Privacy Policy

How we collect, use, disclose, and safeguard your information.

Effective Date: June 26, 2026 Last Updated: June 26, 2026

1. Introduction

Ripple Consulting & Development, LLC (“Ripple,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information about you when you visit our website at createmyripple.com, communicate with us, engage our services, or otherwise interact with our business.

Ripple is a Tennessee limited liability company providing operations consulting, automation, and marketing infrastructure services to chiropractic practices and cash-based medical practices throughout the United States.

Please read this Privacy Policy carefully. By accessing or using our website or services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use our website or services.

2. Information We Collect

We collect personal information in three primary ways: information you provide to us directly, information collected automatically when you visit our website, and information we receive from clients in connection with the services we deliver.

2.1 Information You Provide Directly

When you fill out a form, subscribe to communications, request a consultation, or otherwise interact with us, you may provide:

  • Identity information, including your full name and professional title
  • Business information, including practice name, business address, and entity details
  • Contact information, including email address and telephone number
  • Practice information, including approximate monthly revenue, operational challenges, current technology stack, and business goals
  • Communications and correspondence you exchange with us
  • Any other information you voluntarily provide

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information about your device and usage, including:

  • Device information (browser type, operating system, screen resolution)
  • Internet protocol (IP) address and approximate geographic location
  • Pages visited, time spent on pages, referring website, and date and time of access
  • Click activity, scroll behavior, and other interaction data
  • Cookies, web beacons, pixel tags, and similar tracking technologies (see Section 7)

2.3 Information From Client Engagements

If you become a client, we may collect additional business information necessary to deliver our services, including marketing performance data, advertising metrics, customer relationship management (CRM) data, and access credentials to systems you authorize us to manage. In limited cases, we may handle Protected Health Information (PHI) on behalf of clients who are HIPAA-covered entities. When this occurs, a Business Associate Agreement (BAA) is executed prior to any access to or processing of PHI (see Section 5).

3. How We Use Your Information

We use the information we collect for the following business purposes:

  • To provide, operate, maintain, and improve our consulting, automation, and marketing services
  • To respond to your inquiries, schedule consultations, and communicate with you about engagements
  • To send service-related communications, including booking confirmations, reminders, and operational updates
  • To send marketing communications about our services, subject to your consent where required by law (see Section 9)
  • To analyze usage patterns on our website to improve user experience and content
  • To process payments and manage billing for engaged clients
  • To comply with legal and regulatory obligations and to enforce our agreements
  • To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity
  • To protect the rights, property, and safety of Ripple, our clients, and the public

4. Legal Basis for Processing

Where the General Data Protection Regulation (GDPR) or similar laws apply, we process personal information on one or more of the following legal bases:

  • Consent: When you have given clear consent for us to process your information for a specific purpose, such as receiving marketing communications.
  • Contract: When processing is necessary to perform a contract with you or take steps at your request before entering into a contract.
  • Legitimate Interests: When processing is necessary for our legitimate business interests, such as improving our services, maintaining security, and conducting business analytics, and these interests are not overridden by your rights.
  • Legal Obligation: When processing is necessary to comply with applicable law.

5. HIPAA Compliance and Business Associate Obligations

Ripple maintains HIPAA-compliant infrastructure to serve clients in the healthcare sector. We understand that our chiropractic and medical practice clients are subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and their implementing regulations.

5.1 Our HIPAA Commitments

In connection with services we provide to HIPAA-covered entities:

  • We operate HIPAA-compliant systems and infrastructure for handling Protected Health Information (PHI), including encrypted data storage, role-based access controls, audit logging, and secure communication channels
  • We execute Business Associate Agreements (BAAs) with each healthcare client prior to any engagement involving PHI
  • We ensure that subcontractors and technology vendors who may access PHI on our behalf are bound by appropriate Business Associate Agreements
  • We implement administrative, physical, and technical safeguards designed to protect the confidentiality, integrity, and availability of PHI in accordance with the HIPAA Security Rule
  • We restrict access to PHI to authorized personnel only, on a minimum-necessary basis
  • We provide HIPAA training to personnel who may access PHI, and we maintain documentation of such training
  • We have established breach notification procedures consistent with the requirements of 45 C.F.R. Part 164, Subpart D

5.2 Reporting Privacy Concerns

If you believe your PHI or other personal information has been accessed, used, or disclosed in a manner inconsistent with this Privacy Policy or applicable law, please contact us immediately at [email protected]. We will investigate promptly and respond in accordance with applicable legal and contractual requirements.

6. How We Share Your Information

We do not sell your personal information for monetary or other valuable consideration. We share personal information only in the following limited circumstances:

6.1 Service Providers and Vendors

We engage trusted third-party service providers to perform functions on our behalf, including website hosting, email delivery, customer relationship management (CRM) platforms, payment processing, analytics, and marketing infrastructure. These providers have access to personal information only as necessary to perform their functions and are contractually obligated to maintain confidentiality and appropriate security. Where these providers may access PHI, Business Associate Agreements are in place.

