Privacy Policy
This policy explains what information Aava Healthcare Management Group collects through this website, how it is used, and the choices available to visitors.
1. Who we are
Aava Healthcare Management Group Inc. (“Aava,” “we,” “us,” or “our”) is a healthcare management and operating company. We publicly use the shortened name Aava Healthcare Management Group in our website, branding, and business communications. This shortened presentation of the corporate name is not intended to identify a separate legal entity or fictitious business name. Aava determines how information submitted through this website is used for inquiry evaluation, communication, and related business purposes. This policy applies to this website and the consultation form on it. It does not govern the internal data practices of client organizations for whom Aava provides operating services, which are addressed under separate agreements.
2. Information you provide
When you submit the consultation form, we collect the information you choose to provide—typically your name, organization, email address, telephone number (if given), organization type, area of need, and the details you include in your message. We use this information solely to respond to your inquiry and evaluate a potential engagement.
Please do not submit patient information, protected health information, or other sensitive clinical data through this form. The form is not intended for and is not configured to receive protected health information.
3. Information collected automatically
This website is served through third-party hosting and content-delivery infrastructure. As part of delivering and securing the site, those infrastructure and security providers automatically process technical information, which may include your IP address, browser type, device information, operating system, the referring page, the pages you request or view, the date and time of access, and related security and diagnostic logs. This information is used to deliver, secure, maintain, and troubleshoot the website.
4. Cookies and analytics
This website uses only technologies necessary for basic site functionality and security. It does not set advertising cookies and does not use optional analytics, advertising, retargeting, or session-replay technologies. If Aava later introduces optional analytics or other non-essential technologies, this policy—and any consent mechanism required by applicable law—will be updated accordingly before those technologies are used.
5. How we use information
We use the information described above to respond to consultation requests, communicate with you about a potential engagement, operate and secure the website, comply with legal obligations, and improve our content and services. We do not use consultation-form information for automated decision-making or profiling.
6. Service providers
Aava relies on service providers to operate its website and business, including providers for website hosting and infrastructure, and—when you contact us or book a consultation—providers supporting form delivery, business email, scheduling, and payment. These providers process information on Aava’s behalf or, in the case of scheduling and payment, under their own terms and privacy practices as described below. Aava does not authorize its service providers to use information submitted through this website for their own marketing.
7. Scheduling and payment providers
When you book a consultation, you may be redirected to our scheduling provider, Calendly, to select a time and provide intake details. Calendly may collect scheduling, contact, device, and usage information under its own privacy practices. For paid sessions, payment is processed by Stripe. Aava does not directly receive or store complete payment-card information through this website.
These external scheduling and payment providers maintain their own privacy, security, and data-processing practices, and your use of them is governed by their terms and privacy policies. We encourage you to review them before booking. Please do not submit protected health information or patient-specific information through Aava, Calendly, or Stripe booking fields. The scheduling and payment workflow is not represented as HIPAA compliant.
8. How information is shared
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share information only with the service providers described above, with professional advisors where necessary, and where required by law or to protect our rights.
9. Data retention
How long Aava keeps information depends on why it was collected and what obligations attach to it, rather than a single fixed period. In general:
- Consultation and contact inquiries are kept while Aava evaluates and responds to the inquiry and for a reasonable period afterward for recordkeeping and follow-up.
- Where an inquiry develops into a paid consultation or engagement, related transaction, contract, and client records are kept for the duration of the relationship and as long as needed afterward to meet accounting, tax, insurance, contractual, and dispute- resolution obligations.
- Website and security logs are kept for a limited period for security, diagnostics, and fraud prevention.
- Records of privacy requests are kept as needed to process the request and demonstrate compliance.
When information is no longer needed for these purposes, Aava takes reasonable steps to delete it or render it no longer attributable to you.
10. Security
We use reasonable administrative and technical safeguards intended to protect the information submitted through this website, including transport encryption (HTTPS). No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
11. Your choices and rights
You may contact us at the address below to ask about the information you have submitted or to request its correction or deletion. Depending on your location, you may have additional rights under applicable privacy laws, such as the rights to access, delete, or correct your personal information, or to opt out of its sale or sharing. Aava does not sell personal information or share it for cross-context behavioral advertising. To exercise any available right, contact us using the details in the Contact section below.
12. Do Not Track and Global Privacy Control
Some browsers offer a “Do Not Track” signal. Because there is no uniform industry standard for interpreting these signals, the website does not currently respond to Do Not Track signals.
Global Privacy Control (GPC) is treated separately. Where applicable law requires recognition of a legally valid opt-out preference signal, such as GPC, Aava will process that signal as required. As described above, this website does not sell personal information or share it for cross-context behavioral advertising, and it uses no advertising or retargeting technologies.
13. Children’s privacy
This website is intended for a business audience and is not directed to children. We do not knowingly collect personal information from children.
14. External websites
The website may link to external sites, including LinkedIn. We are not responsible for the privacy practices of those sites, and we encourage you to review their policies.
15. Changes to this policy
We may update this Privacy Policy periodically. When changes are made, we will revise the “Last updated” date above. If a change materially affects how we collect, use, or disclose personal information, we will provide a prominent notice on the website or another form of notice where required by law.
16. Contact
For privacy questions or requests, contact us at hello@aavahmg.com or by telephone at (949) 620-7979.