Privacy Policy

Introduction

ShiftSetter ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical scheduling software platform.

HIPAA Compliance

As a healthcare technology provider, we understand the critical importance of protecting health information. ShiftSetter is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA) and maintains appropriate administrative, physical, and technical safeguards to protect Protected Health Information (PHI).

Information We Collect

Personal Information

• Name, email address, and phone number
• Professional credentials and certifications
• Employment information and role within your organization
• Scheduling preferences and availability

Usage Information

• Schedule data and shift assignments
• Platform usage patterns and feature utilization
• Device information and IP addresses
• Log files and system performance data

Health Information

We may collect certain health-related information solely for scheduling purposes, such as vacation time for medical procedures or leave of absence information. This information is handled with the highest level of security and privacy protection.

How We Use Your Information

Service Provision

• Create and manage physician schedules
• Facilitate shift bidding and swapping
• Generate reports and analytics
• Provide customer support

Platform Improvement

• Analyze usage patterns to improve functionality
• Develop new features based on user needs
• Ensure system security and performance

Communication

• Send service-related notifications
• Provide technical support
• Share important updates about our platform
• Marketing communications (with your consent)

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

With Your Consent

We may share information when you explicitly consent to such sharing.

Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform, subject to strict confidentiality agreements and HIPAA compliance requirements.

Legal Requirements

We may disclose information when required by law, court order, or government regulation, or to protect our rights and property.

Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred, subject to the same privacy protections outlined in this policy.

Data Security

We implement industry-leading security measures to protect your information:

Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. Specifically:

• Account information: Retained while your account is active
• Schedule data: Retained for 7 years for compliance purposes
• Usage logs: Retained for 1 year for security and performance analysis
• Support communications: Retained for 3 years

Your Rights and Choices

Access and Control

• Access your personal information through your account dashboard
• Update or correct your information at any time
• Request deletion of your account and associated data
• Export your data in a portable format

Communication Preferences

• Opt out of marketing communications
• Customize notification preferences
• Manage email frequency settings

HIPAA Rights

Under HIPAA, you have the right to:

• Request access to your PHI
• Request amendments to your PHI
• Request restrictions on the use and disclosure of your PHI
• File a complaint about our privacy practices

International Data Transfers

Our services are primarily hosted in the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated.

Children's Privacy

Our services are not designed for or directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information as quickly as possible.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for basic platform functionality
• Analytics Cookies: Help us understand how you use our platform
• Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences.

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying prominent notices within our platform

Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us: