PRIVACY POLICY

Health & Billing
Effective Date: 1st April, 2026

This Privacy Policy (“Policy”) governs the collection, processing, use, storage, disclosure, and protection of information by LaCharme LLC, a Florida limited liability company doing business as Health & Billing (“H&B,” “Company,” “we,” “us,” or “our”), in connection with:

https://healthandbilling.com and all associated subdomains, portals, applications, integrations, and services (collectively, the “Website”).

By accessing, using, or submitting information through the Website, you acknowledge that you have read, understood, and agree to the practices described in this Policy.

1. SCOPE AND LIMITATION OF APPLICATION

This Policy applies solely to information collected through the Website.

The Website is an informational and engagement platform and is not designed, intended, or authorized to collect, receive, store, transmit, or process Protected Health Information (“PHI”).

Any processing of PHI by the Company occurs exclusively:

  • (a) outside the Website environment;
  • (b) within secure operational systems; and
  • (c) pursuant to separate written agreements, including Business Associate Agreements (“BAAs”).

This Policy does not constitute, and shall not be interpreted as, a Notice of Privacy Practices under HIPAA, which is governed separately.

2. ROLE OF THE COMPANY

The Company acts as a Data Controller with respect to personal data collected through the Website.

In connection with its service operations, the Company may act as a Business Associate or Data Processor; however, such roles arise exclusively under separate contractual agreements and are not governed by this Policy.

3. CATEGORIES OF INFORMATION COLLECTED

The Company may collect and process the following categories of information:

3.1 Personal Identification Information

Information capable of identifying an individual, including name, email address, telephone number, and organizational affiliation.

3.2 Professional and Business Information

Information provided in connection with service inquiries, including company details, operational needs, and service-related context.

3.3 Technical and Usage Information

Information automatically collected through Website interaction, including IP address, browser type, device identifiers, session data, and interaction patterns.

3.4 Communications and Submission Data

Information contained in inquiries, messages, forms, or other communications submitted to the Company.

4. EXPRESS EXCLUSION OF PHI AND PROHIBITED SUBMISSIONS

The Website is not a HIPAA-compliant intake, transmission, or storage system and is not intended, designed, or authorized to collect, receive, store, or process Protected Health Information (“PHI”).

Users are strictly prohibited from submitting PHI through any Website forms, communication channels, or interfaces.

The Company:

  • (a) does not request PHI through the Website;
  • (b) does not knowingly process PHI through the Website; and
  • (c) shall not be responsible or liable for any PHI submitted in violation of this Policy.

Any such submission shall be deemed unauthorized and at the sole risk of the User.

4A. AUTHORIZED CHANNELS FOR REGULATED DATA

Where the submission or exchange of PHI is required in connection with the Company’s services, such data shall be transmitted exclusively through secure systems designated by the Company and governed by applicable contractual, technical, and regulatory safeguards, including Business Associate Agreements (“BAAs”).

The Website shall not be used for such purposes under any circumstances.

5. PURPOSES OF PROCESSING

Information is processed strictly for legitimate and defined purposes, including:

  • responding to inquiries and communications;
  • evaluating potential client relationships;
  • providing information regarding services;
  • maintaining Website functionality and security;
  • analyzing and improving Website performance;
  • complying with applicable legal and regulatory obligations.

Information shall not be processed in a manner incompatible with these purposes.

6. LEGAL BASIS FOR PROCESSING

Where applicable, processing is based on:

  • consent of the User;
  • legitimate business interests;
  • pre-contractual or contractual necessity;
  • compliance with legal obligations.

Users may withdraw consent at any time without affecting prior lawful processing.

7. DISCLOSURE AND SHARING OF INFORMATION

Information may be disclosed, where necessary, to:

  • affiliated entities and internal operational units;
  • service providers supporting Website functionality;
  • professional advisors, including legal and compliance consultants;
  • governmental or regulatory authorities where required by law.

The Company does not sell personal data.

8. THIRD-PARTY SERVICES AND PROCESSORS

The Website may rely on third-party infrastructure and service providers.

While the Company exercises reasonable diligence in selecting such providers, it does not control their independent data handling practices and disclaims responsibility for their actions.

9. DATA RETENTION

Information shall be retained only for as long as necessary to fulfill the purposes described in this Policy, including operational, legal, and compliance requirements.

The Company may retain anonymized or aggregated data indefinitely.

10. DATA SECURITY AND INCIDENT RESPONSE

The Company implements reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, disclosure, or misuse.

In the event of a data security incident affecting personal data:

  • (a) the Company shall take reasonable steps to investigate and mitigate the incident;
  • (b) notifications shall be made where required by applicable law;
  • (c) corrective actions shall be implemented as appropriate.

No system can be guaranteed to be completely secure, and Users acknowledge inherent risks in electronic communication.

11. INTERNATIONAL DATA TRANSFERS

Information may be transferred and processed in jurisdictions outside the User’s country of residence.

Where required, such transfers shall be subject to appropriate safeguards consistent with applicable data protection laws.

12. USER RIGHTS

Where applicable, Users may have the right to:

  • access personal data;
  • request correction or deletion;
  • restrict or object to processing;
  • request data portability;
  • withdraw consent.

Users also have the right to lodge a complaint with a competent supervisory authority.

Requests may be submitted to:

📧 legal@healthandbilling.com

The Company reserves the right to verify identity prior to responding.

13. DATA ACCURACY AND USER RESPONSIBILITY

Users are solely responsible for ensuring that submitted information is accurate, complete, and lawful.

The Company shall not be liable for decisions made based on inaccurate or incomplete information.

14. COOKIES AND TRACKING

The Website uses cookies and similar technologies in accordance with the Cookie Policy.

15. CHILDREN’S DATA

The Website is not intended for individuals under eighteen (18), and the Company does not knowingly collect personal data from minors.

16. LIMITATION OF LIABILITY

To the fullest extent permitted by law, the Company shall not be liable for any loss, damage, or claim arising from:

  • (a) unauthorized access to data;
  • (b) transmission of information via the Website;
  • (c) misuse of Website communication channels;
  • (d) submission of prohibited or regulated data.

17. MODIFICATIONS

The Company reserves the right to amend this Policy at any time.

Continued use of the Website constitutes acceptance of any updated Policy.

18. GOVERNING LAW

This Policy shall be governed by the laws of the State of Florida, United States.

19. CONTACT INFORMATION

Health & Billing
3919 Tampa Road, Oldsmar, FL 34677, USA
📧 legal@healthandbilling.com
📞 +1 (386) 245-5464

Privacy Policy