Effective Date: February 14, 2026

Last Updated: February 14, 2026

OccuHelp, LLC ("OccuHelp," "we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our web application and related services (collectively, the "Service").

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, phone number, organization name, and job title.

Protected Health Information (PHI): In the course of providing occupational health management services, our platform may process PHI as defined under HIPAA. PHI is handled in accordance with our Business Associate Agreement and applicable regulations.

Usage Data: We automatically collect information about how you interact with the Service, including IP address, browser type, device information, pages visited, and timestamps.

Authentication Data: We use Firebase Authentication to manage sign-in. We collect authentication tokens and device identifiers for security purposes.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Authenticate your identity and manage your account
  • Process transactions and manage subscriptions
  • Send transactional communications (account alerts, security notices)
  • Monitor and analyze usage to improve the Service
  • Detect, prevent, and address security incidents and fraud
  • Comply with legal obligations, including HIPAA requirements

3. HIPAA Compliance

OccuHelp operates as a Business Associate under HIPAA when processing PHI on behalf of Covered Entities. We maintain administrative, physical, and technical safeguards to protect PHI, including:

  • Encryption of data in transit and at rest
  • Role-based access controls and multi-factor authentication
  • Audit logging of all access to PHI
  • Regular security assessments
  • Workforce training on HIPAA requirements

Our obligations regarding PHI are further defined in our Business Associate Agreement, which is executed with each client organization.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: With third-party vendors who assist in operating our Service (e.g., cloud hosting, payment processing, email delivery), subject to contractual obligations to protect your data.
  • Your Organization: Account administrators within your organization may access certain information related to your use of the Service.
  • Legal Requirements: When required by law, regulation, legal process, or governmental request.
  • Safety and Security: To protect the rights, property, or safety of OccuHelp, our users, or the public.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for data at rest
  • Mandatory multi-factor authentication
  • Regular security audits and penetration testing
  • Incident response procedures

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Audit logs are retained for seven (7) years to meet regulatory requirements. Upon account termination, we will delete or de-identify your data within a reasonable timeframe, except where retention is required by law.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict certain processing activities
  • Receive a copy of your data in a portable format

To exercise any of these rights, contact us at compliance@occuhelp.com.

8. Cookies and Tracking

We use cookies and similar technologies to maintain session state, remember preferences, and analyze usage. You can manage cookie preferences through your browser settings and our cookie consent tool. We use Google Analytics with IP anonymization enabled and only activate analytics tracking with your consent.

9. Third-Party Services

Our Service integrates with the following third-party services, each governed by their own privacy policies:

  • Google Cloud Platform: Infrastructure and hosting
  • Firebase: Authentication and hosting
  • Stripe: Payment processing
  • SendGrid: Email communications
  • Twilio: SMS communications

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

OccuHelp, LLC
Email: compliance@occuhelp.com
Website: www.occuhelp.com