Privacy Policy

Effective date: February 9, 2026

KeepSight LLC ("KeepSight," "we," "us," or "our") operates the keepsight.io website and the KeepSight application. This Privacy Policy describes how we collect, use, and protect information when you use our services.

1. Information We Collect

Account information. When you create an account, we collect your name, email address, organization name, and role.

Usage data. We collect information about how you interact with our services, including pages visited, features used, and timestamps.

Protected Health Information (PHI). Our application may process PHI on behalf of your organization, including client names, service records, and intake data. We handle all PHI in accordance with HIPAA regulations and the terms of our Business Associate Agreement (BAA).

2. How We Use Your Information

• To provide, maintain, and improve our services
• To communicate with you about your account or our services
• To respond to your requests and support inquiries
• To detect, prevent, and address security or technical issues
• To comply with legal obligations

3. How We Protect Your Information

We implement administrative, technical, and physical safeguards designed to protect your information, including:

• Encryption of data at rest and in transit (TLS 1.2+)
• Role-based access controls
• Full audit logging of data access
• Regular security assessments
• Employee training on data handling and HIPAA compliance

4. HIPAA Compliance

For customers whose use of KeepSight involves PHI, we enter into a Business Associate Agreement (BAA) as required by HIPAA. We do not use or disclose PHI except as permitted by the BAA and applicable law.

5. Data Sharing

We do not sell your personal information or PHI. We may share information with:

• Service providers who assist in operating our platform, bound by confidentiality and data protection obligations
• Legal authorities when required by law, regulation, or legal process

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you terminate your account, your data will be available for export for 30 days. After the export period, we will delete or de-identify your data within 90 days, unless retention is required by law.

7. Your Rights

You may request access to, correction of, or deletion of your personal information by contacting us. For PHI, requests are handled in accordance with HIPAA and your organization's policies.

8. Cookies

We use essential cookies required for the application to function. We do not use advertising or third-party tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date.

10. Contact Us

If you have questions about this Privacy Policy, contact us at jack@keepsight.io.