Privacy Policy
Your privacy is important to us at Wizlo. We respect your privacy regarding any information we may collect from you across our website.
1. Introduction
Wizlo, Inc. ("Wizlo," "we," "our," or "us") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard information—including phone numbers and SMS consent data—when you interact with our website, applications, products, and services (collectively, the "Services").
Our Services are designed for healthcare providers and their patients and comply with applicable privacy laws and industry regulations, including the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the Telephone Consumer Protection Act ("TCPA"), the Controlling the Assault of Non-Solicited Pornography and Marketing ("CAN-SPAM") Act, and relevant state privacy statutes.
2. Scope
This Policy applies to information we process:
- Through the Wizlo website https://wizlo.com and any related sub-domains;
- Inside our cloud-based electronic medical record platform;
- Via mobile and web applications integrated with the platform; and
- When we communicate with you by email, SMS, phone, or other channels.
3. Information We Collect
3.1 Account & Business Information
We collect names, business names, email addresses, mailing addresses, payment details, clinic identifiers, and other information required to create and support your account.
3.2 Device & Usage Information
Our systems automatically log IP addresses, browser types, device identifiers, referral URLs, pages viewed, and interactions with the Services.
3.3 Phone Numbers & SMS Consent Data
To enable text messaging, we capture and store:
- The phone number provided by a user or patient;
- The date, time, and method of opt-in (e.g., checked box, double opt-in SMS keyword, in-clinic form);
- The wording of the opt-in disclosure presented at the time of consent;
- The campaign or purpose for which messages will be sent (e.g., appointment reminders, prescription updates, marketing);
- Opt-out (STOP) and help (HELP) keywords and timestamps; and
- Related preferences such as message frequency.
4. How We Use Information
We use the information we collect to:
- Deliver and improve the Services, including charting, billing, e-prescribing, and analytics;
- Send transactional or operational SMS messages (appointment reminders, prescription notifications, one-time passcodes, etc.);
- Deliver marketing or promotional SMS messages only where we have documented, prior express written consent;
- Monitor, audit, and secure our systems;
- Comply with legal obligations and enforce our Terms of Service;
- Generate de-identified or aggregated insights that do not identify any individual.
Use of Phone Numbers & SMS Consent Data
Phone numbers and associated SMS consent records are used exclusively to deliver text messages for the campaign or purpose disclosed at the time of opt-in. We do not use phone numbers obtained for transactional messaging to send marketing without a separate, explicit consent.
5. Sharing & Disclosure
We do not sell or rent personal information—including phone numbers or SMS consent data—to third parties. We share information only as described below:
6. Permitted & Prohibited Uses
You agree to use the Services only for lawful, clinical, and administrative purposes. You may not:
- Reverse engineer, decompile, or attempt to gain unauthorized access to the Services;
- Upload or transmit malicious code;
- Use the Services to send unsolicited marketing without documented prior express written consent;
- Violate carrier, TCPA, or HIPAA rules; or
- Infringe the intellectual-property or privacy rights of others.
| Category | Purpose of Sharing |
|---|---|
| Twilio. (SMS application provider) | Message orchestration and customer-support chat services |
| Telecommunication carriers and downstream SMS aggregators | Message orchestration and customer-support chat services |
| Infrastructure & cloud providers (e.g., AWS) | Hosting, storage, disaster recovery |
| Sub-processors under HIPAA Business Associate Agreements | E-prescribing, payment processing, analytics |
| Compliance & law-enforcement authorities | When legally required or to protect rights, property, or safety |
7. SMS Messaging Practices & Your Choices
- Opt-In: You will receive SMS messages only after providing clear consent (e.g., checking a consent box or replying CONSENT to an opt-in text).
- Opt-Out: You may reply STOP at any time to end messages from a particular short code or phone number. A confirmation text will be sent.
- Help: Reply HELP for help or contact us at privacy@wizlo.com
- Frequency: Message frequency varies based on clinic workflows and user settings, but will not exceed the amount disclosed at opt-in.
- Rates: Message and data rates may apply.
8. Data Retention
We retain phone numbers, SMS consent data, and message logs for as long as needed to (i) fulfill the purposes outlined in this Policy, (ii) comply with legal or contractual obligations, and (iii) maintain audit trails required under HIPAA or carrier regulations. When data is no longer required, we delete or de-identify it according to industry best practices.
9. Security
Wizlo employs administrative, technical, and physical safeguards aligned with NIST SP 800-53 and HIPAA requirements, including encryption in transit and at rest, role-based access controls, multi-factor authentication, and continuous monitoring.
10. HIPAA Compliance
Under HIPAA, Wizlo acts as a Business Associate to healthcare providers. We sign Business Associate Agreements (BAAs), implement the required safeguards, and limit the use and disclosure of PHI to what is permitted under those BAAs.
11. International Data Transfers (GDPR/EU-UK)
For users in the European Economic Area, United Kingdom, or Switzerland, we rely on Standard Contractual Clauses or Data Processing Agreements to safeguard cross-border transfers.
12. Children's Privacy
Our Services are not directed to children under 13. We do not knowingly collect personal information from children without verifiable parental consent.
13. Your Rights & Choices
Depending on your location, you may have rights to access, correct, delete, or restrict the processing of your personal information. To exercise these rights, contact privacy@wizlo.com.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via an in-app notification or email. Continued use of the Services after an update signifies acceptance of the revised Policy.
15. Modifications to Services or Terms
We may modify the Services or these Terms at any time. Material changes will be posted in-app or emailed to account administrators. Continued use after the effective date constitutes acceptance of the revised Terms.
16. Governing Law & Dispute Resolution
These Terms are governed by the laws of the State of Nevada, excluding conflict-of-laws principles. Any dispute shall be resolved by binding arbitration in Las Vegas, Nevada, under the rules of the American Arbitration Association. Either party may seek injunctive relief in a court of competent jurisdiction.
17. Contact Us
If you have questions about this Privacy Policy, SMS practices, or our privacy and security program, please contact: