Effective Date: March 15, 2026 | Last Updated: March 15, 2026
Healthcare.Engineer LLC ("Company," "we," "us") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.
1. Information We Collect
1.1 Information You Provide Directly
| Data Type | Collected From | Purpose |
|---|---|---|
| Name, email, phone number | All users | Account creation, product delivery, communication |
| Facility name, license number, address | ALF Owners (Fix-It Services) | Identifying the correct facility in public records for analysis |
| Facility operational data submitted for analysis | ALF Owners (Fix-It Services) | Providing Fix-It analysis and recommendations |
| Budget range, insurance type, location preference, care needs | Families (Matching Services) | Generating personalized facility matches |
| Payment information (credit card, billing address) | All paying customers | Processing transactions |
1.2 Information Collected Automatically
- Usage data: Pages visited, products viewed, time on site, click patterns
- Device information: Browser type, operating system, screen resolution
- IP address and approximate location (city/state level)
- Cookies and similar technologies: For session management, analytics, and improving user experience
1.3 Information from Public Sources
We collect and process publicly available government inspection records from state health departments (e.g., AHCA in Florida). This data is publicly available and does not include personal health information about individual residents.
2. How We Use Your Information
- Product delivery: Generating score cards, reports, Fix-It analyses, and matching results
- Communication: Sending purchased products, responding to inquiries, and providing customer support
- Service improvement: Analyzing usage patterns to improve our products and scoring methodology
- Payment processing: Completing transactions and preventing fraud
- Legal compliance: Meeting any applicable legal or regulatory requirements
We do NOT: Sell your personal information to third parties. Share your data with assisted living facilities (unless you explicitly request it). Use your personal information for targeted advertising on third-party platforms. Share ALF owner-submitted data with competitors or other facilities.
3. Data Specific to Each Service
3.1 ALF Fix-It Services — Data Handling
When ALF owners submit facility data for Fix-It analysis:
- Submitted data is used solely for generating the requested analysis and report
- We retain submitted data for the purpose of providing the service and any follow-up services (e.g., re-scoring in Premium tier)
- Facility data submitted by owners is kept confidential and is not shared with other facilities, families, or third parties
- If the submitted data includes any information about individual residents or staff, we treat it with heightened confidentiality protections (see Section 5)
- ALF owners may request deletion of their submitted data at any time (see Section 7)
3.2 Matching Services — Data Handling
When families provide preferences for matching:
- Budget, insurance, and preference data is used solely for generating facility matches
- We do not share your personal details (name, insurance specifics, health conditions) with any facility
- Matching data is retained for 12 months to support follow-up questions and 30-day support (Full Match tier), then deleted unless you request otherwise
- Phone consultation recordings (Full Match tier) are not made without your explicit consent
4. Data Sharing
We may share your information only in the following limited circumstances:
- Payment processors: To process your transactions securely (e.g., Stripe, PayPal). These processors have their own privacy policies.
- Service providers: Third-party tools used for email delivery, analytics, or hosting, all bound by data processing agreements.
- Legal requirements: If required by law, subpoena, court order, or government request.
- Business transfers: In connection with a merger, acquisition, or sale of assets, in which case you would be notified.
5. Sensitive Data & HIPAA Considerations
Important: HE360° primarily works with publicly available government records, which do not contain protected health information (PHI) as defined by HIPAA. However, we recognize that ALF owners who submit facility data for Fix-It services may inadvertently include information about residents or staff.
To address this:
- We instruct ALF owners to redact any personally identifiable resident or staff information before submitting data
- If we receive data that appears to contain PHI, we will notify the submitter and request redacted versions
- We implement reasonable administrative and technical safeguards for all submitted facility data
- We do not store, process, or transmit data in a manner intended to be HIPAA-compliant, as we are not a HIPAA covered entity or business associate. If your submission requires HIPAA-grade handling, do not submit PHI to us.
6. Data Security
We implement reasonable technical and organizational measures to protect your data, including:
- Encryption of data in transit (TLS/SSL)
- Secure storage of payment information through PCI-compliant payment processors
- Access controls limiting employee access to personal data on a need-to-know basis
- Regular review of security practices
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate personal data
- Deletion: Request deletion of your personal data (subject to legal retention requirements)
- Portability: Request your data in a portable, machine-readable format
- Opt-out: Opt out of non-essential communications at any time
To exercise any of these rights, email us at contact@healthcare.engineer with the subject line "Privacy Request." We will respond within 30 days.
8. Cookies
We use cookies and similar tracking technologies for:
- Essential cookies: Required for platform functionality (session management, authentication)
- Analytics cookies: To understand how users interact with our platform (e.g., Google Analytics)
- Preference cookies: To remember your settings and preferences
You can manage cookie preferences through your browser settings. Disabling essential cookies may affect platform functionality.
9. Data Retention
- Score Cards & Reports: Retained indefinitely as part of our historical data products
- Fix-It submitted data: Retained for the duration of the service engagement plus 24 months, then deleted unless otherwise agreed
- Matching preferences: Retained for 12 months, then deleted
- Payment records: Retained as required by applicable tax and financial regulations
- Communication records: Retained for 24 months for customer support purposes
10. Children's Privacy
HE360° Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that we have inadvertently collected data from a minor, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. For material changes, we will make reasonable efforts to notify affected users via email.
12. Contact
For privacy-related questions or requests, contact:
Healthcare.Engineer LLC
Email: contact@healthcare.engineer
Subject line: "Privacy Inquiry"