DocLoop Privacy Notice

Last Updated: September 4, 2025

This Privacy Notice applies to the processing of personal information by DocLoop, LLC (“DocLoop,” “we,” “us,” or “our”) including on our website available at https://docloop.com/ and our other online or offline offerings that link to, or are otherwise subject to, this Privacy Notice (collectively, the “Services”).

Disclosure Regarding Customer Data. This Privacy Notice does not apply to the personal information that we process on behalf of our customers pursuant to a written agreement we have entered into with such customers (“Customer Data”). Our customers’ respective privacy notices or policies govern their collection and use of Customer Data. Our processing of Customer Data is governed by the contracts that we have in place with our customers, not this Privacy Notice. Any questions or requests relating to Customer Data should be directed to our customer.

Special Note to Users Interacting with a DocLoop-Contracted Care Provider: Our Services are available only to care providers with a contractual relationship with DocLoop. If you engage directly with a DocLoop-contracted care provider, this Privacy Notice does not apply to the protected health information collected, created, used, or shared pursuant to the Health Insurance Portability and Accountability Act, as amended (“HIPAA”). Any questions, rights requests, and/or concerns about your protected health information should be directed to your care provider.

Special Note to Connecticut, Nevada, and Washington DocLoop Users and Potential Users. For information on our processing of “consumer health data” subject to the Connecticut Data Privacy Act, as amended, Nevada Consumer Health Data Privacy Law, or Washington My Health My Data Act or, please see Annex A – Supplemental Consumer Health Data Privacy Statement.

1. Updates to This Privacy Notice

We may update this Privacy Notice from time to time in our sole discretion. If we do, we’ll let you know by posting the updated Privacy Notice on our website, and we may also send other communications. 

2. Personal Information We Collect

We collect personal information that you provide to us, personal information we collect automatically when you use the Services, and personal information from third-party sources, as described below.

  1. Personal Information You Provide to Us Directly
    • Account Information. We may collect personal information in connection with the creation or administration of your account. This personal information may include, but is not limited to, your name, email address, phone number, hospital/clinic information, and other information you store with your account.
    • Transactions. We may collect personal information and details associated with your transactions on the Services, including payment information. Any payments made via our Services are processed by third-party payment processors. We do not directly collect or store any payment card information entered through our Services, but we may receive information associated with your payment card information (e.g., your billing details).
    • Your Communications with Us. We, and our service providers, may collect the information you communicate to us, such as through email or our web chat tool.
    • Surveys. We may contact you to participate in surveys. If you decide to participate, we may collect personal information from you in connection with the surveys.
    • Interactive Features. We and others who use our Services may collect personal information that you submit or make available through our interactive features (e.g., messaging features, commenting functionalities, forums, blogs, and social media pages).
    • Webinars, Conferences, Trade Shows, and Other Events. We may collect personal information from individuals when we attend or host webinars, conferences, trade shows, and other events. 
    • Business Development and Strategic Partnerships. We may collect personal information from individuals and third parties to assess and pursue potential business opportunities. 
    • Job Applications. If you apply for a job with us, we will collect any personal information you provide in connection with your application, such as your contact information and resume or CV.
  2. Personal Information Collected Automatically
    • Device Information. We may collect personal information about your device, such as your Internet protocol (IP) address, user settings, cookie identifiers, other unique identifiers, browser or device information, Internet service provider, and location information (including, as applicable, an approximate location derived from the IP address and precise geo-location information). 
    • Usage Information. We may collect personal information about your use of the Services, such as the pages that you visit, items that you search for, the types of content you interact with, information about the links you click, the frequency and duration of your activities, and other information about how you use the Services.
    • Cookie Notice (and Other Technologies). We, as well as third parties, may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect personal information through your use of the Services.
      • Cookies. Cookies are small text files stored in device browsers.
      • Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects personal information about use of or engagement with the Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in emails to understand whether messages have been opened, acted on, or forwarded.
  3. Personal Information Collected from Third Parties
    We may collect personal information about you from third parties. For example, if you access the Services using a third-party website, application, service, products, or technology (each a “Third-Party Service”), we may collect personal information about you from that Third-Party Service that you have made available via your privacy settings. 

3. How We Use Personal Information

We use personal information for a variety of business purposes, including to provide the Services, for administrative purposes, and to provide you with marketing materials, as described below.

