Privacy Policy

Privacy Policy

Effective Date: 15 September 2025  |  Last Updated: 15 September 2025

CapillaryIQ (“Company,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website, platform, and communication services (including SMS and email outreach). By using our services, you agree to these practices.

1) Information We Collect

  • Personal Information: Name, email, phone, practice details, and similar identifiers provided when you request demos, consultations, or services.
  • Health-Related Information: Data relevant to vascular/diagnostic assessments submitted by providers or patients.
  • Usage Data: Device details, IP, browser type, pages visited, and on-site interactions.
  • Communication Data: SMS/voice delivery logs, chat transcripts, and email interactions (kept to evidence consent and compliance).

2) How We Use Information

  • Provide, operate, and improve diagnostic and healthcare support tools.
  • Deliver SMS, voice, and email communications in compliance with A2P rules.
  • Respond to inquiries and deliver onboarding and support.
  • Monitor security, prevent abuse/fraud, and ensure compliance.
  • Meet legal/regulatory obligations (e.g., HIPAA, GDPR/UK GDPR, TCPA).

3) SMS, Email & A2P 10DLC Compliance

By submitting your phone number, you consent to receive SMS related to appointments, reminders, account/service updates, and support.

  • Message Frequency: Varies based on activity.
  • Message & Data Rates May Apply.
  • Opt-Out: Reply STOP to end. For help, reply HELP or contact us using the details below.
  • We maintain time-stamped records of opt-ins/opt-outs for compliance.

4) Legal Bases (GDPR/UK GDPR)

  • Consent (Art. 6(1)(a)) for marketing, SMS, or demo requests.
  • Contract (Art. 6(1)(b)) to deliver requested services.
  • Legitimate Interests (Art. 6(1)(f)) for improvement and security.
  • Legal Obligation (Art. 6(1)(c)) where required by law/regulators.

5) Data Retention

We retain personal information only as long as necessary for the purposes in this Policy, to meet legal obligations, and to enforce agreements. Health-related data is stored following applicable HIPAA (U.S.) and GDPR/UK GDPR requirements.

6) Data Security

We use administrative, technical, and physical safeguards—such as encryption, access controls, and secure hosting—to protect data against unauthorized access, disclosure, alteration, or destruction.

7) Sharing of Information

We do not sell personal data. We may share limited data with service providers (e.g., secure hosting, analytics, SMS gateways such as Twilio), healthcare partners with consent or where legally required, and regulators when required by law.

8) International Transfers

Your data may be processed in the U.S. and other countries where we or our providers operate, with appropriate safeguards applied.

9) Your Rights

  • Access, correction, deletion, restriction, or objection to processing.
  • Withdraw consent at any time without affecting prior lawful processing.
  • Request data portability.
  • File a complaint with your local data protection authority.

10) Children’s Privacy

Our services are not intended for individuals under 18, and we do not knowingly collect data from minors.

11) Changes to This Policy

We may update this Policy periodically. Updates will be posted here with a new “Last Updated” date.

12) Contact Us

CapillaryIQ
[email protected]
(425) 534-7177
Seattle, WA