Privacy Policy

ProVerity, Inc. ("ProVerity," "we," "our," or "us") builds CARA — a clinical quality assurance and analytics platform designed for EMS agencies. CARA evaluates Patient Care Reports against NEMSIS-native protocols, state rules, and agency-defined criteria to help EMS organizations improve care and maintain compliance.

This Privacy Policy describes how we collect, use, and share information when you visit our marketing site or interact with our sales and support teams. It does not govern the processing of Patient Care Report data or other protected health information handled inside the CARA platform — that is covered separately under each customer's Business Associate Agreement with ProVerity.

When you fill out a contact or demo-request form, we collect the information you provide: name, work email address, job title, agency name, and any message you include. We also collect standard web server logs (IP address, browser type, referring URL, pages visited) to operate and improve this site.

A note on PHI: CARA processes Patient Care Report data on behalf of EMS agencies under a Business Associate Agreement. PHI is governed by HIPAA and the agency's BAA with ProVerity, not by this general policy. If you have questions about how CARA handles clinical data, please contact your agency's privacy officer or reach out to us at privacy@proverity.com.

We use the information you provide to respond to inquiries, schedule product demonstrations, and send you updates about CARA that you have requested. We use web log data to diagnose technical problems, understand which content is useful, and improve site performance.

We will not use your contact information to send unsolicited marketing communications unrelated to CARA, and we will always honor opt-out requests promptly.

We do not sell, rent, or trade your personal information to third parties. We share data only with the service providers necessary to operate our business, and only to the extent required for those services. Our current sub-processors include:

• Cloudflare — tunneling, DDoS protection, and Zero Trust access control for the CARA platform
• Our cloud infrastructure provider — hosting and storage of platform data in the United States
• Analytics tooling — aggregate, non-identifying usage metrics to help us improve the product

We may also disclose information if required by law, court order, or to protect the rights, property, or safety of ProVerity, our customers, or the public.

We retain contact form submissions for as long as necessary to respond to your inquiry and maintain a reasonable record of our communications — generally no more than three years unless a business relationship is established. Web log data is retained for 90 days and then automatically purged.

Retention of clinical data inside the CARA platform is governed by the applicable BAA and any state-mandated records retention requirements for EMS agencies.

Depending on where you are located, you may have rights to access, correct, or delete personal information we hold about you, or to object to or restrict certain processing. To exercise any of these rights, contact us at privacy@proverity.com and we will respond within 30 days.

If you are an EMS crew member or patient whose data is processed inside CARA, your rights with respect to that data are governed by your agency's privacy practices and applicable law — not directly by ProVerity. Please contact your agency's privacy officer for those requests.

If you have questions or concerns about this Privacy Policy or how ProVerity handles your information, please contact us at privacy@proverity.com. We take privacy seriously and will respond to all inquiries promptly.