Privacy Policy for

Effective Date: 12/18/2018

Welcome to

Xchart, Inc. (collectively "the company", “we”, and “us”) owns and operates We deeply respect your privacy and that privacy is paramount to the service we provide.

Statement of values

  1. We're here for you the provider, you're our customer.
  2. We're not in the business of compliance enforcement. Our goal is to help you minimize your liability by helping make it easier for you to ensure you're complying with existing laws.
  3. We aim to help you do your job, not tell you how to do it.

Article 1 - Definitions

  1. Applicable website: This policy refers to and is applicable to the website available at and related subdomains hereafter referred to collectively as the "Website".

  2. Data Controller: Data Controller is the publisher, owner, and operator of the Website and is the Party responsible for the collection of information described herein. Data Controller shall be referred to either by Data Controller's name or "Data Controller," as listed above. If Data Controller or Data Controller's property shall be referred to through first-person pronouns, it shall be through the use of the following: us, we, our, ours, etc.

  3. Parties: The parties to this policy are the company and you, as the user of this website. Hereinafter, the parties will individually be referred to as "Party" and collectively as "Parties."

  4. You: Should you agree to this Privacy Policy and continue your use of the Website, you will be referred to herein as either you, the user, or if any second-person pronouns are required and applicable, such pronouns as 'your", "yours", etc. The parties to this privacy policy are the Data Controller: Xchart and you, as the user of this website.

  5. Services: "Services" means any products or services that we make available for sale on the Website.

  6. Personal Data: "Personal Data" means personal data and information that we obtain from you in connection with your use of the Website which is capable of identifying you in any manner.

  7. HIPAA: means the Health Insurance Portability and Accountability Act of 1996 and the rules and the regulations thereunder, as amended.

  8. Protected Health Information (PHI): Patient information and health details entered into the application by the user as required for producing the report.

  9. Business Associate Agreement (BAA): An agreement, as defined by HIPAA governing the storage and handling of PHI.

  10. Customer: The organization or individual using Services.

  11. Reports: Any representation of PHI generated through use of Services. Whether printed on paper, or stored on a computer as a digital file.

Article 2 - General Information

This privacy policy (hereinafter "Privacy Policy") describes how we collect and use the Personal Data that we receive about you, as well as your rights in relation to that Personal Data, when you visit our Website or use our Services.

This Privacy Policy does not cover any information that we may receive about you through sources other than the use of our Website. The Website may link out to other websites or mobile applications, but this Privacy Policy does not and will not apply to any of those linked websites or applications.

We are committed to the protection of your privacy while you use our Website. By continuing to use our Website, you acknowledge that you have had the chance to review and consider this Privacy Policy, and you acknowledge that you agree to it. This means that you also consent to the use of your information and the method of disclosure as described in this Privacy Policy. If you do not understand the Privacy Policy or do not agree to it then you agree to immediately cease your use of our Website.

Article 3 - Protected Health Information (PHI) and HIPAA

PHI that you enter into the website is often temporarily saved locally to the device you are using. This data is stored to your device using JavaScript APIs that browsers make available to websites.

In addition, some of the Services we offer include storing PHI in a database hosted by Google Cloud. Xchart, Inc. has executed a BAA with Google LLC to cover the use of Google Cloud Services. Before entering PHI that will be stored using Google Cloud Services, the Customer will be required to sign a BAA with Xchart, Inc. The Website will prompt you to do so, before any PHI is stored on your behalf.

Futhermore, how we store and handle PHI saved on our servers is described in a dedicated HIPAA compliance document.

Any Reports a Customer creates may contain PHI. It is entirely the Customer's responsibility to handle Reports in accordance with HIPAA guidelines. In addition, please ensure that access to the device that is running the Website is properly secured, and that it is using a browser, and operating system with up-to-date security patches.

Article 4 - Contact

The Party responsible for the processing of your personal data is as follows: Xchart, Inc. The Data Controller may be contacted as follows:

Xchart, Inc. 304 W. Pacific Ave. #210 Spokane, WA 99201

The Data Controller and operator of the Website are one and the same.

Article 5 - Location

Please be advised the data processing activities take place in the United States, outside the European Economic Area. Data may also be transferred to companies within the United States, but will only be done so in a manner that complies with the EU's General Data Protection Regulation or GDPR. The location where the data processing activities take place is as follows:

Google Cloud US-Central Region in Council Bluffs, Iowa, USA

Article 6 - Modifications and Revisions

We reserve the right to modify, revise, or otherwise amend this Privacy Policy at any time and in any manner. If we do so, however, we will notify you by adding a note to this effect within the app for two weeks after the change. It is also your responsibility to periodically check this page for any such modification, revision, or amendment.

