Privacy Policy

Last updated: March 2026

Operated by Legacy Medical Solutions LLC and NXT LVL Consulting Group LLC

Contents

1. Introduction2. Information We Collect3. What We Do NOT Collect4. How We Use Your Information5. Information Sharing6. Data Security7. Your Rights8. Cookies9. HIPAA Notice10. Changes to This Policy11. Contact

1. Introduction

PracticeStrategy is committed to protecting the privacy of medical practices, healthcare vendors, and enterprise organizations that use our platform. This Privacy Policy explains how we collect, use, and protect your information.

By using PracticeStrategy, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account information — name, email address, organization name, and role
Practice profile data — specialty, location, provider count, strategic goals, and vendor preferences
Vendor profile data — company information, product descriptions, and proposal content
Usage data — platform activity, feature usage, and login timestamps
Payment information — processed securely by Stripe. We never store card numbers or payment credentials.
Communications — support tickets and messages sent through the platform

3. What We Do NOT Collect

PracticeStrategy is NOT a covered entity under HIPAA and does not collect, store, or transmit Protected Health Information (PHI).

Our platform is designed for vendor evaluation and business operations — not clinical data or patient records.

We do not collect:

Patient names, records, or health data
Clinical notes or medical records
Insurance claim data
Any data that identifies individual patients

4. How We Use Your Information

Powering AI-driven vendor matching and proposal scoring
Personalizing your dashboard and recommendations
Processing payments through Stripe
Sending platform notifications and product updates
Improving platform features and AI accuracy
Responding to support requests

5. Information Sharing

We do not sell your personal information to third parties. We share information only in these limited cases:

With vendors you choose to engage — your practice profile details are shared when you accept or respond to a proposal
With enterprise organizations you join — aggregate activity data only, not individual proposal details
With service providers — Supabase (database), Stripe (payments), and Anthropic (AI analysis) — under strict data processing agreements
When required by law or valid legal process

6. Data Security

All data encrypted in transit using TLS
Database hosted on Supabase with Row Level Security enabled
Passwords are hashed and never stored in plain text
Payment data handled exclusively by Stripe (PCI DSS compliant)
Regular security reviews and access controls

7. Your Rights

You have the right to:

Access your data at any time from your account settings
Update or correct your information
Delete your account and all associated data
Export your data in a portable format
Opt out of marketing emails at any time

To exercise these rights, contact us at privacy@practicestrategy.io

8. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. You cannot opt out of essential cookies without losing access to your account.

9. HIPAA Notice

PracticeStrategy is a business operations platform, not a clinical system.

We do not handle Protected Health Information (PHI) and are not a HIPAA Business Associate. Our platform helps practices evaluate vendors — it does not connect to EHRs, patient portals, or clinical data systems.

If you believe PHI has been inadvertently shared through our platform, contact us immediately at privacy@practicestrategy.io

10. Changes to This Policy

We will notify users of material changes via email and platform notification. Continued use of PracticeStrategy after notice of changes constitutes your acceptance of the updated policy.

11. Contact

For privacy questions or requests:

Legacy Medical Solutions LLC
NXT LVL Consulting Group LLC
legal@practicestrategy.io

© 2026 Legacy Medical Solutions LLC · All rights reserved.