Skip to content
How It WorksCalculatorFAQResourcesSchedule a Call

Privacy Policy

Last updated: April 3, 2026

Introduction

Zayd LLC ("Zayd," "we," "us," or "our") operates the Zayd Health platform. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our platform or visit our website. Zayd LLC is organized under the laws of the State of Delaware, USA. Our platform is intended for use within the United States.

Information We Collect

When healthcare practices use our platform, we process information on their behalf, including staff credentials, patient demographics, insurance information, clinical data from connected medical devices, documentation records, and billing-related data. The specific data collected depends on the features used and the information entered by authorized clinic staff.

When you visit our website, we may collect information you voluntarily provide through forms, as well as standard analytics data such as page views and device type. Analytics are used on our marketing website only and never within the authenticated platform.

How We Use Information

  • To operate, maintain, and improve the platform
  • To generate billing compliance documentation on behalf of clinics
  • To maintain audit trails as required for regulatory compliance
  • To send transactional communications (onboarding, notifications, reminders)
  • To process payments
  • To aggregate and de-identify data for research, analytics, and population health purposes — de-identified data cannot be traced to any individual

HIPAA and Protected Health Information

Zayd LLC operates as a Business Associate under HIPAA. We execute Business Associate Agreements (BAAs) with clinic clients and maintain BAAs with our infrastructure providers that process, store, or transmit protected health information (PHI).

Our safeguards include:

  • Encryption of data in transit and at rest
  • Separation of patient identifiers from clinical data
  • Role-based access controls scoped to each organization
  • Append-only audit logging for all data access and modifications

Third-Party Service Providers

We use third-party providers for infrastructure hosting, data storage, payment processing, email delivery, device data integration, and marketing analytics. Each provider receives only the data necessary for their function. Providers that handle PHI operate under Business Associate Agreements. Marketing analytics providers do not receive PHI. Specific providers are identified in your service agreement.

Data Ownership

Patient health data entered into the platform is owned by the treating clinic and their patients. Zayd LLC retains the right to aggregate and de-identify data for research, analytics, and commercial purposes. De-identified data, which cannot be traced to any individual, is owned by Zayd LLC.

Data Retention

We retain platform data in accordance with applicable medical record retention requirements and our obligations under HIPAA. Marketing website submissions are retained for a reasonable period or until you request deletion. Specific retention periods may be described in your service agreement.

Your Rights

  • Clinic administrators may request export or deletion of their organization's data
  • Patients may request access to their data through their treating clinic, consistent with HIPAA patient access rights
  • Website visitors may request deletion of form submissions by contacting us

State Privacy Laws

In addition to HIPAA, we comply with applicable state medical privacy laws in the jurisdictions where our clinic clients operate. Clinic clients are responsible for compliance with their own state-specific regulations regarding patient consent and notification.

Changes to This Policy

We may update this policy from time to time. Material changes will be communicated to active subscribers via email. The date at the top of this page reflects the most recent revision.

Contact

For questions about this privacy policy or to exercise your data rights, contact Zayd LLC at legal@zaydhealth.com.