6.2 Legal Requirements and Protection of Rights

We may disclose personal information when required by law, regulation, court order, subpoena, or other governmental request, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Ripple, our clients, our personnel, or the public, or to investigate suspected fraud or violations of our terms.

6.3 Business Transfers

If Ripple is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or transfer of your personal information by posting a notice on our website.

6.4 With Your Consent

We may share information with third parties when you have given us your consent to do so, or at your direction.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to enhance functionality, analyze usage, and (with your consent where required) deliver relevant marketing.

7.1 Types of Cookies and Tracking We Use

  • Strictly necessary cookies: Required for the website to function properly. These cannot be disabled.
  • Performance and analytics cookies: Help us understand how visitors interact with our website. We may use services such as Google Analytics for this purpose.
  • Functional cookies: Enable enhanced functionality and personalization, such as remembering your preferences.
  • Marketing and advertising cookies: Used to deliver advertising relevant to you on third-party platforms and to measure the effectiveness of our marketing campaigns. These may include Meta (Facebook), Google Ads, Microsoft Clarity, and similar services.

7.2 Your Choices

Most web browsers allow you to control cookies through their settings. You may set your browser to refuse cookies, delete existing cookies, or alert you when cookies are being set. Please note that disabling certain cookies may affect the functionality of our website. You may also opt out of certain analytics and advertising cookies through industry tools such as the Network Advertising Initiative opt-out page or the Digital Advertising Alliance opt-out page.

7.3 Do Not Track Signals

Some browsers transmit a “Do Not Track” (DNT) signal. Because no common industry standard for responding to DNT signals has been adopted, we do not currently respond to such signals. We will continue to monitor developments in this area.

8. Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These safeguards include:

  • Encryption of sensitive data in transit and at rest
  • Role-based access controls and multi-factor authentication
  • Regular security assessments and vulnerability testing
  • HIPAA-aligned protocols for healthcare-related data
  • Employee training on privacy, security, and confidentiality obligations
  • Incident response and breach notification procedures

Despite these measures, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a security incident that affects your personal information, we will notify you in accordance with applicable law.

9. Marketing Communications and Your Choices

We may send you marketing communications about our services where you have given consent or where we have a lawful basis to do so. You may opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link in any marketing email we send
  • Replying to text messages with “STOP”
  • Contacting us at [email protected]

Even if you opt out of marketing communications, we may continue to send you transactional and service-related communications, such as appointment confirmations, account updates, and security notices.

10. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Information from prospects who do not become clients is generally retained for up to 36 months, then deleted or anonymized
  • Client information is retained for the duration of the engagement and for up to 7 years thereafter for tax, accounting, audit, and legal purposes
  • PHI is retained, returned, or destroyed in accordance with the applicable Business Associate Agreement and HIPAA requirements
  • Marketing communication records (including opt-outs) are retained as long as necessary to honor your preferences and comply with applicable law

11. Your Privacy Rights

Depending on your state of residence or country, you may have certain rights regarding your personal information. We honor all rights afforded under applicable law.

11.1 California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with the following rights:

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the business purposes for which we collected it, and the categories of third parties with whom we have shared it.
  • Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
  • Right to Opt Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information. Ripple does not sell or share personal information as those terms are defined under the CCPA/CPRA.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of your sensitive personal information to specified purposes.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

11.2 Residents of Other U.S. States

If you reside in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Tennessee, or another U.S. state with a comprehensive consumer privacy law, you may have similar rights, including the rights to access, correct, delete, and port your personal information, as well as to opt out of certain processing activities. To exercise these rights, please contact us using the information in Section 15.

11.3 European Economic Area, United Kingdom, and Switzerland

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and similar laws, including the rights to:

  • Access personal information we hold about you
  • Request correction of inaccurate or incomplete personal information
  • Request erasure of your personal information
  • Restrict or object to the processing of your personal information
  • Request portability of your personal information
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with a supervisory authority

11.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected] or write to us at the address listed in Section 15. We may need to verify your identity before processing your request, which may require you to provide certain information to confirm you are the person to whom the personal information relates. We will respond to verified requests within the timeframes required by applicable law.

You may also authorize an agent to make a request on your behalf. The agent must provide proof of authorization and we may verify your identity directly.

12. Children’s Privacy

Our website and services are intended for business professionals and are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under the age of 13 in violation of the Children’s Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13, we will delete it promptly. If you believe we may have collected information from a child under 13, please contact us immediately.

13. International Data Transfers

Ripple is located in the United States, and our service providers may operate in other countries. If you access our website or services from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other jurisdictions where data protection laws may differ from those in your country of residence. By using our website or services, you consent to such transfer and processing, subject to the protections of this Privacy Policy and applicable law.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated Privacy Policy on our website and updating the “Last Updated” date above. Where required by applicable law, we will provide additional notice or seek your consent. Your continued use of our website or services after such notification constitutes acceptance of the revised Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us at:

Ripple Consulting & Development, LLC

272 Heritage Park Drive

Murfreesboro, Tennessee 37129

United States

Email: [email protected]

Phone: +1 443-821-4948

Website: https://createmyripple.com

© 2026 Ripple Consulting & Development, LLC. All rights reserved.