Login

Privacy Policy

Last Updated April 9, 2025

AtBisiuss, your privacy is our priority. We are committed to protecting your personal information in accordance with the

Personal Information Protection and Electronic Documents Act (PIPEDA), Health Insurance Portability and Accountability Act (HIPAA), and applicable telecommunications regulations. This Privacy Policy explains how we collect, use, and protect the information you provide while using our website and platform.

1. Information We Collect

We collect only the information necessary to deliver, operate, and improve our services. This may include:

•Personal Information: Name, contact information, billing details.

•Usage Data: Interactions with our platform, support tickets.

•Healthcare Data: If you’re a healthcare provider, we may collect and process Protected Health Information (PHI)as defined under HIPAA.

•Mobile Numbers and SMS Preferences: Used solely for service-related communication and never for marketing unless explicitly consented.

2. How We Use Your Information

We use your data only as needed to:

•Provide and maintain our services.

•Manage customer support and communication.

•Process secure payments via Stripe (PCI DSS compliant).

•Store data securely on AWS servers (SOC 2 Type 2 and ISO 27001 certified).

•Ensure legal and regulatory compliance.

We do not sell or share your personal information for marketing or promotional purposes.

3. Use of Mobile Information

In compliance with industry regulations regarding text messaging:

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.
Information sharing to subcontractors in support services, such as customer service, is permitted.
All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

4. Data Retention and Storage

Your information is stored securely on Amazon Web Services (AWS) servers. We retain data only for as long as it is necessary to:

•Deliver our services effectively.

•Comply with legal, contractual, or regulatory obligations.

When information is no longer needed, we use secure deletion methods such as data shredding, encryption wipe, or permanent deletion.

PHI is handled and destroyed in accordance with HIPAA’s Privacy and Security Rules.

5. User Rights

You have the right to:

•Access: Request access to your personal data.

•Correction: Ask for corrections to inaccurate or incomplete data.

•Deletion: Request deletion of your data, subject to legal obligations.

•Portability: Request a copy of your data in a machine-readable format.

For users whose data includes PHI, these rights extend under HIPAA.

6. Security Measures

We apply strong security protocols to protect your data, including:

•Encryption: All data is encrypted during transmission and at rest.

•Authentication: Two-Factor Authentication (2FA) and OTP verification.

•Server Protection: Hosted on AWS with firewall protection, access logging, and intrusion detection.

•Website Security: DNS-level protection and advanced security tools.

We conduct regular security audits and compliance reviews.

7. HIPAA Compliance

For our healthcare users, we follow all HIPAA standards:

•Limiting PHI access to authorized personnel only.

•Signing Business Associate Agreements (BAAs) with all vendors who handle PHI.

•Using administrative, technical, and physical safeguards to secure health data.

8. How We Share Information

We only disclose information for operational, legal, or support purposes, such as:

•Payment Processing through Stripe.

•Integration with external platforms (e.g., Google, Facebook, Instagram) via API with no third-party redistribution.

•Legal Compliance when required by law.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

9. Updates to This Policy

We may occasionally update this policy to reflect changes in technology, law, or our practices. Material changes will be communicated via the platform.