Privacy Policy
Effective date: May 8, 2026 Last updated: July 6, 2026
This Privacy Policy explains how TDC Wellness LLC ("TDC Wellness," "we," "us," or "our") collects, uses, shares, and protects information when you use The Doc Connect platform (the "Service"), including the website at thedocconnect.com, the dashboard application, the public lead and clinic-site APIs, and related services.
This policy covers two distinct kinds of relationship:
- You as our customer — the businesses and the people they authorize who sign up to use the Service. You're the "data subject" in this category.
- Your customers' personal information — names, contact details, and purchase history that you put into the Service so it can run your business. You are the "controller" / "business" for that data; we're the "processor" / "service provider" acting on your instructions. See your Terms of Service Section 3 for that distinction.
If something is unclear, email support@thedocconnect.com and we'll answer.
1. Information we collect
1.1 Information you give us when you sign up or use the Service
| Type | Examples |
|---|---|
| Account info | Name, email, phone, password (hashed), clinic name, sign-up referral source |
| Profile info | Photo / avatar (optional), role, clinic assignment |
| Billing info | Payment method, billing address (handled by our payment processor; we don't store full card numbers) |
| Support communications | Tickets, screenshots, emails to support@thedocconnect.com |
1.2 Information your business creates inside the Service
This is "Customer Data" under the Terms:
- Medication catalog records (medications, photos, prices, costs, internal notes)
- Customer profiles you add (names, emails, phones, addresses, tags, notes, lifetime-value rollups)
- Sale transactions, invoices, payment records
- Wishlists, opportunities, tasks, pipelines
- Support and service tickets
- Integration credentials (Shopify access tokens, QuickBooks tokens, Klaviyo API keys, webhook URLs and secrets)
You control this data; we process it under your direction.
1.3 Information we collect automatically
| Type | Why |
|---|---|
| Device + browser metadata (IP, user agent, language, viewport) | Security, anti-abuse, debugging |
| Usage events (pages viewed, actions taken, errors thrown) | Product analytics, performance tuning |
| Session recordings (in-app, dashboard only) | Debugging and support — see 1.5 below |
| Cookies + localStorage | Session authentication, sidebar collapse preference, theme choice |
| Server logs | Standard request logs (IP, timestamp, path, response code, latency) for security and operations |
We do not use third-party advertising trackers, fingerprinting, or third-party session-replay tools. We do operate a first-party, in-app session-recording feature used solely to debug and support the dashboard — described in Section 1.5.
1.5 In-app session recording (dashboard)
To diagnose bugs and provide support, we operate a first-party session-recording tool built into the dashboard. When enabled for a dashboard session, it records a replay of how you moved through the dashboard — the pages and views you navigated, clicks, scrolling, and the visual structure of the page — so our team can reproduce and fix issues.
What it does and does not capture, and how it's protected:
- On-screen text and inputs are masked. Both the text you type into form fields and the text displayed on the page (customer names, emails, phone numbers, prices, notes, and other business data) are masked at capture time and are not recorded in readable form. The recording captures interaction and layout — where you clicked, what you navigated to, how the page was laid out — not the contents of what you type or view. Page-address query strings (which can contain search terms) are stripped before recording as well.
- Storage on our own infrastructure. Recordings are stored, encrypted at rest, in our own Cloudflare R2 bucket (the same provider that holds your photos). They are not sent to any third-party session-replay service.
- Operator-only access. Recordings are viewable only by Inventory Connect platform operators (our engineering/support staff) for debugging and support. They are not exposed to other clinics or to anyone outside our operator team.
- Short retention. Recordings are automatically deleted after 30 days (see Section 4).
- Internal / demo sessions are excluded. We do not record our own operators' or demo sessions.
If you have a view or field that must never appear in a recording, contact support and we can additionally exclude it.
1.4 Information from integrations you connect
When you connect Shopify, QuickBooks, Klaviyo, etc., the relevant integration exchanges data with that service on your behalf — inventory pushes, sales metrics, customer events, etc. We act on your authorization. The third-party service's privacy policy governs what it does with the data on its side.
2. How we use information
2.1 To provide and improve the Service
- Authenticate users, secure sessions, and gate access by role
- Run inventory, CRM, sales, and integration workflows
- Send transactional emails (verification, password reset, ticket receipts, order updates, sale notifications)
- Investigate bugs, errors, and performance regressions
- Build and improve features based on aggregated usage
2.2 To communicate with you (the account holder)
We send a small number of operational emails to the address on your account. These include:
- Account verification, password reset, security alerts
- Billing receipts and payment-method updates
- Material changes to these policies (with at least 30 days' notice for substantive changes)
- Major product announcements (you can opt out without losing account access)
We do not send promotional / advertising email to your customers without your separate authorization through an integration you connect.
2.3 For analytics and product development
We use aggregated, de-identified usage statistics to understand how the Service is used and to improve it. We do not sell this data and we do not combine it with personally identifying data for advertising purposes.
2.4 To comply with law and protect rights
We may use information to comply with subpoenas, court orders, or legal obligations, to enforce these Terms, to investigate fraud or security incidents, and to protect the rights, property, or safety of TDC Wellness, our users, or others.
2.5 What we don't do
- We do not sell or rent your personal information or your Customer Data to third parties for their independent use.
- We do not use your Customer Data to train machine-learning models offered to other customers.
- We do not scrape or repurpose your Customer Data for our own marketing without your written permission.
- We do not use your customers' email addresses to market TDC Wellness to them.
3. How we share information
We share information only with these categories of recipients:
3.1 Subprocessors and infrastructure providers
The Service runs on a small set of trusted vendors that process data on our behalf. Current subprocessors:
| Vendor | What they do | Where |
|---|---|---|
| Vercel | Application hosting + serverless compute | USA |
| Neon | Postgres database hosting | USA |
| Cloudflare R2 | Photo storage | USA |
| Resend | Transactional email delivery | USA |
| Anthropic / OpenAI | (Optional) AI-assisted features when explicitly invoked by your team | USA |
Each is bound by contractual confidentiality and security obligations equivalent to those in this policy. We may add or remove subprocessors and will update this list.
3.2 Integrations you authorize
When you connect a third-party service (Shopify, QuickBooks, Klaviyo, Mailchimp, Twilio, Stripe, Authorize.net, Affirm, Facebook Lead Ads, etc.), the integration exchanges data with that service. Each is governed by its own privacy policy. You can disconnect at any time from the Integrations page; disconnection stops future data exchange but doesn't recall data already shared.
3.3 Other users in your clinic
Information you record (sales, customer notes, opportunities, tasks) is visible to other staff in your clinic with appropriate roles. Per-employee scoping rules apply for tasks and opportunities; see the in-app help for specifics.
3.4 Legal requests and protection
We may disclose information when required by law, valid legal process (subpoena, court order, etc.), or when necessary to investigate fraud, abuse, or security threats. Where lawful, we will notify the affected account before disclosing.
3.5 Business transfers
If TDC Wellness is involved in a merger, acquisition, asset sale, financing, or bankruptcy, your information may be transferred. The acquirer will be bound by this Privacy Policy or will give you advance notice and a chance to opt out before any material change in how your information is used.
4. How long we keep information
| Category | Retention |
|---|---|
| Active account info + Customer Data | For as long as your account is active |
| Customer Data after account closure | Up to 90 days for export, then deleted (subject to backup roll-out window) |
| Transaction records (sales, invoices) | Retained as required for tax / AML / accounting compliance |
| Support tickets + email | 24 months from last activity |
| In-app session recordings (Section 1.5) | 30 days, then automatically deleted |
| Server logs | 30-90 days |
| Backups | Encrypted, ~90 day rolling window |
| Audit / security event logs | 12 months |
You can request earlier deletion by emailing us, subject to legal retention obligations.
5. Security
We use reasonable technical and organizational measures to protect information, including:
- TLS 1.2+ in transit; encryption at rest for the database and photo storage
- Hashed passwords (never stored in plaintext)
- Role-based access controls inside the dashboard
- HMAC-signed webhook deliveries (where supported)
- Segregated production / preview environments with separate databases
- Logged + audit-trailed administrative actions
- Vendor security reviews before adding new subprocessors
No system is 100% secure. If we discover a security incident affecting your information, we will notify you without undue delay, consistent with applicable law.
6. Your rights
Depending on where you live, you may have rights including:
- Access — get a copy of the personal information we hold about you
- Correction — fix inaccurate information
- Deletion — ask us to delete personal information (subject to legal retention)
- Portability — receive a copy in a portable format
- Objection / restriction — object to or restrict certain processing
- Marketing opt-out — unsubscribe from product-update emails at any time via the unsubscribe link or by emailing us
- Withdraw consent — where processing is based on consent
To exercise these rights, email support@thedocconnect.com. We will respond within 30 days (or as required by applicable law). If your rights request relates to data we process on behalf of a customer (Section 3.4 of the Terms), we will route the request to the responsible account holder.
You also have the right to lodge a complaint with a data protection authority where applicable. We will not retaliate against you for exercising these rights.
7. California residents (CCPA / CPRA)
If you live in California, you have the rights described in Section 6 above. The categories of personal information we collected in the past 12 months map to:
- Identifiers (name, email, phone, IP) — for account, billing, security
- Customer records (billing details) — for billing
- Commercial information (subscription tier, fees paid) — for billing
- Internet activity (page views, error logs, in-app session recordings) — for security, analytics, and debugging/support
- Inferences (none for advertising purposes)
We do not "sell" personal information as defined by the CCPA, and we do not "share" personal information for cross-context behavioral advertising. We have not done so in the past 12 months.
You may submit a verifiable consumer request via support@thedocconnect.com. We will not discriminate against you for exercising your CCPA rights.
8. International users
The Service is operated from the United States. If you access it from outside the U.S., your information will be transferred to, processed, and stored in the U.S. and other countries where our subprocessors operate. By using the Service you consent to this transfer.
For data subjects in the European Economic Area, United Kingdom, or Switzerland: we rely on Standard Contractual Clauses (or equivalent transfer mechanisms) where required.
9. Children's privacy
The Service is not intended for, and does not knowingly collect personal information from, anyone under the age of 16. If you believe a child has provided us personal information, please contact us and we will delete it.
10. Cookies and similar technologies
We use a small number of cookies and equivalent storage:
- Session cookie (httpOnly, secure) — keeps you logged in
- localStorage — sidebar collapse state, theme choice, simple UI preferences
- OAuth state cookies (httpOnly, secure, short-lived) — secure third-party connection round-trips
We do not use advertising cookies, retargeting pixels, or third-party analytics that track you across the web. If you clear cookies you'll be logged out and your UI preferences will reset.
11. Changes to this policy
We may update this Privacy Policy. The "Last updated" date at the top reflects the most recent change. Material changes will be announced at least 30 days in advance via email to the account owner or an in-app banner.
12. Contact
Questions, requests, or complaints? Email support@thedocconnect.com or write to:
TDC Wellness LLC Attn: Privacy support@thedocconnect.com
This Privacy Policy reflects our current practices. It is not legal advice. We recommend you have your own counsel review this policy and confirm it matches your specific obligations under applicable law.