SWISHVO INC.

Privacy Policy

Effective Date: [06.01/2025] | Last Updated: [03/01/2026]

1. Introduction

Swishvo Inc. ("Swishvo," "we," "us," or "our") is a technology platform that provides practice management, documentation, and billing workflow tools to independent health and wellness providers. Swishvo is not a healthcare provider, billing company, or managed service organization. Swishvo does not provide clinical care, employ providers, or operate medical practices.

This Privacy Policy describes how we collect, use, disclose, and protect information when you access or use the Swishvo platform, website (swishvo.com), and related services (collectively, the "Platform"). By using the Platform, you agree to the practices described in this Privacy Policy.

We maintain separate data practices for two categories of users: (a) Providers, meaning independent health and wellness professionals who use the Platform to manage their practices, and (b) Individuals, meaning people who use the Platform to explore or engage with independent providers. This Privacy Policy applies to both categories.

2. Information We Collect

2.1 Information from Providers

When providers register for and use the Platform, we may collect the following: name, email address, phone number, and business contact information; professional credentials, certifications, licensure details, and NPI number; practice information including modality, specialization, geographic service area, and cultural competencies; documentation created through Platform tools (such as HEART Notes, SOAP notes, and other session documentation); billing-related information including CPT codes, ICD-10 codes, and claim preparation data; payment information for Platform subscription and usage fees (processed through Stripe); and profile information providers choose to make publicly discoverable.

Providers are solely responsible for the accuracy and appropriateness of all clinical documentation, billing codes, and claim submissions made using the Platform. Swishvo's AI-assisted tools provide suggestions that providers must independently review, verify, and authorize before use.

2.2 Information from Individuals

When individuals use the Platform, we may collect the following: name, email address, and contact information; responses to optional assessments (such as FICA, HOPE, or SPIRIT assessments) that individuals voluntarily complete; provider search preferences including modality, location, cultural background, and insurance type; and device and usage information as described in Section 2.3.

Assessment responses and search preferences are used to support the individual's own exploration of available provider types. Swishvo does not use this information to diagnose conditions, recommend treatment plans, or direct individuals to specific providers based on compensation. All provider selection is controlled by the individual.

2.3 Information Collected Automatically

When you access the Platform, we automatically collect certain information including: IP address, browser type, operating system, and device identifiers; pages visited, features used, and interactions with the Platform; date, time, and duration of your sessions; and referral URLs and search terms used to reach the Platform.

We use cookies and similar tracking technologies to support Platform functionality, remember your preferences, and analyze usage patterns. You can manage cookie preferences through your browser settings. Disabling certain cookies may limit Platform functionality.

3. How We Use Your Information

We use the information we collect for the following purposes: to provide, operate, and maintain the Platform, including practice management tools, documentation features, provider directory functionality, and billing workflow tools; to process Platform subscription fees and usage-based fees through our payment processor (Stripe); to improve, personalize, and develop new Platform features and functionality; to communicate with you about your account, Platform updates, and (with your consent) marketing communications; to provide AI-assisted features, including documentation suggestions and CPT code recommendations, which are always subject to provider review and authorization; to support provider directory functionality, enabling individuals to discover providers based on their own search criteria; to generate aggregated, de-identified analytics for Platform improvement and research purposes; and to comply with legal obligations, enforce our terms, and protect the rights and safety of our users and the public.

We do not use your information to provide, coordinate, or deliver healthcare services. All care is delivered independently by providers who retain full control over their clinical and business operations.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

With Service Providers. We share information with third-party service providers who perform services on our behalf, including payment processing (Stripe), cloud infrastructure and database hosting (Supabase), AI-assisted documentation features (Google Gemini), and analytics tools. These providers are contractually bound to use your information only for the services they provide to us and in accordance with this Privacy Policy.

Between Providers and Individuals. If an individual engages with a provider through the Platform, information that the individual submits (such as contact details and assessment responses) may be accessible to that provider in connection with the individual's voluntary use of the provider's services. Swishvo does not direct, coordinate, or facilitate care. All provider-individual relationships are independent of Swishvo.

Provider Directory. Providers who create profiles on the Platform may have certain profile information (such as name, modality, geographic area, and cultural competencies) displayed in the provider directory. Providers control what information is included in their public profile.

