Privacy Policy

1. Who we are

Chord Foundry LLC ("Chord Foundry", "we", "us") is a Dallas–Fort Worth based revenue automation agency working exclusively with medical aesthetic clinics. This policy describes what data we collect, how we use it, and the limited circumstances under which we share it.

2. What we collect from website visitors

When you submit our Revenue Audit form or email us, we collect: your name, work email, clinic name, role, and any operational figures you choose to share (monthly consults, no-show rate, average ticket). We use this only to prepare for and conduct your audit call.

3. What we handle for clients

For active clients, we handle appointment metadata only: appointment timestamps, treatment category (e.g. "Tox", "Filler"), no-show / completed status, and consent-based contact information (mobile number, email). We do not access, store, or transmit Protected Health Information (PHI), clinical notes, photos, or chart data.

A Business Associate Agreement (BAA) is available on request for clients who require one as part of their HIPAA compliance posture.

4. How we use it

Operational data powers the systems we build for you — reminders, reactivation, lead recovery. We do not sell, rent, or share clinic or patient data with third parties outside the integration providers required to deliver the service (e.g. Twilio for SMS, your PMS).

5. Subprocessors

We use a defined list of subprocessors (hosting, messaging, voice AI, analytics). The current list is available on request and is included in any signed BAA.

6. Your choices

You can request access, correction, or deletion of any data you've shared by emailing hello@chordfoundry.com. Patients of client clinics should contact the clinic directly; the clinic is the data controller for patient records.

7. Contact

Questions about this policy: hello@chordfoundry.com.