top of page

POLÍTICA DE PRIVACIDAD

Privacy Policy for Enbarca Inc

 

Effective Date: January 1, 2026
Last Updated: December 31, 2025

1. Introduction

This Privacy Policy ("Policy") describes how Iris Soto Digital dba Enbarca Inc ("Company," "we," "us," "our")  collects, uses, discloses, and otherwise processes personal information and protected health information through our websites (the "Websites") and related services (collectively, the "Services"). This Policy applies to all visitors, users, and other individuals who access or use the Services, whether as a registered user or guest.

 

By accessing or using the Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our privacy practices, please do not use the Services.

2. Scope and Applicability

This Privacy Policy applies when:

 

  • You access the Website as a visitor or registered user

  • You submit information through forms or contact requests

  • You use any interactive features or services available on the Website

  • You communicate with us via email or through the Service

 

Important Notice: This Website may collect and process protected health information ("PHI") as defined under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act. To the extent that this Website processes PHI, compliance with HIPAA and this Privacy Policy is mandatory.

3. Information We Collect

3.1 Information You Provide Directly

Account Registration Information: When you create an account, we collect information such as your name, email address, phone number, organization affiliation, job title, and professional credentials.

 

Contact Form Data: When you submit inquiries through our contact forms, we collect the information you provide, including name, email, phone number, organization, subject matter, and message content.

 

Healthcare Information: Depending on the services requested, we may collect healthcare-related information, including:

 

  • Healthcare practice details and operational metrics

  • Patient demographic information (only as necessary for stated purposes)

  • Claims submission data and billing information

  • Clinical trial research information

  • Healthcare compliance documentation

 

Communication Data: We collect records of communications between you and our team, including emails, chat logs, and support tickets.

 

Payment Information: If you engage our services, we collect payment details necessary to process transactions, including billing address and payment method information.

3.2 Information Collected Automatically

Device and Usage Information:

 

  • IP address and device identifiers

  • Browser type, version, and language preferences

  • Operating system and device type

  • Pages visited and time spent on each page

  • Links clicked and features used

  • Referring website information

 

Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to enhance your experience and understand how you use the Website. This includes:

 

  • Session cookies (temporary)

  • Persistent cookies (longer-lasting)

  • Analytics cookies to measure usage patterns

  • Functionality cookies to remember your preferences

 

Log Data: Our servers automatically record information when you access the Website, including access times, pages viewed, browser type, IP address, and referring URLs.

3.3 Third-Party Information

We may receive information about you from third-party sources, including:

 

  • Business partners and service providers

  • Healthcare industry databases and directories

  • Public records related to healthcare practices and professionals

  • Social media platforms (if you link your accounts)

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 Service Delivery

  • Creating and maintaining your account

  • Processing transactions and payments

  • Delivering consulting services, tools, and resources you request

  • Communicating with you about your account or service requests

  • Providing customer support and technical assistance

4.2 Business Operations

  • Analyzing usage patterns to improve the Website and services

  • Conducting research and analytics

  • Monitoring system performance and security

  • Troubleshooting technical issues

  • Maintaining and protecting our IT systems

4.3 Communications

  • Sending service announcements and administrative notifications

  • Responding to your inquiries and requests

  • Providing newsletters and educational content (with your consent)

  • Sharing information about new features, products, or services

  • Conducting surveys and gathering feedback

4.4 Legal and Compliance

  • Complying with applicable laws, regulations, and legal processes

  • Enforcing our Terms and Conditions and other agreements

  • Protecting our legal rights, privacy, and safety

  • Preventing fraud, unauthorized access, and illegal activity

  • Maintaining records for HIPAA compliance, audit trails, and breach notifications

4.5 Marketing and Business Development

  • Identifying business opportunities in the healthcare sector

  • Conducting market research and competitive analysis

  • Promoting our services to healthcare professionals and practices

  • Creating de-identified data sets for analytics and reporting

5. HIPAA-Specific Provisions
5.1 Notice of Privacy Practices

To the extent that this Website and Company processes Protected Health Information (PHI) as a business associate or covered entity under HIPAA:

 

The Company acknowledges its obligations under 45 C.F.R. Parts 160 and 164 to:

 

  • Maintain the privacy and security of all PHI

  • Implement safeguards to prevent unauthorized use or disclosure of PHI

  • Provide individuals with rights to access, amend, and request an accounting of disclosures of their PHI

  • Notify affected individuals in the event of a breach of unsecured PHI

  • Restrict use and disclosure of PHI to the minimum necessary to accomplish the stated purpose

5.2 Permitted Uses and Disclosures of PHI

The Company uses and discloses PHI only for the following purposes:

 

  • Treatment: When necessary to provide, coordinate, or manage healthcare services

  • Payment: When necessary to obtain payment for healthcare services rendered

  • Healthcare Operations: For administrative functions, quality assurance, training, and compliance activities

  • Business Associate Functions: As permitted under executed Business Associate Agreements

  • As Authorized: With explicit written authorization from the individual or their legal representative

  • As Required by Law: When mandated by federal, state, or local legal processes

5.3 Individual Rights

Under HIPAA, individuals have the following rights regarding their PHI:

 

  • Right of Access: The right to inspect and obtain a copy of PHI maintained by the Company (request must be processed within 15 days or as allowed by law)

  • Right to Amendment: The right to request correction of inaccurate or incomplete PHI

  • Right to Accounting of Disclosures: The right to receive an accounting of non-routine disclosures of PHI

  • Right to Request Restrictions: The right to request that the Company limit use and disclosure of PHI

  • Right to Request Confidential Communications: The right to request that communications regarding PHI be sent to an alternative address or by alternative means

  • Right to Breach Notification: The right to be notified in the event of a breach of unsecured PHI

5.4 Privacy Officer Contact

Contact Information:
Email: privacy@enbarca.com

 

Mailing Address: 5764 N. Orange Blossom Trail #91973 Orlando, FL 32810

 

Individuals may submit privacy concerns, complaints, or requests for access to information to the Privacy Officer. The Company will not retaliate against individuals for filing a complaint.

5.5 Breach Notification

In the event of a breach of unsecured PHI, the Company will:

 

  1. Conduct a prompt investigation to determine the scope and nature of the breach

  2. Notify affected individuals without unreasonable delay and no later than 60 calendar days from discovery of the breach

  3. Notify the Department of Health and Human Services (HHS) of the breach

  4. Notify prominent media outlets if the breach affects residents of more than one state or affects more than 500 residents of any state or jurisdiction

  5. Maintain records of all breach investigations and notifications

 

Breach notification will include: the date of the breach, date it was discovered, a brief description of what occurred, steps the individual can take to protect themselves, what the Company is doing to investigate and prevent further breaches, and contact information for questions.

6. Sharing of Information
6.1 Service Providers and Business Partners

We may share your information with third-party service providers who assist us in operating the Website and delivering services, including:

 

  • Cloud hosting and storage providers

  • Payment processors and financial institutions

  • Email service providers and communication platforms

  • Analytics and data analysis providers

  • Healthcare compliance consultants

  • IT security and maintenance providers

 

All service providers are required to:

 

  • Protect your information with safeguards no less stringent than those in this Policy

  • Use information only for the purposes specified

  • Execute Business Associate Agreements (if handling PHI)

  • Comply with applicable data protection laws

6.2 Legal Requirements and Protection

We may disclose your information when required or permitted by law:

 

  • In response to subpoenas, court orders, or legal process

  • To comply with healthcare regulations (HIPAA, HITECH, state privacy laws)

  • To enforce our Terms and Conditions and other agreements

  • To protect the rights, privacy, and safety of the Company, users, and the public

  • To prevent fraud, security incidents, or other potentially illegal activity

6.3 Business Transfers

If the Company is involved in a merger, acquisition, bankruptcy, reorganization, or similar transaction or proceeding, your information may be transferred as part of that transaction. You will be notified of any such change and any choices you may have regarding your information.

6.4 Aggregated and De-Identified Information

We may share aggregated or de-identified information that cannot reasonably identify you. This includes anonymized healthcare data, usage statistics, and market research findings.

6.5 Information Not Shared

The Company does not:

 

  • Sell personal information or PHI to third parties for marketing purposes

  • Share information with unaffiliated parties without consent (except as legally required)

  • Disclose PHI beyond the minimum necessary for the stated purpose

  • Share information with social media platforms without explicit authorization

7. Data Security and Protection
7.1 Security Measures

The Company implements comprehensive administrative, physical, and technical safeguards to protect your information, including:

 

Administrative Safeguards:

 

  • Designated Privacy and Security Officers

  • Workforce security and access controls

  • Training and awareness programs for all personnel

  • Incident response and reporting procedures

  • Risk assessments and vulnerability management

  • Policies for appropriate use and disclosure

 

Physical Safeguards:

 

  • Restricted access to facilities housing sensitive data

  • Secure disposal of physical records

  • Environmental controls to prevent unauthorized access

  • Visitor logs and access badges

  • Video surveillance where appropriate

 

