Privacy Policy

VMVTech, Ltd. ("VMVTech," "we," "us," or "our") is committed to protecting the privacy and security of the personal information entrusted to us. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our services, visit our website, or interact with our platforms.

1. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide when using our services, including but not limited to your name, email address, phone number, company name, job title, and billing information.

Technical Information

When you access our platforms, we automatically collect certain technical data such as IP addresses, browser type, device identifiers, operating system, pages viewed, and timestamps of interactions. This data helps us maintain service quality and security.

Healthcare Data

In the course of providing healthcare technology solutions, we may process protected health information (PHI) on behalf of our clients. All such data is handled in strict compliance with applicable regulations, including HIPAA.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, and maintain our services and platforms
• To process transactions and send related communications
• To respond to your inquiries, requests, and support needs
• To improve our products, services, and user experience
• To comply with legal obligations and enforce our agreements
• To detect, prevent, and address security incidents and fraud

3. Data Security

We implement industry-leading administrative, technical, and physical safeguards to protect your information. Our security program is designed to meet the rigorous requirements of healthcare data protection, including:

• HIPAA Compliance: All protected health information is processed and stored in accordance with the Health Insurance Portability and Accountability Act. We maintain Business Associate Agreements (BAAs) with all applicable partners.
• SOC 2 Type II Compliance: Our infrastructure and processes are independently audited to meet SOC 2 standards for security, availability, processing integrity, confidentiality, and privacy.
• Encryption: Data is encrypted both in transit (TLS 1.2+) and at rest (AES-256) across all systems and storage.
• Access Controls: Role-based access controls, multi-factor authentication, and comprehensive audit logging are enforced across all platforms.

4. Third-Party Services

We may share information with trusted third-party service providers who assist us in operating our platforms, conducting business, or servicing you. These providers are contractually obligated to keep your information confidential and are prohibited from using it for any purpose other than performing services on our behalf.

We may also disclose your information when required by law, to enforce our policies, or to protect our or others' rights, property, or safety.

We do not sell, trade, or otherwise transfer your personal information to outside parties for marketing purposes.

5. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data. We are committed to honoring these rights in compliance with applicable law.

Rights Under GDPR (European Economic Area)

If you are a resident of the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data under certain conditions.
• Right to Restrict Processing: Request limitation of processing your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us using the information provided below. We will respond to your request within 30 days.

6. Contact for Privacy Concerns

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

We reserve the right to update this Privacy Policy at any time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.