Legal

Privacy Policy

How we collect, use, and protect your information.

Last updated: March 1, 2026

This document was last updated on the date above. We recommend consulting a healthcare attorney for your specific compliance needs.

1. Introduction

ReasonWorks AI Inc. (“ReasonTele,” “we,” “us,” or “our”) operates the ReasonTele Connect platform, a telehealth communication service designed to meet the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”). This Privacy Policy describes how we collect, use, disclose, and protect information when you use our platform, website, and related services (collectively, the “Services”).

This policy applies to all users of our Services, including healthcare organizations (“Customers”), their authorized healthcare providers (“Providers”), and patients who participate in telehealth sessions.

2. Information We Collect

We collect the following categories of information:

  • Account Information: Name, email address, organization name, professional credentials, and billing details provided during registration.
  • Session Metadata: Session start and end times, duration, participant count, and connection quality metrics.
  • Usage Data: Feature usage, page views, and interactions with the platform for service improvement.
  • Device & Browser Information: IP address, browser type, operating system, and device identifiers for security and troubleshooting purposes.
  • Communications: Support requests and correspondence you send to us.

3. Protected Health Information (PHI)

In the context of HIPAA, ReasonTele acts as a Business Associate, not a Covered Entity. We process Protected Health Information solely on behalf of our Customers (the Covered Entities) and in accordance with a signed Business Associate Agreement (“BAA”).

Healthcare organizations using our platform are responsible for obtaining appropriate patient consent for telehealth services and for complying with applicable state and federal privacy regulations. PHI transmitted through our platform is encrypted in transit and at rest in accordance with our security practices.

4. How We Use Information

  • To provide and maintain the Services — including facilitating telehealth sessions, real-time translation, and session documentation.
  • To ensure security — detecting and preventing unauthorized access, fraud, and abuse.
  • To comply with legal obligations — including HIPAA, applicable state laws, and valid legal process.
  • To improve the platform — using aggregated, de-identified, non-PHI data only for analytics and service improvements.
  • To communicate with you — service announcements, security alerts, and support responses.

5. AI Features & Data

Our platform includes AI-powered features such as real-time language translation and clinical scribe (session note generation). These features process audio and video data during active telehealth sessions to provide real-time functionality.

AI-processed session data is not retained for model training without explicit written consent from the Customer. AI-generated outputs (translations, session notes) are treated as PHI and subject to the same protections and retention policies as all other Protected Health Information.

6. How We Share Information

We do not sell your information to anyone. We may share information only in the following circumstances:

  • Subprocessors: Infrastructure and service providers who assist in delivering our Services, bound by equivalent confidentiality and HIPAA obligations. See our BAA page for our subprocessor list.
  • Legal Requirements: When required by law, valid subpoena, court order, or government request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with equivalent privacy protections maintained.
  • With Consent: When you have given explicit consent for a specific sharing purpose.

7. Data Retention & Deletion

We retain information only as long as necessary to provide the Services and fulfill the purposes described in this policy. Specific retention periods are defined in your service agreement and BAA.

Upon account termination or written deletion request, we will securely delete or de-identify your data within 30 days, except where retention is required by law. Deletion is performed using cryptographic erasure and secure destruction methods.

8. Security

We implement administrative, technical, and physical safeguards designed to protect your information in accordance with HIPAA Security Rule requirements. For detailed information about our security practices, please visit our Security page.

9. Your Rights

HIPAA Rights: If you are a patient, your rights regarding your PHI (access, amendment, accounting of disclosures) should be exercised through your healthcare provider (the Covered Entity). We will assist our Customers in fulfilling these requests as required by our BAA.

California Residents (CCPA): If you are a California resident, you have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information.

General Rights: All users may request access to, correction of, or deletion of their account information by contacting us at the address below.

10. Cookies

We use essential cookies only for session management and authentication. We do not use advertising or tracking cookies. You can control cookies through your browser settings, but disabling essential cookies may prevent the platform from functioning correctly.

11. Children's Privacy

Our Services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13 without parental consent, we will promptly delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email to the address associated with your account at least 30 days before the changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

ReasonWorks AI Inc.
Email: privacy@reasontelehealth.com