Privacy Policy
Effective Date: January 18, 2026
VeraTap ("Company," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "App").
1. Information We Collect
Personal Information: We may collect personal information that you voluntarily provide when registering for an account, making a purchase, or contacting us. This may include your name, email address, phone number, billing address, and payment information.
Device Information: We automatically collect certain information about your device, including your device type, operating system, unique device identifiers, IP address, and mobile network information.
Usage Data: We collect information about how you interact with our App, including the features you use, the pages you visit, the time and date of your visits, and other diagnostic data.
Location Information: With your consent, we may collect and process information about your actual location.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our App and services
- Process transactions and send related information
- Send you technical notices, updates, security alerts, and support messages
- Respond to your comments, questions, and customer service requests
- Monitor and analyze trends, usage, and activities
- Detect, investigate, and prevent fraudulent transactions and other illegal activities
- Personalize and improve your experience
- Comply with legal obligations
3. Sharing of Information
We may share your information with:
- Third-party service providers who perform services on our behalf
- When required by law or to protect our rights
- In connection with a merger, acquisition, or sale of assets
- With your consent or at your direction
4. Data Security
We implement appropriate technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is completely secure.
5. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.
6. Your Rights and Choices
Depending on your location, you may have certain rights regarding your personal information, including:
- The right to access, correct, or delete your data
- The right to opt out of certain data processing activities
- The right to withdraw consent
7. Children's Privacy
Our App is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13.
8. Third-Party Links
Our App may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the effective date.
10. HIPAA Compliance
Veratap provides technology services to healthcare organizations and, in the course of delivering those services, may receive, create, maintain, process, store, or transmit protected health information (PHI) on their behalf. In this capacity, Veratap acts as a business associate as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and their implementing regulations, including the Privacy Rule, Security Rule, and Breach Notification Rule.
Our Commitment
Veratap is committed to safeguarding the confidentiality, integrity, and availability of all PHI entrusted to us. We use and disclose PHI only as permitted by our Business Associate Agreements (BAAs) and as required by law, and we limit such use and disclosure to the minimum necessary to perform the services for which we are engaged. We do not sell PHI, and we do not use PHI for any purpose outside the scope of our agreements with our customers.
Administrative, Physical, and Technical Safeguards
In accordance with the HIPAA Security Rule, Veratap maintains a comprehensive information security program that includes:
- Administrative safeguards, including workforce training, role-based access controls, designated security and privacy responsibilities, risk assessments, and documented policies and procedures governing the handling of PHI.
- Physical safeguards, including controls over facility access, workstation security, and the secure handling and disposal of media containing PHI.
- Technical safeguards, including encryption of PHI in transit and at rest, access controls and unique user authentication, audit logging and monitoring, and automatic safeguards to protect against unauthorized access.
Business Associate Agreements
Veratap enters into a Business Associate Agreement with each customer for whom we handle PHI. Through these agreements, we commit to using appropriate safeguards, restricting use and disclosure of PHI to permitted purposes, reporting unauthorized use or disclosure, ensuring that our subcontractors agree to the same restrictions, and returning or destroying PHI upon termination of the engagement where feasible.
Subcontractors and Vendors
Where Veratap engages subcontractors or third-party service providers that may have access to PHI, we require each of them to enter into a written agreement obligating them to protect PHI in a manner consistent with our own obligations under HIPAA and the applicable Business Associate Agreement.
Breach Notification
In the event of a breach of unsecured PHI, Veratap will notify the affected covered entity or business associate customer without unreasonable delay and in accordance with the timeframes and requirements set forth in the HIPAA Breach Notification Rule and the applicable Business Associate Agreement. Our notification will include the information necessary for the customer to meet its own notification obligations.
Individual Rights
If you are an individual seeking to exercise rights regarding your PHI—such as the right to access, obtain a copy of, or request correction of your records, or to receive an accounting of disclosures—please contact the healthcare organization (the covered entity) that holds your records. These rights are administered by the covered entity rather than by Veratap, as we handle PHI only on our customers' behalf.
11. Contact Us
- Website: veratap.com
- Email: [email protected]