Technical Safeguards:

 

  • Encryption of data in transit and at rest (using industry-standard protocols)

  • Multi-factor authentication for account access

  • Firewalls and intrusion detection systems

  • Regular security audits and penetration testing

  • Secure software development practices

  • Regular backup and disaster recovery procedures

7.2 Data Retention

We retain your information for as long as necessary to:

 

  • Fulfill the purposes outlined in this Privacy Policy

  • Comply with legal, regulatory, and contractual obligations

  • Maintain HIPAA-required audit trails (typically 6 years minimum for PHI)

  • Resolve disputes and enforce agreements

 

When information is no longer needed, we securely delete or de-identify it according to our retention schedules.

7.3 Limitations of Security

While we implement robust security measures, no method of transmission over the Internet or electronic storage is completely secure. The Company cannot guarantee absolute security. You use the Service at your own risk, and you are responsible for maintaining the confidentiality of your account credentials.

8. Your Privacy Rights and Choices
8.1 Access and Correction

You have the right to:

 

  • Access, review, and download your personal information

  • Request correction of inaccurate or incomplete information

  • Request deletion of your information (subject to legal retention requirements)

  • Request a copy of your information in a portable format

 

To exercise these rights, contact our Privacy Officer at privacy@enbarca.com

8.2 Marketing Communications

You may opt out of receiving promotional emails and marketing communications by:

 

  • Clicking "unsubscribe" in the footer of email communications

  • Updating your account preferences on the Website

  • Contacting us at privacy@enbarca.com

  • Sending written notice to our mailing address

 

Please note that opting out of marketing communications will not affect transactional or legally required communications.

8.3 Cookies and Tracking

You can control cookies through your browser settings:

 

  • Most browsers allow you to refuse cookies or alert you when cookies are being sent

  • Disabling cookies may affect the functionality of the Website

  • Some tracking technologies cannot be controlled through browser settings

8.4 California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act:

 

  • Right to know what personal information is collected and how it is used

  • Right to delete personal information (subject to exceptions)

  • Right to opt-out of the sale or sharing of personal information

  • Right to non-discrimination for exercising your privacy rights

  • Right to correct inaccurate information

 

To submit a request or for more information, contact: privacy@enbarca.com

8.5 Virginia and Other State Privacy Laws

We comply with applicable state privacy laws, including the Virginia Consumer Data Protection Act (VCDPA) and similar regulations in other states.

9. Third-Party Links and Services

The Website may contain links to third-party websites, applications, and services that are not operated by the Company. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. Before sharing information with third parties, review their privacy policies.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will promptly delete such information. If you believe we have collected information from a child, please contact us immediately at privacy@enbarca.com

11. International Users

The Website and services are operated from the United States. If you are accessing the Website from outside the United States, please be aware that your information will be transferred to, processed, and stored in the United States. By using the Website, you consent to the transfer of your information to the United States and its storage and processing under United States law.

 

For European Union residents, we comply with the General Data Protection Regulation (GDPR) and the requirements regarding lawful basis for processing, data subject rights, and international data transfers.

12. Changes to This Privacy Policy

The Company may update this Privacy Policy at any time. We will notify you of material changes by:

 

  • Posting the revised Privacy Policy on the Website with an updated "Last Updated" date

  • Sending you an email notification of significant changes

  • Requiring your explicit consent for material changes, where required by law

 

Your continued use of the Website after changes become effective constitutes your acceptance of the revised Privacy Policy.

13. Contact Information

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to report a privacy concern or potential breach, please contact:

 

Email: privacy@enbarca.com

 

Mailing Address:
5764 N. Orange Blossom Trail #91973 Orlando, FL 32810

 

Response Timeline: We will respond to all privacy inquiries and access requests within 15 business days, or as otherwise required by applicable law.

14. California Resident-Specific Information

California Privacy Rights: In addition to the rights described in Section 8.4, California residents may have additional rights:

 

  • Right to request information about the categories of information collected and the purposes for use

  • Right to request a list of the categories of third parties with whom information is shared

  • Right to deletion (subject to certain exceptions)

  • Right to non-discrimination for exercising privacy rights

 

To make a request under California law, email privacy@enbarca.com or contact our Privacy Officer using the information above.

 

Special Offer Disclosure: If you choose to receive special offers and promotions, we will only share your email address with third parties for marketing purposes with your prior consent.

 

 

 

©  Enbarca Inc. All rights reserved.

 

This Privacy Policy is effective as of January 1, 2026, and was last updated on December 31, 2025.

bottom of page