Serious Healthcare


kinlike.care


we are care for the givers.

JOIN US TODAY

Privacy Policy

New Paragraph

Effective Date: 4/1/2026

Last Updated: 5/6/2026


1. Introduction and Scope

Serious Healthcare (“Company,” “we,” “us,” or “our”) operates the Kinlike.Care platform (“Platform”), a social engagement and communication application designed to help residents of care communities stay connected with their families, friends, and authorized support networks. This Privacy Policy describes how we collect, use, share, and protect personal information when you use the Platform, visit our website at [URL], or otherwise interact with our services.


Our Platform is built on a privacy-first, minimum-necessary data model with resident-controlled access to personal information. We do not intentionally collect clinical or medical records. The Platform is intended solely for social engagement and communication facilitation, not for the storage or management of medical information.


This Privacy Policy applies to all individuals who use or interact with the Platform, including residents, family members, social workers, care community staff, and website visitors. The Platform is designed for and directed to users located in the United States. By accessing or using the Platform, you acknowledge that you have read and understand this Privacy Policy. If you do not agree with our practices as described below, please discontinue use of the Platform.


2. Types of Information We Collect

We collect the following categories of personal information in connection with the Platform and our related services.


Resident Profile Data. When a resident creates an account on the Platform, we collect the resident's name, a resident-chosen username, the resident's care community affiliation, and communication preferences. We do not collect clinical data, medical diagnoses, treatment records, or medication information as part of a resident's profile.


Family and Contact Data. We collect the names, phone numbers, email addresses, and relationship descriptions of family members and other contacts who are authorized by a resident to communicate through the Platform. This information is provided by the resident or by an authorized representative acting on the resident's behalf.


Communication Data. The Platform generates and stores messages, visit scheduling information, and interaction logs created through Platform use. Because users compose their own messages, the content and sensitivity of communication data varies depending on what users choose to share.


Authentication Data. We collect login credentials and session data to secure user accounts and verify identity. Authentication data is stored in secured, access-restricted systems.


Usage and Technical Data. When you access the Platform or our website, we automatically collect technical information including your IP address, device type, browser information, and session activity. This data is used for security monitoring, diagnostics, and limited service-improvement analytics.


Marketing and Inquiry Data. When visitors submit inquiries or contact requests through our website, we collect the contact information and message content provided. This data is stored in our customer relationship management system for business development and customer support purposes.


3. How We Collect and Use Information


Collection Methods. We collect information through several channels, each aligned to a specific function of the Platform and our business operations. For example:

  • Residents and authorized users enter data directly into the Kinlike.Care application when creating accounts, updating profiles, and sending messages.
  • Family members and other contacts are added to the Platform through a resident-authorized invitation process, ensuring that each connection is initiated or approved by the resident.
  • Social workers may submit information on a resident's behalf when the resident has specifically authorized them to do so.
  • Website inquiries are captured through forms on our website and processed through our CRM system.
  • Technical and usage data is collected automatically through cookies, server logs, and application-level tracking when you access the Platform or our website.

 

Purposes of Use. We use the personal information we collect for the following purposes:

  • Facilitating social engagement by enabling communication between residents and their authorized family members and contacts
  • Support visit coordination by providing scheduling tools and interaction management features
  • Send service-related notifications, including reminders and updates, through our messaging infrastructure
  • Respond to user requests and inquiries through customer support channels
  • Managing leads and outreach for business development purposes.
  • Analyzing user access and use to monitor and improve Platform performance and the user experience
  • As necessary to protect the security and integrity of the Platform, to enforce our terms of service, and to meet our legal obligations.


We will not use your personal information for purposes materially different from those described above without providing you notice and, where appropriate, obtaining your consent.


4. Health Information and Incidental PHI


Our Design Commitment. The Platform is designed, built, and operated as a social engagement tool. It is not designed, intended, or equipped to function as a health information system or electronic health record. We do not intentionally collect, solicit, or store Protected Health Information (“PHI”) as that term is defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations at 45 CFR Parts 160 and 164. We do not collect or process clinical diagnoses, treatment plans, medication lists, lab results, or other medical records through the Platform.


Incidental Collection Risk. Because the Platform operates within care community environments and enables users to compose free-form messages, there is a possibility that users may include health-related information in their communications, profile entries, or scheduling notes. For example, a family member might mention a resident's health condition in a message, or a resident might reference a medical appointment in a scheduling request. We recognize this risk and have established the following procedures to address it.


Incidental Health Information Protocol. If we identify or become aware that health-related information has been submitted to the Platform outside of a Business Associate Agreement, we will take the following steps:


  1. We will isolate the information by restricting access to authorized personnel only.
  2. We will promptly and securely delete the health-related information from our systems or, comply with applicable agreements with our care community provider.
  3. We will notify the user who submitted the information and, where applicable, the provider customer in accordance with our agreement.
  4. We will document the incident in our internal compliance records for audit and accountability purposes.


Prohibited Uses of Health Information. We will not use any health-related information that is incidentally received through the Platform for marketing, advertising, user profiling, analytics, data monetization, or any purpose unrelated to the security and integrity of the Platform.


Business Associate Agreements. Where we enter into service agreements with care communities that are HIPAA-covered entities and the scope of the engagement creates a reasonable likelihood of PHI exposure, we will execute a Business Associate Agreement (“BAA”). The terms of each BAA will govern our obligations with respect to any PHI received under that agreement, including administrative, physical, and technical safeguards appropriate for the protection of electronic PHI.


HIPAA Status. Absent a BAA with a HIPAA-covered entity, the Platform does not operate as a HIPAA-covered entity or business associate. We do not hold ourselves out as subject to HIPAA, and we do not perform covered functions such as claims processing, utilization review, billing, or benefit management.


User Responsibility. We ask that users refrain from submitting medical records, clinical diagnoses, prescriptions, treatment information, or other health-related data through the Platform. The Platform is not designed to serve as a repository for medical information, and we cannot guarantee the same level of protection for health data as systems purpose-built for clinical information management.


5. Data Sharing and Disclosure


Resident-Related Sharing. The core principle of the Platform is that all access to resident data is permission-based and controlled by the resident. Resident information is shared with other Platform users, such as family members, friends, or social workers, only when the resident has affirmatively authorized that access. Platform administrators and residents may grant or revoke access at any time through the Platform's permission controls.


Service Providers. We engage third-party service providers to support the technical operation and delivery of the Platform. These providers fall into the following categories: messaging and notification services that deliver SMS, email, and other communications on our behalf; application hosting and infrastructure services that host and operate the Platform; customer relationship management and website services that process inquiries and marketing data submitted through our website; and internal productivity and communication tools used by our staff for coordination and support. Each service provider is contractually obligated to use personal information solely for the purpose of performing services on our behalf, to implement and maintain appropriate security safeguards, and to notify us promptly in the event of any security incident that may affect user data.


Social Media. We maintain business presences on third-party social media platforms for marketing and community outreach purposes. We do not transmit your personal information to social media platforms. Any engagement data generated by your interaction with our public social media posts is collected and governed by those platforms under their respective privacy policies.


Legal Obligations. We may disclose personal information when required to do so by law, regulation, subpoena, court order, or governmental request, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Serious Healthcare, our users, or the public.


Business Transfers. In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, personal information held by us may be among the assets transferred. In such circumstances, we will provide notice to affected users before their personal information becomes subject to a materially different privacy policy.


No Sale of Personal Information. We do not sell, rent, lease, or trade your personal information to third parties for monetary or any other consideration. We do not use your personal information for targeted advertising or cross-context behavioral advertising.


6. Data Security

We implement a layered set of administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. Where the Platform receives or processes information under a Business Associate Agreement as required under HIPAA, we implement additional safeguards as specified in the applicable BAA.


No method of electronic transmission or data storage is fully secure, and we cannot guarantee the absolute security of your information. If you believe your account has been compromised or that your personal information has been accessed without authorization, please contact us.


7. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Users may request deletion of their data at any time. When a retention period expires or a user submits a valid deletion request, we will securely delete or de-identify the applicable information within a commercially reasonable timeframe, except where retention is necessary to resolve a pending dispute or enforce our agreements. Where immediate deletion of backup copies is technically impracticable, we will isolate the information and protect it from further processing until deletion becomes feasible.


8. Your Choices and Controls


Resident Access Controls. The Platform is built around resident-controlled data access. Through the Platform interface, residents can view and update their profile information, add or remove authorized contacts, adjust sharing preferences, and revoke previously granted access at any time. Family members and other authorized contacts can manage their own account information and communication preferences within the Platform.


Deletion Requests. Any user may request deletion of their personal information by contacting us at [ info@serioushealthcare.com ]. We will process verified deletion requests within forty-five (45) days. If we need additional time, we will notify you of the extension and the reason within that initial period.


Communication Preferences. You may opt out of non-essential communications at any time by updating your notification settings within the Platform or by contacting us directly.


Additional Rights Under State Law. Depending on your state of residence, you may have additional rights regarding your personal information under applicable state law. If you wish to make a request related to your personal information or have questions about your rights, please contact us. We will respond to all requests in a timely manner.


