Privacy Policy

1. Information We Collect

We collect several types of information to provide and improve our services:

Personal Information

When you create an account, enroll in courses, or interact with our platform, we may collect:

• Full name, email address, and phone number
• Professional credentials, license numbers, and certifying body information
• Job title, employer or organization, and professional specialty
• Profile photo and biographical information
• Mailing address (when required for certificate delivery or verification)

Payment Information

Payment transactions are processed by third-party payment processors (such as Stripe). We do not directly store your full credit card number or banking details on our servers. We may retain limited payment information such as the last four digits of your card, card type, and billing address for record-keeping and customer support purposes.

Usage Data

We automatically collect information about how you interact with our platform, including:

• Pages visited, courses viewed, and features used
• Course progress, lesson completion status, and time spent on activities
• Assessment scores, quiz attempts, and completion timestamps
• Discussion posts, messages, and other user-generated content
• Search queries and navigation patterns

Device and Technical Information

• IP address and approximate geographic location
• Browser type and version, operating system, and device type
• Screen resolution, language preferences, and time zone
• Referring URLs and exit pages

Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to maintain your session, remember your preferences, understand usage patterns, and improve our services. Essential cookies are required for the platform to function. Analytics cookies help us understand how users interact with our platform. You can control cookie preferences through your browser settings, though disabling certain cookies may limit platform functionality.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and maintain course access: Deliver educational content, manage enrollments, and ensure platform functionality
• Track continuing education credits: Record course completions, calculate CE credit hours, and generate certificates of completion in accordance with accreditation requirements
• Process payments: Facilitate course purchases, issue refunds, and maintain transaction records
• Communicate with you: Send enrollment confirmations, course updates, certificate notifications, account alerts, and respond to support inquiries
• Improve our platform: Analyze usage patterns to enhance course content, user experience, and platform performance
• Personalize your experience: Recommend relevant courses and tailor content based on your professional interests and learning history
• Comply with accreditation requirements: Maintain records required by accrediting bodies, state licensing boards, and regulatory agencies
• Ensure platform integrity: Detect and prevent fraud, abuse, and violations of our terms of service
• Fulfill legal obligations: Comply with applicable laws, regulations, and legal processes

3. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Accrediting bodies and licensing boards: We may share completion records, CE credit information, and professional credentials with relevant accrediting organizations and state licensing boards as required for CE credit verification and compliance
• Payment processors: We share necessary transaction details with our third-party payment processors (e.g., Stripe) to facilitate payments securely
• Course instructors: Instructors may access limited learner information within the context of their courses, including names, progress data, and discussion participation. Instructors do not receive your payment information or personal contact details outside the platform
• Analytics providers: We share anonymized and aggregated usage data with analytics providers to help us understand platform usage and improve our services. This data cannot be used to identify individual users
• Service providers: We may share information with trusted third-party vendors who assist us in operating the platform, such as hosting providers, email delivery services, and customer support tools. These providers are contractually obligated to protect your data
• Legal requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others
• Business transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change

4. Data Retention

We retain your information for as long as necessary to fulfill the purposes described in this policy:

• Account data: Retained for as long as your account remains active. If you request account deletion, we will remove your personal information within 30 days, subject to the exceptions below
• CE credit and completion records: Retained in accordance with applicable state licensing board and accreditation body requirements, typically for a minimum of 5 to 7 years following course completion. These records may be retained even after account deletion to comply with regulatory obligations
• Payment and transaction records: Retained for a minimum of 7 years as required by tax and financial regulations
• Usage and analytics data: Retained in anonymized or aggregated form for up to 3 years for platform improvement purposes
• Communications: Support correspondence and messages are retained for up to 2 years after the last interaction

5. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct any inaccurate or incomplete personal information
• Deletion: Request deletion of your personal information, subject to our obligation to retain CE credit records as required by accrediting bodies and licensing boards
• Opt out of marketing: Unsubscribe from promotional emails at any time by clicking the unsubscribe link in any marketing email or adjusting your notification preferences in your account settings. Note that you will continue to receive transactional communications related to your account and enrollments
• Data portability: Request your personal data in a structured, commonly used, machine-readable format
• Withdraw consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing conducted prior to withdrawal

To exercise any of these rights, please contact us at support@carepath.co. We will respond to your request within 30 days.

6. Data Security

We implement robust technical and organizational measures to protect your personal information, including:

• Encryption of data in transit using TLS/SSL and encryption of sensitive data at rest
• Role-based access controls to limit data access to authorized personnel
• Regular security assessments and vulnerability testing
• Secure authentication mechanisms, including support for strong passwords
• Monitoring and logging of system access for security audit purposes

While we strive to protect your personal information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to promptly notifying affected users in the event of a data breach as required by applicable law.

7. Children's Privacy

CarePath LMS is designed for healthcare professionals and is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to promptly delete that information. If you believe a child under 13 has provided us with personal information, please contact us at support@carepath.co.

8. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

• Right to know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which your information was collected, the business purpose for collecting your information, and the categories of third parties with whom we share your information
• Right to delete: You have the right to request deletion of your personal information, subject to certain exceptions including our obligation to retain CE credit records
• Right to opt out of sale: We do not sell your personal information to third parties. As such, there is no need to opt out of the sale of personal information
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights

To submit a CCPA request, please contact us at support@carepath.co. We may need to verify your identity before processing your request.

9. Third-Party Links

Our platform may contain links to third-party websites, services, or resources that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you by email (sent to the email address associated with your account) or by posting a prominent notice on our platform prior to the changes taking effect. We encourage you to review this Privacy Policy periodically. Your continued use of CarePath LMS after the effective date of any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: