Privacy Policy

This Privacy Policy explains what information BeaBrand collects from visitors to beabrand.ai (the "Site") and from prospects and clients of our patient acquisition and PracticeOS services, how we use that information, and the choices you have. We collect only what we need to run the business and deliver the services our clients pay for.

1. Who We Are

BeaBrand is operated by Imad Haq, an independent senior engineer and AI specialist based in Houston, Texas. References to "BeaBrand," "we," "us," and "our" in this Policy mean that operator. For privacy questions, write to contact@beabrand.ai.

2. The Information We Collect

2.1 Information you give us

When you book a strategy call, request a free audit, fill out a form, or otherwise contact us, you give us information like your name, work email address, phone number, clinic name, clinic location, the services you offer, your current monthly revenue or ad spend (if you choose to share it), and any notes or context you add to the form.

2.2 Information collected automatically

When you visit the Site, our hosting and analytics providers automatically receive standard log data — IP address, browser type, operating system, referring URL, pages visited, and timestamps. We use Vercel Web Analytics, which is designed to count visits without tracking individuals across sites and which does not use third-party cookies.

2.3 Client engagement data

When a clinic becomes a paying client, we receive information needed to operate the engagement — for example, ad-account access, calendar credentials, CRM access, brand assets, treatment menus, pricing, and (depending on scope) limited operational data from your patient records. Patient health information ("PHI") under HIPAA is only handled where a signed Business Associate Agreement ("BAA") is in place between the clinic and BeaBrand. We do not collect PHI from prospects or website visitors.

2.4 Information from third parties

We may receive limited information from advertising platforms (Meta, Google), payment processors (Stripe), email providers, and similar vendors when those services are used in delivering work to a client. We do not buy or rent personal data lists.

3. How We Use Information

• To respond to your inquiry, schedule the strategy call, and prepare the written audit you requested.
• To deliver the patient acquisition program, Sage AI front desk, PracticeOS retention workflows, and the supporting reporting you receive as a client.
• To improve the Site, the program, and the materials we send (for example, by reviewing aggregate analytics).
• To send you operational messages — appointment confirmations, follow-ups about your audit, contract documents, invoices, status reports.
• To meet our legal, tax, accounting, and compliance obligations.

We do not use your information to train third-party AI models, and we do not sell your information.

4. How We Share Information

We share information only with the vendors that help us operate, and only to the extent they need to do their job. Typical categories include:

• Hosting and analytics — Vercel hosts the Site and provides privacy-aware visit analytics.
• Communications — email and SMS providers used to reach you and your patients (the latter only under a BAA, where applicable).
• Advertising platforms — Meta and Google, used to deliver campaigns from your clinic's own ad accounts.
• Payment processing — Stripe, for paid engagements.
• Productivity tools — calendar, document, and project-management tools used to coordinate delivery.

We may also disclose information when we are legally required to (for example, in response to a valid subpoena), or to protect the rights, property, or safety of BeaBrand, our clients, or others.

5. Cookies and Similar Technologies

The Site uses a small number of cookies and similar technologies that are necessary to render the page and to count anonymized visits. We do not use cross-site advertising cookies on beabrand.ai. Most browsers let you block or delete cookies in their settings; blocking strictly necessary cookies may break parts of the Site.

6. Data Retention

We keep contact-form submissions, audit notes, and strategy-call records for as long as needed to follow up and, where applicable, to maintain a record of the engagement. Client engagement records and invoices are retained for the period required by applicable tax and accounting law (typically seven years in the United States). You can ask us to delete records sooner where we are not legally required to keep them.

7. Your Privacy Rights

Depending on where you live, you may have rights to:

• Access the personal information we hold about you.
• Request correction of inaccurate information.
• Request deletion of your information, subject to our legal obligations.
• Object to or restrict certain processing.
• Withdraw consent where we are relying on it.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, write to contact@beabrand.ai. We respond within the timelines required by applicable law.

8. HIPAA and Healthcare Data

BeaBrand handles protected health information only under signed Business Associate Agreements with specific clinic clients. PHI is stored on HIPAA-aware infrastructure (Twilio with BAA, AWS or GCP with BAA, encrypted form layer). PHI is never used for marketing, never shared outside the BAA scope, and never used to train AI models. Patients with questions about their own records should contact their clinic directly — BeaBrand is a Business Associate, not the covered entity.

9. Data Security

We use industry-standard administrative, technical, and physical safeguards designed to protect the information we hold — including encryption in transit, access controls, principle-of-least-privilege for client accounts, and audit logging on systems that handle sensitive data. No system on the public internet is ever fully secure; we cannot guarantee absolute security, but we work to reduce risk continuously.

10. International Visitors

The Site is operated from the United States. If you are visiting from outside the U.S., be aware that information you submit may be transferred to, stored in, and processed in the U.S. By using the Site or contacting us, you consent to that transfer.

11. Children's Privacy

The Site is not directed to children under 16, and we do not knowingly collect information from children. If you believe a child has provided us information, contact contact@beabrand.ai and we will delete it.

12. Third-Party Links

The Site may link to third-party websites — partner platforms, vendor pages, or articles. Those sites have their own privacy policies, and we are not responsible for their practices. Review their policies before sharing personal information with them.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of the page and, for material changes, notify clients directly by email. The current version always applies.

14. Contact

Questions, concerns, or requests about this Privacy Policy or your information can be sent to:

BeaBrand
Imad Haq, Operator
Houston, Texas, United States
Email: contact@beabrand.ai