Privacy Policy
Effective date: March 1, 2026 Last updated: March 1, 2026
Stillway, Inc. ("Stillway," "we," "us," or "our") operates the Stillway platform, which connects patients with service-based healthcare providers. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
1. Information We Collect
1.1 Information You Provide
- Account information: Name, email address, phone number, and password when you create an account.
- Booking information: Appointment preferences, service selections, and notes provided during the booking process.
- Payment information: Billing address and payment card details (processed by our payment processor; we do not store raw card numbers).
- Communications: Messages and feedback you send to us or your provider through our platform.
1.2 Information Collected Automatically
- Usage data: Pages visited, features used, session duration, and referring URLs.
- Device data: IP address, browser type, operating system, and device identifiers.
- Cookies and similar technologies: We use cookies to maintain sessions, remember preferences, and analyze usage. See our Cookie Policy for details.
1.3 Information from Third Parties
- Calendar integrations: When you connect a third-party calendar, we access only the availability data necessary to schedule appointments.
- AI assistants: When you book through ChatGPT or another AI assistant, we receive the booking request data provided in that conversation.
2. How We Use Your Information
We use the information we collect to:
- Create and manage your account.
- Facilitate bookings between patients and providers.
- Send appointment confirmations, reminders, and updates via SMS and email.
- Process payments and manage billing.
- Improve our platform through analytics and feedback.
- Comply with legal obligations, including applicable healthcare regulations.
- Respond to your support requests.
- Detect and prevent fraud or abuse.
3. How We Share Your Information
3.1 With Providers
When you book an appointment, we share your name, contact information, and appointment details with the relevant provider. Providers are independently responsible for their own privacy practices for information they receive.
3.2 With Service Providers
We share data with trusted third-party vendors who help us operate our platform, including:
- Payment processors (Stripe)
- SMS providers (Twilio)
- Email providers (SendGrid)
- Cloud infrastructure providers (Amazon Web Services)
- Analytics tools
All service providers are bound by data processing agreements and may only use your data to provide services to Stillway.
3.3 AI Partners
When you use AI-assisted booking features, your booking request data is processed by our AI partners (including OpenAI) in accordance with their privacy policies.
3.4 Legal Requirements
We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
3.5 Business Transfers
If Stillway is acquired, merged, or sold, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.
4. Data Retention
We retain your personal information for as long as your account is active or as needed to provide services. You may request deletion of your data at any time (see Section 7). We may retain certain information as required by law or for legitimate business purposes, such as resolving disputes or preventing fraud.
5. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption in transit (TLS) and at rest (AES-256).
- Access controls limited to personnel with a business need.
- Regular security assessments.
No system is perfectly secure. If you believe your account has been compromised, please contact us immediately at security@stillway.ai.
6. International Transfers
Stillway is based in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States or other countries. We use appropriate safeguards (such as Standard Contractual Clauses) for international transfers where required.
7. Your Rights and Choices
Depending on your location, you may have the right to:
- Access the personal information we hold about you.
- Correct inaccurate or incomplete information.
- Delete your personal information.
- Restrict or object to certain processing.
- Port your data to another service.
- Withdraw consent where processing is based on consent.
To exercise any of these rights, contact us at privacy@stillway.ai. We will respond within the timeframe required by applicable law.
7.1 Marketing Communications
You can opt out of marketing emails at any time by clicking "Unsubscribe" in any marketing email. You may still receive transactional messages (e.g., appointment confirmations) even after opting out of marketing.
8. Children's Privacy
Stillway is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact privacy@stillway.ai and we will delete it.
9. California Privacy Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), including the right to know, delete, and opt out of the sale of personal information. Stillway does not sell your personal information. To submit a request, contact privacy@stillway.ai.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our platform at least 30 days before the change takes effect. Your continued use of our services after the effective date constitutes your acceptance of the updated policy.
11. Contact Us
Stillway, Inc. Attn: Privacy Team privacy@stillway.ai
For urgent security matters, contact security@stillway.ai.