Privacy

Privacy Policy

Last updated March 19, 2026

To request access to, correction of, or deletion of your personal information, please submit a data subject access request or contact us at support@patientq.io. These rights may be limited in some circumstances by applicable law.

This Privacy Notice for PatientQ Inc ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share your personal information when you use our services, including when you visit patientq.io or engage with us in other related ways.

About PatientQ

PatientQ Inc is a healthcare technology company offering an all-in-one platform built exclusively for aesthetic practices and medical spas — including providers offering services such as injectables, laser treatments, body contouring, skincare, and wellness therapies. PatientQ is used by practice owners, practitioners, and front-desk staff. PatientQ is not a patient-facing application.

Our platform provides:

  • Patient queue and waitlist management — real-time visibility into client flow, check-ins, and wait times across your aesthetic practice
  • Appointment scheduling and reminders — calendar-based booking, automated client reminders, and schedule management tailored to med spa workflows
  • EHR integration — two-way data sync with electronic health record systems to reduce duplication and streamline clinical workflows
  • Digital advertising campaign management — tools for aesthetic practices and med spas to create, manage, and optimize digital ad campaigns to attract new clients
  • Website management — an integrated tool that allows practices to update and maintain their online presence from within PatientQ

1. What Information Do We Collect?

Information you provide to us

We collect personal information you voluntarily provide when you register for an account or contact us. This may include:

  • Full name
  • Email address
  • Phone number
  • Practice or clinic name and address
  • Job title or role

We do not process sensitive personal information such as health records, financial account numbers, or biometric data.

Payment Data. We may collect data necessary to process your subscription payments. All payment data is handled and stored by Stripe. See Stripe's privacy notice at stripe.com/privacy.

Information automatically collected

When you use our platform, we automatically collect:

  • Log and Usage Data — IP address, browser type, pages and features accessed, date/time stamps, and error reports
  • Device Data — device type, operating system, browser, and hardware model
  • Location Data — approximate location derived from IP address. You may disable precise location sharing in your device settings.

2. Google Calendar Integration — Data Access and Use

PatientQ requests access to your Google Calendar. This section explains exactly what data we access, why, and how it is used.

What we access

When you connect your Google account to PatientQ, we request permission to read, create, update, and delete calendar events on your behalf within Google Calendar.

Why we access it

Google Calendar access is used solely to sync appointment and scheduling data between PatientQ and your Google Calendar, allowing aesthetic practice staff to:

  • View and manage client appointments within PatientQ alongside their Google Calendar
  • Create or update appointments in PatientQ that automatically reflect in Google Calendar
  • Avoid duplicate data entry across separate scheduling tools

How we use this data

Google Calendar data is used only for the scheduling and calendar sync purposes described above. We do not use this data for advertising, for analytics unrelated to scheduling, or to train artificial intelligence or machine learning models.

Who we share it with

We do not sell, rent, or share Google Calendar data with any third party, except where strictly necessary to operate the calendar sync feature (such as our cloud infrastructure provider, operating under a data processing agreement). We do not share this data with advertisers or marketing partners.

Google API Services User Data Policy

PatientQ's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This means we:

  • Only use Google user data for the purposes disclosed in this policy
  • Do not transfer Google user data to third parties except as necessary to provide the calendar sync service
  • Do not use Google user data for serving advertisements
  • Do not allow humans to read Google user data unless you give explicit permission, it is necessary for security purposes, or we are required to do so by law

3. How Do We Process Your Information?

We process your personal information to:

  • Provide and operate our platform — to deliver the queue management, scheduling, EHR integration, advertising, and website management features you have subscribed to
  • Facilitate account creation and authentication
  • Send communications — including account notifications, support responses, and product updates
  • Improve our services — to identify usage trends and enhance platform functionality
  • Comply with legal obligations

4. Legal Bases for Processing

We only process your personal information when we have a valid legal basis, including your consent, contractual necessity, compliance with legal obligations, or legitimate interests such as security and fraud prevention. Where you are located in Canada, we may rely on express or implied consent, which you may withdraw at any time.

