.
California residents are entitled to additional rights under CCPA, including the right to know about personal information collected, delete personal data, opt-out of data sales, receive non-discriminatory treatment, and access collected information.
Regarding users under 13, we maintain strict COPPA compliance through age verification requirements, parental consent procedures, limited data collection practices, special protection measures, and comprehensive parental access rights.
Our policy undergoes regular reviews with established update procedures. Users receive notifications of significant changes, and we maintain clear change documentation while ensuring continuous compliance monitoring.
For privacy-related inquiries, please contact us at our dedicated privacy support channel. We respond within 48 hours to all privacy concerns, data requests, and rights exercise inquiries. Verification is required for data-related requests to ensure security.
This policy was created specifically for sickrms.com and covers all associated services within the industry.