Privacy Policy for Neurvana AI, LLC

Effective Date: January 31, 2026

Welcome to Neurvana.ai, operated by Neurvana AI LLC. Your privacy and data security are fundamental to our mission of protecting the independent clinic. We help SLPs, BCBAs, PTs, and OTs operate more efficiently by providing a "Digital Front Desk" that reduces administrative burnout while maintaining the highest standards of clinical integrity. This Privacy Policy outlines how we collect, use, store, and protect your information when you engage with our website, services, and AI-powered automation solutions.

1. Information We Collect

We collect information necessary to provide specialized automation services to independent therapy clinics:

• Personal Information: Name, email address, job title, NPI number, clinic information, and other details you provide when signing up or contacting us.
• Operational Data: Therapist schedules, patient intake details captured via the Digital Front Desk, lead contact information, and workflow patterns necessary for automation implementation.
• Text Messaging Data: When you opt in to receive text messages or use our SMS service for patient coordination, we collect mobile phone numbers, message content, and opt-in status. This data is collected solely to provide the requested service and for compliance record-keeping.
• Usage Data: IP address, browser type, interaction patterns with our website, dashboard usage, and system performance metrics.
• Implementation Data: Custom automation configurations, workflow mappings in n8n, and integration settings specific to your clinic's operations.

2. How We Use Your Information

Neurvana.ai uses your information to:

• Provide and maintain the Digital Front Desk and automation services.
• Implement custom communication systems for patient intake and lead follow-up.
• Respond to inquiries and provide technical support.
• Monitor system performance and optimize structured data workflows.
• Conduct ROI analysis regarding hours reclaimed for clinical growth.
• Comply with healthcare industry regulations and standards.

All personal and operational data is handled in strict compliance with HIPAA requirements. We process data lawfully, fairly, and transparently.

3. Healthcare Data and HIPAA Compliance

As a provider of automation solutions to independent clinics, we understand the sensitive nature of your work:

• HIPAA Compliance: All systems and processes are designed to meet or exceed HIPAA security and privacy requirements when handling protected health information (PHI).
• Data Minimization: We collect only the operational data necessary to provide effective structured relief.
• Secure Processing: All healthcare-related data is encrypted in transit and at rest using industry-standard security protocols.
• Access Controls: Strict access controls ensure only authorized personnel can access sensitive operational data for technical support purposes.

4. AI Automation and Data Processing

Our AI solutions process data to enhance clinic efficiency:

• Digital Front Desk: Processing prospective patient information and update preferences to deliver organized lead data.
• Structured Relief: Organizing incoming communications so that humans can perform final data entry into EMRs (such as Jane or SimplePractice) with high accuracy.
• No Clinical Triage: Our AI never assesses symptoms, urgency, or provides medical advice. It handles logistics, not medicine.

All AI processing is conducted within secure, compliant environments designed for healthcare operations. We do not use your clinic's data to train general models for third parties.

5. Data Security

We implement comprehensive security measures to safeguard your data:

• End-to-end encryption for all data transmission.
• Secure, compliant cloud infrastructure.
• Regular security audits and vulnerability assessments.
• Multi-factor authentication for all administrative access.
• Automated backup and disaster recovery systems.

6. Third-Party Integrations

Our automation platform integrates with vetted services to deliver comprehensive solutions:

• Communication Services: Twilio (SMS and voice).
• Automation Platform: n8n workflow automation.
• Database Services: Airtable for secure, structured data management.
• AI Services: OpenAI API for intelligent communication processing.

All third-party providers are vetted for security compliance and are bound by Business Associate Agreements (BAA) where required to maintain HIPAA standards.

7. Sharing Your Information

We do not sell or share your personal or operational information with third parties except:

• SMS Data Non-Sharing Commitment: We do not share, sell, or rent mobile phone numbers or text messaging data collected via our SMS service with any third parties for their marketing or promotional purposes.
• With Your Explicit Consent: For specific integrations you request.
• Legal Obligations: To comply with legal obligations or valid court orders.
• Service Providers: With service providers who assist in delivering our services under strict confidentiality and HIPAA compliance agreements.

8. Data Retention

We retain your information based on the following principles:

• Operational Data: Retained for the duration of our service relationship plus the period required by state healthcare compliance laws.
• System Logs: Maintained for security and performance optimization, typically 12 to 24 months.
• Communication Records: Preserved according to healthcare documentation standards.

9. Your Rights

You have the right to:

• Access your personal and operational information.
• Correct inaccurate or incomplete data.
• Request deletion of your data, subject to legal and healthcare compliance requirements.
• Withdraw consent for processing activities based on consent.
• Receive notification of data breaches that may affect you.

To exercise your rights, contact us at connect@neurvana.studio.

10. Geographic Scope

Neurvana.ai serves independent clinics within the United States. Your information is processed and stored on servers located within the US to ensure all data handling meets US healthcare privacy standards.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our services or legal requirements. Material changes will be communicated via email notification to registered users or a prominent notice on our website.

12. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights:

Neurvana AI LLC

Email: connect@neurvana.studio

Subject Line: Privacy Policy Inquiry

For HIPAA-related concerns:

Email: connect@neurvana.studio

Subject Line: HIPAA Privacy Concern