Privacy Policy

Tempo Platforms LLCd/b/a Tempo ("Tempo," "we," "our," or "us") operates gettempohealth.com and the Tempo web application (the "Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our Service.

Tempo operates as a HIPAA Business Associate. When our Service processes protected health information ("PHI") on behalf of a covered entity (your medical practice), that processing is governed by a Business Associate Agreement ("BAA") with your practice. This Privacy Policy covers our handling of non-PHI information and describes our broader privacy practices.

Account information. When you register, we collect your name, email address, practice name, and billing information to create and manage your account.

Usage data. We automatically collect information about how you interact with the Service — pages visited, features used, session duration, and device information (browser type, operating system, IP address). This data is used to operate, improve, and secure the Service.

Clinical and billing data (PHI). When your practice connects an EMR integration, the Service accesses encounter data, visit notes, and payer information to generate CPT code recommendations. This information constitutes PHI and is handled under your BAA with Tempo. We do not sell PHI. We do not use PHI for any purpose other than providing the Service to your practice.

Communications. If you contact us, we retain your messages and contact details to respond and improve support.

We use the information we collect to:

• Provide, operate, and improve the Service
• Process billing and manage subscriptions
• Send transactional communications (receipts, alerts)
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations
• Respond to support inquiries

We do not sell your information to third parties. We do not use PHI to train AI models or for any purpose outside the BAA scope.

Service providers. We engage vendors to host, operate, and support the Service. These vendors process data only on our behalf under confidentiality obligations. Vendors that process PHI execute a BAA with Tempo.

Legal requirements. We may disclose information if required by law, subpoena, or regulatory authority, or to protect the rights, property, or safety of Tempo, our users, or the public.

Business transfers. If Tempo is acquired, your information may transfer to the successor. We will provide notice before PHI is transferred and subject to a different privacy policy.

Tempo maintains administrative, physical, and technical safeguards for PHI as required under the HIPAA Security Rule, including:

• Encryption of PHI in transit and at rest
• Access controls and role-based permissions
• Audit logging for PHI access and modification
• Business Associate Agreements with all PHI-handling subprocessors
• Breach notification procedures per the HIPAA Breach Notification Rule

A signed BAA is required before your practice may use the Service to process PHI. Contact privacy@gettempohealth.com to initiate a BAA.

We retain account information for as long as your account is active and for a reasonable period afterward to comply with legal obligations. PHI retention is governed by your BAA and applicable law. You may request deletion of your account data by contacting privacy@gettempohealth.com.

We use industry-standard security measures including TLS encryption in transit, encryption at rest, regular security assessments, and strict access controls. If you believe your account has been compromised, contact us immediately.

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of your personal information. Contact privacy@gettempohealth.com to exercise these rights. For PHI rights under HIPAA, contact your medical practice directly.

We use essential cookies for session management and authentication. We use analytics tools to understand aggregate usage. We do not use advertising or behavioral tracking cookies.

Material changes will be communicated via email or in-app notice at least 30 days before taking effect. Continued use after the effective date constitutes acceptance.

For privacy questions, BAA requests, or data rights:

Tempo Platforms LLC
Privacy Officer
privacy@gettempohealth.com