Aggregated and De-Identified Data. We may share aggregated or de-identified data that cannot reasonably identify you for research, analytics, industry reporting, and Platform improvement purposes.

Legal Obligations. We may disclose your information if required to do so by law, regulation, or valid legal process (such as a subpoena or court order), or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Swishvo, our users, or the public.

Business Transfers. If Swishvo is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

5. Artificial Intelligence and Data Processing

The Platform includes AI-assisted features that help providers with documentation and billing workflows. These features are powered by third-party AI services (currently Google Gemini). When providers use AI-assisted features:

Session notes and documentation inputs may be processed by the AI service to generate structured documentation suggestions (such as HEART Notes) and CPT code recommendations. All AI-generated suggestions are preliminary and require provider review, verification, and authorization before use. Swishvo does not make clinical, diagnostic, or billing decisions. The provider is solely responsible for the accuracy and appropriateness of all documentation and billing codes. We do not use provider session data or client information to train AI models. AI processing is limited to generating suggestions for the specific provider session in which the data was entered.

Individuals who complete assessments (such as FICA, HOPE, or SPIRIT) may receive AI-assisted educational guidance, such as information about provider types that are commonly associated with their stated needs. This guidance is informational only and does not constitute a diagnosis, treatment recommendation, or referral to any specific provider.

6. Health Information and HIPAA

Swishvo is a technology platform. Protected health information (PHI) entered by providers into the Platform is governed by the provider's own obligations under the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws. Providers are independently responsible for their own HIPAA compliance, including obtaining any required patient authorizations and maintaining appropriate privacy and security practices.

Swishvo maintains administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of information processed through the Platform. Where required, Swishvo will enter into Business Associate Agreements (BAAs) with covered entities. Swishvo does not use PHI for marketing purposes, does not sell PHI, and does not use PHI for any purpose other than providing and improving the Platform as described in this Privacy Policy.

7. Data Security

We implement industry-standard security measures designed to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include encryption of data in transit and at rest, access controls and authentication requirements, regular security assessments and monitoring, and secure development practices.

However, no method of electronic transmission or storage is completely secure. While we strive to use commercially reasonable means to protect your information, we cannot guarantee absolute security. If you have reason to believe your account or information has been compromised, please contact us immediately at info@swishvo.com.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide you with the Platform. We may also retain information as necessary to comply with legal obligations, resolve disputes, enforce agreements, and support legitimate business purposes.

Provider documentation and billing data may be retained for a minimum of [6/7/10] years in accordance with applicable recordkeeping requirements. [Note for legal counsel: retention period should be confirmed based on applicable state and federal requirements for the provider types served.]

When information is no longer needed for any of these purposes, we will securely delete or de-identify it in accordance with our data retention policies.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability. You may request a copy of the personal information we hold about you in a structured, commonly used, and machine-readable format.

Correction. You may request that we correct inaccurate personal information.

Deletion. You may request that we delete your personal information, subject to certain exceptions (such as legal retention requirements).

Opt-Out of Marketing. You may opt out of receiving marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly.

Cookie Preferences. You may manage cookie preferences through your browser settings.

To exercise any of these rights, please contact us at info@swishvo.com. We will respond to your request within the timeframe required by applicable law.

9.1 California Residents

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete, the right to opt out of the sale or sharing of personal information (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights. To submit a request, contact us at info@swishvo.com.

9.2 Residents of Other States with Privacy Laws

If you reside in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another state with a comprehensive consumer privacy law, you may have additional rights under your state's law. Please contact us at info@swishvo.com to exercise these rights.

10. Children's Privacy

The Platform is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@swishvo.com and we will take steps to delete such information.

Individuals between the ages of 13 and 17 may use the Platform only with the involvement and consent of a parent or legal guardian.

11. Third-Party Links and Services

The Platform may contain links to third-party websites or services that are not owned or controlled by Swishvo. This Privacy Policy does not apply to third-party services, and we are not responsible for the privacy practices of any third party. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated Privacy Policy on our website and updating the "Last Updated" date. For material changes that affect how we use or share your information, we will provide additional notice (such as an email notification or in-Platform alert). Your continued use of the Platform after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Swishvo Inc.

Email: info@swishvo.com

Website: swishvo.com