Privacy Policy for Second Automation, LLC

Last Updated: July 31, 2025

1. Introduction

Welcome to Second Automation, LLC ("Second Automation," "we," "us," or "our"). We are committed to protecting the privacy of our website visitors, customers, and the data processed through our services.

This Privacy Policy explains how we collect, use, share, and protect information. It applies to information we collect when you:

  • Visit our website (www.secondautomation.com).
  • Use our products and services (the "Services").
  • Communicate with us through email, forms, or other channels.

This policy is divided into two main parts:

  • Our Role as a Business: How we handle data collected directly from our website visitors and customers for our own business purposes.
  • Our Role as a Business Associate: How we handle Protected Health Information (PHI) on behalf of our customers (the healthcare practices, or "Covered Entities") in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

2. Our Role and Responsibilities Under HIPAA

When a healthcare provider uses our Services to process patient data, Second Automation acts as a "Business Associate" and the provider is the "Covered Entity" under HIPAA.

Our responsibilities regarding Protected Health Information (PHI) are governed by the Business Associate Agreement (BAA) we enter into with each Covered Entity. In the event of any conflict between this Privacy Policy and a BAA, the terms of the BAA will prevail.

We process PHI solely for the purpose of providing, maintaining, and improving our Services to the Covered Entity, and as permitted by our BAA and applicable law.

3. Information We Collect

A. Information You Provide to Us Directly

  • Waitlist & Contact Information: When you join our waitlist or contact us, we collect your name, email address, number of physicians, and any other information you choose to provide.
  • Customer Account Information: When a practice signs up for our Services, we collect business contact information, billing details, and account credentials for authorized users.

B. Information We Collect Automatically

  • Website Analytics: Like most websites, we collect standard log data, including IP address, browser type, operating system, and pages visited. We use this information to analyze trends and improve our website. This data is generally anonymized or aggregated.

C. Protected Health Information (PHI)

  • Through our Services, and on behalf of our customers (the Covered Entities), we receive and process PHI. This may include patient names, appointment details, insurance information, and other clinical data. We only process the minimum necessary PHI required to perform our automated rule-processing services as defined in our BAA with the healthcare practice.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Improve Our Services: To operate our platform, perform automated checks, provide customer support, and improve functionality.
  • To Communicate With You: To respond to your inquiries, send service-related announcements, and provide updates about our company. You can opt out of marketing communications at any time.
  • For Billing and Account Management: To process payments and manage customer accounts.
  • For Analytics and Improvement: We may use de-identified and aggregated data (from which all personal identifiers and PHI have been removed) to analyze the effectiveness of our Services and for research and development.

5. How We Share and Disclose Information

Second Automation will never sell your personal information or any Protected Health Information.

We may share information under the following limited circumstances:

  • With Subprocessors: We use third-party service providers for essential operations like cloud hosting (e.g., Amazon Web Services, Google Cloud) and email delivery. We have BAAs in place with any subprocessors who may come into contact with PHI, ensuring they meet the same stringent security and privacy standards we do.
  • As Directed by our Customers: We may disclose PHI as directed by the Covered Entity that controls the data.
  • For Legal Reasons: We may disclose information if required by law, subpoena, or other legal process, or if we have a good-faith belief that disclosure is necessary to protect our rights, your safety, or the safety of others.
  • In a Business Transfer: If Second Automation is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction, subject to our commitments in this Privacy Policy and any applicable BAA.

6. Data Security

We take the security of your data very seriously. We implement and maintain a comprehensive security program with technical, administrative, and physical safeguards designed to protect information from unauthorized access, use, or disclosure. These measures include:

  • Data encryption in transit and at rest.
  • Strict access controls and need-to-know principles.
  • Regular security assessments and employee training.

7. Your Rights and Choices

For Website Visitors and Direct Customers:

You have the right to access, correct, or delete your personal information that we hold. You can also opt out of receiving marketing communications from us by following the "unsubscribe" link in our emails.

For Patients:

If you are a patient of one of our customers and have questions about your PHI, you must contact your healthcare provider (the Covered Entity) directly. As a Business Associate, we cannot act on individual patient requests and must direct all such inquiries to the responsible Covered Entity.

8. Children's Privacy

Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from them.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the "Last Updated" date at the top of this policy and, in some cases, by providing more prominent notice (such as on our homepage or by email).

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

moc.noitamotuadnoces@ycavirp