LogoClaraWave

Privacy Policy

Your privacy matters to us. Learn how we protect your personal information and health data with industry-leading security practices.

Effective Date: 6th October, 2025

Last Updated: 6th October, 2025

1. Purpose & Scope

ClaraWave, Inc. (“ClaraWave,” “we,” “our,” or “us”) is committed to protecting the privacy and security of the personal and health information entrusted to us.

This Privacy Policy describes how we collect, use, disclose, and protect personal and health information when users (“you”) access our platform, mobile application, or related services (collectively, the “Services”).

This policy applies to :

  • Care Providers/Agencies who use ClaraWave to manage caregivers, scheduling, billing, and payroll.
  • Caregivers who use ClaraWave to receive assignments, track shifts, and communicate securely.
  • Clients/Patients or Family Members who use ClaraWave to view schedules, invoices, or communicate with care providers.

ClaraWave complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the United States and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Can ada, as well as other applicable privacy laws.

2. Information We Collect

ClaraWave collects two categories of data:

a. Protected Health Information (PHI)

When care providers or caregivers use ClaraWave, we may collect or process PHI that includes

  • Patient names, addresses, contact detail
  • Health - related information related to care plans, appointments, or assessments
  • Billing and payment details linked to care services
  • Scheduling and shift data associated with care delivery

b. Personal Information

We may also collect personal information for account creation and platform use, including:

  • Names, emails, phone numbers, profile photos
  • Employment and professional details (for caregivers)
  • Device, browser, and usage data (for security and analytics)

c. Location Data

  • Real-time GPS data for caregivers (for shift verification and routing)

d. Payment Information

  • Credit card or bank account details (handled via a secure third-party processor)
  • Medicaid/insurance details (if applicable)

e. Device & Usage Information

  • IP address
  • Browser/device type
  • App usage logs
  • Crash reports and diagnostics

3. How We Use Your Information

We use collected information to:

  • Provide and maintain our Services (scheduling, payroll, billing, communications)
  • Authenticate users and manage accounts
  • Process payments to caregivers and billing to agencies
  • Respond to inquiries and provide customer support
  • Improve our Services through analytics and performance tracking
  • Comply with applicable legal and regulatory obligations

We do not sell, rent, or trade your personal or health information for marketing purposes.

4. Permitted Disclosures of PHI

We may disclose PHI only::

  • To authorized individuals and care providers involved in treatment, payment, or healthcare operations;
  • To third - party vendors (e.g., cloud hosting, payment processors) who are bound by Business Associate Agreements (BAAs)
  • As required by law, court order, or regulatory authority;
  • In emergency circumstances to prevent serious harm;
  • With your explicit written authorization.

All disclosures follow the “minimum necessary” standard required by HIPAA.

5. Safeguards and Security

ClaraWave employs strict administrative, physical, and technical safeguards to protect PHI and personal information, including:

  • Encryption: All data encrypted at rest and in transit using industry - standard AES - 256 and TLS 1.2+.
  • Access Controls: Role - based access, least - privilege enforcement, and multi - factor authentication.
  • Audit Logging: Continuous monitoring of data access and activity.
  • Regular Risk Assessments: Ongoing evaluation of vulnerabilities and mitigation strategies.
  • Employee Training: Mandatory annual HIPAA and data security training for all personnel.

6. Patient and User Rights

Depending on your location (U.S. or Canada), you may have the following rights:

  • Access: Request a copy of your information.
  • Correction: Request correction of inaccurate or incomplete data.
  • Restriction: Request limited use or disclosure of your information
  • Withdrawal: Revoke consent for processing (subject to contractual or legal limits)
  • Data Portability: Request a digital copy of your data.
  • Complaint: File a complaint with us or relevant regulatory authorities.

Requests can be submitted by contacting us at privacy@clarawave.com.

7. Breach Notification

In the event of a breach involving unsecured PHI, ClaraWave will notify affected individuals and applicable authorities without unreasonable delay and no later than five (5) business days after discovery, in accordance with HIPAA and PIPEDA requirements.

8. International Data Transfers

ClaraWave stores and processes data primarily in secure U.S. and Canadian data centers. Cross-border transfers comply with HIPAA, PIPEDA, and applicable data protection standards.

9. Retention and Deletion

ClaraWave retains PHI and personal data only for as long as necessary to fulfill the purposes described in this policy or as required by law. When data is no longer needed, it is securely deleted or anonymized.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Updated versions will be posted on our website with a revised “Effective Date.”

11. Contact Information

If you have any questions, concerns, or complaints regarding this Privacy Policy or our data handling practices, please contact our Privacy Officer directly.

📧 privacy@clarawave.com

📍 ClaraWave Inc.

📧 2 Saint Paul Street, Cambridge, MA 02139 US

View Terms of Service →
LogoClaraWave
Terms & ConditionsPrivacy Policy© 2025 ClaraWave Inc.