Xemarth Legal

Privacy Policy

This policy describes how Xemarth handles B2B healthcare data for clinics and professionals using our SaaS platform.

Last updated: June 2026

Technology Vendor Role

Xemarth operates strictly as a technology vendor that provides software, workflow automation, and support tools to registered healthcare businesses. We do not act as a covered entity or business associate by default unless a separate written agreement states otherwise.

B2B Healthcare Data

We may process clinic, provider, patient, appointment, and operational information only as needed to deliver the service, support the account, secure the platform, and fulfill contractual obligations for our business customers.

HIPAA Compliance Standards

Where applicable, we follow HIPAA-aligned administrative, physical, and technical safeguards designed to protect protected health information handled through the platform. Customers remain responsible for their own compliance obligations and configuration choices.

Data Encryption in Transit and Rest

We use encryption in transit and encryption at rest for protected platform data, account records, and operational information stored or transmitted through the service.

No Sale of Data

We never sell patient data or clinic data to third parties. We do not trade, rent, or disclose customer data for third-party advertising or profiling purposes.

Contact

For privacy questions, data requests, or security concerns, contact support@xemarth.com.