Privacy Policy

The Site is a sales and information property. Its purpose is to describe Praxis AI's services and let prospective clients reach us. The Site is not a clinical system, is not a patient portal, and is not designed to receive Protected Health Information (“PHI”). Please do not submit PHI through the Site. If you do, we will treat it as ordinary business correspondence, request that you stop, and delete it on request.

We collect only what you give us through the contact form at praxis-ai.services/contact. The form fields are:

• Name (required)
• Practice or organization name (required)
• Email address (required)
• Phone number (optional)
• Number of locations (optional)
• Role at the practice (optional)
• A free-text message, capped at 5,000 characters (required)

The form also includes a hidden “honeypot” field used to detect automated submissions; if it is filled in, the submission is rejected. We do not use cookies, analytics, advertising pixels, session replay tools, or third-party tracking scripts on the Site.

In the ordinary course of operating the Site, our hosting provider records standard server-side request data, including the IP address that submits the form, the user-agent string, and a timestamp. This is used for security, abuse prevention, and debugging.

We use the information you submit to:

• Reply to your inquiry and discuss whether Praxis AI is a fit for your practice.
• Send you follow-up messages about that inquiry until the conversation is closed or you ask us to stop.
• Detect and prevent abuse, spam, and automated submissions.
• Maintain a record of business communications.

We do not sell your personal information. We do not share your personal information with third parties for their own marketing. We do not use the information you submit to train AI models.

We rely on a small set of vendors to operate the Site and our business email. Each processes information only as needed to provide its service to us:

• Vercel — Site hosting and runtime logs (approximately 30-day retention of request logs).
• Resend — Transactional email delivery for lead notifications from the contact form.
• GoDaddy — Domain registration and DNS for praxis-ai.services.
• Microsoft 365 — Email mailboxes for praxis-ai.services, including christian@praxis-ai.services.
• Upstash Redis — Rate-limiting to prevent contact-form abuse (in deployment).
• Discord — Internal error alerting via webhook; this channel receives system error notifications, not user-submitted data.

Each of these vendors maintains its own privacy and security practices.

Contact-form submissions delivered to christian@praxis-ai.services are retained in our Microsoft 365 mailboxes for as long as the inquiry is active and for a reasonable period afterward for business records. Server-side request logs at our hosting provider follow that provider's standard retention (approximately 30 days). You can ask us to delete your inquiry and related records at any time using the contact information below.

The Site is served over TLS. We limit access to inquiry data to operators who need it. Because the Site is not designed to receive PHI and is not part of any HIPAA-covered workflow, it is not configured as a HIPAA-compliant system. PHI is handled only inside service-delivery environments governed by a signed Business Associate Agreement with the relevant practice.

Depending on where you live, you may have rights regarding the personal information we hold about you. California residents, under the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), have the right to:

• Know what personal information we have collected about you.
• Request a copy of that information.
• Request correction of inaccurate information.
• Request deletion of your information.
• Opt out of the sale or sharing of personal information. We do not sell or share personal information as those terms are defined under CCPA/CPRA, but you may still exercise this right.
• Be free from retaliation for exercising any of these rights.

To exercise any of these rights, email christian@praxis-ai.services from the address you used to contact us, or otherwise provide enough information for us to verify your identity. We will respond within the timeframes required by applicable law.

The Site is not directed to children under 16 and we do not knowingly collect information from them. If you believe a child has submitted information through the Site, contact us and we will delete it.

Praxis AI sells AI services that may, in the course of delivery to a medical practice, process PHI. That processing happens only under a Business Associate Agreement executed between Praxis AI and the practice, and only inside the service-delivery environment for that engagement. The Site itself is not a Business Associate function. Submitting an inquiry through the Site does not create a HIPAA-covered relationship and does not authorize the transmission of PHI.

We may update this Policy from time to time. When we do, we will change the “Last updated” date below. Material changes will be reflected on this page; continued use of the Site after a change means you accept the updated Policy.

For privacy questions, requests, or to exercise any of the rights above:

Praxis AI
christian@praxis-ai.services