This Privacy Policy explains how Aferion Technologies Inc (“Aferion,” “Sereniq,” “we,” “us,” or “our”) collects, uses, and shares information across our marketing website at sereniqcare.com (the “Site”) and the Sereniq platform: our web application at app.sereniqcare.com and our mobile apps for iOS and Android (together, the “Application”). The Site and the Application are referred to together as the “Services.”
Who Sereniq is for and our role
Sereniq is a business-to-business platform used by intellectual and developmental disability (IDD) group-home and host-home providers (“Agencies”) to document the care they deliver. Three groups of people have information in the Application:
- Agency staff: administrators, supervisors, nurses, Direct Support Professionals, case managers, host-home providers, and auditors who log in to use the app.
- Clients: the adults receiving services, whose care is documented. Clients are not users of the app; their information is entered by Agency staff.
- Visitors: people who sign in at a group home using the in-app visitor kiosk.
Much of the information in the Application is protected health information (PHI) about clients. Under HIPAA, the Agency is the covered entity and controls that data; Aferion acts as the Agency’s business associate and processes PHI only under a Business Associate Agreement (BAA) and on the Agency’s instructions. Requests about a client’s information should be directed to the Agency, which we support as its business associate. We do not collect PHI through the marketing Site.
Information we collect
Through the marketing Site
When you book a demo or contact us, we collect the information you submit: typically your name, work email, organization or agency name, phone number, and any message or details you choose to include. Providing this information is voluntary, but it is necessary for us to respond to your request. Like most websites, we and our service providers also automatically collect technical information when you visit, including your IP address, browser type, device and operating system, referring pages, the pages you view, and the dates and times of your visits. See Cookies and analytics below.
Through the Sereniq Application
Agency staff who use the Application provide, and we process, the following:
- Staff account information: name, work email, phone number, employee number, role and assigned homes, and an electronic signature used to sign documents the staff member authors. Where an Agency uses Sereniq for HR functions, this may also include employment and compensation details and uploaded HR documents and credentials.
- Client information (PHI), entered by staff: identity and demographic details, government identifiers, health and clinical information, care and billing details, contacts, and the clinical records created during service delivery: shift notes, medication administration records, incident reports, care-plan documents, appointments, and transportation logs.
- Location, only at clock-in and clock-out: the Application captures approximate or precise location only at the moment a staff member clocks in or out of a shift, to confirm they are at the assigned home. Sereniq does not track location continuously or in the background.
- Device and technical information: a push-notification token, device platform and language preference (to deliver alerts), and authentication tokens stored securely on the device. If you enable a device biometric (such as Face ID or fingerprint) to unlock the app, that biometric data stays on your device and is never collected by us.
- Usage and audit logs: to support HIPAA accountability and audit readiness, we record meaningful actions in the app with the acting user, IP address, device or browser information, timestamp, and a record of what changed.
- In-app communications and visitor sign-ins: staff messages and channels (which we protect as PHI because staff may reference clients), and visitor sign-in details captured at the kiosk.
How we use information
- To respond to demo requests, sales inquiries, and support questions.
- To operate, maintain, secure, and improve the Services.
- To provide the Application to Agencies: documenting and managing client care, supporting compliance with HIPAA and Texas HHSC requirements, and keeping audit-ready records.
- To authenticate users, enforce role-based and home-based access controls, and validate shift attendance and hours worked at clock-in and clock-out.
- To deliver notifications and reminders, both in-app and as push notifications.
- To understand how visitors use the Site so we can improve our content and product.
- To send you information about Sereniq that you have requested or that is relevant to your inquiry. You can opt out of marketing messages at any time.
- To comply with legal obligations and enforce our agreements.
We do not use client PHI or staff personal information for advertising, and we do not sell personal information.
Artificial intelligence features
Sereniq offers AI-assisted features that help staff write and find documentation. When a staff member invokes one of these features, the relevant content is processed by a HIPAA-eligible AI service operated within our cloud provider’s secure environment under our Business Associate Agreement. We retain only non-identifying technical records of these requests in our audit log, not the underlying content or AI output. AI output is a drafting aid only: a human reviews and approves clinical documentation, and AI does not make care or eligibility decisions. Content processed by these features is not used to train third-party or foundation models.
Cookies and analytics
We use cookies and similar technologies to operate the Site and to measure how it is used. We use Microsoft Clarity to capture aggregated usage data such as page views, clicks, scrolling, and session replays, which helps us improve the Site’s usability. Clarity may set its own cookies (for example, to recognize returning visitors) and processes this information in accordance with Microsoft’s privacy statement. You can read more about how Microsoft collects and uses data at clarity.microsoft.com.
Most browsers let you refuse or delete cookies through their settings. Disabling cookies may affect some Site functionality but will not prevent you from reading our content or requesting a demo.
How we share information
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. There are no third-party analytics or advertising trackers in the Sereniq Application. We share information only:
- With the Agency that employs the staff user and is responsible for the client. The Agency controls its own data.
- With service providers who help us run the Services under contract, for example, our website hosting and analytics providers, the tools we use to receive and manage demo requests, the established cloud infrastructure provider that hosts and secures the Application, and our push-notification delivery provider. These providers process information only on our behalf, and where they may handle PHI they do so under a Business Associate Agreement. Push notifications are kept free of PHI.
- For legal reasons, when we believe disclosure is required by law, legal process, or to protect the rights, property, or safety of Aferion, our users, or others.
- In a business transfer, in connection with a merger, acquisition, financing, or sale of assets, subject to this policy.
Data retention
We retain information collected through the Site for as long as needed to fulfill the purposes described in this policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Information in the Application is retained for as long as the Agency maintains its account and as required by HIPAA and Texas HHSC recordkeeping rules; many records are retained in a deactivated state to preserve the audit trail. On termination of an Agency’s account, its data is returned or deleted in accordance with our agreement with the Agency. When information is no longer needed, we delete or de-identify it.
Security
We use reasonable administrative, technical, and physical safeguards designed to protect information across the Services. These include encryption of data in transit and at rest, additional encryption for the most sensitive identifiers, role-based and home-scoped access controls so staff see only the records for the homes they are assigned to, isolation of each Agency’s data, multi-factor authentication, and an audit trail of state-changing actions. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.
Your choices and rights
Because the Agency controls client data, requests about a client’s information should be directed to the Agency, which we support as its business associate.
- Staff users can access and update their profile in the app, or contact their Agency administrator.
- Location is captured only at clock-in and clock-out. Disabling location permission may prevent clock-in where the Agency requires location confirmation.
- Push notifications can be turned off in your device settings or muted in-app.
- Access, correction, and deletion. Depending on where you live, you may have rights to access, correct, delete, or port your personal information, or to object to certain processing. To request deletion of your account information or to exercise any of these rights, contact us at privacy@sereniqcare.com; we will respond consistent with applicable law, HIPAA, and our agreements with Agencies. You may also unsubscribe from marketing emails using the link in any such message.
Children’s privacy
The Services are intended for businesses and their adult staff, and the Application is used to document care for adult clients only. The Services are not directed to children, and we do not knowingly collect personal information from anyone under 18.
International data transfers
Sereniq’s infrastructure is hosted in the United States. If you access the Services from outside the United States, your information will be processed in the U.S.
Third-party links
The Site may link to third-party websites and services that we do not control. This policy does not apply to those sites, and we encourage you to review their privacy practices.
Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be communicated through the Site or by other appropriate means.
Contact us
Questions about this policy or our privacy practices? Contact us at privacy@sereniqcare.com or hello@sereniqcare.com.
Aferion Technologies Inc · a Delaware corporation · Houston, Texas.