Xemarth Legal
Privacy Policy
This policy describes how Xemarth handles B2B healthcare data for clinics and professionals using our SaaS platform.
Last updated: June 2026
Technology Vendor Role
Xemarth operates strictly as a technology vendor that provides software, workflow automation, and support tools to registered healthcare businesses. We do not act as a covered entity or business associate by default unless a separate written agreement states otherwise.
B2B Healthcare Data
We may process clinic, provider, patient, appointment, and operational information only as needed to deliver the service, support the account, secure the platform, and fulfill contractual obligations for our business customers.
HIPAA Compliance Standards
Where applicable, we follow HIPAA-aligned administrative, physical, and technical safeguards designed to protect protected health information handled through the platform. Customers remain responsible for their own compliance obligations and configuration choices.
Data Encryption in Transit and Rest
We use encryption in transit and encryption at rest for protected platform data, account records, and operational information stored or transmitted through the service.
No Sale of Data
We never sell patient data or clinic data to third parties. We do not trade, rent, or disclose customer data for third-party advertising or profiling purposes.
Contact
For privacy questions, data requests, or security concerns, contact support@xemarth.com.