Privacy Policy

Welcome to DeskCare.ai. This Privacy Policy is provided by MOWA LABS LLC ("Company," "we," "us," or "our"), the operator of the DeskCare.ai platform. We are committed to protecting the personal information of our customers, their patients, and all users who interact with our services.

This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our AI-powered front desk automation platform, including our website, voice agent services, scheduling features, SMS integrations, and analytics dashboard (collectively, the "Services"). By accessing or using the Services, you agree to the practices described in this Policy.

If you do not agree with the terms of this Privacy Policy, please discontinue use of our Services.

2.1 Information You Provide Directly

• Account Registration: Name, email address, phone number, business name, and password when you create an account.
• Clinic Configuration: Practice name, address, hours of operation, staff information, services offered, insurance policies, and scheduling preferences.
• Payment Information: Billing name, address, and payment card details (processed securely through our payment processor; we do not store full card numbers).
• Support Communications: Any information you provide when contacting our support team.
• Demo Requests: Information submitted through the "Book a Demo" form, including your name, email, phone number, and business details.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, clicks, session duration, and interactions with our dashboard.
• Device & Technical Data: IP address, browser type, operating system, device identifiers, and referring URLs.
• Cookies & Tracking Technologies: We use cookies, pixel tags, and similar technologies to recognize users, remember preferences, and improve our Services. See Section 9 for more detail.
• Log Data: Server logs that record requests to our Services, including timestamps, errors, and response codes.

2.3 Patient & Third-Party Caller Information

When our AI voice agent handles inbound calls on behalf of your healthcare practice, we may process:

• Caller phone numbers and voiceprints (where applicable)
• Call recordings and transcriptions
• Appointment requests, scheduling preferences, and intent signals extracted from conversations
• Protected Health Information (PHI) communicated during calls, as necessary to provide scheduling and related services

We process this data strictly as a Business Associate (as defined under HIPAA) on behalf of the covered healthcare entity that has engaged our Services. Our use of PHI is governed by applicable Business Associate Agreements (BAAs).

We use the information we collect to:

• Provide, operate, and maintain the DeskCare.ai platform and Services
• Process and fulfill appointment bookings on behalf of your practice
• Send SMS confirmations, reminders, and post-call summaries to callers (with appropriate consent)
• Train and improve our AI models to better serve healthcare front desk use cases
• Generate analytics, dashboards, and ROI reports for your practice
• Communicate with you about your account, updates, and service changes
• Send marketing communications (where you have consented or as otherwise permitted by law)
• Process billing and prevent fraud
• Comply with legal obligations, including HIPAA requirements
• Enforce our Terms of Service and protect the rights of MOWA LABS LLC and our users

For users in jurisdictions with applicable data protection laws (including the GDPR and CCPA), we rely on the following legal bases:

• Contract Performance: Processing necessary to deliver the Services you have contracted for.
• Legitimate Interests: Product improvement, fraud prevention, and analytics — balanced against your rights and interests.
• Consent: Marketing communications and cookies where required by law.
• Legal Obligation: Compliance with applicable laws and regulations, including HIPAA.

We do not sell your personal information. We may share information in the following circumstances:

• Service Providers: We share data with vetted third-party vendors who help us operate the platform (e.g., cloud infrastructure providers, telephony providers, payment processors, SMS gateways, and analytics tools). These providers are contractually prohibited from using your data for any purpose beyond providing services to us.
• Healthcare Clients: Call data, transcriptions, and appointment information processed by the AI agent are made available to the healthcare practice that engaged our Services.
• Business Transfers: If MOWA LABS LLC is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction, subject to appropriate confidentiality obligations.
• Legal Requirements: We may disclose information when required by law, subpoena, court order, or to protect the safety, rights, or property of MOWA LABS LLC, our users, or the public.
• With Your Consent: We may share information for other purposes with your explicit consent.

DeskCare.ai provides services to healthcare covered entities and may process Protected Health Information (PHI) on their behalf. In these instances, MOWA LABS LLC acts as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the HITECH Act.

Our obligations with respect to PHI are governed by:

• The executed Business Associate Agreement (BAA) between MOWA LABS LLC and the covered entity
• HIPAA's Privacy Rule (45 CFR Part 164, Subpart E)
• HIPAA's Security Rule (45 CFR Part 164, Subpart C)
• HIPAA's Breach Notification Rule (45 CFR Part 164, Subpart D)

We implement administrative, physical, and technical safeguards to protect PHI from unauthorized access, disclosure, alteration, or destruction.

We retain personal information for as long as necessary to provide the Services and fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your account plus up to 90 days after account closure.
• Call Recordings & Transcriptions: Retained as configured in your account settings, subject to applicable legal minimums and your BAA obligations.
• Billing Records: Retained for a minimum of 7 years to comply with financial regulations.
• Analytics Data: Aggregated and anonymized data may be retained indefinitely for product improvement purposes.

You may request deletion of your data as described in Section 10.

MOWA LABS LLC employs industry-standard security measures to protect your information, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Multi-tenant data isolation using row-level security controls
• Role-based access controls limiting employee access to data
• Regular security assessments and vulnerability testing
• Incident response procedures for data breaches

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a breach affecting your data, we will notify you as required by applicable law.

We use the following types of cookies and tracking technologies:

• Strictly Necessary Cookies: Required for authentication, session management, and core platform functionality. These cannot be disabled.
• Analytics Cookies: Help us understand how users interact with our platform (e.g., page views, feature usage). You may opt out of these.
• Marketing Cookies: Used on our marketing website to measure campaign effectiveness. You may opt out via our cookie consent banner.

You can manage cookie preferences through your browser settings or our cookie consent manager. Note that disabling certain cookies may affect platform functionality.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that inaccurate or incomplete information be corrected.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Opt-Out of Marketing: Unsubscribe from marketing emails at any time using the link in our emails or by contacting us.
• California Residents (CCPA): You have the right to know, delete, and opt out of the "sale" (as defined under CCPA) of your personal information. We do not sell personal information.
• Do Not Track: Our Services do not respond to browser-level Do Not Track signals at this time.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Note: For inquiries relating to PHI processed on behalf of a healthcare practice, please contact that practice directly, as they are the covered entity responsible for your health information.

Our Services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take prompt steps to delete it. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

MOWA LABS LLC is based in the United States. If you access our Services from outside the United States, your information will be transferred to and processed in the United States. By using our Services, you consent to such transfer. We take steps to ensure that any international transfers comply with applicable data protection laws.

Our Services may contain links to third-party websites or integrate with third-party services (e.g., EHR/PMS systems). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, by email or in-platform notification. Your continued use of the Services after any changes constitutes your acceptance of the updated Policy.