Privacy Policy

This Privacy Policy (the “Policy”) explains how MedBridge Health (“MedBridge,” “we,” “us,” or “our”) collects, uses, discloses, retains, and otherwise processes information about you when you visit our website at medbridgehealth.org, any subdomains or mobile-optimized versions, our inquiry forms, our calendar booking tools, our email and SMS communications, and any other digital properties or communications that link to this Policy (collectively, the “Site”). This Policy also describes the choices and rights you have with respect to that information and how you can contact us. By using the Site or by submitting information to us through the Site, you acknowledge that you have read and understood this Policy.

1. Who We Are and Scope

MedBridge Health is a healthcare marketing and physician referral growth company headquartered in Houston, Texas. The Site is a public marketing and information resource describing our services and is not itself a healthcare provider, clinical record system, telemedicine platform, prescribing service, payer system, or patient-facing portal. This Policy applies only to information we collect through the Site and through our marketing and business-development communications. It does not apply to information processed by our clients, partners, vendors, or other third parties under their own privacy policies, and it does not apply to information processed under a separately executed services agreement or business associate agreement, which is governed by the terms of that agreement.

2. Information We Collect

We collect information in the following ways and categories:

2.1 Information you provide directly

When you complete an inquiry form, request a brief, book a call, email us, send an SMS message in response to one of our messages, apply for a position, subscribe to a publication, or otherwise interact with us, you may provide information such as:

• Identifiers, including full name, professional title, role, and credentials;
• Contact details, including email address, mobile telephone number, office telephone number, and mailing address;
• Practice or organization details, including practice name, specialty, geography, group size, ownership structure, payer mix, and operational context;
• Brand or sponsor details, including company name, product or franchise name, indication, and target audience;
• Stated interest in particular MedBridge services, including selected service category, budget range, and desired timeline;
• Free-text descriptions of your situation or needs, which you choose to include in the message field of an inquiry form;
• Consent indicators, including whether you have opted in to SMS messages, marketing emails, or other communications;
• Resumes, work samples, and related information you submit if you apply for a position with MedBridge;
• Any other information you choose to provide to us.

You should not submit protected health information of any identifiable individual or any other information you are not legally permitted to share. If you submit such information by accident, please contact us at info@medbridgehealth.org so we can securely delete it.

2.2 Information collected automatically

When you visit the Site, we and our service providers may automatically collect technical information about your visit using cookies, server logs, web beacons, pixels, software development kits, and similar technologies. This information may include:

• Device and browser information, including device type, operating system, browser type and version, language preference, screen resolution, and time zone;
• Network information, including IP address, mobile carrier, internet service provider, and approximate geographic location derived from your IP address;
• Usage information, including pages and content viewed, time spent on pages, clickstream, referring and exit pages, and search terms entered;
• Performance information, including page-load timing, rendering errors, and stack traces, which we use to diagnose and improve the Site;
• Form-interaction telemetry, including fields focused, partial submissions, and form errors, which we use to improve form usability;
• Persistent identifiers stored on your device through cookies or local storage.

2.3 Information from third-party sources

We may receive information about you from third parties, including:

• Publicly available professional sources, including practice websites, state licensing boards, and professional directories, used to verify the accuracy of inquiry information and to prepare for a conversation;
• Referrers, including people who introduce you to us by name;
• Service providers we use for spam detection, fraud prevention, deliverability, analytics, advertising attribution, and form security;
• Calendar or scheduling tools that you use to book a meeting with us, which share with us the information you provide to those tools, including the time you select and any agenda you enter;
• Email service providers, which share with us delivery, open, click, bounce, and unsubscribe data for messages we send.

