Legal

Privacy Policy

How we handle information you share with AMAH — and how we keep PHI separate from everything else.

Effective date: May 2, 2026

Placeholder notice: this document is scaffolding while counsel finalizes the real text. Don't rely on specific provisions until this banner is removed.

1. Scope

This Privacy Policy describes how AMAH ("AMAH", "we", "us", or "our") collects, uses, and discloses information when you visit our marketing website and when you use the AMAH platform as an authorized user of a customer practice.

Protected Health Information (PHI) processed on behalf of customers is covered by our Business Associate Agreement (BAA) with that customer, not this policy. This policy covers the marketing site, account-level information, and data we collect about you in your role as a website visitor or platform user.

2. Information we collect

Account information you provide (name, work email, employer, role).

Marketing site interactions (pages viewed, links clicked, referrer, approximate location derived from IP).

Communications you send us (email, in-app messages, support tickets).

Cookies and similar technologies for authentication, analytics, and product telemetry.

3. How we use information

To provide, maintain, and improve the AMAH platform and marketing site.

To respond to inquiries, schedule demos, and provide customer support.

To send transactional and (with your consent) marketing communications.

To detect, investigate, and prevent fraud, abuse, and security incidents.

4. How we share information

With service providers we contract to deliver AMAH (e.g., cloud hosting, email delivery, analytics) under written confidentiality and security obligations.

With customers, when you are an end user of a customer practice — your account-level activity is visible to that customer per their role-based access controls.

When required by law, legal process, or to protect rights, property, or safety.

In connection with a corporate transaction, with continued protection of your information.

5. Your choices

You can opt out of marketing email at any time using the unsubscribe link in our emails.

You can request access to, correction of, or deletion of personal information we hold about you by emailing privacy@amah.com.

Where required, we honor recognized privacy preference signals (Global Privacy Control, Do Not Track) on this site.

6. Security

We protect information using industry-standard administrative, technical, and physical safeguards. The platform encrypts data in transit (TLS 1.2+) and at rest (AES-256), with audit logging on actions affecting account or PHI data.

7. Changes to this policy

We update this policy from time to time. Material changes will be highlighted via the marketing site and, where appropriate, by direct notification.

Questions about this policy? Email privacy@amah.com or write to AMAH, Attn: Privacy, [address TBD].