Article 7 - The Personal Data We Receive From You

Depending on how you use our Website, you will be subject to different types of Personal Data collected and different manners of collection:

a. Registered users: You, as a user of the Website, will be asked to register in order to use the Website or to purchase the Services available for sale.

During the process of your registration, we will collect some of the following Personal Data from you through your voluntary disclosure: name, email address

Personal Data may be asked for in relation to:

By undergoing the registration process, you consent to us collecting your Personal Data, including the Personal Data described in this clause, as well as storing, using or disclosing your Personal Data in accordance with this Privacy Policy.

b. Unregistered users: If you are a passive user of the Website and do not register for any purchases or other service, you may still be subject to certain passive data collection ("Passive Data Collection"). Such Passive Data Collection may include through cookies, as described below, IP address information, location information, and certain browser data, such as history and/or session information.

c. All users: The Passive Data Collection which applies to Unregistered users shall also apply to all other users and/or visitors of our Website.

d. Sales & Billing Information: In order to purchase any of the services on the Website, you will be asked to provide certain credit information, billing address information, and possibly additional specific information so that you may be properly charged for your purchases. This payment and billing information may be stored indefinitely. If so, it will be used exclusively to assist you with making future purchases with us.

e. Related Entities: We may share your Personal Data, including Personal Data that identifies you personally, with any of our parent companies, subsidiary companies, affiliates or other trusted related entities.

f. Email Marketing: You may be asked to provide certain Personal Data, such as your name and email address, for the purpose of receiving email marketing communications. This information will only be obtained through your voluntary disclosure and you will be asked to affirmatively opt-in to email marketing communications.

g. User Experience: From time to time we may request information from you to assist us in improving our Website, and the Services we sell, such as demographic information or your particular preferences.

h. Combined or Aggregated Information: We may combine or aggregate some of your Personal Data in order to better serve you and to better enhance and update our Website for your and other consumers' use.

i. Other Information: In addition to collecting the Personal Data as already described herein, we may also collect the following Personal Data:

j. SMS based customer support: If you contact us via SMS, we may collect your phone number and any information you provide to us via text message. We may also respond to you text messages in order to provide you with customer support. We will not use this information for marketing purposes without your consent.

Article 8 - The Personal Data We Receive Automatically

Cookies: We may collect information from you through automatic tracking systems (such as information about your browsing preferences) as well as through information that you volunteer to us (such as information that you provide during a registration process or at other times while using the Website, as described above).

For example, we use cookies to make your browsing experience easier and more intuitive: cookies are small strings of text used to store some information that may concern the user, his or her preferences or the device they are using to access the Internet (such as a computer, tablet, or mobile phone). Cookies are mainly used to adapt the operation of the site to your expectations, offering a more personalized browsing experience and memorizing the choices you made previously.

A cookie consists of a reduced set of data transferred to your browser from a web server and it can only be read by the server that made the transfer. This is not executable code and does not transmit viruses.

Cookies do not record or store any Personal Data. If you want, you can prevent the use of cookies, but then you may not be able to use our Website as we intend. To proceed without changing the options related to cookies, simply continue to use our Website.

Technical cookies: Technical cookies, which can also sometimes be called HTML cookies, are used for navigation and to facilitate your access to and use of the site. They are necessary for the transmission of communications on the network or to supply services requested by you. The use of technical cookies allows the safe and efficient use of the site. You can manage or request the general deactivation or cancellation of cookies through your browser. If you do this though, please be advised this action might slow down or prevent access to some parts of the site. Cookies may also be retransmitted by an analytics or statistics provider to collect aggregated information on the number of users and how they visit the Website. These are also considered technical cookies when they operate as described.

Some cookies are deleted automatically at the end of the browsing session - these are mostly used to identify you and ensure that you don't have to log in each time - whereas permanent cookies remain active longer than just one particular session.

Support in configuring your browser: You can manage cookie through the settings of your browser on your device. However, deleting cookies from your browser may remove the preferences you have set for this Website.

For further information and support, you can also visit the specific help page of the web browser you are using:

Log Data: Like all websites and mobile applications, this Website also makes use of log files which store automatic information collected during user visits. The different types of log data could be as follows:

The aforementioned information is processed in an automated form and collected in an exclusively aggregated manner in order to verify the correct functioning of the site, and for security reasons. This information will be processed according to the legitimate interests of the Data Controller.

