Raxva RCM Global Privacy Policy

1.Introduction and Scope

Raxva RCM Ltd ("Raxva," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy describes how we collect, use, and share information in connection with our website www.raxvarcm.ai, our marketing activities, and our business operations.

Important Notice Regarding Patient Data (PHI):

This Privacy Policy does not apply to Protected Health Information (PHI) or medical data that we process on behalf of our healthcare clients.

Role: In the context of patient data, Raxva acts solely as a "Business Associate" (under HIPAA) and a "Data Processor" (under GDPR).

Governance: All processing of PHI is governed strictly by the Master Services Agreement (MSA) and HIPAA Business Associate Agreement (BAA) executed with each client.

2.Who We Are

Raxva RCM Ltd is the Controller and is responsible for your personal data (collectively referred to as "Raxva" in this privacy policy).

Legal Entity: Raxva RCM Ltd

Company Number: 17000739

Registered Office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

Data Protection Officer (Contact): admin@raxvarcm.com

3.The Data We Collect About You

We collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity Data: First name, last name, username or similar identifier, job title, and company role.
• Contact Data: Billing address, delivery address, business email address, and telephone numbers.
• Financial Data: Bank account and payment card details (processed via our secure payment partners, Wise/Stripe).
• Technical Data: Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform.
• Usage Data: Information about how you use our website, products, and services.

4.How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Performance of Contract: To register you as a new client and deliver the AI automation services you have purchased.
• Legitimate Interests: To manage our relationship with you (notifying you about changes to terms or privacy policy) and to administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
• Improvement of AI Models (Aggregated Data): We may use Aggregated Data derived from your usage to improve the accuracy and efficiency of our AI algorithms. This data is anonymized and does not directly or indirectly reveal your identity or patient identities.

5.Disclosure of Your Personal Data

We may have to share your personal data with the parties set out below for the purposes set out in paragraph 4 above.

External Third Parties:

• Microsoft Azure (USA): Our primary cloud infrastructure provider.
• Telephony and AI Voice Processors: For telephony services.
• Professional Advisers: Lawyers, bankers, auditors, and insurers based in the UK and USA who provide consultancy, banking, legal, insurance, and accounting services.
• HM Revenue & Customs & Regulators: Authorities acting as processors or joint controllers based in the United Kingdom.
• Business Transfers: Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

6.International Transfers

Raxva RCM Ltd is headquartered in the United Kingdom. However, to ensure low-latency performance for our US clients, our technical infrastructure is hosted in the United States (Azure East US Region).

By submitting your personal data, you agree to this transfer, storing, or processing. We ensure your data is treated securely and in accordance with this privacy policy and UK GDPR requirements regarding international transfers.

7.Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.

• Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
• Access Control: We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.

8.Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

• Client Contact Data: Retained for the duration of the business relationship plus 6 years (for tax purposes).
• Transient Voice Data: Audio recordings processed by our AI are deleted immediately after processing unless retention is required for audit/quality assurance purposes.

9.Your Legal Rights (UK & EU)

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.

To exercise any of these rights, please contact us at admin@raxvarcm.com.

10.Notice to US Residents (California & Others)

Although Raxva is a UK entity, we respect the privacy rights of our US clients. If you are a resident of California, you may have specific rights under the CCPA regarding the collection and sale of your personal information.

Raxva does not sell your personal information to third parties.