Privacy Policy

Last Updated: March 2025

Overview

RetentionHealth ("we," "our," or "us") provides revenue stabilization infrastructure for subscription-based healthcare programs.

This Privacy Policy explains how information is collected, used, and protected in connection with the RetentionHealth platform.

The current 8-week pilot program is intentionally designed to avoid handling Protected Health Information (PHI).

Information We Collect

We collect limited information necessary to operate the platform.

Clinic-Level Information

  • Clinic business name
  • Primary contact name
  • Contact email and phone number
  • Account credentials

Operational Usage Data

  • Platform engagement metrics
  • Aggregated stabilization measurements
  • Dashboard interaction data
  • Technical analytics

Technical Information

  • IP address
  • Browser type
  • Device type
  • Log data necessary for security and performance

Information We Do Not Collect During Pilot

During the pilot phase, RetentionHealth does not:

  • Collect patient names
  • Collect patient contact information
  • Collect medical record numbers
  • Access or integrate with EMR systems
  • Store Protected Health Information (PHI)
  • Create identifiable patient profiles

Behavioral inputs entered into the system during pilot are not associated with identifiable individuals and are not stored as longitudinal medical records.

All pilot measurement is performed at an aggregated group level.

How We Use Information

Information collected is used to:

  • Operate and maintain the stabilization platform
  • Generate reinforcement messaging within active sessions
  • Provide aggregated analytics and retention metrics to clinic partners
  • Improve platform functionality and performance
  • Communicate with clinic partners regarding service delivery

We do not use collected information for advertising or marketing resale.

Data Minimization Principles

RetentionHealth is architected to reduce legal and data exposure risk.

The platform does not:

  • Replace clinical systems
  • Provide medical decision-making
  • Modify prescribed medication protocols
  • Store identifiable patient health records during pilot

Clinic partners retain full clinical responsibility and oversight.

Data Security

We implement security measures designed to protect operational data, including:

  • Encrypted transmission using TLS
  • Hosting on Cloudflare's secure global network
  • Application-layer isolation between clinic environments
  • Role-based access controls
  • Restricted administrative access

Security architecture is designed to minimize stored data and reduce exposure surface area.

Data Retention

Operational data is retained only as long as necessary to provide services to clinic partners.

Clinic partners may request deletion of their account and associated operational data upon termination of services, subject to legal and operational requirements.

Because the pilot does not collect PHI, no medical record retention applies during pilot participation.

Third-Party Infrastructure

RetentionHealth is hosted on Cloudflare infrastructure.

We do not sell, rent, or share data with third-party advertising or marketing networks.

We do not monetize data.

Clinic Partner Responsibilities

Clinic partners deploying RetentionHealth are responsible for:

  • Obtaining appropriate consents from their patients
  • Maintaining compliance with applicable healthcare regulations
  • Providing required privacy disclosures to end users
  • Maintaining clinical oversight of patient care

Your Rights

Depending on jurisdiction, individuals may have rights regarding personal information, including access, correction, or deletion.

Requests may be submitted to the contact email below.

Changes to This Policy

We may update this Privacy Policy periodically.

Material changes will be communicated to clinic partners via email or platform notification.

Contact

For privacy-related questions:

Email: contact@retentionhealth.com

Address:

302 Arapahoe Ave
Boulder, CO 80302