For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may also possibly include Personal Data such as IP address, which could be used, in accordance with applicable laws, in order to block attempts at damage to the Website or damage to other users, or in the case of harmful activities or crime. Such data are never used for the identification or profiling of the user, but only for the protection of the Website and our users. Such information will be treated according to the legitimate interests of the Data Controller.

Article 9 - Third Parties

We may utilize third party service providers ("Third Party Service Providers"), from time to time or all the time, to help us with our Website, and to help serve you.

We may use Third Party Service Providers to assist with information storage (such as cloud storage).

We may use Third Party Service Providers to host the Website. In this instance, the Third Party Service Provider will have access to your Personal Data.

We may use Third Party Service Providers for the following services in relation to the Website:

Your Personal Data will not be sold or otherwise transferred to other third parties without your approval.

Notwithstanding the other provisions of this Privacy Policy, we may provide your Personal Data to a third party or to third parties in order to protect the rights, property or safety, of us, our customers or third parties, or as otherwise required by law.

We will not knowingly share your Personal Data with any third parties other than in accordance with this Privacy Policy.

If your Personal Data might be provided to a third party in a manner which is other than as explained in this Privacy Policy, you will be notified. you will also have the opportunity to request that we not share that information.

Article 10 - Tracking usage statistics

As stated: we take your privacy seriously. This extends into our approach for gathering usage statistics. We've taken great care to ensure no patient data is ever transmitted. In addition, we have no interest in trying to observe or report how you do anesthesia. We're only interested in how you're using the app.

For example, we identify the user and track non-sensitive events to Mixpanel.

Things we explicitly will never include:

Things we do track:

Article 11 - How Personal Data is Stored

We use secure physical and digital systems to store your Personal Data when appropriate. We ensure that your Personal Data is protected against unauthorized access, disclosure, or destructions.

Please note, however, that no system involving the transmission of information via the internet, or the electronic storage of data, is completely secure. However, we take the protection and storage of your Personal Data very seriously. We take all reasonable steps to protect your Personal Data.

The systems that we use to store your information include but are not limited to:

Personal Data is stored throughout your relationship with us. We delete your Personal Data if you request the deletion of data.

In the event of a breach of your Personal Data, you will be notified in a reasonable time frame, but in no event later than two weeks, and we will follow all applicable laws regarding such breach.

Article 12 - Purposes of processing personal data:

We primarily use your Personal Data to help us provide a better experience for you on our Website and to provide you the services and/or information you may have requested, such as use of our Website.

Information that does not identify you personally, but that may assist in providing us broad overviews of our customer base, will be used for market research or marketing efforts. Such information may include, but is not limited to, interests based on your cookies.

Personal Data that may be considering identifying may be used for the following:

Article 13 - Disclosure of Personal Data:

It it our goal to always maintain the privacy of your Personal Data as described herein. However, there are certain exceptional scenarios where we may feel morally or legally compelled that disclosure to third parties is necessary.

This includes, but is not limited to:

Article 14 - Opting Out of Transmittals From Us

From time to time, we may send you informational or marketing communications related to our Website such as announcements or other information. If you wish to opt-out of such communications, you may contact the following email: You may also click the opt-out link which will be provided at the bottom of any and all such communications.

Please be advised that even though you may opt-out of such communications, you may still receive information from us that is specifically about your use of our Website or about your account with us.

By providing any Personal Data to us, or by using our Website in any manner, you have created a commercial relationship with us. As such, you agree that any email sent from us or third-party affiliates, even unsolicited email, shall specifically not be considered SPAM, as that term is legally defined.

Article 15 - Modifying, deleting, and accessing your information

If you wish to modify or delete any information we may have about you, or you wish to simply access any information we have about you, you may do so from your account settings page.

Article 16 - Acceptance of Risk

By continuing to our Website in any manner, use the Product, you manifest your continuing asset to this Privacy Policy. You further acknowledge, agree and accept that no transmission of information or data via the internet is not always completely secure, no matter what steps are taken. You acknowledge, agree and accept that we do not guarantee or warrant the security of any information that you provide to us, and that you transmit such information at your own risk.

Article 17 - Your Rights

You have many rights in relation to your Personal Data. Specifically, your rights are as follows:

Such rights can all be exercised by contacting us at the relevant contact information listed in this Privacy Policy.

Article 18 - Contact Information

If you have any questions about this Privacy Policy or the way we collect information from you, or if you would like to launch a complaint about anything related to this Privacy Policy, you may contact us at the following email address: