Privacy Policy

1. Overview

Pragmatic Logic LLC ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, and protect information when you use our website, Lilo Solace platform, and related services (collectively, the "Services").

As a healthcare technology company, we adhere to the highest standards of data protection, including compliance with the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), and other applicable privacy laws.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, mailing address
• Professional Information: Job title, company/organization, role, facility size
• Account Information: Username, password, account preferences
• Communication Records: Messages, support requests, demo requests

2.2 Protected Health Information (PHI)

Through the Lilo Solace platform, we may collect and process Protected Health Information (PHI) as defined by HIPAA, including:

• Mental health assessment responses (WHO-5, PHQ-9, GAD-7, etc.)
• Therapeutic conversation logs and interactions
• Crisis detection alerts and safety assessments
• Care coordination communications
• Family engagement and notification records

2.3 Technical Information

• IP address, browser type, operating system
• Device identifiers and usage patterns
• Log files and system performance data
• Cookies and similar tracking technologies

3. How We Use Information

3.1 Service Provision

• Deliver therapeutic AI services and mental health monitoring
• Process and analyze clinical assessments
• Generate wellness reports and family notifications
• Provide crisis detection and safety monitoring

3.2 Platform Improvement

• Enhance AI agent performance and accuracy
• Develop new therapeutic interventions
• Conduct clinical research and validation studies
• Improve user experience and platform functionality

3.3 Communication and Support

• Respond to inquiries and provide customer support
• Send service updates and important notifications
• Facilitate demo requests and sales communications
• Provide training and educational resources

4. HIPAA Compliance

4.1 Business Associate Agreements

We enter into Business Associate Agreements (BAAs) with all covered entities that use our Services. These agreements ensure that we handle PHI in accordance with HIPAA requirements and your organization's privacy policies.

4.2 Minimum Necessary Standard

We adhere to the HIPAA minimum necessary standard, accessing and using only the minimum amount of PHI necessary to accomplish the intended purpose of the use or disclosure.

4.3 Individual Rights

We support covered entities in fulfilling individual rights under HIPAA, including:

• Right to access PHI
• Right to request amendments
• Right to request restrictions
• Right to an accounting of disclosures

5. Data Security

5.1 Technical Safeguards

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Multi-factor authentication and role-based access controls
• Audit Trails: Comprehensive logging of all system access and data modifications
• Network Security: Firewalls, intrusion detection, and regular security monitoring

5.2 Administrative Safeguards

• Security officer designation and workforce training
• Regular security risk assessments and vulnerability testing
• Incident response procedures and breach notification protocols
• Business continuity and disaster recovery planning

5.3 Physical Safeguards

• Secure data centers with 24/7 monitoring
• Controlled facility access and visitor management
• Secure workstation and media controls
• Environmental protection and redundancy systems

6. Sharing and Disclosure

6.1 Authorized Disclosures

We may share information in the following circumstances:

• With Your Consent: When you have provided explicit authorization
• Service Providers: With trusted third-party vendors under strict confidentiality agreements
• Legal Requirements: When required by law, court order, or regulatory authority
• Emergency Situations: To prevent serious harm to health or safety

6.2 Research and Analytics

We may use de-identified or aggregated data for research purposes, clinical validation studies, and platform improvement. All such use complies with HIPAA de-identification standards.

7. Your Rights

7.1 Access and Portability

You have the right to access your personal information and request a copy in a portable format.

7.2 Correction and Amendment

You may request corrections to inaccurate or incomplete personal information.

7.3 Deletion and Restriction

You may request deletion of your personal information or restriction of certain processing activities, subject to legal and contractual obligations.

7.4 Opt-Out

You may opt out of non-essential communications and certain data processing activities.

8. Cookies and Tracking Technologies

8.1 Types of Cookies

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: Help us understand website usage and performance
• Preference Cookies: Remember your settings and preferences

8.2 Cookie Management

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect website functionality.

9. Contact Information

9.1 Privacy Officer

For privacy-related questions, concerns, or requests, please contact our Privacy Officer:

9.2 Data Protection Officer (EU)

For EU residents, you may contact our Data Protection Officer at: contact@pragmaticlogic.ai

9.3 Regulatory Authorities

You have the right to lodge a complaint with relevant supervisory authorities, including:

• US: Department of Health and Human Services Office for Civil Rights
• EU: Your local Data Protection Authority