Book a Strategy Call

Privacy Policy

We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your personal information.

Last Updated: March 27, 2026

This Privacy Policy explains how THSnet, Inc. collects, uses, discloses, and otherwise processes personal information.

1. Introduction

THSnet, Inc. ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains our practices regarding the collection and use of information through our website, products, and services.

We comply with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws and regulations. If you have any questions about this policy, please contact us at privacy@thsnet.com.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide, including:

  • Contact Information: Name, email address, phone number, company name, and mailing address
  • Account Information: Username, password, and account credentials
  • Healthcare Information: Clinical documentation, patient records (when applicable), and healthcare-related data
  • Communication: Messages, inquiries, and support requests
  • Payment Information: Billing details (processed securely through third-party providers)

2.2 Information Collected Automatically

When you use our services, we automatically collect:

  • Log Data: IP address, browser type, operating system, page visits, and referral sources
  • Cookies & Tracking Technologies: Session data and user preferences
  • Usage Information: Features accessed, duration of use, and interaction patterns
  • Device Information: Device type, model, and unique identifiers

2.3 Information from Third Parties

We may receive information about you from:

  • Healthcare organizations and providers you work with
  • Business partners and integrations
  • Publicly available sources
  • Payment processors and service providers

3. How We Use Your Information

We use the information we collect for legitimate business purposes:

  • Providing and improving our services
  • Processing transactions and payments
  • Communicating with you about your account and services
  • Sending marketing and promotional communications (with consent)
  • Conducting research and analytics
  • Ensuring compliance with laws and regulations
  • Preventing fraud and security threats
  • Responding to legal requests and obligations
  • Personalizing and optimizing user experience
HIPAA Protected Health Information (PHI): If you provide Protected Health Information (PHI), we handle it in accordance with HIPAA regulations. We only use and disclose PHI as:
  • Authorized by your explicit consent
  • Required by law
  • Part of our Business Associate Agreement with your organization

4. Data Security & Protection

We implement comprehensive security measures to protect your information:

  • Encryption: Data transmitted via SSL/TLS encryption and at-rest encryption
  • Secure Infrastructure: Data centers located in the United States with redundancy
  • Access Controls: Restricted access based on role-based permissions
  • Audit Trails: Comprehensive logging and monitoring of data access
  • Regular Security Assessments: Penetration testing and vulnerability assessments
  • Employee Training: HIPAA and security awareness training for all staff
  • Incident Response: Documented procedures for responding to security incidents

However, no system is completely secure. While we strive to protect your information, we cannot guarantee absolute security of any data transmitted online.

5. HIPAA Compliance

THSnet is HIPAA compliant and committed to protecting the privacy and security of Protected Health Information. Our compliance includes:

  • Execution of Business Associate Agreements (BAAs) with covered entities
  • Compliance with Administrative, Physical, and Technical Safeguards
  • Breach notification procedures in accordance with 45 CFR § 164.400
  • Patient rights to access, amend, and receive accounting of disclosures
  • Annual compliance audits and documentation

If you believe there has been a HIPAA violation, you may file a complaint with the Department of Health and Human Services (HHS) Office for Civil Rights.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal and regulatory obligations
  • Resolve disputes and enforce agreements
  • Maintain security and detect fraud

For HIPAA-protected information, we retain data according to the minimum necessary standard and applicable regulations. You may request deletion of your information, subject to legal and business requirements.

7. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Session Cookies: Maintain your session while using our services
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Understand how users interact with our services
  • Marketing Cookies: Track advertising effectiveness (with consent)

You can control cookies through your browser settings. Disabling cookies may affect the functionality of some features.

8. Third-Party Sharing & Disclosure

We do not sell your personal information. However, we may share information with:

  • Service Providers: Vendors who assist with our operations (payment processors, hosting, analytics)
  • Business Partners: Integration partners with your authorization
  • Legal Obligations: Law enforcement and courts when required by law
  • Business Transfers: In case of merger, acquisition, or asset sale
  • Your Organization: Healthcare providers and organizations you authorize

All third parties are bound by confidentiality agreements and required to maintain HIPAA compliance.

9. International Data Transfers

Our services and data centers are primarily located in the United States. By using our services, you authorize the transfer and storage of your information in the United States, which may have different privacy laws than your country of residence.

10. Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights:

  • Right to Access: Request access to the personal information we hold about you
  • Right to Correction: Request correction of inaccurate information
  • Right to Deletion: Request deletion of your information (subject to legal requirements)
  • Right to Portability: Request your data in a portable format
  • Right to Opt-Out: Opt-out of marketing communications and targeted advertising
  • Right to Access Accounting: Request an accounting of disclosures (HIPAA)

To exercise any of these rights, please contact us at privacy@thsnet.com with your request details.

11. Children's Privacy

Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly.

For healthcare organizations using our services with pediatric patients, appropriate parental consent and authorization is required.

12. California Consumer Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information collected from you
  • Right to opt-out of the sale or sharing of your personal information
  • Right to non-discrimination for exercising your privacy rights

To submit a CCPA request, contact us at privacy@thsnet.com. We will respond within 45 days of verified requests.

13. European Privacy Rights (GDPR)

If you are a resident of the European Union, you have rights under the General Data Protection Regulation (GDPR):

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

Our legal basis for processing is typically performance of a contract or legitimate business interests. Contact us at privacy@thsnet.com to exercise these rights.

14. Do Not Track

Some browsers include a "Do Not Track" feature. Currently, there is no industry standard for recognizing DNT signals. We do not respond to DNT browser signals; however, you can limit tracking through your browser settings and opt-out options we provide.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date.

Your continued use of our services following any changes constitutes your acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

THSnet, Inc.
Privacy & Data Protection
Email: privacy@thsnet.com
General Inquiries: info@thsnet.com
Investors: investors@thsnet.com

We will respond to your inquiry within 10 business days.

17. Data Protection Officer & Compliance

For matters related to data protection and privacy compliance, you may direct inquiries to our Privacy Team at privacy@thsnet.com.

If you have concerns about how we handle your information, you may also lodge a complaint with the relevant data protection authority in your jurisdiction.