HHAdata

Privacy Policy

Last updated: April 8, 2026

1. Who We Are

HHA Data is operated by Auriflow Digital LLC("we," "us," or "our"). We provide access to Medicare home health agency data sourced from the Centers for Medicare & Medicaid Services (CMS). Our website is hhadata.com.

2. Information We Collect

We collect the following types of information:

  • Account & payment data: When you subscribe, we collect your name, email address, and payment information. Payment data is processed by Stripe and never stored on our servers.
  • Usage data: We collect data about how you interact with our site, including pages visited, search queries, and features used. This helps us improve the product.
  • Technical data: IP address, browser type, operating system, referral URLs, and timestamps of requests.
  • Cookies: We use first-party cookies for session management and preference storage. We do not use third-party advertising cookies.

3. How We Use Your Information

  • To deliver and operate the HHA Data service
  • To process payments and manage subscriptions
  • To send transactional emails (receipts, subscription confirmations, data refresh notices)
  • To respond to support requests
  • To improve the product and diagnose technical issues
  • To comply with legal obligations

We do not sell your personal information to third parties.

4. Data Sharing

We share your data only with service providers necessary to operate the platform:

  • Stripe — payment processing
  • Supabase — database and authentication infrastructure
  • Vercel — hosting and content delivery

All service providers are contractually bound to protect your data and may not use it for their own purposes.

5. Data About Medicare Agencies

The agency data available on HHA Data is sourced from CMS public datasets. It does not include private patient information. We are not affiliated with Medicare, CMS, or any government agency.

6. Data Retention

We retain your account data for as long as your subscription is active. If you cancel, we retain billing records for 7 years as required by law. You may request deletion of non-billing data at any time by emailing us.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Opt out of marketing emails at any time using the unsubscribe link

To exercise any of these rights, email us at privacy@hhadata.com.

8. Security

We use industry-standard security practices including encrypted connections (HTTPS), access controls, and regular security reviews. No system is perfectly secure — if you discover a vulnerability, please contact us at security@hhadata.com.

9. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated by email to active subscribers at least 14 days before they take effect.

10. Contact

Questions about this policy? Contact us at:
Auriflow Digital LLC
Email: privacy@hhadata.com