Last Updated: November 26, 2025
This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our Base Modul platform ("Service"). This policy complies with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.
We are committed to protecting your Protected Health Information (PHI). This includes:
Medical records and health history
Treatment information
Billing and payment information
Appointment details
Communications with Base Modul providers
Any individually identifiable health information
You have the right to:
Access and review your PHI
Request corrections to your PHI
Receive an accounting of PHI disclosures
Request restrictions on PHI use and disclosure
Request confidential communications
Receive a paper copy of this Privacy Policy
File a complaint if you believe your privacy rights have been violated
Name and contact information (email, phone, address)
Date of birth and age
Government-issued identification numbers
Emergency contact information
Profile photos (optional)
Medical history and conditions
Treatment and diagnosis information
Medications and allergies
Lab results and medical reports
Insurance information
Base Modul provider information
IP address and device information
Browser type and version
Login times and session data
Pages visited and actions taken
Cookies and similar tracking technologies
Messages sent through the platform
Email communications
Support ticket information
Feedback and survey responses
Coordinating and managing your Base Modul
Facilitating communication with Base Modul providers
Maintaining medical records
Scheduling appointments
Processing billing and claims
Verifying insurance coverage
Collection activities
Payment processing
Quality assessment and improvement
Staff training and competency evaluation
Business planning and management
Customer service and support
Compliance with legal obligations
Public health reporting
Law enforcement requests
Court orders and legal proceedings
Providing and improving the Service
Authentication and security
Technical support
System maintenance and updates
Fraud prevention and security monitoring
We will not share your PHI without your written authorization except as described in this policy.
Sharing with your treating physicians and Base Modul team
Referrals to specialists
Care coordination
We may share PHI with third-party service providers who:
Sign HIPAA Business Associate Agreements
Provide services on our behalf (hosting, data storage, analytics)
Are contractually obligated to protect your information
We may disclose information when required by law:
Court orders and subpoenas
Law enforcement investigations
Public health authorities
Regulatory agencies
Workers' compensation programs
To prevent serious threats to health or safety
To emergency responders
To disaster relief organizations
Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest
Access Controls: Role-based access with multi-factor authentication
Audit Logs: Comprehensive logging of all PHI access
Secure Infrastructure: SOC 2 compliant hosting and data centers
Regular Security Audits: Penetration testing and vulnerability assessments
Security Training: Regular staff training on HIPAA and security
Background Checks: Screening of personnel with PHI access
Incident Response: Documented breach notification procedures
Risk Assessments: Regular security risk analysis
Facility Security: Secure data center access controls
Device Controls: Encrypted devices and secure disposal
Workstation Security: Protected access to systems
Medical records: Maintained as required by law (typically 7+ years)
Audit logs: Retained for 6 years minimum (HIPAA requirement)
Account information: Retained while account is active plus legal requirements
Communication records: Retained per legal and operational needs
You may request account deletion at any time
Some data must be retained for legal compliance
Deletion is completed within 30 days where legally permissible
Backups may retain data for up to 90 days
Request access to your PHI
Request corrections to inaccurate information
Download a copy of your data
Response within 30 days of request
Opt-out of marketing communications
Choose how we contact you
Set notification preferences
Enable/disable two-factor authentication
Manage team access and permissions
Control profile visibility
Delete your account
Required for authentication and security
Session management
Cannot be disabled
Remember your preferences
Improve user experience
Can be managed in browser settings
We use analytics to improve the Service
Data is aggregated and anonymized
No PHI is included in analytics
This Service is not intended for users under 18
We do not knowingly collect information from minors
Parental consent required for users under 18
In the event of a data breach involving your PHI:
We will investigate promptly
Affected individuals will be notified within 60 days
Authorities will be notified as required by law
We will provide information about the breach and remediation steps
If you suspect unauthorized access to your account:
Change your password immediately
Contact us at security@fakeeh.Base Modul
Enable two-factor authentication if not already active
Data may be transferred to countries outside your jurisdiction
We ensure adequate safeguards are in place
Transfers comply with applicable privacy laws
Our Service may contain links to third-party websites
We are not responsible for their privacy practices
Review their privacy policies before providing information
We may update this Privacy Policy periodically
Changes will be posted with updated date
Material changes will be notified via email
Continued use constitutes acceptance of changes
Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale (we do not sell your information)
Right to non-discrimination
Right to access and data portability
Right to rectification and erasure
Right to restrict processing
Right to object to processing
Right to lodge a complaint with supervisory authority
For privacy-related questions or to exercise your rights:
Email: privacy@fakeeh.Base Modul
Phone: [Privacy Officer Phone]
Address: [Privacy Officer Address]
For security concerns:
To file a HIPAA complaint:
Contact our Privacy Officer (above)
File with the U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
This Privacy Policy is effective as of November 26, 2025, and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
By using our Service, you consent to our Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our Service.
We are committed to protecting your privacy and the security of your health information. If you have questions or concerns, please contact us.