Important: This Privacy Policy is intended to broadly protect Found Practice and explain our practices at a platform level. It is not legal advice to any clinic, visitor, or user, and it does not replace any clinic-specific Notice of Privacy Practices or other legally required healthcare disclosures.

1. Scope and Acceptance

This Privacy Policy describes how Found Practice collects, uses, stores, analyzes, shares, and otherwise processes information in connection with our websites, hosted clinic websites, lead forms, analytics tools, reporting features, communications, support channels, integrations, and related products and services (collectively, the “Services”).

By accessing or using the Services, you acknowledge that your information may be handled as described in this Privacy Policy. If you do not agree, do not use the Services.

2. Information We Collect

2.1 Information Provided by Clinics, Owners, and Team Members

  • Business, clinic, and contact details such as names, email addresses, phone numbers, addresses, specialties, hours, and service information.
  • Account credentials, authentication details, profile information, and settings.
  • Branding, website content, photos, logos, uploaded files, and other materials submitted through the Services.
  • Billing, subscription, payment, and transaction-related information.
  • Communications with us, including support requests, feedback, and feature requests.

2.2 Information About Visitors, Leads, Customers, and Patients

  • Contact details and inquiry information submitted through forms, calls, chats, intake tools, or other contact points made available through the Services.
  • Appointment, consultation, service-interest, or lead-generation information submitted by or about visitors.
  • Communications content, responses, messages, and other interaction data where our tools are used to capture or route such information.
  • Any other information clinics choose to collect, route, upload, or store through the Services.

2.3 Automatically Collected Information

  • IP address, browser type, device identifiers, operating system, referral source, pages viewed, session activity, timestamps, clickstream data, and similar usage data.
  • Cookie, pixel, tag, local storage, attribution, and advertising-related data.
  • Performance, diagnostic, fraud-prevention, error, and security logs.
  • Geographic, campaign, conversion, engagement, and related analytics data.

2.4 Information from Third Parties

  • Google Business Profile, search, map, advertising, analytics, and related platform data.
  • Advertising, marketing, CRM, scheduling, communications, and payment integrations.
  • Publicly available business information, reviews, directories, and similar sources.

3. How We Use Information

We may use information for any lawful business purpose, including to:

  • Provide, host, operate, maintain, secure, and support the Services.
  • Create, manage, optimize, and improve clinic websites, pages, content, forms, funnels, and related tools.
  • Track clinic performance, visibility, engagement, campaign results, lead flow, and customer behavior.
  • Measure progress, produce reports, benchmark outcomes, and improve our products, systems, models, and services.
  • Develop aggregated, anonymized, or de-identified insights, benchmarks, and internal business intelligence.
  • Communicate with clinics, users, visitors, leads, and support contacts.
  • Personalize content, test features, troubleshoot errors, and enhance user experience.
  • Prevent fraud, abuse, misuse, unauthorized access, legal violations, and security incidents.
  • Enforce our terms, protect our rights, and comply with legal obligations.

4. Analytics, Tracking, and Service Improvement

Found Practice uses analytics and tracking technologies broadly to understand how clinics and visitors use the Services, measure clinic progress, evaluate traffic and lead quality, attribute conversions, identify trends, improve campaigns, optimize workflows, and improve our overall products and services.

  • We may track activity across our own websites, clinic websites we host or support, landing pages, forms, dashboards, emails, campaigns, and related digital properties.
  • We may combine analytics from multiple sources, including first-party, third-party, advertising, and integration data.
  • We may use collected data to create internal benchmarks, performance models, comparative insights, and service-improvement metrics.
  • We may use anonymized, aggregated, pseudonymized, or de-identified information for research, measurement, product improvement, quality assurance, and commercial business purposes.
  • To the fullest extent permitted by law, we may retain and continue to use analytics, model inputs, derived insights, and de-identified data even after a clinic account is closed or certain raw data is deleted.
Clinics are responsible for obtaining any notices or consents that may be required for their own websites, pixels, cookies, visitor tracking, or regulated communications.

