Privacy Policy
Effective Date: March 11, 2026
FXMedSupport (“we”, “our”, or “us”) operates the website https://fxmedsupport.com and provides electronic health record (EHR) optimization, integration services, and technical infrastructure solutions for healthcare practices.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with our integrations, applications, and technology infrastructure.
By accessing or using our services, you agree to the collection and use of information in accordance with this policy.
Who we are
Our website address is:
https://fxmedsupport.com
FXMedSupport specializes in healthcare technology infrastructure including EHR optimization, integrations, automation tools, and technical services supporting medical practices and healthcare organizations.
What personal data we collect and why we collect it
We collect certain information to operate our website, support integrations, communicate with clients, and improve our services.
Information may include personal information voluntarily provided by users as well as technical data automatically collected through website interactions.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (a hash) may be provided to the Gravatar service to determine whether you are using it.
The Gravatar privacy policy can be found here:
https://automattic.com/privacy/
After approval of a comment, the user’s profile picture may be visible publicly in the context of that comment.
iOS / Android Applications
FXMedSupport may provide mobile applications or integrations with mobile platforms used by healthcare practices.
We do not store personal data within the mobile application unless required for specific integration functionality.
HealthKit
Our application may request access to Apple HealthKit if you choose to share health metrics with your healthcare provider.
Examples of data that may be shared include:
-
Vital signs
-
Health measurements
-
Activity data
This access is optional and fully controlled by the user.
Users may modify or revoke HealthKit permissions at any time within their device settings.
FXMedSupport does not independently store HealthKit data outside of authorized healthcare provider integrations.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS).
Visitors to the website may download and extract location data from images posted on the site.
Contact forms
When you submit a contact form through our website, we collect the information you provide so we can respond to your inquiry.
This information may include:
-
Name
-
Email address
-
Organization or practice name
-
Message content
Information submitted through contact forms is used solely for communication and support purposes.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address, and website in cookies.
These cookies are provided for your convenience so that you do not need to reenter your information when leaving future comments. These cookies remain active for one year.
If you have an account and log in to the site, a temporary cookie is set to determine whether your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, cookies may store your login information and screen display preferences.
Login cookies last for two days.
Screen option cookies last for one year.
If “Remember Me” is selected, login will persist for two weeks.
Logging out removes login cookies.
If you edit or publish content, an additional cookie may be saved indicating the post ID of the edited article. This cookie contains no personal data and expires after one day.
Embedded content from other websites
Articles on this site may include embedded content such as:
-
Videos
-
Images
-
Articles
-
Widgets
Embedded content behaves the same as if the visitor had visited the external website.
These third-party websites may collect data, use cookies, or monitor interactions with their embedded content.
Users should review the privacy policies of those third-party websites.
Analytics
We may use website analytics services to understand how visitors interact with our website.
Analytics data may include:
-
Pages visited
-
Time spent on pages
-
Browser type
-
Device type
-
Referring URLs
This information helps us improve website performance, usability, and service quality.
Who we share your data with
We do not sell personal data.
Information may be shared only when necessary to:
-
Operate our website
-
Provide requested services
-
Maintain system security
-
Support integrations
-
Comply with legal obligations
Limited information may be shared with trusted technology providers assisting with hosting, infrastructure, or security services.
How long we retain your data
If you leave a comment, the comment and its metadata may be retained indefinitely.
This allows follow-up comments to be recognized and approved automatically.
For registered users (if applicable), personal profile information is stored within the website system.
Users may view, edit, or delete their personal information at any time, except for their username.
Website administrators may also manage this information.
What rights you have over your data
If you have an account or have left comments, you may request an exported file of the personal data we hold about you.
You may also request that we erase personal data we hold about you.
This does not include data we must retain for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through automated spam detection services.
Third-Party Payment Processing
FXMedSupport may provide integrations allowing medical practices to connect their EHR or operational systems with third-party payment processors.
FXMedSupport does not directly process or store credit card information.
Payment transactions are processed by independent payment providers selected by the medical practice.
These providers may include:
-
Payment gateways
-
Credit card processors
-
Subscription billing platforms
-
Online invoicing systems
-
POS platforms
Payment data is transmitted directly to the payment processor using encrypted connections.
