Privacy Policy

1.1 Information You Provide

• Account Information. When you create an account: your legal name, date of birth, email address, phone number, and mailing address.
• Payment Information. When you add a payment method: your credit card, debit card, HSA/FSA card, or bank account details. Payment information is collected and stored by our payment processor (currently Stripe, Inc.), not by OpenDoc directly. We receive only a tokenized reference and the last four digits of your card number.
• Transaction Information. When you activate a Health Key: the HSO (service) selected, the provider selected, the price (MPR), the date and time of service, Health Key state changes, Proof of Service status, and payment and refund records.
• Dependent Information. If you manage Health Keys for dependents: their name, date of birth, and transaction information as described above.
• Communications. When you contact us: the content of your messages, dispute filings, and support requests.

1.2 Information Collected Automatically

• Device and Browser Information. Device type, operating system, browser type, screen resolution, and unique device identifiers.
• Usage Information. Pages viewed, features used, search queries entered, time spent on the Platform, and interaction patterns.
• Location Information. Approximate location based on IP address. We use this to show you providers near your area. We do not collect precise GPS location unless you explicitly enable location services, and you can disable this at any time.
• Log Data. IP address, access times, referring URLs, and error logs.

1.3 Information We Do NOT Collect

OpenDoc does not collect:

• Medical records, clinical notes, test results, diagnoses, or prescriptions
• Insurance plan details, member IDs, group numbers, or claims data
• Social Security numbers
• Biometric data (unless you enable biometric authentication for app login, in which case biometric data is processed locally on your device and never transmitted to OpenDoc)
• Health information beyond the transaction data described in Section 1.1

OpenDoc is not a Business Associate under HIPAA. We do not create, receive, maintain, or transmit Protected Health Information on behalf of any healthcare provider.

3.1 With Your Provider

When you activate a Health Key, we share your name, date of birth, the HSO selected, and the Health Key credential with the provider you selected. This is necessary to facilitate the transaction you authorized. We share only the information needed for the specific transaction. We do not share your payment card details, your transaction history from other providers, or your account information beyond what is displayed on the Health Key.

3.2 With Our Payment Processor

We share your payment information with our payment processor (currently Stripe, Inc.) to process payments, escrow funds, issue refunds, and manage chargebacks. Stripe's handling of your payment information is governed by Stripe's own privacy policy and PCI DSS compliance standards.

3.3 With Service Providers

We may share information with third-party service providers who perform services on our behalf, such as cloud hosting, email delivery, analytics, and customer support tools. These providers are contractually required to use your information only for the purposes of providing services to OpenDoc and must maintain appropriate security standards.

3.4 For Legal Purposes

We may disclose your information if required by law, in response to a valid subpoena, court order, or government request, or as necessary to enforce our Terms of Service, protect OpenDoc's rights, or prevent fraud. Where legally permitted, we will make reasonable efforts to notify you before or promptly after disclosing your information in response to legal process.

3.5 In a Business Transfer

If OpenDoc is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any changes to this Privacy Policy.

3.6 With Your Consent

We may share your information in other circumstances with your explicit consent.

3.7 What We Never Share

We never share your information with:

• Advertisers or advertising networks
• Data brokers
• Insurance companies (OpenDoc does not interact with insurers)
• Any party for the purpose of marketing products or services to you

6.1 What We Use

OpenDoc uses the following categories of cookies and similar technologies:

• Essential Cookies. Required for the Platform to function. These handle authentication, session management, security, and payment processing. You cannot opt out of essential cookies while using the Platform.
• Analytics Cookies. Help us understand how the Platform is used so we can improve it. These collect aggregated, anonymized usage data. You may opt out of analytics cookies through your browser settings or through the cookie preferences panel at opendoc.com/cookies.

6.2 What We Do Not Use

OpenDoc does not use:

• Advertising or targeting cookies
• Third-party tracking pixels for advertising purposes
• Cross-site tracking technologies
• Fingerprinting or other persistent identification techniques beyond standard cookies

6.3 Do Not Track

OpenDoc honors Do Not Track (DNT) browser signals. When we detect a DNT signal, we disable analytics cookies for that session.

7.1 Active Accounts

We retain your personal information for as long as your account is active and as needed to provide you services, process transactions, and maintain your Health Key transaction history.