3. Cookies and Similar Technologies

We use cookies and similar technologies for purposes that include making the Site work properly, remembering your preferences, understanding how the Site is used, measuring the performance of marketing campaigns, and supporting our security and fraud prevention efforts. Specifically, we use:

• Strictly necessary cookies, which are required for the Site to function and cannot be disabled in our systems, including cookies that allow forms to submit and pages to render;
• Performance and analytics cookies, which collect information about how visitors use the Site so we can improve it, including how visitors navigate between pages and where errors occur;
• Functionality cookies, which remember choices you make to personalize your experience, including language and region preferences;
• Advertising and attribution cookies, which we or our service providers may use to measure the effectiveness of advertising and to provide more relevant content.

Most web browsers allow you to manage cookie preferences. You can generally set your browser to refuse cookies, to alert you when cookies are being sent, or to delete cookies that have already been set. If you disable or refuse cookies, some parts of the Site may not function properly. Some web browsers provide a “Do Not Track” setting; because there is no industry consensus on how to respond to such signals, we do not currently respond to them, but we honor recognized opt-out preference signals where required by law, including the Global Privacy Control (GPC) signal for users in jurisdictions where GPC must be honored.

4. How We Use Information

We use the information we collect for the following purposes:

• To respond to your inquiries and provide the information, calls, briefs, or scheduling you have requested;
• To evaluate potential service engagements and prepare for conversations with you;
• To operate, maintain, secure, monitor, debug, and improve the Site and our communications;
• To send you transactional, scheduling, and operational communications by email, SMS, or telephone;
• To send you marketing communications where permitted, and to measure their performance, subject to your consent and your ability to opt out;
• To personalize content and improve the relevance of the Site to your professional context;
• To conduct analytics, research, business planning, forecasting, and reporting;
• To detect, prevent, investigate, and respond to fraud, abuse, security incidents, and violations of our Terms of Use or applicable law;
• To comply with applicable laws, regulations, contracts, court orders, subpoenas, and other legal processes;
• To establish, exercise, and defend legal claims and protect the rights, property, and safety of MedBridge, our personnel, our clients, our partners, and the public;
• To support corporate transactions, including financings, acquisitions, divestitures, restructurings, mergers, and asset sales;
• For any other purpose for which you provide consent at the time of collection.

5. Legal Bases (for individuals in certain jurisdictions)

Where the General Data Protection Regulation, the United Kingdom General Data Protection Regulation, or another similar law applies, we rely on the following legal bases to process your personal data: (a) your consent, where required; (b) the performance of a contract with you or the taking of steps at your request prior to entering into a contract; (c) compliance with legal obligations to which we are subject; (d) the protection of vital interests; and (e) our legitimate interests, including understanding interest in our services, running our business, improving our offerings, securing the Site, and marketing our services, where those interests are not overridden by your rights and interests.

6. How We Disclose Information

We do not sell personal information for monetary consideration. We may disclose information about you in the following circumstances:

• Service providers and processors. We share information with vendors that perform services on our behalf, including website hosting, content delivery, email delivery, SMS delivery, customer relationship management, calendar and scheduling, analytics, security and fraud prevention, professional advisors, and similar functions. These vendors are authorized to use the information only as necessary to provide services to us and are required to safeguard it appropriately.
• Clients and partners. Where you have explicitly requested that we connect you with a client, partner, or other third party, we may share information necessary to facilitate that connection.
• Professional advisors. We may share information with our legal counsel, accountants, auditors, insurers, and other professional advisors where reasonably necessary.
• Compliance and protection. We may disclose information when we believe in good faith that disclosure is necessary or appropriate to comply with applicable law, regulation, legal process, governmental request, or industry rule; to enforce our Terms of Use; to protect the rights, property, safety, or security of MedBridge, our personnel, our clients, our partners, or the public; to investigate suspected fraud, abuse, or security incidents; or to respond to a claim or legal proceeding.
• Corporate transactions. If MedBridge is involved in a merger, acquisition, financing, reorganization, dissolution, bankruptcy, receivership, or sale of all or a portion of its assets, information about you may be transferred or disclosed in connection with that transaction, subject to standard confidentiality obligations.
• With your direction or consent. We may share information for other purposes you authorize or direct.

We do not sell or share SMS consent or mobile telephone numbers with third parties for their independent marketing purposes.

7. Marketing Communications, SMS Program, and Opt-Out

Where you have opted in or where applicable law permits, we may send you marketing emails about our insights, perspectives, events, and services. You may unsubscribe at any time using the link included in those emails. Where you have provided express written consent, we may send you SMS messages relating to your inquiry or engagement. Message frequency may vary, and message and data rates may apply. You can opt out of SMS messages at any time by replying “STOP” or by emailing info@medbridgehealth.org. We may still send transactional, scheduling, and operational messages relating to your specific inquiry or engagement after you opt out of marketing communications. Your SMS consent and mobile telephone number will not be shared with third parties for their independent marketing purposes.

8. Health Information and HIPAA

The Site is not designed to receive, store, transmit, or process protected health information (“PHI”) under HIPAA, and you should not submit PHI through any inquiry form, email, SMS, or other channel offered by the Site. Where MedBridge engages with a healthcare provider, payer, or business associate that requires the exchange of PHI in connection with a services engagement, that exchange occurs under a separately executed business associate agreement or other appropriate written agreement and through secure channels established outside of the public Site. Nothing in this Policy constitutes a business associate agreement.

9. Children

The Site is not directed to children under the age of eighteen, and we do not knowingly collect personal information from children under eighteen through the Site. If we become aware that we have collected personal information from a child under eighteen without verifiable parental consent, we will take reasonable steps to delete that information. If you believe that a child has provided personal information to us, please contact us at info@medbridgehealth.org.

10. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes for which it was collected, to provide requested services, to maintain accurate business and accounting records, to comply with legal obligations, to resolve disputes, and to enforce our agreements. Retention periods depend on factors including the nature of the information, the purpose of processing, applicable legal or regulatory requirements, limitations periods for legal claims, contractual obligations, and our legitimate business needs. When information is no longer required, we will delete it, anonymize it, or, where deletion is not technically feasible, securely isolate it from further processing until deletion is possible.

11. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, alteration, disclosure, or destruction. These safeguards include encryption in transit, access controls, authentication, logging and monitoring, vulnerability management, employee training, vendor risk management, and incident response procedures. However, no method of transmission over the internet or method of electronic storage is one-hundred-percent secure, and we cannot guarantee absolute security. You are responsible for protecting the credentials and devices you use to interact with the Site and for promptly notifying us of any suspected unauthorized access.

12. International Transfers

MedBridge is based in the United States, and the information we collect is processed and stored in the United States and in other countries where our service providers operate. If you access the Site from outside the United States, you understand that your information may be transferred to, stored in, and processed in the United States or other jurisdictions whose data protection laws may differ from those of the country in which you reside. Where required by applicable law, we use appropriate safeguards for international transfers, including standard contractual clauses or equivalent mechanisms.

13. Your Choices

You can make several choices about your information:

• You can decline to submit inquiry forms or other information, although doing so may prevent us from responding to you;
• You can adjust your browser settings to refuse or delete cookies, although some Site features may not function properly without them;
• You can unsubscribe from marketing emails at any time using the unsubscribe link in those emails;
• You can opt out of SMS messages at any time by replying “STOP” or by emailing info@medbridgehealth.org;
• You can ask us to access, correct, or delete your personal information by contacting us at info@medbridgehealth.org;
• You can choose to communicate with us by alternative channels at any time.