FXMedSupport systems follow security practices including:
-
TLS/SSL encrypted communication
-
Secure API authentication
-
Tokenized credential protection
-
Secure infrastructure management
-
Controlled access permissions
FXMedSupport does not store full credit card numbers or CVV codes.
Payment processors are responsible for maintaining PCI-DSS compliance.
HIPAA & Healthcare Data Handling
FXMedSupport provides technology infrastructure and integrations that may interact with healthcare software platforms used by licensed medical providers.
FXMedSupport operates as a technology service provider and integration specialist and is not a healthcare provider.
Systems and integrations may align with standards associated with the Health Insurance Portability and Accountability Act (HIPAA) where applicable.
Security practices may include:
-
Secure API-based data exchange
-
Encryption of data in transit
-
Role-based access control
-
Secure server infrastructure
-
System monitoring and logging
Healthcare providers remain responsible for maintaining regulatory compliance when using EHR systems and related integrations.
Where required, Business Associate Agreements (BAAs) may be established.
API & Integration Security Standards
FXMedSupport develops integrations connecting healthcare platforms, automation systems, payment systems, and third-party applications.
Integration security practices may include:
-
API authentication using OAuth or API keys
-
Token-based authorization
-
TLS/SSL encrypted communications
-
Infrastructure security controls
-
Monitoring and logging of integration activity
External platforms maintain their own privacy and security policies.
AI Tools and Automation
FXMedSupport may integrate artificial intelligence tools and automation technologies used by healthcare practices to improve operational workflows.
Examples may include:
-
Clinical documentation assistance
-
Workflow automation
-
Messaging or communication tools
-
Data organization systems
AI service providers operate independently and maintain their own privacy and security policies.
Google User Data Access
Our application accesses Google user data only after explicit user consent and only for the functionality required by the application.
We use the following Gmail API scopes:
Gmail Read-Only (gmail.readonly)
Used to read incoming email messages and metadata required for authorized application workflows.
Gmail Send (gmail.send)
Used to send emails on behalf of the user within authorized application processes.
We do not request or access additional Gmail scopes beyond those listed.
How We Use Gmail Data
Gmail data is accessed and processed only to support authorized application functionality.
This may include:
-
Reading email messages necessary for workflows
-
Extracting limited metadata such as sender, subject, and timestamp
-
Sending emails initiated or approved by the user
Gmail data is never sold or used for advertising purposes.
Data Retention Policy
FXMedSupport retains data only as long as necessary to fulfill operational purposes such as providing services, maintaining integrations, supporting users, and complying with legal requirements.
Retention periods may vary depending on the type of information and system requirements.
When data is no longer required, it may be securely deleted, anonymized, or archived.
International Data Transfers
FXMedSupport may utilize infrastructure providers, service platforms, or integration partners located in various geographic regions.
As a result, information may be processed or stored outside the user’s country.
When such transfers occur, we take reasonable steps to ensure appropriate safeguards are implemented, including encrypted communications and contractual protections with service providers.
How we protect your data
FXMedSupport implements security safeguards designed to protect information from unauthorized access, disclosure, alteration, or destruction.
Security measures may include:
-
Secure infrastructure environments
-
Encrypted communications
-
Access control systems
-
System monitoring and logging
-
Secure development practices
What data breach procedures we have in place
If a security incident involving data occurs, FXMedSupport may:
-
Investigate the incident
-
Contain and remediate affected systems
-
Notify affected parties when required
-
Implement corrective measures to prevent recurrence
What third parties we receive data from
We may receive limited information from:
-
Integration partners
-
EHR platforms
-
Payment processors
-
Email systems
-
CRM or automation platforms
Such data is used only to support requested integrations or services.
What automated decision making and/or profiling we do with user data
FXMedSupport does not use automated decision-making processes that produce legal or significant effects for individuals.
Automation tools may be used to assist operational workflows or system routing.
Industry regulatory disclosure requirements
FXMedSupport provides technology infrastructure that may interact with regulated healthcare systems.
Regulatory compliance obligations remain the responsibility of the healthcare provider or organization using the services.
Contact Information
If you have questions regarding this Privacy Policy, please contact:
FXMedSupport
help@fxmedsupport.com
https://fxmedsupport.com