  1. Provide the Services
    • Providing access to certain areas, functionalities, and features of the Services;
    • Communicating with you;
    • Answering requests; 
    • Sharing personal information with third parties as needed to provide the Services; and
    • Processing your financial information and other payment methods. 
  2. Improve the Services and Develop New Products and Services
    • Developing, training, and fine-tuning models, algorithms, and artificial intelligence technologies; and
    • Improving, upgrading, or enhancing the Services.
  3. Operate Our Business 
    • Carrying out analytics; 
    • Creating de-identified and/or aggregated information; 
    • Processing applications if you apply for a job we post on our Services; 
    • Allowing you to register for events; 
    • Enforcing our agreements and policies; and
    • Carrying out activities that are required to comply with our legal obligations.
  4. Marketing
    We may use personal information to tailor and provide you with marketing and other content.
  5. With Your Consent or Direction 
    We may use personal information: (i) for other purposes that are clearly disclosed to you at the time you provide the personal information, (ii) with your consent, or (iii) as otherwise directed by you.

4. How We Share Personal Information

We share personal information with third parties for a variety of business purposes, including to provide the Services, to protect us or others, or in connection with a major business transaction such as a merger, sale, or asset transfer, as described below. 

  1. Disclosures to Provide the Services
    • Service Providers. We may share personal information with service providers that assist us with the provision of the Services. This may include, but is not limited to, service providers that provide us with hosting services, customer service, AI or machine learning services, analytics, marketing services, IT support, and related services. In addition, personal information and chat communications may be shared with service providers that help provide our chat features.
    • Third-Party Services You Share or Interact With. The Services may link to or allow you to interface with, interact with, share information with, direct us to share information with, access, and/or use a Third-Party Service. 
    • Any personal information shared with a Third-Party Service will be subject to the Third-Party Service’s privacy policy. We are not responsible for the processing of personal information by Third-Party Services.
    • Business Partners. We may share your personal information with business partners we work with to provide you with a product or service you have requested. We may also share your personal information with business partners with whom we jointly offer products or services. 
    • Once your personal information is shared with our business partner, it will also be subject to our business partner’s privacy policy. We are not responsible for the processing of personal information by our business partners. 
    • DocLoop Customers (Authorized Users Only). In cases where you use our Services as an employee, contractor, or other authorized user of a DocLoop customer, we may share any information associated with your use of the Services with the DocLoop customer, including, but not limited to, account information, usage information, files, and the contents of the communications associated with your account. Your personal information may also be subject to the DocLoop customer’s privacy policy. We are not responsible for the DocLoop customer’s processing of your personal information.
    • Affiliates. We may share your personal information with our corporate affiliates.
    • Advertising Partners. We may share your personal information with third-party advertising partners. These third-party advertising partners may set Technologies on our Services to collect personal information regarding your activities and your device (e.g., IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this personal information (and similar information collected from other services) to tailor and deliver personalized ads to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising,” “personalized advertising,” or “targeted advertising.”
  2. Disclosures to Protect Us or Others
    We may share your personal information and related information with external parties if we, in good faith, believe doing so is required or appropriate to comply with law enforcement requests, national security requests, or other government requests; comply with legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual unauthorized or illegal activity.
  3. Disclosure in the Event of Merger, Sale, or Other Asset Transfers
    If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, purchase or sale of assets, transition of service to another provider, or other similar corporate transaction, your personal information may be shared, sold, or transferred as part of such a transaction.

5. Your Privacy Choices

Email Communications. If you receive an unwanted marketing email from us, you can use the unsubscribe functionality found at the bottom of the email to opt out of receiving future emails. Note that you will not be able to opt out of certain communications (e.g., communications regarding the Services or updates to this Privacy Notice).

  • “Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
  • Text Messages. If you receive an unwanted text message from us, you may opt out of receiving future text messages from us by following the instructions in the text message you have received from us or by otherwise contacting us as set forth in “Contact Us” below.
  • Cookies. You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. However, if you adjust your preferences, the Services may not work properly. 

The online advertising industry also provides mechanisms that may allow you to opt out of receiving targeted ads from organizations that participate in self-regulatory programs. To learn more, visit the Network Advertising Initiative and the Digital Advertising Alliance

Please note you must separately opt out in each browser and on each device.

6. International Transfers of Personal Information

All personal information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live.

7. Children’s Personal Information

The Services are not directed to children under 18 (or other age as required by local law outside the United States), and we do not knowingly collect personal information from children.

If you are a parent or guardian and believe that your child has uploaded personal information to the Services in violation of applicable law, you may contact us as described in “Contact Us” below.

8. Contact Us

If you have any questions about our privacy practices or this Privacy Notice, please contact us at: info@docloop.com.

ANNEX A
Supplemental Consumer Health Data Privacy Statement

This Supplemental Consumer Health Data Privacy Statement (“Consumer Health Data Privacy Statement”) supplements our Privacy Notice. 

This Supplemental Consumer Health Data Privacy Statement only applies to personal information we process that is “consumer health data” subject to the Connecticut Data Privacy Act, as amended (“CTDPA”), Washington My Health My Data Act (“MHMDA”), Nevada’s Consumer Health Data Privacy Law (“NVCHDPL”), or other states with consumer health data privacy laws (as applicable).

Terms used in this Supplemental Consumer Health Data Privacy Statement that are defined in MHMDA, NVCHDPL, or CTDPA will have the meaning set forth in those laws to the extent such laws are applicable. 

Consumer Health Data We Collect

Under the MHMDA, “consumer health data” is defined as “personal information that is linked or reasonably linkable to a consumer and that identifies the consumer’s past, present, or future physical or mental health status.”

Under NVCHDPL, “consumer health data” is defined as “personally identifiable information that is linked or reasonably capable of being linked to a consumer and that a regulated entity uses to identify the past, present or future health status of the consumer.”

Under CTDPA, “consumer health data” is defined as “any personal data that a controller uses to identify a consumer’s physical or mental health condition or diagnosis, and includes, but is not limited to, gender-affirming health data and reproductive or sexual health data.”

Because consumer health data is defined very broadly, many of the categories of personal information that we collect under our Privacy Notice may also be considered consumer health data.

Examples of consumer health data that you may provide to us, or that we may otherwise collect, may include:

  • Information that could identify your attempt to seek health care services or information, including services that allow you to assess, measure, improve, or learn about your or another person’s health. For example, we collect your search queries on our website, which may include queries or other information concerning nutrition, wellness, fitness, medical conditions, or other health-related topics.
  • Information about your health-related conditions, symptoms, status, diagnoses, disease, testing, or treatments.
  • Information about social, psychological, behavioral, and medical interventions. 
  • Information about use or purchase of prescribed medication. 
  • Information about measurements of bodily functions, vital signs, symptoms, or characteristics.
  • Information about diagnoses or diagnostic testing, treatment, or medication. 
  • Information about surgeries or other health-related procedures. 
  • Reproductive or sexual health information. 
  • Information about gender-affirming care. 
  • Biometric information. 
  • Genetic data. 
  • Information about your access to healthcare, including precise location information that could reasonably indicate an attempt to acquire or receive health services or supplies.
  • Information processed to associate or identify an individual with the data listed above that is derived or extrapolated from non-health information.
  • Information related to the precise (geo)location information of a consumer used to indicate an attempt by a consumer to receive health care services or products. 
  • Other information that may be used to infer or derive data related to the above or other consumer health data. 
Sources of Consumer Health Data

We collect consumer health data that you provide to us, consumer health data we collect automatically when you use the Services, and consumer health data from third-party sources, as described in our Privacy Notice and below.

Why We Collect and Use Consumer Health Data

We collect and use consumer health data for the purposes and in the manner described in the “How We Use Personal Information” section of our Privacy Notice. 

Primarily, we collect and use consumer health data as reasonably necessary to provide you with the products or Services you have requested or authorized. This may include delivering and operating the products or Services and their features, personalization of certain product or website features, ensuring the secure and reliable operation of the products or Services and the systems that support them, troubleshooting and improving the products and Services, and other essential business operations that support the provision of the products and Services (such as analyzing our performance and meeting our legal obligations).

We may also use consumer health data for other purposes for which we give you choices and/or obtain your consent as required by law.

Sharing of Consumer Health Data

We may share each of the categories of consumer health data described above for the purposes described above and in the “How We Use Personal Information” section of our Privacy Notice.

We only share or disclose your consumer health data as needed to provide you with the products or Services that you request, or with your explicit consent. We may share or disclose any or all the above categories of consumer health data to the following entities, who shall use the data only as permitted for the purposes set forth above, and within the bounds of our contracts with them:

These general categories of third parties:

  • Business Collaborators
  • Life Sciences Companies
  • Product co-promotion partners
  • Product co-development partners
  • Marketing and Advertising Agencies
  • Social Media Companies and Platforms
  • Service Providers (including those hosting or analyzing data on our behalf, those assisting with fraud prevention, those assisting in program administration, those assisting in incident management and reporting, those administering our call center and websites, and those who assist with our information technology and security programs)
  • Emergency Personnel
  • Authorized/legal representatives, family members, and caregivers
  • Third parties (including those with whom DocLoop has joint marketing and similar arrangements, those who provide marketing and data analytics services, those who provide program enrollment or product fulfillment, payment, and authorization, other third parties as necessary to complete transactions and provide products or Services, or where required by law)
  • DocLoop lawyers, auditors, and consultants
  • Legal and regulatory bodies

In addition, we may share or disclose consumer health data as permitted or required by law, such as (i) to an acquiring organization if we are involved in a sale or a transfer of our business, (ii) as needed to prevent, detect, protect against, or respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, (iii) in situations that may involve violations of our terms of use or other rules, (iv) to protect our rights and the rights and safety of others, (v) as needed to support external auditing, compliance and corporate governance functions, (vi) as needed to preserve the integrity or security of our systems, or (vii) to investigate, report, or prosecute those responsible for any action that is illegal under applicable state or federal law.

How to Exercise Your Rights

The CTDPA, MHMDA, and NVCHDPL provide consumers with certain rights with respect to consumer health data.

Under MHMDA, consumers have the right to: (i) confirm whether DocLoop is collecting, sharing, or selling consumer health data and to access such data; (ii) withdraw consent from DocLoop’s collection and sharing of consumer health data; and (iii) request that DocLoop delete consumer health data.

Under NVCHDPL, consumers have the right to: (i) confirm whether DocLoop is collecting, sharing or selling consumer health data; (ii) have DocLoop provide the consumer with a list of all third parties with whom DocLoop has shared consumer health data relating to the consumer or to whom DocLoop has sold such consumer health data; (iii) request that DocLoop cease collecting, sharing, or selling consumer health data relating to the consumer; and (iv) request that DocLoop delete consumer health data.

Under CTDPA, DocLoop is required to obtain consumer consent prior to selling or offering to sell, consumer health data. Consumers have the right to: (i) confirm whether DocLoop is collecting or sharing consumer health data; (ii) have DocLoop provide the categories of consumer health data that it shares with third parties and the categories of third parties with which it shares consumer health data; and (iii) withdraw consent from DocLoop’s selling of consumer health data.

The rights afforded to consumers under CTDPA, MHMDA, and NVCHDPL are subject to certain exceptions. 

Subject to certain legal limitations and exceptions, you have the following rights with respect to any consumer health data we may collect about you:

  • The right to confirm whether we are collecting, sharing, or selling your consumer health data and to access such data, including to receive a list of affiliates or specific third parties with whom we have shared or sold your information, along with contact information such as an active email address for each third party;
  • The right to review and request corrections to your consumer health data;
  • The right to withdraw consent from our collection or sharing of your consumer health data; and
  • The right to request that we delete your consumer health data.

You may submit a request pursuant to any of these rights by contacting us as described in the “Contact Us” section.

DocLoop will not discriminate against you for exercising any of your rights. We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. Please allow 45 days for a response.  We may, after receiving your request, require additional information from you to authenticate your request and verify your identity. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so. If we deny your request, you have the right to appeal that denial by contacting us as described in the “Contact Us” section. We will process and respond to your appeal within the time permitted by applicable law. 

If you are a Washington resident and your appeal is unsuccessful, you may file a complaint with the Washington State Attorney General at www.atg.wa.gov/file-complaint.

Changes to Our Supplemental Consumer Health Data Privacy Statement

We may update this Supplemental Consumer Health Data Privacy Statement from time to time. When we do update it, for your convenience, we will make the updated statement available on this page. Our intention is to use consumer health data in accordance with the Supplemental Consumer Health Data Privacy Statement in place at the time the consumer health data was collected.

ANNEX B
Consumer Health Data Authorization

This Consumer Health Data Privacy Authorization (“Authorization”) supplements DocLoop’s (“DocLoop”, “we,” “us,” or “our”)  Privacy Notice and Supplemental Consumer Health Data Privacy Statement and applies only to “consumer health data” subject to the Connecticut Data Privacy Act, as amended (“CTDPA”), Washington My Health My Data Act (“MHMDA”), Nevada Consumer Health Data Privacy Law (“NVCHDPL”), or other states with consumer health data privacy laws (as applicable).

Terms used in this Authorization defined in CTDPA, MHMDA, NVCHDPL, or other applicable state consumer health data privacy laws will have the meaning set forth in those laws to the extent such laws are applicable.

If you opt-in to “personalized marketing” through https://docloop.com/ you allow us to “sell” your consumer health data as described below: 

  • Specific consumer health data intended for “sale”: Consumer health data collected via cookies and similar technologies including but not limited to browsing activity on our website.
  • Purpose of the “sale” of consumer health data: To tailor and deliver personalized advertisements to you.
  • How consumer health data purchasers gather and use the data: Consumer health data purchasers will gather the data via cookies and other tracking technologies when you visit https://docloop.com/. These purchasers may use the data to assist us to deliver personalized advertisements to you and in accordance with their privacy policies linked below.
  • Consumer health data purchasers’ contact information:
  • Contact information for DocLoop: info@docloop.com

Please note:

  • The provision of goods or services may not be conditioned upon you accepting the terms of this Authorization.
  • Purchasers may redisclose the consumer health data sold under this authorization and such data may no longer be protected by the CTDPA, MHMDA, NVCHDPL, and/or applicable state consumer health data privacy laws.
  • You may revoke this authorization at any time by contacting DocLoop.
    • A revocation will not impact previously sold consumer health data. In addition, if you use different browsers or devices, you must indicate your choices on each browser/device used to access https://docloop.com/

If you have any questions about how to revoke your authorization, please contact: info@docloop.com

  • This authorization will expire one (1) year after accepting it.