7.2 After Account Closure

After you close your account, we retain your transaction history for seven (7) years following your last transaction. This retention period is consistent with IRS record-keeping requirements for healthcare expenses (relevant if you used HSA/FSA funds) and applicable state record-keeping laws. After the retention period, your data is permanently deleted.

7.3 Specific Retention Periods

• Account information (name, date of birth): Retained for the duration of the transaction record retention period (7 years from last transaction), because this information is necessary to identify completed transactions for IRS and legal purposes. Other account information (email, phone, address, login credentials) is deleted within 90 days of account closure.
• Transaction records: 7 years from the date of the last transaction.
• Payment tokens: Deleted within 90 days of account closure. Underlying payment data is retained by Stripe pursuant to Stripe's retention policies and PCI DSS requirements.
• Communications and support records: 3 years from the date of the communication.
• Device and usage data: 13 months from collection.
• Dispute records: 7 years from resolution, consistent with legal requirements.

7.4 Legal Holds

We may retain information beyond the periods described above if required by law, regulation, legal hold, or pending litigation.

8.1 Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you as required by applicable state law, and in any event within sixty (60) days of confirming the breach. Notification will be sent to the email address associated with your account and, where required by law, to applicable state regulators.

9.1 Rights Available to All Users

Regardless of where you live, you have the following rights:

• Access: You can view your account information, transaction history, and receipts through the Platform at any time.
• Correction: You can update your account information through the Platform. If you believe any transaction record is inaccurate, contact us at [email protected].
• Deletion: You can request deletion of your account and personal information by contacting us at [email protected]. Deletion is subject to the retention periods described in Section 7 and any legal obligations.
• Data Export: You can request a copy of your personal information in a portable, machine-readable format by contacting us at [email protected].

9.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

• Right to Know. You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share your information.
• Right to Delete. You may request deletion of your personal information, subject to certain exceptions (such as completing a transaction you requested, complying with legal obligations, or maintaining records required by law).
• Right to Correct. You may request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing. OpenDoc does not currently sell or share your personal information as defined by the CCPA/CPRA. No opt-out is necessary at this time.
• Right to Limit Use of Sensitive Personal Information. OpenDoc uses sensitive personal information (such as your payment information) only as necessary to provide the Platform services you request. No additional limitation is needed.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.
• Authorized Agents. You may designate an authorized agent to submit requests on your behalf. We may require the authorized agent to provide proof of your written authorization and may verify your identity directly.

To exercise these rights, contact us at [email protected] or use the request form at opendoc.com/privacy/request. We verify your identity by matching information you provide in your request against information we already have on file. We may ask you to confirm your name, email address, and details of a recent transaction.

For California residents under 16, we comply with the additional protections required by the CPRA, including not selling or sharing their personal information without affirmative opt-in consent.

9.3 Additional Rights for Virginia, Colorado, Connecticut, Texas, Oregon, and Montana Residents

If you are a resident of Virginia, Colorado, Connecticut, Texas, Oregon, or Montana, you have similar rights under your state's applicable consumer data privacy law:

• Right to access, correct, and delete your personal data
• Right to data portability (receive your data in a portable format)
• Right to opt out of the sale of personal data (not applicable — OpenDoc does not sell data)
• Right to opt out of targeted advertising (not applicable — OpenDoc does not engage in targeted advertising)
• Right to opt out of profiling (not applicable — OpenDoc does not engage in profiling that produces legal or similarly significant effects)

To exercise these rights, contact us at [email protected]. If we deny your request, you may appeal by contacting us at [email protected] with the subject line “Privacy Appeal.” If you are a Colorado, Connecticut, or Oregon resident, you may also contact your state attorney general if you are not satisfied with the outcome of your appeal.

9.4 Additional Rights for Other States

Privacy laws are evolving across the United States. If your state enacts consumer privacy legislation that provides additional rights not listed above, we will comply with applicable requirements. Contact us at [email protected] to exercise any state-specific privacy rights.

9.5 Response Timing

We respond to all verified privacy rights requests within forty-five (45) days. If we need additional time due to the complexity of the request, we will notify you of the extension and the reason, and will respond within a total of ninety (90) days.