Privacy Policy

1. Introduction

PromoPack (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our promotional content management platform.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

• Name, email address, and contact information
• Professional information (job title, company, role)
• Account credentials and authentication data
• Payment information (processed securely through third-party providers)
• Communications you send to us

2.2 Usage Data

We automatically collect certain information when you use our platform:

• Log data (IP address, browser type, pages visited)
• Device information and usage patterns
• Performance metrics and error reports
• Cookies and similar tracking technologies

2.3 Health Information

As a healthcare-focused platform, we may process protected health information (PHI) including medical claims, references, and promotional content. This data is handled with the highest level of security and in full compliance with HIPAA requirements.

3. How We Use Your Information

We use collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our platform
• Account Management: To create and manage your account
• Communication: To respond to inquiries and provide customer support
• Compliance: To ensure regulatory compliance and data security
• Analytics: To understand usage patterns and improve our services
• Legal Obligations: To comply with legal requirements and protect rights

4. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• Service Providers: Trusted third-party service providers who assist in operating our platform
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: With your explicit consent

5. Data Security

We implement comprehensive security measures to protect your information:

• End-to-end encryption for data in transit and at rest
• Regular security audits and penetration testing
• Access controls and role-based permissions
• Employee training on data protection
• Incident response procedures

6. Your Rights Under GDPR

If you are located in the European Economic Area, you have the following rights:

• Access: Request access to your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data
• Restriction: Request limitation of processing
• Portability: Request transfer of your data
• Objection: Object to processing based on legitimate interests

To exercise these rights, please contact us at [email protected]

7. Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary depending on the type of data and applicable regulations.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses approved by the European Commission.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content. You can control cookie preferences through your browser settings.

10. Third-Party Services

Our platform integrates with third-party services for payment processing, file storage, and analytics. These services have their own privacy policies, and we encourage you to review them.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: