ReferaCare ("we," "us," or "our") operates the ReferaCare referral CRM platform, accessible at clientiq-production.up.railway.app and any associated subdomains or services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you or your organization uses our Service.
By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.
2.1 Account Information. When you register, we collect your name, email address, job title, organization name, and a hashed password. We never store your password in plain text.
2.2 Business Data You Enter. The Service allows you to enter and store data about your referral sources and their associated contacts (names, phone numbers, email addresses, physical addresses, notes), client or lead records (first name, service category, referral date, hours of care, disposition), and marketing visit logs (dates, spend amounts, visit notes). This data is provided by you and belongs to you.
2.3 Usage and Log Data. We automatically collect certain technical information when you use the Service, including your IP address, browser type, pages visited, timestamps, and session identifiers. This information is used to operate, maintain, and improve the Service.
2.4 Cookies and Session Tokens. We use session cookies to keep you logged in. These are essential for the Service to function. We do not use tracking, advertising, or third-party analytics cookies.
We use the information we collect to:
We do not use your business data to train machine learning models, sell to third parties, or for any purpose other than operating your account.
We do not sell, rent, or trade your personal or business information. We may share information only in the following limited circumstances:
4.1 Service Providers. We use the following infrastructure providers who process data on our behalf and are contractually bound to protect it:
4.2 Legal Requirements. We may disclose information if required by law, subpoena, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
4.3 Business Transfers. If ReferaCare is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify affected users via email prior to any such transfer.
We retain your account and business data for as long as your account is active. If you terminate your account, we will delete or anonymize your data within 90 days of termination, except where we are required by law to retain it longer.
You may request deletion of your data at any time by contacting us at eladbanai@gmail.com.
We implement industry-standard security measures to protect your information:
No method of electronic transmission or storage is 100% secure. While we use commercially reasonable safeguards, we cannot guarantee absolute security. You should immediately notify us at eladbanai@gmail.com if you suspect any unauthorized access to your account.
ReferaCare is not a HIPAA-covered entity and is not a Business Associate under HIPAA.
The Service is designed to track referral relationships and marketing activities — it is not an Electronic Health Record (EHR), medical records system, or clinical platform. You must not enter Protected Health Information (PHI) as defined by HIPAA into the Service, including but not limited to patient diagnoses, treatment records, insurance information, Social Security numbers, or any other individually identifiable health information beyond what is necessary to identify a referred individual for CRM purposes (e.g., a first name and service category).
You are solely responsible for ensuring your use of the Service complies with HIPAA, applicable state privacy laws, and any other regulations governing your organization. ReferaCare expressly disclaims any liability for your failure to comply with such laws.
8.1 Access and Correction. You may access and update your account information at any time through the Service's settings.
8.2 Data Deletion. You may request deletion of your account and associated data by emailing eladbanai@gmail.com. We will process requests within 30 days.
8.3 Data Export. You may request a copy of your business data in a portable format by contacting us.
8.4 California Residents (CCPA). If you are a California resident, you have the right to know what personal information we collect and how it is used, to request deletion of your personal information, and to opt out of the "sale" of your personal information (we do not sell personal information). To exercise these rights, contact us at eladbanai@gmail.com.
8.5 Texas Residents. Texas residents have rights under the Texas Data Privacy and Security Act (TDPSA), including the right to access, correct, delete, and obtain a copy of your personal data, and to opt out of its processing for certain purposes. To exercise these rights, contact us.
The Service is intended solely for use by businesses and is not directed at individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected such information, please contact us immediately.
The Service may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by prominently posting a notice within the Service at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at: