Privacy Policy

Effective Date: July 29, 2025

BNG Health Services (“we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use, share, and safeguard your information. This Privacy Policy applies to individuals who access this website (“Site”) and our online services (collectively, “Services”).

From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. Please review this Privacy Policy periodically.

We may collect, use, and share protected health information (“PHI”) subject to Health Insurance Portability and Accountability Act (“HIPAA”) requirements. Our access to and use of PHI is not governed by this Privacy Policy. For additional information regarding the protection of your PHI, please review our Notice of Privacy Practices.

  1. Personal Data We Collect
    We collect personal data from you through your use of the Site and Services. Personal data is information that is linked or reasonably linkable to an identified or identifiable individual. Depending on how you interact with our Site and Services, we will collect certain types of personal data. When you contact us or sign up for a demo, you will provide us with your name, email address, company name, and any information you choose to provide in your message.

Personal Data as You Navigate Our Site
We automatically collect certain personal data through your use of our Site and our use of cookies and other tracking technologies. Which may include usage information such as the pages on the Site you access, the frequency of access, and what you click on while on the Site and device information, such as hardware model, operating system, application version number, and browser.

Personal Data We Collect About You from Other Sources
In some cases, we may receive personal data about you from other sources. This includes health care providers, electronic health records providers, and operating systems and platforms.

  1. How We Use Your Personal Data
    In addition to the purposes stated above, we may use all the personal data we collect in accordance with applicable law such as to:
  • Maintain and improve our Site and Services;
  • Protect the security and integrity of our Site and Services;
  • Investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Use, and to otherwise fulfill our legal obligations;
  • Monitor compliance with and enforce this Privacy Policy and any applicable agreements and policies;
  • Defend our legal rights and the rights of others;
  • Fulfill any other purposes for which you provide it;
  • For any purpose that is reasonably necessary to or compatible with the original purpose for which we collected the personal data as disclosed to you; and
  • Comply with applicable law.
  1. How We Share Your Personal Data
    We may share the personal data that we collect about you in the following ways:
  • With your health care provider;
  • With vendors who perform data or Site-related services on our behalf (e.g., email, hosting, maintenance, backup, analysis, etc.);
  • To the extent that we are required to do so by law;
  • With vendors to prepare, deploy, and analyze advertising content;
  • In connection with any legal proceedings or prospective legal proceedings;
  • To establish, exercise, or defend our or a third party’s legal rights, including providing information to others for the purposes of fraud prevention;
  • With any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal data where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal data;
  • With any other person or entity as part of any business or asset sale, equity transaction, merger, acquisition, bankruptcy, liquidation, or similar proceeding, or in preparation for any of these events;
  • With any other person or entity where you consent to the disclosure; and
  • For any other purpose disclosed by us when you provide the personal data or for any other purpose we deem necessary, including to protect the health or safety of others.
  1. Cookies and Other Tracking Technologies
    Like many other companies, we use cookies and other tracking technologies (collectively, “Cookies”). Cookies are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).

We use Cookies to compile aggregate data about site traffic and site interactions to resolve issues and offer better site experiences and tools in the future; and recognize when you return to the Site.

We set some Cookies ourselves, while separate entities set other Cookies. We use Cookies other entities set to provide us with useful information, to help us improve our Site and Services, to conduct advertising, and to analyze the effectiveness of advertising. For example, we use Cookies from Google.

How You Can Opt Out of Cookies
You can block Cookies by changing your Internet browser settings to refuse all or some Cookies. If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Site.

You can find out more about Cookies and how to manage them by visiting www.aboutcookies.org or www.allaboutcookies.org. You can opt out of Cookies set by Google by following the instructions found here: https://adssettings.google.com.

You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile-specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.

Please note these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.

Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt out of tracking of analytics by Google, click here.

  1. “Do Not Track” Signals
    Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
  2. Security
    We maintain commercially reasonable security measures to protect the personal data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.
  3. SMS Communications
    We respect your privacy and are committed to protecting your personal information. This section outlines how we use the information you provide to us when opting into receiving SMS messages from us.

Information Use

When you opt in to receive messages from us, we collect your phone number and may associate it with your account or other identifying information. This information is used solely for:

  • Account-related notifications (e.g., new message reminders).
  • Two-factor authentication (2FA) for secure login and account verification.

Information Sharing

We do not sell, rent, or share your such information, including your phone number, with third parties for marketing or unrelated purposes.

Data Security

We use reasonable technical and organizational measures to protect such information against unauthorized access, disclosure, alteration, or destruction.

Your Consent

By providing your phone number and opting in to receive SMS messages, you consent to the information uses described above. Message frequency may vary, and standard message and data rates may apply. You may opt out at any time by replying “STOP” to any message.

  1. Third-Party Links
    The Site may contain links that will let you leave the Site and access another website. Linked websites are not under our control. We accept no responsibility or liability for these other websites.
  2. Children’s Privacy
    The Site and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal data from children under 13.
  3. Notice to California Residents
    We do not disclose personal information obtained through our Site or Services to third parties for their direct marketing purposes. Accordingly, we have no obligations under California Civil Code § 1798.83.
  4. Accessibility
    We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.
  5. How to Contact Us
    To contact us for questions or concerns about our privacy policies or practices, please email us at hello@bngrx.com or call us at 629-777-5752.

HIPAA Information
Uses and disclosures of your protected health information that do not require an authorization

Treatment.
For example, doctors, nurses, and other staff members involved in your care will use your PHI to coordinate your care or to plan a course of treatment for you.

Payment.
For example, we may disclose information regarding your medical procedures and treatment to your insurance company to arrange payment for the services provided to you.

Health Care Operations.
For example, we may disclose your PHI for billing or interpreter support. We may use your PHI to conduct an evaluation of the treatment and services provided or to review staff performance.

Communicating with You.
We will use your PHI to communicate with you about a number of important topics, including information about your care, treatment options and other health-related services

We may also contact you at the email, phone number or address that you provide, including via text messages, for these communications. If your contact information changes, it is important that you let us know. We will only provide you a link via text or e-mail which will require you to verify yourself prior to opening the message within the BNG Health Services messaging portal.

Business Associates.
At times, we need to disclose your PHI to persons or organizations outside BNG Health Services who assist us with our payment/billing and health care operations. We require these business associates and their subcontractors to appropriately safeguard your PHI.

Other Uses and Disclosures.
We may be permitted or required by law to make certain other uses and disclosures of your PHI without your authorization. Subject to conditions specified by law, we may release your PHI:

  • for any purpose required by law
  • for public health activities, including required reporting of disease, injury, birth and death, for required public health investigations, and to report adverse events or enable product recalls
  • to government agencies if we suspect child/elder adult abuse or neglect. We may also release your PHI to government agencies if we believe you are a victim of abuse, neglect or domestic
  • to your employer when we have provided screenings and health care at their request for occupational health and safety
  • to a government oversight agency conducting audits, investigations, inspections and related oversight functions
  • in emergencies, such as to prevent a serious and imminent threat to a person or the public
  • if required by a court or administrative order, subpoena or discovery request
  • for law enforcement purposes, including to law enforcement officials to identify or locate suspects, fugitives or witnesses, or victims of crime
  • to coroners, medical examiners and funeral directors
  • if necessary to arrange organ or tissue donation or transplant
  • for national security, intelligence, or protective services activities
  • for purposes related to your workers’ compensation benefits

Uses and disclosures of your protected health information based on a signed authorization
Except as outlined above, we will not use or disclose your PHI for any other purpose unless you have signed a form authorizing the use or disclosure. You may revoke an authorization in writing, except to the extent we have already relied upon it.

In some situations, a signed authorization form is required for uses and disclosures of your PHI, including:

  • most uses and disclosures of psychotherapy notes
  • uses and disclosures for marketing purposes
  • disclosures that constitute the sale of PHI
  • uses and disclosures for certain research protocols
  • as required by privacy law. The confidentiality of substance use disorder and mental health treatment records as well as HIV-related information maintained by us is specifically protected by state and/or federal law and regulations. Generally, we may not disclose such information unless you consent in writing, the disclosure is allowed by a court order, or in other limited, regulated circumstances.

Your rights
Access to Your PHI.
You can access and inspect paper or electronic copies of certain PHI that we maintain about you. You may readily access much of your health information without charge using the following link: https://privacy………com. In line with set fees under federal and state law, we may charge you for a copy of your medical records.

Amendments to Your PHI.
You can request amendments, or changes, to certain PHI that we maintain about you that you think may be incorrect or incomplete. All requests for changes must be in writing, signed by you or your representative, and state the reasons for the request. If we decide to make an amendment, we may also notify others who have copies of the information about the change. Note that even if we accept your request, we may not delete any information already documented in your medical record. You can make such requests by contacting hello@bngrx.com or directly inside your BNG Health Services patient portal under the “privacy center” section.

Accounting for Disclosures of Your PHI.
In accordance with applicable law, you can ask for an accounting of certain disclosures made by us of your PHI. This request must be in writing and signed by you or your representative. This does not include disclosures made for purposes of treatment, payment, or health care operations or for certain other limited exceptions. An accounting will include disclosures made in the six years prior to the date of a request.

Restrictions on Use and Disclosure of Your PHI.
You can request restrictions on certain of our uses and disclosures of your PHI for treatment, payment, or health care operations. We are not required to agree but will attempt to accommodate reasonable requests when appropriate.

Restrictions on Disclosures to Health Plans.
You can request a restriction on certain disclosures of your PHI to your health plan. We are only required to honor such requests when services subject to the request are paid in full. Such requests must be made in writing and identify the services to which the restriction will apply.

Confidential Communications.
You can request that we communicate with you through alternative means or at alternative locations, and we will accommodate reasonable requests. You must request such confidential communication in writing to each department you would like to accommodate the request.

Breach Notification.
We are required to notify you in writing of any breach of your unsecured PHI without unreasonable delay and no later than 60 days after we discover the breach.

Additional Information
Complaints.
If you believe your privacy rights have been violated, you can file a complaint with the BNG Health Services privacy officer (Ana Ramos) by contacting hello@bngrx.com or calling 629-777-5752.

You can also file a complaint with the Secretary of the U.S. Department of Health and Human Services in Washington D.C.

A complaint must be made in writing and will not in any way affect the quality of care we provide you.

Additional Information
California Notice to Consumers
Medical doctors are licensed and regulated by the Medical Board of California.

(800) 633-2322

www.mbc.ca.gov/

Complaints may be filed online at http://www.mbc.ca.gov/Breeze/Complaints.aspx or submitted in hard copy form. A Consumer Complaint Form, including instructions for completing it, may be found at http://www.mbc.ca.gov/Consumers/Complaints/Submit_By_Mail.aspx. A hard copy Consumer Complaint Form should be submitted to:

Medical Board of California
Central Complaint Unit
2005 Evergreen Street, Suite 1200
Sacramento, CA 95815

Kansas
It is unlawful for any person who is not licensed under the Kansas Healing Arts Act to open or maintain an office for the practice of the healing arts in this State.

This office is maintained under the authority of a person who is licensed to practice the healing arts of Kansas.

Questions and concerns regarding this professional practice may be directed to:

Kansas State Board Of Healing Arts
800 SW Jackson, Lower Level-Suite A
Topeka, Kansas 66612
Phone: 785-296-7413
Toll Free: 1-888-886-7205
Fax: 785-296-0852
Website: www.ksbha.org

Oregon
Complaints about physicians, as well as other licensees and registrants of the Oregon Medical Board, including physician assistants, acupuncturists, and surgical assistants may be reported for investigation to:

Oregon Medical Board
Investigations Manager
1500 SW 1st Ave. #620
Portland, OR 97201
P: 971-673-2702
Toll Free: 1-877-254-6263
https://www.oregon.gov/omb/investigations/pages/how-to-file-a-complaint.aspx

Texas
Complaints about physicians, as well as other licensees and registrants of the Texas Medical Board, including physician assistants, acupuncturists, and surgical assistants may be reported for investigation to:

Texas Medical Board
Attention: Investigators
333 Guadalupe, Tower 3, Suite 610
P.O Box 2018, MC-263
Austin, TX 78768-2018
Assistance in filing a complaint is available by calling 1-800-201-9353. For more information, visit www.tmb.state.tx.us

Las quejas sobre médicos, así como sobre otros profesionales acreditados e inscritos del Consejo Médico de Tejas, incluyendo asistentes de médicos, practicantes de acupuntura y asistentes de cirugía, se pueden presentar en la siguiente dirección para ser investigadas:

Texas Medical Board Attention: Investigations 333 Guadalupe, Tower 3, Suite 610 P.O. Box 2018, MC-263 Austin, Texas 78768-2018

Notice to Patients – Open Payments Database
For informational purposes only, a link to the federal Centers for Medicare and Medicaid Services (CMS) Open Payments web page is provided here. The federal Physician Payments Sunshine Act requires that detailed information about payment and other payments of value worth over ten dollars ($10) from manufacturers of drugs, medical devices, and biologics to physicians and teaching hospital be made available to the public.

You may search this federal database for payments made to physicians and teaching hospitals by visiting this website: https://openpaymentsdata.cms.gov/