9. State-Specific Disclosures


Tennessee Residents. If you are a resident of Tennessee, the Tennessee Information Protection Act (Tenn. Code Ann. §§ 47-18-3201 et seq.) may provide you with additional rights regarding your personal information. If at any time we process information that constitutes “sensitive data” under Tennessee law, which includes data reflecting a mental or physical health condition or diagnosis, we will obtain your affirmative consent before such processing begins. If you submit a request related to your personal information and are dissatisfied with our response, you may contact the Tennessee Attorney General's Division of Consumer Affairs at Tennessee Division of Consumer Affairs, P.O. Box 20207, Nashville, TN 37202-0207.


In the event of a data breach involving your name in combination with your Social Security number, driver's license number, or financial account credentials, we will endeavor to notify you no later than forty-five (45) days from the date we discover the breach. Under Tennessee law (Tenn. Code Ann. § 47-18-2107), you may be entitled to notification of qualifying breaches within this timeframe.


Kentucky Residents. If you are a resident of Kentucky, the Kentucky Consumer Data Protection Act (KRS §§ 367.3611 et seq.) may provide you with additional rights regarding your personal information. If at any time we process information that constitutes “sensitive data” under Kentucky law, which includes data reflecting a mental or physical health condition or diagnosis, we will obtain your affirmative consent before such processing begins. If you submit a request related to your personal information and are dissatisfied with our response, you may contact the Kentucky Attorney General's Office of Consumer Protection at Office of the Attorney General1024 Capital Center Drive, Suite 200, Frankfort, KY 40601.


In the event of a data breach involving your name in combination with your Social Security number, driver's license number, or financial account credentials, we will endeavor to notify you in the most expedient time possible and without unreasonable delay. Under Kentucky law (KRS § 365.732), you may be entitled to notification of qualifying breaches within this timeframe.


10. International Users

The Platform is designed and operated exclusively for users located in the United States. We do not direct the Platform to individuals in the European Union, the European Economic Area, the United Kingdom, or any other jurisdiction outside the United States, and we do not undertake to comply with the General Data Protection Regulation (Regulation (EU) 2016/679), the UK General Data Protection Regulation, or other international data protection frameworks. Our data practices are governed by applicable United States federal and state law.


All personal information collected through the Platform is processed and stored in the United States. If you access the Platform from outside the United States, you do so on your own initiative and consent to the transfer of your information to the United States.


11. HIPAA Considerations

As described, the Platform is a social engagement tool and is not designed to collect or process PHI. Serious Healthcare does not independently qualify as a HIPAA-covered entity or business associate. We do not perform health plan administration, health care clearinghouse functions, or health care treatment services, and we do not conduct electronic transactions covered under HIPAA.


Where our services are engaged by a care community that is a HIPAA-covered entity, and the nature of the engagement creates a reasonable possibility that PHI may be received or maintained through the Platform, we will enter into a Business Associate Agreement. The terms of each BAA will define our respective obligations regarding the handling, safeguarding, and permissible use of any PHI received in connection with the engagement, including incident reporting, subcontractor obligations, and access rights.


In all other circumstances, we protect information received through the Platform using the security measures and the incidental health information protocol described in this Privacy Policy.


12. Cookies and Tracking Technologies

We use cookies and similar technologies in connection with the Platform and our website. Essential cookies are required for Platform functionality, user authentication, and security, and cannot be disabled without impairing the Platform's operation. We also use a limited set of analytics technologies to monitor how the Platform is accessed and used, in order to improve service performance and the user experience.

We do not use cookies or tracking technologies to collect health-related information. We do not deploy third-party advertising trackers, cross-site tracking pixels, or behavioral profiling tools on the Platform or our website.


You may manage your cookie preferences through your browser or device settings. Disabling essential cookies may prevent certain features of the Platform from functioning properly. We do not currently respond to “Do Not Track” browser signals, as no uniform standard for interpreting such signals has been adopted by the industry.


13. Children's Privacy

The Platform is not directed to children under the age of thirteen (13), and we do not knowingly collect, solicit, or maintain personal information from children under thirteen. If we become aware that we have collected personal information from a child under the age of thirteen without verified parental consent, we will promptly delete that information from our systems. If you believe that a child under thirteen has provided personal information to us through the Platform, please contact us immediately.


14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or business operations. When we make changes, we will revise the “Last Updated” date at the top of this Policy and post the updated version on the Platform and our website. If we make material changes that significantly affect how we handle your personal information, we will provide prominent notice through the Platform or by email before the changes take effect. Your continued use of the Platform after the effective date of a revised Privacy Policy constitutes your acknowledgment of and agreement to the updated terms.


15. Contact Information

If you have questions or concerns about this Privacy Policy, wish to make a request regarding your personal information, or need to report a security concern, you may contact us at:

Serious Healthcare

Attn: Privacy Inquiries

100 Cherokee Blvd. #2010

Chattanooga, TN 37405

Email: [ info@serioushealthcare.com ]


 

For more information, email us at info@serioushealthcare.com.