Claros

Privacy Policy

Effective Date: May 30, 2025

This Privacy Policy explains how we collect, use, share, and protect your Personal Information, and the choices you have in connection with your use of Claros Health's services, including our software, website, and APIs.

SCOPE

This Privacy Policy applies to Personal Information processed by Claros Health, Inc. ("Claros Health," "we," or "us") in our operations, including on our websites, web-based services, APIs, and any associated platforms (collectively, the "Services"). This Policy covers all individuals who interact with the Services, whether as end users, customers, or visitors.

Claros Health, Inc., located at 1049 El Monte Avenue, Ste C51, Mountain View, CA 94040, is the data controller responsible for the handling of your Personal Information.

WHAT PERSONAL INFORMATION DO WE COLLECT?

We collect the following types of Personal Information:

  • Account Registration. When you sign up to use our Services (including through our website or API access), we collect your name, email address, organizational affiliation, and login credentials.
  • Communications. When you communicate with us through any channel, including email or support tickets, we may collect contact details and the contents of your communication.
  • Service-Related Data. Through your use of our platform or API, you may upload or transmit datasets, files, or structured information, which may include Personal Information or Protected Health Information (PHI). This includes information you provide directly or grant us access to via third-party integrations.
  • Authentication and Security Information. This includes usernames, hashed passwords, API tokens, access logs, and usage patterns used to authenticate and secure access to the Services.
  • Automatically Collected Data. We collect technical information through cookies and similar technologies. This may include IP addresses, browser types, device identifiers, session activity, location data, and pages visited within the Services.

HOW DO WE USE YOUR INFORMATION?

We use Personal Information for a range of legitimate business purposes:

To Operate and Improve Our Services:

  • Deliver, maintain, and improve our Services, including the Claros API;
  • Manage user accounts and preferences;
  • Enable secure access and usage tracking;
  • Respond to service inquiries and technical support requests.

Administrative and Legal Purposes:

  • Conduct internal audits and data analysis;
  • Monitor performance and detect misuse or fraud;
  • Fulfill regulatory, compliance, and legal obligations (e.g., CMS reporting);
  • Communicate administrative updates and legal notices.

Product Development and Research:

  • Improve our algorithms and infrastructure;
  • Develop new features based on anonymized or aggregated usage data.

We may also create de-identified or aggregated data for analytics and research. This data does not identify individuals and is used for lawful business purposes.

LEGAL BASES FOR PROCESSING

We process Personal Information under the following legal justifications:

  • Performance of a Contract — to provide you or your organization with the Services;
  • Legitimate Interests — for product maintenance, analytics, and service improvement;
  • Compliance with Legal Obligations — such as CMS or HIPAA requirements;
  • Consent — where legally required.

INFORMATION SHARING

We share Personal Information with:

  • Service Providers and Infrastructure Vendors — including hosting, analytics, and authentication tools, solely to support operation of the Services;
  • Law Enforcement or Legal Authorities — when legally required or to protect our rights and property;
  • Successors or Acquirers — in connection with a business transition such as a merger or acquisition.

We do not sell your Personal Information to third parties.

CUSTOMER DATA PROCESSED THROUGH OUR SERVICES

If you are a patient or individual whose data is being processed through our Services, please note that we act only as a processor of that data on behalf of healthcare providers or partners. Those entities are the controllers of your data. We process such data solely in accordance with their instructions and our agreements with them.

YOUR RIGHTS & CHOICES

You may have the right, depending on your location, to:

  • Access or request a copy of your Personal Information;
  • Correct or delete information we hold about you;
  • Object to processing or withdraw consent;
  • Lodge a complaint with a regulatory authority.

To exercise these rights, contact us at gordon@claros.health.

DATA RETENTION

We retain your data only as long as needed to fulfill the purposes described here or to comply with legal requirements.

SECURITY MEASURES

Claros Health maintains strict administrative, technical, and physical safeguards to protect Personal Information. All of our vendors sign Business Associate Agreements (BAAs), and we ensure that our infrastructure complies with HIPAA requirements. In addition, all employees undergo regular HIPAA training and are required to follow internal data protection protocols.

CHILDREN'S PRIVACY

Our Services are not intended for, nor directed to, children under the age of 13 (or other age as required by applicable law). We do not knowingly collect or solicit Personal Information from children. If we become aware that a child has submitted information to us without appropriate parental or guardian consent, we will take prompt steps to delete the information. If you are a parent or legal guardian and believe your child has provided us with Personal Information, please contact us at the address below.

CALIFORNIA RESIDENTS

Under California Civil Code Section § 1798.83 and the California Consumer Privacy Act (CCPA), California residents have the right to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. Claros Health does not share Personal Information with third parties for their direct marketing use. California residents may also have additional rights under the CCPA, including:

  • The right to know what Personal Information is collected, used, and disclosed;
  • The right to request deletion of Personal Information;
  • The right to non-discrimination for exercising privacy rights.

To submit a request under these rights, please contact us at gordon@claros.health.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of significant changes through the Services or by email.

CONTACT US

Claros Health, Inc.

1049 El Monte Avenue, Ste C51

Mountain View, CA 94040

Email: gordon@claros.health

Attn: Gordon Chi