14. United States State Privacy Rights

Residents of certain United States states may have additional rights with respect to their personal information. The specific rights available to you depend on the state in which you reside and the applicable state privacy law, which may include:

• The right to know or access the categories and specific pieces of personal information we have collected about you;
• The right to correct inaccurate personal information;
• The right to delete personal information we have collected from you, subject to legal exceptions;
• The right to obtain a copy of your personal information in a portable, machine-readable format;
• The right to opt out of the sale of personal information, the sharing of personal information for cross-context behavioral advertising, and certain profiling activities; we do not sell personal information for monetary consideration, and we honor opt-out preference signals where required;
• The right to limit the use and disclosure of sensitive personal information;
• The right to non-discrimination for exercising your rights;
• The right to appeal a decision we have made regarding a privacy rights request.

These rights are subject to verification and to legal exceptions. Depending on your state of residence, the applicable law may include the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), the Utah Consumer Privacy Act (UCPA), the Texas Data Privacy and Security Act (TDPSA), the Oregon Consumer Privacy Act (OCPA), the Montana Consumer Data Privacy Act (MCDPA), the Iowa Consumer Data Protection Act, the Delaware Personal Data Privacy Act, the New Jersey Data Privacy Act, the Tennessee Information Protection Act, and similar laws enacted by other states. To exercise your rights, please contact us at info@medbridgehealth.org. You may designate an authorized agent to make a request on your behalf; we may require the agent to provide proof of authorization and may require you to verify your identity directly with us.

14.1 California Notice

For California residents, the categories of personal information we collect, as enumerated in Cal. Civ. Code § 1798.140, include: identifiers (name, contact details, IP address); customer records information; commercial information (services requested); professional or employment-related information (role, title); internet or other electronic network activity (browsing on the Site); geolocation (approximate, derived from IP address); inferences drawn from the foregoing; and the contents of communications you send to us. We collect these categories from the sources described in Section 2, use them for the purposes described in Section 4, and disclose them to the recipients described in Section 6. We do not sell personal information for monetary consideration. We may share personal information for cross-context behavioral advertising where you have not opted out; you can opt out by emailing us at info@medbridgehealth.org or by using a browser preference signal we are required to honor. We retain personal information as described in Section 10.

15. Sensitive Personal Information

We do not intentionally collect sensitive personal information through the Site, including government identifiers, account or payment credentials, precise geolocation, biometric identifiers, health information of an identifiable individual, information about racial or ethnic origin, religious beliefs, sexual orientation, union membership, or genetic data. You should not submit such information through the Site.

16. Automated Decision-Making and Profiling

We do not use the personal information collected through the Site to make decisions producing legal effects concerning you or similarly significant effects without human involvement. We may use aggregate analytics and reasonable inferences about professional interest to tailor our outreach.

17. Links to Other Sites and Third-Party Services

The Site may contain links to third-party websites, applications, or services that are not operated by MedBridge. We are not responsible for the content, privacy practices, or terms of those third parties. We encourage you to review the privacy policies of any third-party services you use.

18. Job Applicants

If you apply for a position with MedBridge, we collect and use the information you provide, including your resume, cover letter, work history, references, and similar information, to evaluate your application, communicate with you about the role, and consider you for current or future opportunities. We retain applicant information for as long as reasonably necessary to fulfill these purposes and to comply with applicable employment and recordkeeping laws.

19. Aggregate and De-Identified Information

We may create aggregate, anonymized, or de-identified information from personal information by removing identifiers in a manner designed to ensure the information cannot reasonably be linked back to a specific individual. We may use and disclose such information for any purpose permitted by law and will not attempt to re-identify it except as permitted or required by law.

20. Changes to This Policy

We may update this Policy from time to time. Material changes will be reflected by an updated “Last updated” date above, and, where required by applicable law, we will provide additional notice. We encourage you to review this Policy periodically.

21. How to Contact Us

If you have questions about this Policy, would like to exercise a privacy right, or would like to file a complaint, please contact us at:

MedBridge Health
Attn: Privacy
Houston, Texas, United States
Email: info@medbridgehealth.org

We will acknowledge your request promptly and respond within the time periods required by applicable law. We may need to verify your identity before honoring certain requests and may be required to retain information to comply with legal obligations even after a deletion request.