Privacy Policy

Last updated: September 2, 2022

This privacy policy provides comprehensive information relating to how we collect, use, and share your personal and medical information at Updox LLC, a Delaware limited liability company with its principal place of business in Ohio, (“Updox”) and the rights you have in relation to this data. This policy applies to your use of Updox’s website (“Website”), located at, and other digital and online services and products provided by Updox (collectively, “Services”). This policy also describes our privacy practices and procedures that relate to the Website and the Services as well as the purposes for which your Personal Information may be used.

In our privacy policy, “Updox”, “we” and “our” mean Updox LLC, and “you” means any person who accesses and uses our Website or the Services.

1) Contact Information 

Updox LLC 
6555 Longshore St. Suite 200
Dublin, Ohio 43017

E-Mail: [email protected]  

2) Your Consent

Please take a few minutes to review this policy before using the Website or the Services. By using this Website or the Services, you are consenting to the collection, use and disclosure of your information as set forth in this policy. If you do not agree to be bound by this policy, you may not access or use this Website or the Services.

3) Geographical Limitations

The owner of the Website and the Services is based in the State of Ohio in the United States. We provide the Website and the Services for use only by persons located in the United States. We make no claims that the Website, the Services or any of their content is accessible or appropriate outside of the United States. If you access the Website or the Services from outside the United States, you do so on your own initiative and are responsible for compliance with local laws.

4) Protected Health Information (PHI)

This privacy policy describes the use of your Personal Information (defined below) collected through the Website and the Services. 

This Website is not designed for you to communicate with health providers regarding your specific treatment or care, and we do not monitor or respond to such enquiries communicated via the Website. If you wish to seek care or communicate regarding your treatment, please contact your health care provider directly.

5) Categories of Personal Information We Collect

Our Website and the Services collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”Personal Information”).

We collect Personal Information related to you:

  1. a)from youwhen you provide such information to us;
  2. b)through technology-enabled collection and tracking servicesthat allow us to automatically collect certain information when you use our Website or the Services or interact with our emails, or social media.
  3. c)from other sources, including from Providers who perform a business, professional or technical support functions for us.

Information You Provide To Us

When you use our Website or the Services, we may collect:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code §1798.80(e)) such a name, signature, address, telephone number, or medical information.
  • Protected classification characteristics under California or federal law such as age, marital status, medical condition, physical or mental disability, sex.
  • Commercial information. Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other similar network activity. Information on a consumer’s interaction with a website, application, or advertisement.

We also keep track of how you use and interact with our Services through the use of cookies and other tracking technologies as listed below.  

Automatically Collected Information

When you use certain Services, we use cookies, web beacons, pixel tags, social media widgets and other automated information collection and tracking technologies to collect and store certain types of Personal Information (“Automatically Collected Information”).  Automatically Collected Information includes information such as:

  • Services – your username, IP address, the screens you use, how you navigate through the services
  • Corporate Web Site – IP address, the screens you visit


A cookie is a small piece of data sent from a website that is stored on your computer by your web browser. Cookies are mainly used to manage your browser session, capture your preferences, and provide analytics. Some cookies exist only while your browser remains open (e.g. session cookie) while others are persistent (e.g. your preferences). 

Social Media Widgets

The Website may contain links to our social media accounts on Facebook, Twitter, Instagram and LinkedIn platforms. Clicking on any such links means that the respective social network receives information on which website you came from as a user. 

6) How We Use Your Personal Information

We may use Personal Information we collect for the following purposes:

  • To provide you our products and services
  • To communicate with you
  • For our internal operations
  • For fraud prevention, security and legal compliance

Examples of how we use Personal Information for these purposes are listed below. Please note that we may use information that does not specifically identify you or your device(s) without restriction.

