Privacy Policy

Last updated: 10/15/2025

PRIVACY POLICY

At Beacon Health Technologies, Inc. (“Beacon,” “we,” “us,” or “our”), we are committed to protecting your privacy and handling your information responsibly. We understand the importance of trust when it comes to your personal information, and we take that responsibility seriously.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use beacon-health.com, our mobile application, and any related websites, applications, and services owned and operated by Beacon that link to this Privacy Policy (collectively, the “Services”).

This Policy is intended to help users of our Services (“Users,” “you,” or “your”) understand how we handle your personal data and the choices available to you. “Users” includes both individuals who create a Beacon Health account and those who use our Services without creating an account (for example, by visiting our website or downloading our mobile app without registering) (“Visitors”).

Please note that certain features of our Services, such as the ability to create a profile, save preferences, or contribute information, may be available only to registered Users.

1. ACCEPTANCE OF TERMS

These Terms of Service (“Terms”) constitute a legally binding agreement between you and Beacon, governing your access to and use of our website, mobile application, and all related services, products, and content (collectively, the “Services”).

By accessing, downloading, installing, or using any part of the Services, you agree to be bound by these Terms and our Privacy Policy, which is incorporated by reference. If you do not agree to these Terms, you must not access or use the Services.

Beacon reserves the right, at our sole discretion, to update, modify, or replace these Terms at any time. Any changes will be effective immediately upon posting, unless otherwise specified. We will indicate the date of the latest revision at the top of this page. Your continued use of the Services after any such changes constitutes your acceptance of the revised Terms.

If you are entering into these Terms on behalf of an organization or entity, you represent and warrant that you have the authority to bind that entity to these Terms. In that case, “you” and “your” will refer to both you as an individual and the entity you represent.

You affirm that you are at least 18 years of age, or the age of majority in your jurisdiction, and are fully able and competent to enter and comply with these Terms.

2. INFORMATION WE COLLECT

We collect information from you when you use the Services. The type of information we collect depends on how you interact with Beacon and may include the following categories:

a. Information You Provide to Us

We may collect information you voluntarily provide when you:

• Create or update an account;
• Search for or view healthcare facilities through our Services;
• Contact us for support or submit feedback;
• Subscribe to communications or updates from us; or
• Participate in surveys or other interactive features.

This information may include:

• Personal Information: such as your name, email address, phone number, and location;
• Account Information: such as login credentials and communication preferences;
• User Submissions: such as reviews, saved facilities, or eligibility preferences you share; and
• Correspondence: including messages or feedback sent to our support channels.

b. Information We Collect Automatically

When you use our Services, we may automatically collect certain information through cookies, log files, and similar technologies. This information may include:

• Device and browser information (e.g., operating system, device type, browser type);
• Usage data (e.g., pages viewed, search queries, access times, and referring URLs);
• Location data, if you enable location services on your device.

We use this information to operate, improve, and secure the Services, and to provide a better, more personalized experience.

c. Information from Other Sources

We may receive information from other sources, including:

• Publicly available databases;
• Partner organizations or third-party data providers; or
• Healthcare organizations that choose to share facility information with us.

We combine this data with other information we collect to maintain accurate and up-to-date listings and improve the overall user experience.

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

To Provide and Improve Our Services

• Operating, maintaining, and enhancing our platform;
• Displaying relevant facility information and eligibility details;
• Personalizing your experience and remembering your preferences.

To Communicate with You

• Responding to your questions or requests;
• Sending administrative messages, updates, and alerts;
• Sharing information about new features or changes to our Services.

To Ensure Security and Compliance

• Detecting, preventing, and addressing fraud or unauthorized access;
• Complying with applicable laws, regulations, and legal processes;
• Enforcing our Terms of Use and protecting the rights of Beacon Health, our users, and others.

To Conduct Analytics and Research

• Understanding how users interact with our Services;
• Improving the accuracy and usability of facility listings;
• Evaluating the effectiveness of outreach and engagement efforts.

We do not sell your personal information. We may, however, use aggregated or de-identified information for analysis, reporting, or service improvement purposes.

4. HOW WE SHARE INFORMATION

We understand that your privacy is important. Beacon Health does not sell your personal information. We only share information as described below and in compliance with applicable laws:

a. With Service Providers

We may share information with trusted third-party vendors, contractors, or service providers who perform functions on our behalf, such as:

• Website hosting, data storage, and maintenance;
• Analytics and performance measurement;
• Customer support and communication management.

These partners are contractually required to use your information only to provide services to Beacon and to protect it from unauthorized use or disclosure.

b. With Partners and Data Sources

Beacon aggregates publicly available information and data shared by trusted partners to maintain accurate facility listings. In limited cases, we may share de-identified or aggregated data with research organizations, public health entities, or other partners for legitimate purposes, such as measuring community health access or improving service accuracy.

c. For Legal and Safety Reasons

We may disclose information if required to do so by law, subpoena, or legal process, or if we believe in good faith that such action is necessary to:

• Comply with a legal obligation;
• Protect or defend our rights, property, or safety, or that of our users or others;
• Investigate or prevent possible wrongdoing in connection with the Services.

d. Business Transfers

If Beacon is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of any material change to ownership or control of your personal information as required by law.

5. COOKIES AND TRACKING

a. Use of Cookies and Similar Technologies

We and our service providers use cookies and similar technologies to collect and store certain information when you use our Services. These technologies help us:

• Recognize your browser or device;
• Understand how you interact with our Services;
• Remember your preferences and improve your experience.

b. Managing Cookies

You can control or disable cookies through your browser settings. Please note that disabling cookies may limit certain functionality of the Services.

c. Analytics and Third-Party Tools

We may use analytics tools such as Google Analytics to understand usage trends and improve our Services. These tools may collect information such as your IP address or device identifiers, which may be transmitted to and stored by these providers under their own privacy policies.

6. Data Retention and Deletion

We retain personal information only as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specifically:

• Account Information: retained for as long as your account is active or as needed to provide Services;
• Usage Data: retained for internal analysis and service improvement, typically in aggregate or de-identified form;
• Communications: retained as necessary to maintain accurate records and comply with legal obligations.

When information is no longer needed, we securely delete, anonymize, or otherwise de-identify it in accordance with our data retention policies and applicable regulations.

You may request deletion of your personal information or account at any time by contacting us at privacy@beacon-health.com, subject to legal or contractual restrictions.

7. DATA SECURITY

Beacon takes the protection of your information seriously. We use reasonable administrative, technical, and physical safeguards to protect your personal information from loss, theft, misuse, or unauthorized access, disclosure, alteration, and destruction.

These safeguards include:

• Encryption of data in transit and at rest, where appropriate;
• Access controls and authentication requirements for authorized personnel;
• Routine monitoring for potential vulnerabilities or security incidents.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is completely secure. Accordingly, we cannot guarantee absolute security. If Beacon learns of a data breach that affects your personal information, we will notify you in accordance with applicable laws and our internal incident response procedures.

8. YOUR PRIVACY RIGHTS

Depending on where you live, you may have certain rights regarding your personal information. These rights may include:

• Access and Portability: You can request a copy of the personal information Beacon holds about you.
• Correction: You can request that we correct or update inaccurate or incomplete information.
• Deletion: You can request that we delete your personal information, subject to legal or operational requirements.
• Objection and Limitation: You can object to certain data uses or request that we limit how your information is processed.
• Withdrawal of Consent: If you previously gave consent to a specific data use, you may withdraw it at any time.

To exercise these rights, contact us at privacy@beacon-health.com. We may need to verify your identity before processing your request. If you are a California resident or live in a jurisdiction with specific privacy laws, additional rights may apply under local regulations.

Please note that deleting or restricting access to certain information may impact your ability to use some or all of the Services.

9. CHILDREN’S POLICY

Beacon’s Services are designed for general audiences and are not directed toward children under 13 years of age (or the applicable age of consent in your jurisdiction).

We do not knowingly collect, maintain, or use personal information from children under this age. If we become aware that we have collected such information without verified parental consent, we will delete it promptly.

Parents or guardians who believe their child may have provided personal information through the Services may contact us at privacy@beacon-health.com to request deletion.

10. HIPAA & PROTECTED HEALTH INFORMATION

Beacon is not a healthcare provider, health plan, or healthcare clearinghouse, and does not act as a business associate of any healthcare provider as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The Services are designed to help users find and understand publicly available information about healthcare facilities, not to collect, receive, or store Protected Health Information (“PHI”) as defined by HIPAA.

While some of the facilities listed on Beacon may be subject to HIPAA, any information you provide directly to those facilities, through their own websites, portals, or communication channels, is governed by their respective privacy practices and not by Beacon. We encourage you to review each facility’s own privacy policy or Notice of Privacy Practices before providing any personal or medical information.

If you voluntarily submit information through Beacon that could be considered health-related (for example, in feedback or eligibility preferences), such information is handled in accordance with this Privacy Policy and not as PHI under HIPAA. Beacon implements appropriate safeguards to protect all user data.

11. INTERNATIONAL DATA TRANSFERS

Beacon is based in the United States, and the information we collect is governed by U.S. law. If you access or use the Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other jurisdictions where Beacon or its service providers operate.

By using our Services, you acknowledge and agree that your information may be transferred to countries where privacy laws may not provide the same level of protection as those in your jurisdiction. However, we take reasonable steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy, including implementing appropriate contractual and technical safeguards.

12. THIRD-PARTY LINKS & SERVICES

Our Services may contain links to third-party websites, apps, or services that are not operated or controlled by Beacon. These links are provided for your convenience and do not imply our endorsement of the content or privacy practices of such third parties.

When you interact with a third-party service (e.g., visiting a facility’s external website through our platform), any information you provide is governed by that third party’s privacy policy, not this one. We encourage you to review the privacy policies of any third-party sites or services you visit to understand their practices and your options.

Beacon is not responsible for and disclaims any liability for the content, policies, or actions of third-party websites or services.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the “Last Updated” date at the top of this page and, where required by law, provide notice to you by email or through our Services.

Your continued use of the Services after any updates to this Policy constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically to stay informed about how we protect your information.