Privacy Policy

Effective Date: 10/9/2024

Sumr Labs, Inc. ("Company", "we", "us", or "our") operates the website www.sumrlabs.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Site, use our services, or interact with us. By accessing or using our Site, you agree to the terms of this Privacy Policy.


1. Information We Collect

We collect several types of information to provide and improve our services, including:

Personal Information: Information that can be used to identify you, such as your name, email address, phone number, job title, and organization.

Protected Health Information (PHI): For healthcare-related services, we may collect PHI, in compliance with HIPAA and other relevant regulations.

Usage Data: Information collected automatically when you access the Site, including IP addresses, browser type, pages viewed, time spent on pages, and clickstream data.

Cookies: We use cookies and similar tracking technologies to collect information to improve our Site and services.


2. How We Use Your Information

We may use the information we collect in the following ways:

To Provide Services: We use your personal data and PHI to deliver our services, improve clinician workflows, and enhance patient care.

Internal Analytics, Research, and AI Training: We may analyze aggregated, anonymized data to improve our services, develop new features, and train our AI models, in compliance with HIPAA and other regulations. This enables us to enhance service functionality while ensuring user privacy.

Communication: We may use your contact information to respond to inquiries, provide updates, and send marketing materials if you have opted in.

Compliance with Laws: We use data to comply with legal requirements, including HIPAA and CCPA.

Data Retention: We retain personal data and PHI as long as necessary to provide services or comply with legal requirements. Upon termination of services, we will anonymize or delete data in accordance with our data retention policy.


3. Disclosure of Your Information

We may share your information under the following circumstances:

Third-Party Service Providers: We may share data with trusted third-party providers who assist us in providing services, subject to data privacy and security agreements.

Legal Compliance: We may disclose your information if required by law, regulation, or court order.

Business Transfers: In the event of a merger, acquisition, or asset sale, your information may be transferred as part of the transaction, in compliance with applicable laws.

Data Sharing for Research and AI Development: We may anonymize or aggregate data for research and analytics purposes and share this anonymized data with partners in compliance with HIPAA and CCPA.


4. Data Retention

Personal Data and PHI: We retain your personal information and PHI for as long as necessary to provide you with our services and to comply with legal obligations. Upon termination of services, we will securely delete or anonymize data in accordance with legal and contractual obligations.

Marketing Data: If you opt into receiving marketing communications, we will retain your contact information until you unsubscribe.


5. Your Data Privacy Rights

Residents of California are entitled to specific rights under the California Consumer Privacy Act (CCPA):

Right to Know: You have the right to request information about the categories and specific pieces of personal data we collect about you, the purposes for which this information is used, and whether we sell your information.

Right to Delete: You may request that we delete your personal data, subject to certain exceptions.

Right to Opt-Out: You have the right to opt-out of the sale of your personal data, if applicable.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.


6. Data Security

We use industry-standard security measures, such as encryption and secure access protocols, to protect your data. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.


7. HIPAA Compliance

For healthcare-related services, Sumr Labs is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) when handling Protected Health Information (PHI). We implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of PHI.


8. Cookies and Tracking Technologies

We use cookies to personalize your experience and gather analytics about how you use our Site. These cookies may include essential cookies for site functionality, analytics cookies to understand user behavior, and tracking cookies for marketing purposes. You can control cookie preferences through your browser settings or the cookie consent banner on our Site.


9. Breach Notification

In the event of a data breach involving your personal information or PHI, we will notify affected users as required by applicable regulations, including HIPAA and CCPA. We will take appropriate steps to mitigate the breach and comply with legal reporting requirements.


10. Third-Party Websites

Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of these third-party sites. We recommend reviewing their privacy policies before interacting with them.


11. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have inadvertently collected information from a child, we will take steps to delete such information.


12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Effective Date" at the top of this page and notify you of significant changes via email or prominent notice on the Site.


13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: care@sumrlabs.com