5. Sharing and Disclosure

We may share information as follows:

  • With service providers, contractors, and vendors that help us host, secure, analyze, communicate, support, bill, or improve the Services.
  • With clinics, administrators, staff, and authorized users associated with the relevant account or website.
  • With advertising, analytics, infrastructure, communications, and integration partners where needed to operate or improve the Services.
  • In connection with mergers, financing, asset sales, acquisitions, bankruptcy, or similar transactions.
  • To protect rights, enforce agreements, investigate misconduct, prevent harm, respond to claims, or comply with law, regulation, legal process, or government request.
  • With consent, at direction, or as otherwise authorized by the applicable user or clinic.
  • In aggregated, anonymized, pseudonymized, or de-identified form that does not reasonably identify a particular person.

6. Healthcare, HIPAA, and Clinic Responsibility

Found Practice is a technology and marketing platform provider, not a healthcare provider. Clinics and healthcare professionals remain solely responsible for their own compliance with privacy, healthcare, consumer-protection, advertising, and professional rules, including any obligations under HIPAA, state privacy laws, medical-records laws, patient-consent requirements, and other regulated-data frameworks.

  • Unless otherwise expressly agreed in writing, our general website, marketing, and contact tools are not intended to serve as a clinic’s legal Notice of Privacy Practices or regulated medical-record system.
  • Clinics are responsible for determining what information they collect through the Services and whether that information is subject to HIPAA, consumer health privacy laws, or similar rules.
  • If a clinic routes, uploads, or stores protected health information or other regulated data through the Services, the clinic does so at its own direction and remains responsible for notices, permissions, legal basis, and compliance unless a separate written agreement states otherwise.
  • Where we agree in writing to process regulated data on behalf of a clinic, additional contractual terms, limitations, and responsibilities may apply.

7. Cookies and Similar Technologies

We and our partners may use cookies, pixels, tags, local storage, analytics tools, session technologies, and similar technologies to operate the Services, remember settings, recognize users, attribute campaigns, analyze engagement, prevent fraud, and improve performance.

Browser settings may allow you to limit certain tracking technologies, but doing so may affect functionality, reporting accuracy, or service performance.

8. Data Retention

We retain information for as long as we reasonably determine it is needed for business, legal, operational, security, measurement, archival, backup, dispute-resolution, analytics, and service-improvement purposes.

  • Retention periods may vary by data type, account status, service configuration, legal obligation, fraud risk, and business need.
  • Backup copies, logs, derived analytics, model outputs, and de-identified information may persist for longer periods.
  • Even where deletion is requested, we may retain information as needed to comply with law, resolve disputes, enforce agreements, protect our rights, or maintain legitimate internal records.

9. Security

We use administrative, technical, and organizational safeguards designed to protect information. However, no system, transmission method, or storage environment is completely secure, and we do not guarantee absolute security. To the fullest extent permitted by law, use of the Services is at your own risk.

10. Your Choices and Requests

Depending on applicable law, you may have rights to request access, correction, deletion, or information about certain processing. We may need to verify identity, account authority, or clinic authority before responding.

Where a clinic controls the relevant data, we may direct requests to that clinic. We may also decline or limit requests where permitted by law or where necessary to protect rights, safety, legal obligations, or other users.

11. International Processing

Information may be processed, stored, or accessed in the United States and other jurisdictions where we, our vendors, or our partners operate. By using the Services, you acknowledge that information may be transferred to locations with privacy laws that differ from those in your jurisdiction.

12. Changes to This Policy

We may update this Privacy Policy at any time. Updated versions become effective when posted unless otherwise stated. Your continued use of the Services after an update constitutes acceptance of the revised policy.

13. Contact

For privacy-related questions or requests, please contact us through our contact page. We may request additional information to verify authority before responding to certain privacy inquiries.

Back to Home Terms of Service