To Provide You our Products and Services

  • Establish and maintain your customer account for our Services
  • Fulfill and manage subscription orders, payments of products or services we offer and communicate with you about these transactions
  • Enable certain functionalities on our Website and Services (for example, to permit you to subscribe to one of our services)
  • Provide customer service

To Communicate with You

  • Communicate with you regarding your transactions with us, including purchases, orders, payments 
  • Connect with you to deliver customer service through our customer service or on social media or Internet chat platforms

For Marketing, Promotions and Advertising

  • Personalize, optimize and improve your experiences with our Services
  • Send communications and other information regarding our Services and promotions that we believe may be of interest to you on behalf of our parent company, affiliates, subsidiaries, joint ventures or other companies under common control with us (collectively, “Affiliates”) and partner companies

For our Internal Operations

  • Analyze the performance and effectiveness of our Services, including by analyzing visitor interaction with our Website and Services
  • Measure the performance of our different marketing efforts
  • Develop new services to enhance the customer experience with our Services
  • Maintain, enhance and improve our programs, accounts and records, including your Personal Information records
  • Conduct research and analytics related to our operations
  • Perform logistics and other operation and business activities
  • Pursuant to merger, acquisition, reorganization  

For Fraud Prevention, Security and Legal Compliance

  • Prevent, detect, mitigate and investigate fraud, security breaches and activities that are or potentially may be prohibited or illegal
  • Protect the security and integrity of our Services and data relating to such Services, including your Personal Information
  • As we believe to be required or appropriate to protect the rights, property, safety and security of Updox and our employees, customers and others
  • Assist law enforcement and respond to legal and/or regulatory inquiries in accordance with federal and state privacy laws as well as the Business Associate Agreement
  • As we believe to be required or appropriate under applicable law

7) How we share your Personal Information

We will only share your data with third parties as described below, within the scope of applicable law, or with the appropriate consent. Otherwise, it will not be shared with third parties unless we are obliged to do so due to mandatory legal regulations (disclosure to external bodies such as law enforcement authorities in the United States).

Sharing with Third Parties

We may share your Personal Information we collect with third parties for other purposes, such as in the following ways:

  • With our Providers. To companies who perform a business, professional or technical support function for us; for example, fax services, analytics, call center/chat services, payment processing, and fraud prevention.
  •  With our Affiliates. In order to streamline certain business operations, develop products and services that better meet the interests and needs of our customers, and inform our customers about relevant products and services, we may share your Personal Information with any of our current or future Affiliates. You hereby provide your explicit consent to our sharing some or all of your Personal Information with our Affiliates.
  • With social media platforms, such as Facebook, Twitter, YouTube, LinkedIn and Instagram, through social media widgets and other tools used in connection with our Website which may be deployed by our Providers (for example, tools for you to share content on our Website with your friends and followers on social media).
  • To comply with the law. To comply with applicable law or reasonable requests for information based on governmental regulation, court order, subpoena or a similar related action. 
  • To protect ourselves. To enforce our policies and agreements, to protect our or others’ rights, property or safety, to prevent or mitigate the risk of harm or loss, in connection with an investigation of suspected or actual unlawful activity or in connection with any legal action, claim or dispute.
  • With successors to all or part of our business. In the event of a corporate sale, merger, reorganization, change in corporate control, acquisition, bankruptcy or similar event.
  • At your direction. At your direction or request or when you otherwise consent. 

Disclosures of Personal Information 

In the course of providing Services to you, we may disclose the following categories of Personal Information for a business purpose, for the purposes described in this privacy policy and to Providers, partners and vendors who perform business, professional and/or technical support functions for us:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code §1798.80(e)) such a name, signature, address, telephone number, medical information, or health insurance information. 
  • Protected classification characteristics under California or federal law such as age, medical condition, physical or mental disability, sex.
  • Commercial information. Records of services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other similar network activity. Information on a consumer’s interaction with a website, application, or advertisement.

Sales of Personal Information

  • Updox does not sell your Personal Information.

8) Limiting our Collection and Use of Your Personal Information

We strive to offer you choices about how we collect and use Personal Information relating to you. Please be aware that disallowing certain data collection may limit the usefulness of our Services, including our Website and Services. Your choices include the following:

Emails and Postal Mail 

From time to time, we may communicate with you for promotional purposes through emails or postal mail. Even if you opt-out of receiving marketing or promotional communications from us, we may still contact you to respond to an inquiry and for transactional purposes (for example, sales confirmations, training scheduling or billing matters).

Emails. To opt-out of receiving promotional emails from us and to unsubscribe from future promotional emails, you may use the “Unsubscribe Link” included within a promotional email from us to you. Please allow a reasonable period of time for your request to be removed from our email contact list to be made effective.

Postal Mail. To opt-out of receiving promotional postal mail, you may contact your Customer Success representative who will be happy to assist you. Please allow a reasonable period of time for your request to be removed from our promotional mailing contact list to be made effective.

9) Data retention period

We store your data as long as it is necessary for the processing purpose in question. Please note that a number of legally imposed retention periods require data to be stored for extended periods. This relates in particular to commercial or fiscal retention obligations. Unless there are further retention requirements, the data will be routinely deleted after subscription termination and in accordance with the Business Associate Agreement, as applicable.

In addition, we may retain the information if you have directed us to do so, or in the event of legal disputes and we use evidence within the statutory limitation periods.

10) Security of Personal Information

The security of your Personal Information is important to us.  We make commercially reasonable efforts to secure and protect the privacy, accuracy, and reliability of your information and to protect it from loss, misuse, unauthorized access, disclosure, alteration, and destruction. We have implemented security measures consistent with industry standards.  As no data security protocol is impenetrable, we cannot guarantee the security of our systems or databases, nor can we guarantee that Personal Information we collect about you will not be breached, intercepted, destroyed, accessed, or otherwise disclosed without authorization. Accordingly, any information including your Personal Information is provided by you at your own risk. 

Our Security Practices. We use a variety of administrative, contractual, technical and physical controls and safeguards to help protect your Personal Information from loss and unauthorized access, collection, use, disclosure, copying, modification, destruction or similar risks. However, no control or safeguard can completely guarantee that such information is completely secure. 

Your Security Practices. You are also responsible for taking reasonable steps to protect your Personal Information against unauthorized disclosure or use.

We encourage you to take steps to help protect the confidentiality and security of your account and Personal Information, including the following:

  • Review your account periodically and immediately report any unexpected activity or unrecognized information
  • Install the latest security updates and antivirus software on your computer to help prevent malware and viruses
  • Use complex passwords and not using the same password on more than one Website
  • Password protect your computers and mobile devices
  • Do not share your passwords with others
  • Sign out/log off Website sessions to close your session

11) Links to other providers

Our Website also contains links to the websites of other companies or providers. We have no influence as to the content of these third party websites and as such cannot guarantee or assume liability for their content. The content of these pages is always the responsibility of the respective provider or operator of the pages.

12) Online offerings for children

We do not collect any information from children. Persons under the age of 16 are not permitted to submit any Personal Information to us without the consent of the legal guardian or a declaration of consent. We encourage parents and guardians to actively participate in the online activities and interests of their children.

13) California Consumer Privacy Act (CCPA)

CCPA does not apply to information that is governed by the Health Insurance Portability and Accountability Act (HIPAA). All medical communications sent via our Services are governed by HIPAA.

We may have a data processor relationship with residents of the State of California (patients of the medical practices that utilize our Services). You should contact the medical practice directly to exercise your CCPA rights. We are unable to honor such requests directly from consumers but will assist the medical practices that utilize our Services with honoring them.

14) Changes to our privacy policy

We may revise this policy from time to time and without prior notice to you. Except as otherwise noted in this policy, such changes may apply to any Personal Information we already hold about your or Personal Information collected after this policy is modified. Changes will be posted on this page and are effective as of the “Last Modified” date at the top of this policy. Please visit this page regularly so that you are aware of our latest updates. Continuing to access or use the sites or Services after any changes become effective indicates your acceptance of the revised policy. 

In addition, we may provide you with “just-in-time” disclosures or additional information about the data processing practices of specific parts of our sites or Services. Such notices may supplement this policy or provide you with additional choices about how we process your personal information.