Privacy policy
Last updated: Jun 12, 2026 | Effective: Jun 11, 2026
1. Who we are and our role
Center Health Incorporated ("Center Health", "we", "us", or "our") provides a remote patient monitoring ("RPM") software platform that healthcare providers use to monitor and support their patients. When we handle health information through that platform, we do so as a HIPAA Business Associate on behalf of the healthcare providers who use our services. We are not a covered entity, and we do not provide healthcare or sell products directly to consumers.
This Privacy Policy explains how we handle the general, non-health personal information we collect through our public websites and from people who contact us. It applies to center.health and our related subdomains and applications, except for the protected health information described in Section 3, which is governed separately.
2. What this policy covers
This policy covers personal information we collect from and about: visitors to our websites; prospective and current healthcare-provider customers and the individuals who inquire about or administer our services; and people who communicate with us. It covers information such as contact details, inquiry and account information, and website usage data.
3. What this policy does NOT cover: your health information
If you are a patient whose healthcare provider uses Center Health for remote patient monitoring, the health information we process about you (your monitoring data, readings, and related records, together your "Protected Health Information" or "PHI") is not governed by this Privacy Policy. We handle that information solely as a Business Associate, under a Business Associate Agreement with your healthcare provider, and its use is governed by your provider's own Notice of Privacy Practices and by the HIPAA Rules.
To understand how your health information is handled, and how to exercise your rights over it, please see our "HIPAA & Your Health Information" notice and contact your healthcare provider. This Privacy Policy addresses only the non-health personal information described above.
4. Personal information we collect
- Contact and inquiry details: your name, email address, telephone number, organization, role, and the contents of your message when you contact us or request information about our services.
- Account and access information: credentials and related metadata for authorized users of our provider portal and applications (the health information accessed through those accounts is addressed in Section 3).
- Device and usage information: IP address, browser and device identifiers, and information about how you interact with our websites, collected through cookies and similar technologies.
- Communications: information you provide when you correspond with our team, including support and sales inquiries.
5. How we collect it
We collect personal information directly from you when you visit our sites or contact us; automatically through your use of our websites and through cookies and similar technologies; and from service providers acting on our behalf.
6. How we use personal information
We use the non-health personal information described above to operate and improve our websites; to respond to your inquiries and provide information about our services; to administer authorized accounts; to maintain the security and integrity of our systems and detect and prevent fraud or misuse; and to comply with applicable law and respond to lawful requests. We do not use this information to serve you targeted advertising, and we do not sell it.
7. How we disclose personal information
We disclose personal information only: to service providers who perform functions on our behalf (such as hosting, analytics, and communications) under contracts that require them to protect it; where you direct or consent to the disclosure; to comply with law or valid legal process, or to protect our rights, users, or systems; and in connection with a corporate transaction such as a merger, acquisition, or financing, subject to appropriate confidentiality protections. We do not sell personal information, and we do not share it with third parties for their own advertising or marketing.
8. Artificial intelligence and automated processing
Our platform includes AI features, including the Aria assistant, that operate within the services we provide to healthcare providers. Where those features process health information, they do so only under agreements that require HIPAA-level protection; we do not permit identifiable health information to be processed by any AI service that is not bound by such an agreement.
To improve and evaluate our platform (including its analytics, error monitoring, product and algorithm development, and the AI and large-language-model components), we use de-identified data, from which identifiers have been removed in accordance with the HIPAA Safe Harbor standard so that it no longer identifies any individual. We do not attempt to re-identify de-identified data, we do not disclose record-level de-identified data to third parties (only aggregate, population-level statistics), and we do not use identifiable health information to train any third party's general-purpose or public AI models. We do not sell personal information or health information.
9. Cookies and analytics
Our websites use cookies and similar technologies to function, to remember preferences, and to understand how visitors use our sites. You can control cookies through your browser settings; disabling some cookies may affect site functionality. Where you visit our sites with a recognized Global Privacy Control signal, we treat it as a request to opt out of any sharing for targeted advertising for that browser, to the extent applicable.
10. Legacy Center+ and direct-to-consumer data
Center Health previously offered a direct-to-consumer subscription service ("Center+"). That service has been discontinued and all related subscriptions were cancelled as of 5 June 2026. Personal information collected under the prior consumer relationship continues to be handled in accordance with the terms under which it was collected, and is being retained only as long as needed for legitimate or legally required purposes before secure deletion. If you previously held a Center+ account, you may export your own records for a limited period following the discontinuation of the service, or request deletion of your legacy data; contact us using the details in Section 15 for assistance.
11. Security
We maintain administrative, physical, and technical safeguards designed to protect personal information, implemented through our Information Security & Privacy Program. No system is perfectly secure, and we encourage you not to transmit sensitive information through unsecured channels.
12. Retention
We retain personal information for as long as needed for the purposes described in this policy, to maintain authorized accounts, to comply with our legal obligations, and to resolve disputes and enforce agreements, after which we securely delete or de-identify it.
13. Your choices and rights
Depending on where you live, you may have rights to access, correct, or delete the non-health personal information we hold about you, to opt out of certain processing, and to receive a copy of that information. You may exercise these rights, or opt out of non-essential communications, by contacting us using the details in Section 15. We will verify your request as required by law and will not discriminate against you for exercising these rights.
These choices concern the non-health personal information covered by this policy. Rights over your health information (PHI), including HIPAA rights of access, amendment, and accounting, are exercised through your healthcare provider; see Section 3 and the "HIPAA & Your Health Information" notice.
California residents. To the extent we handle medical information of California residents, the Confidentiality of Medical Information Act applies and is addressed through our HIPAA-aligned controls. Certain de-identified data we use for our own purposes may fall within the scope of the California Consumer Privacy Act; for that data we apply the HIPAA Safe Harbor method and commit not to re-identify it, consistent with the applicable standard.
14. Children
Our websites are not directed to children, and we do not knowingly collect personal information from children through them. Monitoring services provided to a minor patient are arranged through that patient's healthcare provider and parent or guardian, and the related health information is handled as described in Section 3.
15. Changes and contact
We may update this policy from time to time and will post the revised version with an updated date. Questions about this policy or our privacy practices, and requests relating to the non-health personal information it covers, may be directed to:
Center Health Incorporated
Privacy and security inquiries: security@center.health
555 O'Neill Ave., Suite 9, Belmont, CA 94002, USA