Skip to content
Psiconline America Tech

Privacy Policy

Last updated: May 14, 2026

Psiconline America Tech is committed to protecting your privacy and ensuring the security of your data. This policy applies to our infrastructure platform and services.

1. Introduction

Psiconline America Tech ("we," "our," or "us") provides open technology infrastructure for health tech platforms, including video conferencing, data storage, and API services. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform, website, and services.

We are committed to full compliance with HIPAA (Health Insurance Portability and Accountability Act) for USA healthcare data and PIPEDA (Personal Information Protection and Electronic Documents Act) for Canadian data protection standards.

2. Information We Collect

Information You Provide

When you use our platform or contact us, we may collect:

  • Business contact information (name, email, phone number, company)
  • Account credentials and API keys
  • Configuration preferences for your infrastructure
  • Support requests and communication history
  • Billing and payment information (processed securely via third-party)

Automatically Collected Information

When you access our platform or website, we automatically collect:

  • IP address and access logs
  • Browser type and version
  • API request patterns and usage metrics
  • System performance data
  • Security audit logs (for compliance purposes)

Data Stored on Your Behalf

As an infrastructure provider, we store data that you or your end-users upload to our platform, including:

  • Video recordings and session data (encrypted)
  • Healthcare-related documents and records
  • User authentication and session information

Important: You remain the data controller for your end-users' data. We act as a data processor under GDPR, HIPAA, and PIPEDA frameworks.

3. How We Use Your Information

We use collected information to:

  • Provide and maintain our infrastructure services
  • Process API requests and deliver data
  • Ensure platform security and compliance
  • Generate usage analytics and billing
  • Respond to technical support requests
  • Improve platform performance and reliability
  • Comply with legal and regulatory requirements

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your information based on:

  • Contract performance: To provide services you requested
  • Legal obligations: To comply with healthcare regulations
  • Legitimate interests: To improve security and platform performance
  • Consent: For marketing communications (where required)

5. Data Security and Compliance

We implement enterprise-grade security measures to protect your data:

  • Encryption: AES-256 at rest, TLS 1.3 in transit
  • Access controls: Role-based access and audit logging
  • Compliance certifications: HIPAA, PIPEDA, GDPR-ready
  • Regular audits: Third-party security assessments
  • Data backup: Automated daily backups with retention policies

6. Data Sharing and Disclosure

We do not sell your personal information. We may share data only in these limited circumstances:

  • With your consent: When you explicitly authorize sharing
  • Service providers: AWS, Google Cloud, Azure (all sign data processing agreements)
  • Legal requirements: To comply with laws or respond to legal process
  • Business transfers: In the event of merger or acquisition (with notice)

7. Data Retention

We retain data according to these schedules:

  • API logs: 30 days for operational security
  • User data: Duration of your account plus 30 days
  • Healthcare data: As defined in your Data Processing Agreement
  • Backups: Up to 90 days

You may request data deletion at any time by contacting us.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access - Request copies of your data
  • Rectification - Correct inaccurate information
  • Erasure - Request deletion of your data
  • Restrict processing - Limit how we use your data
  • Data portability - Receive data in machine-readable format
  • Object to processing - Opt-out of certain uses

To exercise these rights, contact us at privacy@psiconlineamerica.tech. We will respond within 30 days.

9. International Data Transfers

We operate infrastructure primarily in the United States and Canada. If you are located outside these countries, your data may be transferred to and processed in the US or Canada. We ensure appropriate safeguards under Standard Contractual Clauses (SCCs) for EU data transfers.

10. Data Breach Notification

In the event of a data breach affecting your information, we will:

  • Notify affected customers within 72 hours of detection
  • Provide details of the breach and affected data
  • Recommend mitigation steps
  • Cooperate with regulatory investigations
  • Implement measures to prevent recurrence

11. HIPAA Compliance (USA)

For covered entities and business associates under HIPAA:

  • We sign Business Associate Agreements (BAAs)
  • We implement HIPAA Security Rule safeguards
  • We report security incidents as required
  • We maintain audit logs for minimum 6 years

Contact us to sign a BAA before processing protected health information (PHI).

12. PIPEDA Compliance (Canada)

For Canadian organizations, we comply with PIPEDA's 10 fair information principles:

  • Accountability for all data in our custody
  • Identifying purposes before collection
  • Obtaining meaningful consent
  • Limiting collection to necessary information
  • Limiting use, disclosure, and retention
  • Maintaining accuracy of information
  • Providing appropriate safeguards
  • Being open about our policies
  • Providing individual access rights
  • Offering recourse if concerns arise

13. Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with data, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy periodically. Changes are effective immediately upon posting. We will notify customers of material changes via email or platform notification at least 30 days in advance.

15. Contact Information

For privacy-related inquiries, data requests, or to exercise your rights:

  • Privacy Officer: privacy@psiconlineamerica.tech
  • Data Protection Inquiries: dpo@psiconlineamerica.tech
  • Security Reports: security@psiconlineamerica.tech
  • Address: San Antonio, Texas, USA

← Back to Home