Privacy Policy

How we collect, use, and protect your personal information

Last updated: April 24, 2026

๐Ÿ“‘ Table of Contents

1. WHAT INFORMATION DO WE COLLECT? 2. HOW DO WE PROCESS YOUR INFORMATION? 3. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION? 4. HOW LONG DO WE KEEP YOUR INFORMATION? 5. HOW DO WE KEEP YOUR INFORMATION SAFE? 6. DO WE COLLECT INFORMATION FROM MINORS? 7. WHAT ARE YOUR PRIVACY RIGHTS? 8. CONTROLS FOR DO-NOT-TRACK FEATURES 9. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS? 10. INTRO CLAUSE 11. HIPAA NOTICE 12. GLBA NOTICE 13. NO TRACKING GUARANTEE 14. DO WE MAKE UPDATES TO THIS NOTICE? 15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE? 16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us. We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information we collect may include: names, phone numbers, email addresses, job titles, and company information.

Sensitive Information. When necessary, with your consent or as otherwise permitted by applicable law, we may process health data and financial information as part of our consulting services under signed Business Associate Agreements.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.

We process your personal information for a variety of reasons, including:

  • To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
  • To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues.
  • To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies.
  • To fulfill and manage your orders. We may process your information to fulfill and manage your orders, payments, returns, and exchanges.
  • To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
  • To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure.
  • To evaluate and improve our Services, products, marketing, and your experience. We may process your information to identify usage trends and improve our Services.
  • To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and defend our legal rights.

3. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with third parties.

We may need to share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Service Providers. We may share your information with third-party vendors who perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, and customer service.
  • Legal Requirements. We may disclose your information where required to do so by law or in response to valid requests by public authorities.

4. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

Retention periods include:

  • Health data (PHI): 6 years from last contact (HIPAA ยง164.530(j))
  • Financial data: 7 years from collection (GLBA/IRS ยง6001)
  • Contact data: Client relationship duration + 3 years post-termination
  • All data: Delete immediately upon verified user request

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.

Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

6. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services.

If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].

7. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.

Withdrawing your consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us using the details provided in Section 15.

However, please note that this will not affect the lawfulness of the processing before its withdrawal.

If you have questions or comments about your privacy rights, you may email us at [email protected].

8. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.

At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

9. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific privacy rights.

Your rights may include:

  • Right to know whether we are processing your personal data
  • Right to access your personal data
  • Right to correct inaccuracies in your personal data
  • Right to request deletion of your personal data
  • Right to obtain a copy of your personal data
  • Right to non-discrimination for exercising your rights
  • Right to opt out of processing for targeted advertising

To exercise these rights, you can contact us by emailing [email protected] or by visiting our contact page.

10. INTRO CLAUSE

Our website provides information about finance, technology, and healthcare consulting services for professional clients. Contact form submissions constitute professional service inquiries, not patient-provider relationships or consumer transactions.

This Privacy Policy applies to all information collected through our website and related services. By using our website, you consent to the data practices described in this policy.

11. HIPAA NOTICE

Our Role is Consulting, Not Healthcare. Golden Ratio Consulting provides technology consulting and advisory services only. We are not a covered entity or healthcare provider under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Any health-related data we process is handled strictly as a business associate during specific consulting engagements.

Safeguards for Health Information. We implement appropriate administrative, technical, and physical safeguards to protect health information received during consulting projects. Access is restricted to authorized personnel only, and all data handling complies with the HIPAA Security Rule requirements.

Scope Limitation. Client acknowledges that Golden Ratio Consulting acts solely as a technology consultant. We do not provide healthcare services, diagnosis, or treatment. Health data processing occurs only as necessary for consulting deliverables and pursuant to executed Business Associate Agreements where applicable.

No PHI Through This Website. Our website and general contact forms are not intended for the submission of medical or health-related information. You agree not to submit, upload, or transmit any Protected Health Information through this website. If you are a client and need to share PHI with us, you must do so using the secure channels provided under your signed agreement.

Unauthorized submission of PHI via this site may violate these Terms and applicable law. In the event of a conflict between this Notice and a signed Business Associate Agreement, the Business Associate Agreement governs.

12. GLBA NOTICE

Financial information is processed solely for consulting purposes per Gramm-Leach-Bliley Act requirements. We maintain physical, electronic, and procedural safeguards that comply with federal standards to protect your non-public personal information.

We do not disclose non-public personal information about our clients or former clients to anyone, except as permitted by law. We restrict access to non-public personal information to those employees who need to know that information to provide products or services to you.

13. NO TRACKING GUARANTEE

We do not use cookies, pixels, analytics, or third-party tracking technologies on our website. Your browsing activity is not tracked or monitored across other websites.

We believe in a privacy-first approach and have designed our website to minimize data collection. No advertising networks, analytics providers, or other third-party trackers are integrated into our site.

14. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification.

We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO) by email or by post at:

Golden Ratio Consulting, LLC
Data Protection Officer
125 Summer Street, Suite 1300
Boston, MA 02110
United States

Email: [email protected]

Phone: (617) 555-0123

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information.

You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

To request to review, update, or delete your personal information, please visit our contact page or email us at [email protected].

We will respond to your request within 30 days. If we decline to take action regarding your request, you may appeal our decision by emailing us at [email protected].

Have Questions About Your Privacy?

Our team is ready to answer any questions about how we protect your information.

CONTACT PRIVACY TEAM
โ†‘