Privacy Policy

Last updated: March 19, 2026

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

This application is an Electronic Visit Verification (EVV) system used by authorized employees to manage and verify healthcare service visits for scheduled patients.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Definitions

• Application refers to Providerpal, the software program provided by the Company.
• Company refers to FandFHealth, Inc, 1929 S 5th St Suite #100, Minneapolis, MN 55454.
• Country refers to: Minnesota, United States
• Device means any device that can access the Service such as a computer, cellphone or tablet.
• Personal Data means any information that relates to an identified or identifiable individual.
• Service refers to the Application.
• You means the individual accessing or using the Service on behalf of an organization.

Collecting and Using Your Personal Data

Types of Data Collected

Authentication Information

The application requires employees to log in using credentials such as username and password provided by the organization. These credentials are used only for authentication and secure access to the system.

Patient Information Displayed in Appointments

The application may display limited patient information including patient name, appointment date, type of care, and patient address. This information is used only to allow authorized employees to locate patients and provide scheduled healthcare services.

Location Data

The application collects precise device location from employee devices during scheduled visit check-in and check-out. This location data is used solely to verify that the employee is present at the patient's service location as part of Electronic Visit Verification (EVV) requirements mandated by applicable healthcare regulations. Location data is collected only when the employee actively performs a check-in or check-out action within the application.

Service Confirmation

The application may capture confirmation of service delivery through methods such as a digital signature on the device screen and, in some situations, a short audio confirmation when a patient is unable to provide a written signature (for example elderly individuals or patients with limited mobility). These confirmations are used only for visit verification and healthcare documentation purposes.

Usage Data

Usage Data may include information such as Your Device's Internet Protocol address (IP address), device type, operating system version, and diagnostic data used to improve the Service.

Health Data

The application displays health-related information such as patient names, appointment details, type of care, ICD authorization codes, and healthcare service tasks. This data is provided by the organization's backend systems and is displayed within the app solely for the purpose of enabling authorized employees to deliver scheduled healthcare services.

The application collects digital signatures, voice signatures, and GPS location at check-in and check-out for the purpose of verifying that healthcare appointments have been completed as scheduled.

All health data accessed through the application is handled in accordance with applicable healthcare privacy regulations and is used exclusively for healthcare service delivery and visit verification.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

• To provide and maintain our Service
• To authenticate authorized employees
• To manage and verify healthcare visits using Electronic Visit Verification (EVV)
• To display patient appointment details required for healthcare service delivery
• To confirm visit completion using service confirmations such as digital signatures and voice signatures
• To collect GPS location at check-in and check-out for visit verification
• To improve application performance and security

Data Sharing

Information accessed through the application is used only by authorized personnel within the organization for healthcare service management. The application does not sell personal or patient information to third parties.

Retention of Your Personal Data

Data is maintained and secured in accordance with Centers for Medicare and Medicaid Services (CMS) guidelines and additional requirements of the applicable state(s). Records are maintained for up to 10 years to comply with audit requirements under applicable healthcare regulations.

Data Deletion

Records are deleted once the applicable retention period has been reached. Users may also request deletion of their personal data by contacting us at privacy@fandfhealth.com. Deletion requests will be processed in accordance with applicable laws, and may be subject to healthcare regulatory retention requirements that mandate the preservation of certain records.

Transfer of Your Personal Data

Your information may be processed in systems operated by the Company or authorized service providers that support healthcare service management.

Security of Your Personal Data

We implement reasonable administrative, technical, and physical safeguards to protect Personal Data from unauthorized access, use, or disclosure.

Employee Use Only

This application is intended solely for use by authorized employees of the organization and is not designed for direct use by patients.

Children's Privacy

Our Service does not address anyone under the age of 13.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. Updates will be posted on this page.

Contact Us

If you have any questions about this Privacy Policy, contact us at:

Email: privacy@fandfhealth.com