Effective July 12, 2026
Privacy Policy
This Privacy Policy describes how Bomi Health, Inc. (“Bomi,” “we,” “us,” or “our”) collects, uses, and discloses personal information when you visit www.billwithbomi.com (the “Site”), contact us, schedule a call, or otherwise interact with our marketing and sales activities.
Scope of This Policy
This Policy covers the Site and Bomi’s marketing and sales activities: our public web pages, contact and request forms, call scheduling, marketing emails, and the analytics and advertising technologies used on the Site.
It does not cover the Bomi EHR product, the Client Portal, or information we handle on behalf of healthcare practices (including protected health information governed by HIPAA and our Business Associate Agreements). Those are covered by the Bomi EHR Privacy Policy and our agreements with customers. Unlike the Site, the authenticated Bomi EHR and Client Portal do not use third-party advertising pixels or cross-site behavioral tracking. Our App Privacy Policy additionally covers our Meta developer app integrations.
Personal Information We Collect
The personal information we collect depends on how you interact with the Site:
- Identifiers and contact information, such as your name and email address, which you provide when you submit a contact form, request a state guide, or schedule a call with us.
- Professional information, such as your license type, practice state, practice model, and anything you tell us about your practice in a form message.
- Scheduling information, when you book a call through our scheduling provider (Calendly), including your name, email address, and the meeting details you choose.
- Internet and device activity, collected automatically through cookies, pixels, and similar technologies: IP address, browser and device type, pages viewed, referring page, campaign parameters (such as UTM values and ad-click identifiers), a first-party visitor identifier, and approximate location inferred from your IP address.
- Communications, such as emails you exchange with us.
We do not collect sensitive personal information (such as government identifiers, financial account numbers, health records, or precise geolocation) through the Site.
How We Use Personal Information
- To respond to your inquiries, provide information you request, and schedule and conduct calls;
- To provide, improve, and secure the Site and our services;
- To understand how visitors find and use the Site, including attributing visits and signups to marketing campaigns;
- To market our services, including measuring the performance of our advertising;
- To send you marketing communications, which you can opt out of at any time using the unsubscribe link in any marketing email;
- To detect and prevent fraud, abuse, and security incidents; and
- To comply with legal obligations.
How We Share Personal Information
We share personal information with:
- Service providers that help us operate the Site and our business, such as cloud hosting, email delivery, call scheduling, and analytics providers. They may use the information only to provide services to us.
- Advertising partners. The Site uses advertising pixels and tags from Meta (Facebook), Google, LinkedIn, and Reddit. These partners collect device identifiers, cookies, and page-activity information from the Site, and we may also send them conversion events (which can include a hashed version of your email address) so we can measure and improve our advertising. This disclosure may be considered “sharing” for cross-context behavioral advertising (or “targeted advertising”) under certain state privacy laws. You can opt out at any time on our Your Privacy Choices page.
- Legal and safety recipients, when required to comply with a subpoena, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights or the safety of others.
- Parties to a corporate transaction, such as a merger, acquisition, financing, or sale of assets, in which personal information may be transferred as part of the transaction.
We do not sell personal information in exchange for money, and we do not sell or share the personal information of anyone we know to be under 16 years of age.
Cookies and Tracking Technologies
We and our partners use cookies, pixels, scripts, and similar technologies on the Site to keep it working, analyze traffic, attribute visits to campaigns, and measure advertising. These include a first-party visitor identifier set by Bomi and third-party advertising tags from the partners listed above.
You can opt out of the third-party advertising technologies using the cookie banner shown on your first visit or at any time on our Your Privacy Choices page. Most browsers also let you block or delete cookies in their settings, though blocking all cookies may affect how the Site works.
We recognize and honor Global Privacy Control (GPC) browser signals: if your browser sends a GPC signal, we treat it as a request to opt out of the sharing of your personal information for targeted advertising on the Site. The Site is not configured to respond to older “Do Not Track” signals, for which no standard has been adopted.
Your Privacy Rights
Depending on where you live, you may have the right to know or access the personal information we hold about you, correct it, delete it, obtain a portable copy, opt out of the sale or sharing of personal information for targeted advertising, and not receive discriminatory treatment for exercising these rights. We do not use personal information for profiling that produces legal or similarly significant effects.
To opt out of sharing for targeted advertising, use our Your Privacy Choices page or enable GPC in your browser. To exercise any other right, email [email protected] with the subject line “Privacy Request.” We will verify your identity using the email address associated with your request and respond within the time required by law. You may use an authorized agent to submit a request; we may ask for proof of the agent’s authority. If we deny your request, you may appeal by replying with the subject line “Privacy Request Appeal.”
California residents: in the preceding 12 months we collected the categories of personal information described above, and we disclosed identifiers and internet activity to our advertising partners as described in “How We Share Personal Information.” California’s “Shine the Light” law also lets you request information about personal information shared with third parties for their own direct marketing; we do not share personal information for that purpose.
Data Retention
We keep personal information for as long as reasonably needed for the purposes described in this Policy — for example, for as long as we have an active conversation or business relationship with you — and as required for legal, security, or record-keeping purposes. We then delete or de-identify it.
Security
We use reasonable administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
Children
The Site is intended for business use by healthcare professionals and is not directed to children under 13. We do not knowingly collect personal information from children under 13.
Visitors From Outside the United States
Bomi is located in the United States, and the Site is intended for a US audience. If you visit from outside the US, your personal information will be transferred to and processed in the United States, where privacy laws may differ from those in your country.
Changes to This Policy
We may update this Policy from time to time. When we do, we will update the effective date at the top of this page, and if the changes are material we will provide more prominent notice on the Site.
Contact Us
For privacy questions or requests, contact Bomi Health, Inc. at [email protected].