PRIVACY POLICY
Health & Billing
Effective Date: 1st April, 2026
This Privacy Policy (“Policy”) governs the collection, processing, use, storage, disclosure, and protection of information by LaCharme LLC, a Florida limited liability company doing business as Health & Billing (“H&B,” “Company,” “we,” “us,” or “our”), in connection with:
https://healthandbilling.com and all associated subdomains, portals, applications, integrations, and services (collectively, the “Website”).
By accessing, using, or submitting information through the Website, you acknowledge that you have read, understood, and agree to the practices described in this Policy.
1. SCOPE AND LIMITATION OF APPLICATION
This Policy applies solely to information collected through the Website.
The Website is an informational and engagement platform and is not designed, intended, or authorized to collect, receive, store, transmit, or process Protected Health Information (“PHI”).
Any processing of PHI by the Company occurs exclusively:
- (a) outside the Website environment;
- (b) within secure operational systems; and
- (c) pursuant to separate written agreements, including Business Associate Agreements (“BAAs”).
This Policy does not constitute, and shall not be interpreted as, a Notice of Privacy Practices under HIPAA, which is governed separately.
2. ROLE OF THE COMPANY
The Company acts as a Data Controller with respect to personal data collected through the Website.
In connection with its service operations, the Company may act as a Business Associate or Data Processor; however, such roles arise exclusively under separate contractual agreements and are not governed by this Policy.
3. CATEGORIES OF INFORMATION COLLECTED
The Company may collect and process the following categories of information:
3.1 Personal Identification Information
Information capable of identifying an individual, including name, email address, telephone number, and organizational affiliation.
3.2 Professional and Business Information
Information provided in connection with service inquiries, including company details, operational needs, and service-related context.
3.3 Technical and Usage Information
Information automatically collected through Website interaction, including IP address, browser type, device identifiers, session data, and interaction patterns.
3.4 Communications and Submission Data
Information contained in inquiries, messages, forms, or other communications submitted to the Company.
4. EXPRESS EXCLUSION OF PHI AND PROHIBITED SUBMISSIONS
The Website is not a HIPAA-compliant intake, transmission, or storage system and is not intended, designed, or authorized to collect, receive, store, or process Protected Health Information (“PHI”).
Users are strictly prohibited from submitting PHI through any Website forms, communication channels, or interfaces.
The Company:
- (a) does not request PHI through the Website;
- (b) does not knowingly process PHI through the Website; and
- (c) shall not be responsible or liable for any PHI submitted in violation of this Policy.
Any such submission shall be deemed unauthorized and at the sole risk of the User.
4A. AUTHORIZED CHANNELS FOR REGULATED DATA
Where the submission or exchange of PHI is required in connection with the Company’s services, such data shall be transmitted exclusively through secure systems designated by the Company and governed by applicable contractual, technical, and regulatory safeguards, including Business Associate Agreements (“BAAs”).
The Website shall not be used for such purposes under any circumstances.
5. PURPOSES OF PROCESSING
Information is processed strictly for legitimate and defined purposes, including:
- responding to inquiries and communications;
- evaluating potential client relationships;
- providing information regarding services;
- maintaining Website functionality and security;
- analyzing and improving Website performance;
- complying with applicable legal and regulatory obligations.
Information shall not be processed in a manner incompatible with these purposes.
6. LEGAL BASIS FOR PROCESSING
Where applicable, processing is based on:
- consent of the User;
- legitimate business interests;
- pre-contractual or contractual necessity;
- compliance with legal obligations.
Users may withdraw consent at any time without affecting prior lawful processing.
7. DISCLOSURE AND SHARING OF INFORMATION
Information may be disclosed, where necessary, to:
- affiliated entities and internal operational units;
- service providers supporting Website functionality;
- professional advisors, including legal and compliance consultants;
- governmental or regulatory authorities where required by law.
The Company does not sell personal data.
8. THIRD-PARTY SERVICES AND PROCESSORS
The Website may rely on third-party infrastructure and service providers.
While the Company exercises reasonable diligence in selecting such providers, it does not control their independent data handling practices and disclaims responsibility for their actions.
9. DATA RETENTION
Information shall be retained only for as long as necessary to fulfill the purposes described in this Policy, including operational, legal, and compliance requirements.
The Company may retain anonymized or aggregated data indefinitely.
10. DATA SECURITY AND INCIDENT RESPONSE
The Company implements reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, disclosure, or misuse.
In the event of a data security incident affecting personal data:
- (a) the Company shall take reasonable steps to investigate and mitigate the incident;
- (b) notifications shall be made where required by applicable law;
- (c) corrective actions shall be implemented as appropriate.
No system can be guaranteed to be completely secure, and Users acknowledge inherent risks in electronic communication.
11. INTERNATIONAL DATA TRANSFERS
Information may be transferred and processed in jurisdictions outside the User’s country of residence.
Where required, such transfers shall be subject to appropriate safeguards consistent with applicable data protection laws.
12. USER RIGHTS
Where applicable, Users may have the right to:
- access personal data;
- request correction or deletion;
- restrict or object to processing;
- request data portability;
- withdraw consent.
Users also have the right to lodge a complaint with a competent supervisory authority.
Requests may be submitted to:
The Company reserves the right to verify identity prior to responding.
13. DATA ACCURACY AND USER RESPONSIBILITY
Users are solely responsible for ensuring that submitted information is accurate, complete, and lawful.
The Company shall not be liable for decisions made based on inaccurate or incomplete information.
14. COOKIES AND TRACKING
The Website uses cookies and similar technologies in accordance with the Cookie Policy.
15. CHILDREN’S DATA
The Website is not intended for individuals under eighteen (18), and the Company does not knowingly collect personal data from minors.
16. LIMITATION OF LIABILITY
To the fullest extent permitted by law, the Company shall not be liable for any loss, damage, or claim arising from:
- (a) unauthorized access to data;
- (b) transmission of information via the Website;
- (c) misuse of Website communication channels;
- (d) submission of prohibited or regulated data.
17. MODIFICATIONS
The Company reserves the right to amend this Policy at any time.
Continued use of the Website constitutes acceptance of any updated Policy.
18. GOVERNING LAW
This Policy shall be governed by the laws of the State of Florida, United States.
19. CONTACT INFORMATION
Health & Billing
3919 Tampa Road, Oldsmar, FL 34677, USA
📧 legal@healthandbilling.com
📞 +1 (386) 245-5464
