Privacy Policy

Fluentworks, Inc. (“Fluent,” “we,” “us”)

Last updated February 26, 2026
Version 1.0 Effective: Upon acceptance or first use

This Privacy Policy explains how Fluentworks, Inc. collects, uses, discloses, and protects information when you access or use our software platform and related services (the “Service”). This Privacy Policy is incorporated by reference into our Master Subscription Agreement / Terms of Service (“Agreement”) and the Authorized User Terms.

1. Scope

This Privacy Policy applies to personal information we collect from:

  • account owners and invited users who use the Service (“Users”),
  • visitors to our websites and marketing pages, and
  • representatives of current, former, or prospective customers.

This Privacy Policy does not replace or modify the Business Associate Agreement (“BAA”) when one is in effect. If your organization uses the Service with protected health information (“PHI”) under HIPAA and has a BAA with us, the BAA governs how we handle PHI as a Business Associate. This Privacy Policy primarily addresses personal information outside the scope of the BAA.

Our role. For information processed within the Service on behalf of a Customer (including Customer Data and Authorized User activity), Fluent acts as a service provider / processor on Customer’s behalf and processes such information in accordance with Customer’s instructions and the Agreement. For information we collect directly (such as account registration details, website visitor data, and marketing interactions), Fluent acts as the controller (and, where applicable, a “business” under state privacy laws).

2. Information We Collect

We collect information in the following categories:

A. Information You Provide

  • Account details (name, email address, phone number, password/credentials)
  • Organization details (organization name, role/title, team membership)
  • Support communications (messages to support, call notes, troubleshooting details)
  • Optional profile information (e.g., full name provided during invited-user attestation)

B. Information Processed in the Service

Depending on how your organization uses the Service, the Service may process operational scheduling data, including details related to appointments, locations, and notes. If a BAA is active, certain information in the Service may include PHI as defined under HIPAA and governed by the BAA.

C. Payment and Billing Information

Payments are processed by our payment processor (e.g., Stripe). We do not store full payment card numbers. We may receive billing-related information such as the billing contact name, billing address, partial card details (e.g., last four digits), and transaction identifiers from our payment processor.

D. Automatically Collected Information

When you use the Service, we may collect:

  • Device and browser information (e.g., IP address, user agent, operating system)
  • Log data (e.g., access times, pages viewed, actions taken in the Service)
  • Approximate location inferred from IP address (city/state level)
  • Cookies and similar technologies (see Section 8 and our Cookie Policy)

3. How We Use Information

We use information to:

  • Provide, maintain, and improve the Service
  • Create and administer accounts, authentication, and access control
  • Process payments, invoices, usage billing, and subscription management
  • Provide customer support, respond to requests, and communicate service updates
  • Secure the Service (fraud prevention, abuse detection, auditing, and troubleshooting)
  • Monitor reliability and performance (including error and crash reporting)
  • Comply with legal obligations and enforce our agreements
  • Generate and display in-product reporting and analytics within the Service

4. How We Disclose Information

We may disclose information in the following circumstances:

A. Service Providers (“Subprocessors”)

We use trusted third parties to help operate the Service. These may include:

  • Infrastructure and hosting (e.g., AWS in the United States)
  • Monitoring and reliability (e.g., Datadog)
  • Error reporting (e.g., Sentry)
  • Email and messaging delivery (e.g., SendGrid, Twilio)
  • Payment processing (e.g., Stripe)

These providers may process personal information on our behalf under contractual obligations consistent with this Privacy Policy. Where applicable, our BAA requirements and subprocessor obligations apply.

We maintain a current list of subprocessors at our Trust Center: https://www.fluentworks.com/trust/subprocessors/. We provide advance notice of new subprocessors as described in the Agreement.

B. Within Your Organization

If your organization uses the Service, administrators and authorized Users within that organization may access certain information associated with your account and your activity, consistent with your organization’s permissions and settings.

C. Legal and Safety

We may disclose information if we believe disclosure is required by law, regulation, legal process, or governmental request, or is necessary to protect the rights, safety, and security of Fluent, our Users, or the public.

D. Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be disclosed as part of that transaction, subject to standard confidentiality protections.

E. With Your Direction

We may disclose information when you request or authorize us to do so (for example, enabling integrations).

5. Data Retention

We retain information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, enforce our agreements, and for legitimate business purposes.

We may retain certain records (including audit, security, and access logs) for up to six (6) years, unless a longer period is required by law. We may also maintain encrypted backups for business continuity and disaster recovery; information in backups may persist for a period of time and is deleted in the ordinary course of our backup lifecycle.

If a BAA is in place, retention and deletion of PHI are governed by the BAA and applicable law. The BAA’s return/destruction provisions apply to PHI, and this Privacy Policy’s retention provisions apply to non-PHI personal information.

6. Security

We maintain administrative, technical, and physical safeguards designed to protect information, as further described at our Trust Center (https://www.fluentworks.com/trust/). No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

In the event of a security incident involving personal information, we will notify affected parties as required by applicable law and, where applicable, the Agreement.

7. Your Choices and Rights

Account information. You may update certain account details within the Service. Your organization’s administrators may control certain settings and permissions.

Marketing preferences. You may opt out of marketing emails by using the unsubscribe link in those emails. Service-related emails (e.g., billing, security, account notices) are not optional.

In-product data requests. For information processed on behalf of a Customer in the Service (including Customer Data and Authorized User activity), Users should direct access, correction, deletion, or portability requests to their organization’s administrator. Fluent will assist Customers in responding as required by law and contract.

Direct requests to Fluent. For personal information that Fluent controls directly (e.g., website visitor data, marketing data), you may submit requests to legal@fluentworks.com. We will respond to verified requests as required by applicable law.

8. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Service, keep you logged in, remember preferences, and understand usage. For details about the specific cookies we use, your choices, and how to manage cookie preferences, please see our Cookie Policy available at the Trust Center (https://www.fluentworks.com/trust/cookies/).

9. International Use

The Service is intended for use in North America. Information may be processed in the United States, including in the cloud regions where we and our service providers operate. If you are located outside the United States, your information will be transferred to and processed in the United States.

10. Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For material changes (including changes to data use, disclosure practices, or your rights), we will provide at least thirty (30) days’ advance notice (such as by posting within the Service or by email to the account administrator). Where required, we will obtain re-acceptance. If you do not agree to material changes, you may contact your organization’s administrator or Fluent to discuss your options, including termination as provided in the Agreement. The version number and “Last Updated” date above indicate when this Privacy Policy was last revised.

12. State Privacy Disclosures

Depending on your state of residence, you may have additional privacy rights under state law (e.g., the California Consumer Privacy Act, the Colorado Privacy Act, or similar laws). The following provides supplementary information:

Categories of personal information collected: Identifiers (name, email, IP address); commercial information (billing details, subscription tier); internet/electronic activity (log data, usage); professional/employment information (organization, role/title); and geolocation (approximate, from IP).

Categories disclosed to third parties: We disclose personal information to service providers/subprocessors as described in Section 4.A for business purposes. We do not “sell” or “share” (as defined under applicable state privacy laws) personal information for targeted advertising.

Sensitive data: We do not intentionally collect sensitive personal information (as defined under state privacy laws) outside of the Service’s operational data. Where a BAA is in effect, PHI handling is governed by HIPAA and the BAA.

Retention: See Section 5 above. Retention periods vary by data category and purpose.

Your rights: Depending on your jurisdiction, you may have the right to access, correct, delete, or obtain a copy of your personal information; opt out of certain processing; and not be discriminated against for exercising your rights. To exercise these rights, contact us at legal@fluentworks.com or, for in-product data, contact your organization’s administrator. We will respond within the timeframes required by applicable law.

We provide the disclosures in this Section 12 to supplement this Privacy Policy as required by applicable state privacy laws.

13. Contact Us

Questions or requests about this Privacy Policy can be directed to:

Fluentworks, Inc.
Email: legal@fluentworks.com
Mailing address: 2529 Lawrence St, Denver, CO 80205