Privacy Policy
Last Updated: September 1, 2025
1. Introduction
Sum1 Solutions, LLC ("Sum1 Solutions," "we," "us," or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our technology services, websites, software applications, or related services (collectively, the "Services").
By using our Services, you consent to the data practices described in this Privacy Policy.
Key Privacy Principles
- Transparency: We clearly explain what data we collect and why
- Minimal Collection: We only collect data necessary for our Services
- Security First: We implement robust security measures to protect your data
- Your Control: You have rights and options regarding your personal information
2. Information We Collect
2.1 Personal Information You Provide
We collect information you directly provide to us, including:
- Contact Information: Name, email address, phone number, company name
- Account Information: Username, password, profile information
- Communication Data: Messages, inquiries, support requests
- Payment Information: Billing address, payment method details (processed by third-party providers)
- Professional Information: Job title, professional interests, project requirements
2.2 Information We (May) Collect Automatically
When you use our Services, we automatically collect:
- Usage Data: Pages visited, features used, time spent, click patterns
- Technical Data: IP address, browser type, device information, operating system
- Log Information: Access times, errors, performance metrics
- Cookies and Tracking: Session data, preferences, analytics information
2.3 Healthcare-Related Information
HIPAA and Healthcare Data Notice
Unless otherwise stated, all solutions, whether healthcare-related or otherwise, are NOT HIPAA-compliant and no personal or medical identifiable information should ever be shared through our systems.
Only systems explicitly marked as HIPAA-compliant should be used with protected health information (PHI). Always verify compliance status before using any Service with sensitive data.
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Provision
- Provide, operate, and maintain our Services
- Process transactions and manage accounts
- Deliver customer support and respond to inquiries
- Customize and improve user experience
3.2 Communication
- Send service-related notifications and updates
- Respond to your questions and requests
- Provide technical support and assistance
- Share important security or legal notices
3.3 Business Operations
- Analyze usage patterns to improve our Services
- Conduct research and development
- Ensure security and prevent fraud
- Comply with legal obligations
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share information in the following limited circumstances:
4.1 Service Providers
We work with trusted third-party service providers who assist us in operating our Services, such as:
- Cloud hosting providers (AWS, Google Cloud, Azure)
- Payment processors (Stripe, PayPal)
- Analytics services (Google Analytics)
- Email service providers (MailChannels, Resend)
These providers are contractually obligated to protect your information and use it only for specified purposes.
4.2 Legal Requirements
We may disclose information when required by law or to:
- Comply with legal process or government requests
- Protect our rights, property, or safety
- Enforce our Terms of Service
- Investigate potential violations or fraud
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to appropriate confidentiality protections.
5. Data Security
We implement comprehensive security measures to protect your information:
5.1 Technical Safeguards
- Encryption: Data encrypted in transit and at rest using industry-standard protocols
- Access Controls: Strict authentication and authorization requirements
- Network Security: Firewalls, intrusion detection, and monitoring systems
- Regular Updates: Security patches and software updates applied promptly
5.2 Administrative Safeguards
- Employee Training: Regular privacy and security awareness training
- Access Limitation: Need-to-know basis for accessing personal information
- Incident Response: Procedures for detecting and responding to security incidents
- Vendor Management: Due diligence on third-party service providers
Security Disclaimer
While we implement robust security measures, no internet-based system is completely secure. We cannot guarantee absolute security of your information transmitted through our Services.
6. Your Privacy Rights and Choices
You have several rights regarding your personal information:
6.1 Access and Portability
- Request access to your personal information
- Obtain a copy of your data in a portable format
- Review how your information is being used
6.2 Correction and Updates
- Correct inaccurate or incomplete information
- Update your account details and preferences
- Modify communication settings
6.3 Deletion and Restriction
- Request deletion of your personal information
- Restrict processing in certain circumstances
- Object to certain uses of your data
6.4 Communication Preferences
- Opt out of marketing communications
- Control notification settings
- Manage cookie preferences
To exercise these rights, please contact us using the information provided in Section 11.
7. Data Retention
We retain your information for different periods depending on the type of data and purpose:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 3 years | Service provision, legal compliance |
| Usage and Analytics | 2 years | Service improvement, analytics |
| Communication Records | 3 years | Customer support, dispute resolution |
| Healthcare Data (HIPAA) | 6 years minimum | Regulatory requirements |
| Financial Records | 7 years | Tax and accounting requirements |
We securely delete or anonymize information when it's no longer needed for business or legal purposes.
8. Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience:
8.1 Types of Cookies
- Essential Cookies: Required for basic functionality
- Performance Cookies: Help us analyze usage and improve Services
- Functional Cookies: Remember your preferences and settings
- Analytics Cookies: Provide insights into Service usage
8.2 Cookie Management
You can control cookies through your browser settings. Note that disabling certain cookies may affect functionality of our Services.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:
- Standard Contractual Clauses approved by regulators
- Adequacy decisions by regulatory authorities
- Appropriate technical and organizational measures
10. Children's Privacy
Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.
If you are a parent or guardian and believe your child has provided personal information to us, please contact us immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will notify you of material changes by:
- Posting the updated policy on our website
- Sending email notifications to registered users
- Providing in-app notifications where applicable
Your continued use of our Services after changes take effect constitutes acceptance of the updated Privacy Policy.
12. Contact Information
For privacy-related questions or to exercise your rights, contact us:
Sum1 Solutions, LLC
Privacy Officer
Email: [email protected]
Subject Line: "Privacy Inquiry - [Website Name]"
Please include the website about which you are contacting us
We will respond to all privacy inquiries within 30 days. For urgent security concerns, we aim to respond within 48 hours.
Specific Compliance Information
- GDPR: EU residents have additional rights under the General Data Protection Regulation
- CCPA: California residents have rights under the California Consumer Privacy Act
- HIPAA: Healthcare data handling follows Health Insurance Portability and Accountability Act requirements where applicable
- SOC 2: We maintain SOC 2 Type II compliance for security and availability