5. When and With Whom Do We Share Your Information?

Vendors and Service Providers. We share data with third-party vendors who perform services on our behalf, such as cloud hosting, payment processing (Stripe), and analytics. These vendors are bound by data processing agreements and may only use your data as instructed by us.

Business Transfers. We may share information in connection with a merger, acquisition, or sale of company assets.

Legal Requirements. We may disclose information when required by law or in response to valid legal process.

We do not sell your personal information. We do not share your personal information with advertising partners for their own marketing purposes.

6. Cookies and Tracking Technologies

We may use cookies and similar technologies to maintain your session, remember your preferences, and gather usage analytics. We use Google Analytics to understand how our platform is used. To opt out, visit tools.google.com/dlpage/gaoptout.

7. Social Logins

If you register or sign in using a social media account, we will receive certain profile information from that provider — typically your name, email address, and profile picture. We use this information only to create and manage your PatientQ account.

8. Artificial Intelligence Features

PatientQ may offer features powered by artificial intelligence or machine learning, such as scheduling optimization or AI-assisted workflow tools. Any personal information processed through these features is handled in accordance with this Privacy Policy. We do not use Google user data to train AI or ML models.

9. How Long Do We Keep Your Information?

  • Account identifiers (name, email, phone) — retained for the duration of your account
  • Geolocation data — retained for the duration of your account
  • Usage and log data — retained for up to 24 months for security and diagnostic purposes
  • Google Calendar data — synced in real time; we do not independently store Google Calendar event data beyond what is necessary to display it within PatientQ

When retention is no longer necessary, we delete or anonymize your information.

10. How Do We Keep Your Information Safe?

We implement appropriate technical and organizational security measures, including encryption in transit and at rest, access controls, and regular security reviews. No method of transmission over the Internet is guaranteed 100% secure. You should access our platform only from secure environments.

11. Children's Privacy

PatientQ is intended solely for use by adults (18+) in professional healthcare and aesthetic practice settings. We do not knowingly collect personal data from children under 18. To report a concern, contact us at support@patientq.io.

12. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access a copy of the personal information we hold about you
  • Request correction or deletion of your personal information
  • Restrict or object to processing of your personal information
  • Request portability of your personal information
  • Withdraw consent at any time
  • Opt out of targeted advertising, sale of personal data, or profiling

To exercise any of these rights, contact us at support@patientq.io.

13. Do-Not-Track Signals

We do not currently respond to Do-Not-Track (DNT) browser signals, as no uniform technology standard has been finalized. If a standard is adopted in the future, we will update this policy.

14. U.S. State Privacy Rights

Residents of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia may have specific rights regarding their personal information under applicable state law.

Categories of personal information collected in the past 12 months:

CategoryExamplesCollectedA. IdentifiersName, IP address, email address, account nameYesB. CA Customer RecordsName, contact, employment, financial infoNoC. Protected ClassificationsGender, age, race, ethnicity, marital statusNoD. Commercial InformationTransaction info, purchase historyNoE. Biometric InformationFingerprints and voiceprintsNoF. Internet/Network ActivityBrowsing history, online behaviorNoG. Geolocation DataDevice locationYesH. Audio/Electronic/SensoryImages, audio, video, call recordingsYesI. Professional/EmploymentJob title, work historyNoJ. Education InformationStudent records and directory informationNoK. InferencesProfiles about individual preferencesNoL. Sensitive Personal InformationN/ANo

To exercise your state privacy rights, email support@patientq.io. If your request is declined you may appeal by emailing us. If your appeal is denied, you may contact your state attorney general.

15. Updates to This Policy

We may update this Privacy Policy from time to time. The revised date at the top of this page will reflect when the policy was last changed. Continued use of our platform after any update constitutes your acceptance of the revised policy.

16. Contact Us

PatientQ Inc
Email: support@patientq.io
Website: patientq.io

17. How to Review, Update, or Delete Your Data

To request access to, correction of, or deletion of your personal information, contact us at support@patientq.io. These rights may be limited in some circumstances by applicable law.

One Connected Platform
Zero Gaps
Site Navigation
Contact Us
Legal
Terms & Conditions
Privacy Policy
AI Transparency