Privacy Policy
This Privacy Policy explains how GomyDev LLC ("GomyDev," "we," "us"), the maker of the TimeGrid platform ("TimeGrid," the "Service"), collects, uses, discloses, and protects information in connection with our marketing website (timegridworkforce.com) and the Service. By using our website or the Service, you agree to this Policy.
1. Scope — and a note on health information
Much of the data in the Service is Protected Health Information (PHI) that a care agency (our customer) controls. When TimeGrid processes PHI on a customer's behalf, we act as a Business Associate under the U.S. Health Insurance Portability and Accountability Act (HIPAA), and that processing is governed by our Business Associate Agreement (BAA) and HIPAA — not by this Policy. This Policy governs the information we control: website visitors, prospects, and account administrators.
2. Information we collect
Information you give us
- Demo & contact requests: your name, work email, agency name, phone number, state, approximate number of caregivers, and any message you send.
- Account information: for customers and their administrators — names, work emails, roles, and login credentials.
- Communications: messages you send us by email or through the Service.
Information collected automatically
- Basic device and log data (IP address, browser type, pages viewed, timestamps) used to operate, secure, and improve the website and Service.
- Cookies and similar technologies strictly necessary to run the site and keep you signed in. We do not use advertising or cross-site tracking cookies.
3. How we use information
- To respond to demo and contact requests and communicate with you.
- To provide, maintain, secure, and improve the website and the Service.
- To detect, prevent, and respond to fraud, abuse, and security incidents.
- To comply with legal obligations and enforce our agreements.
4. How we share information
We do not sell your personal information. We share it only:
- With service providers (subprocessors) who help us run the Service under contract — for example cloud hosting and email delivery (Amazon Web Services) — bound to protect the data and use it only as instructed.
- For legal reasons — to comply with law, respond to lawful requests, or protect the rights, safety, and security of GomyDev, our customers, or the public.
- In a business transfer — if we are involved in a merger, acquisition, or sale of assets, subject to this Policy.
5. How we protect information
TimeGrid is engineered for protected health information. Safeguards include encryption in transit and at rest, database-level tenant isolation (row-level security), role-based access controls with multi-factor authentication, audit logging of access to sensitive data, and automated backups. No system is perfectly secure, but security is the foundation of how the Service is built.
6. Data retention
We keep personal information for as long as needed for the purposes above, to run our business, and to meet legal, tax, and audit obligations, after which we delete or de-identify it. Customer data in the Service is retained and deleted in line with the customer's agreement and instructions.
7. Your choices and rights
You may request access to, correction of, or deletion of personal information we hold about you by emailing privacy@gomydev.com. Where TimeGrid holds information on a customer's behalf, we will direct your request to that customer. You can unsubscribe from marketing emails at any time using the link in each message.
8. California privacy rights
If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the right to know what personal information we collect and how we use and share it, to request access to or deletion of that information, to correct inaccurate information, and to not be discriminated against for exercising these rights. We do not sell or "share" (for cross-context behavioral advertising) your personal information. To exercise your rights, contact privacy@gomydev.com. Health information handled by TimeGrid on a provider's behalf is covered by HIPAA and the applicable BAA.
9. Children's privacy
Our website and Service are intended for care organizations and their staff, not for children, and we do not knowingly collect personal information directly from children.
10. Changes to this Policy
We may update this Policy from time to time. We will post the updated version here and revise the "Effective" date above; material changes may be communicated more directly.
11. Contact us
Questions about this Policy or your information:
GomyDev LLC — PrivacyTexas, United States
privacy@gomydev.com