Privacy Policy

Effective Date: March 27, 2026
Last Updated: March 27, 2026

VCC Innovations, Inc. ("Clearvara," "we," "us," or "our") operates the Clearvara platform, including our website at clearvara.com, web-based practice management portal, AI-powered voice agents, and SMS messaging services (collectively, the "Services"). This Privacy Policy describes how we collect, use, disclose, and protect information in connection with our Services.

Clearvara provides healthcare revenue cycle management and patient communication tools to eye care providers, including optometry and ophthalmology practices ("Covered Providers"). If you are a patient of one of our Covered Providers, please review Section 3 carefully.

1. Information We Collect

1.1 Information from Practice Users (Staff & Providers)

When eye care practices use the Clearvara platform, we collect:

Account information: name, email address, phone number, professional credentials, and role within the practice.
Practice information: practice name, address, NPI numbers, tax identification numbers, and payer/insurance credentials.
Usage data: log-in activity, feature usage, and interactions within the Clearvara portal.

1.2 Patient Information Processed on Behalf of Covered Providers

Clearvara processes patient information as a Business Associate (as defined under HIPAA) on behalf of Covered Providers. This may include:

Demographics: name, date of birth, address, phone number, and email address.
Insurance and billing information: insurance plan details, member IDs, claims data, and payment information.
Appointment information: scheduling data, appointment reminders, confirmations, and follow-up communications.
Communication records: transcripts and recordings of AI-powered voice calls, SMS messages, and related metadata.
Clinical information: only as necessary for billing, coding, and revenue cycle management purposes.

1.3 Information Collected Automatically

When you visit clearvara.com or use our portal, we may automatically collect:

Device and browser information: IP address, browser type, operating system, and device identifiers.
Usage analytics: pages visited, time on site, clicks, and navigation paths.
Cookies and similar technologies: see Section 6 below.

1.4 Information from SMS Communications

When patients opt in to receive SMS messages through a Covered Provider's Clearvara-powered forms, we collect:

Phone number and consent records (including timestamp and method of consent).
Message delivery status and responses (e.g., STOP, HELP).

2. How We Use Information

We use the information we collect to:

Provide, maintain, and improve the Clearvara platform and Services.
Facilitate appointment reminders, confirmations, rescheduling notifications, and care follow-up messages via SMS and AI-powered voice calls on behalf of Covered Providers.
Process insurance claims, manage billing workflows, and support revenue cycle operations.
Communicate with practice users about their accounts, product updates, and support inquiries.
Monitor platform security, detect fraud, and enforce our terms of service.
Comply with legal obligations, including HIPAA and applicable state privacy laws.
Develop and improve our AI models and communication tools, using only de-identified or aggregated data unless otherwise authorized.

3. Patient Information & HIPAA

3.1 Business Associate Relationship

Clearvara processes Protected Health Information ("PHI") on behalf of Covered Providers pursuant to Business Associate Agreements ("BAAs") as required by the Health Insurance Portability and Accountability Act ("HIPAA"). We do not use or disclose PHI except as permitted by our BAAs and applicable law.

3.2 AI-Powered Communications

Clearvara uses artificial intelligence to facilitate patient communications, including:

AI voice agents that may place or receive phone calls on behalf of a Covered Provider for appointment scheduling, reminders, and follow-up care coordination.
Automated SMS messages for appointment reminders, confirmations, and care notifications.

AI voice agents will identify themselves as calling on behalf of the Covered Provider and disclose that the call is AI-assisted. Call recordings and transcripts are treated as part of the patient's communication record and are subject to the same protections as other PHI.

3.3 Patient Rights

If you are a patient of a Covered Provider using Clearvara, your rights regarding your health information are governed by HIPAA and your provider's Notice of Privacy Practices. To exercise your rights regarding your PHI — including access, amendment, or accounting of disclosures — please contact your eye care provider directly.

To opt out of SMS communications, reply STOP to any message. To opt out of AI voice calls, contact your eye care provider's office.

4. How We Share Information

We do not sell personal information or PHI. We may share information in the following circumstances:

With Covered Providers: Patient data is accessible to the practice that maintains the patient relationship.
Service providers and subcontractors: We use third-party vendors (e.g., cloud hosting, telephony, SMS delivery) who are bound by appropriate data protection agreements and, where applicable, Business Associate Agreements.
Legal compliance: We may disclose information as required by law, regulation, legal process, or governmental request.
Business transfers: In connection with a merger, acquisition, or sale of assets, information may be transferred as part of the transaction, subject to applicable confidentiality and data protection obligations.
With consent: We may share information with your consent or at your direction.

5. Data Security

We implement administrative, technical, and physical safeguards designed to protect information in accordance with HIPAA Security Rule requirements and industry best practices, including:

Encryption of data in transit and at rest.
Role-based access controls within the Clearvara portal.
Audit logging of system access and data activity.
Regular security assessments and vulnerability monitoring.
Workforce training on privacy and security obligations.

No system is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

Enable essential site functionality and security.
Remember your preferences and settings.
Analyze site traffic and usage patterns.

You can manage cookie preferences through your browser settings. Disabling cookies may affect your ability to use certain features of our website or portal.

We do not use tracking technologies to serve targeted advertising based on patient health information.

7. SMS Messaging Terms

Consent: Patients opt in to receive SMS messages through their eye care provider's digital intake or online booking forms. Consent is not a condition of receiving care.
Message types: Appointment reminders, confirmations, rescheduling notifications, and care follow-up messages.
Frequency: Message frequency varies, typically 2–5 messages per month per patient.
Costs: Message and data rates may apply depending on your mobile carrier and plan.
Opt-out: Reply STOP to any message to unsubscribe. Reply HELP for support.
Carriers: Major U.S. carriers are supported. Carriers are not liable for delayed or undelivered messages.

8. Data Retention

We retain information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods for PHI are governed by our BAAs and applicable federal and state record retention requirements.

When information is no longer needed, we securely delete or de-identify it in accordance with our data retention policies.

9. Children's Privacy

Clearvara does not knowingly collect personal information directly from children under 13. Patient information for minors is collected and managed through their Covered Provider and parent or guardian.

10. State-Specific Privacy Rights

Depending on your state of residence, you may have additional rights regarding your personal information, including rights to access, deletion, correction, and data portability. These rights may be subject to exemptions under HIPAA and other applicable laws.

To submit a privacy-related request, contact us using the information in Section 12.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify practice users of material changes through the Clearvara portal or via email. The "Last Updated" date at the top of this page reflects the most recent revision.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

VCC Innovations, Inc.
Email: privacy@clearvara.com