REFERRAL INTEL NOTICE OF PRIVACY PRACTICES

Effective Date: April 13, 2026

INTRODUCTION

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Welcome to the Referral Intel website. This Notice of Privacy Practices (“Notice”) describes how Referral Intel (“we,” “us,” or “our”) collects, uses and discloses information that identifies or can be used to be reasonably identify you (“Personal Information”) when you visit our website or when you use our services (collectively “Services”). For purposes of this Notice, “you” and “your” means you as the user of our Services, whether you are a customer, website visitor, or other individual whose information we have collected pursuant to this Notice. Please read this Notice carefully. By using and accessing our Services, you agree to the collection, use and disclosure of your Personal Information as described in this Notice.

CHANGES TO THIS NOTICE

We may update this Notice from time to time, and we will provide notice of any such changes to the policy as required by applicable law. The date the Notice was last updated is identified at the top of the page. We will notify you of changes to this policy by updating the “last updated” date and posting the updated policy on the Site.

PERSONAL INFORMATION COLLECTED

The Personal Information we collect or that you share with us varies depending on how you interact with us. For example, you may provide us with your name, email address and phone number when you use our Contact Us page. You may also provide us with your email address and phone number to receive information about your transactions or marketing messages from us. We will only request personal information needed to provide you with your requested services, as outlined on our website. Except as otherwise permitted or required by applicable law or regulation, we will only retain your Personal Information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When you use our website, we may automatically collect information about the individual web pages you visit and how you interact with the website. We collect this information using the following technologies:

·      “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google. To learn more about Google Analytics and how you can opt out, visit https://tools.google.com/dlpage/gaoptout. By using the website, you consent to the processing of data about you by Google.

·      “Log files” track actions occurring on the website, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

·      “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the website.

We use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your device until you delete them). To make it easier for you to understand why we need them, the Cookies we use on our Site can be grouped into the following categories:

·      Strictly Necessary: These Cookies are necessary for the Site to work properly. They include any essential authentication and authorization Cookies for our Site.

·      Functional: These Cookies enable technical performance and allow us to remember the choices you make while browsing our Site, including any preferences you set. They also include sign-in and authentication Cookies and IDs that enable you to return without additional sign-in.

·      Performance/Analytics: These Cookies allow us to collect certain information about how you navigate the Site and Services running on your device. They help us understand which areas you use and what we can do to improve them.

·      Targeting: These Cookies are used to deliver relevant information related to our Site to an identified machine or other device (not a named or otherwise identifiable person) which has previously been used to visit our Site. Some of these types of Cookies on our Site are operated by third parties with our permission and are used to identify advertising sources that are effectively driving customers to our Site.

We use the information we collect regarding your device and how your use our website to help us to improve and optimize our website (for example, by generating analytics about how individuals browse and interact with the website, and to assess the success of our marketing and advertising campaigns).

Cookies can be controlled, blocked, or restricted through your web browser settings. Information on how to do this can be found within the Help section of your browser. All Cookies are browser specific. Therefore, if you use multiple browsers or devices to access websites, you will need to manage your Cookie preferences across these environments.

Find out how to manage Cookies on popular browsers:

·      Google Chrome, available at https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=en

·      Microsoft Edge, available at https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

·      Mozilla Firefox, available at https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

·      Microsoft Internet Explorer, available at https://support.microsoft.com/en-gb/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d

·      Opera, available at https://www.opera.com/help/tutorials/security/privacy/

·      Apple Safari, available at https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac

PROTECTED HEALTH INFORMATION

Information you provide regarding health status, for the provision of healthcare services or for payment of healthcare services is known as Protected Health Information (“PHI”). The PHI we collect may include your name, address, telephone number(s), medical history, and health records, etc. Most information will be collected directly from you, though we may obtain information from third parties if necessary.

We use and disclose PHI only as allowed by the Health Insurance Portability and Accountability Act (“HIPAA”) and the state of Washington. This includes issues relating to treatment, payment, and our health care operations. Your PHI will never be otherwise given or disclosed to anyone—even family members—without your consent or written authorization. You may provide written authorization for us to disclose your information to anyone you choose, for any purpose.

If you share Personal Information or Personal Health Information regarding another individual, you represent and warrant to Referral Intel that you have received the necessary consent to share such data with us.

DISCLOSURE OF YOUR PERSONAL INFORMATION & PROTECTED HEALTH INFORMATION

We use general personal information for the purpose you have shared with us. For example, if you use our contact us page, we will use your data to communicate with you and follow up with your inquiries. We may disclose personal information as required by law, including to law enforcement and governmental officials under specific circumstances. We will not use your information for marketing or fundraising purposes without your written consent.

We will only use your PHI to provide you with the services you request from us, contact you, or bill you for the services we will provide you. We may also use PHI to run our organization, including communicating reminders about your appointments, including text messages or voice messages, unless you direct us otherwise. Please note, subject to 42 CFR part 2, we can share your PHI in certain situations, such as:

•      Preventing disease

•      Helping with product recalls

•      Reporting adverse reactions to medications

•      Reporting suspected abuse, neglect, or domestic violence

•      Preventing or reducing a serious threat to anyone’s health or safety

We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law. We will never use, disclose, sell, or otherwise allow access to your personal, protected information in exchange for financial remuneration.

DATA SECURITY

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.

Any breach in the protection of your PHI, including unauthorized acquisition, access, use, or disclosure, will be fully investigated and addressed in accordance with HIPAA Privacy Breach Notification rules. We will let you know promptly if a breach occurs that may have compromised the privacy and security of your PHI.

MOBILE COMMUNICATION & TEXT MESSAGING POLICY

You may sign up to receive email marketing messages from us. You may opt out at any time by clicking the ‘unsubscribe’ button in the emails you receive. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “Contact Us” request as well as administrative emails (for example, in connection with an account update request).

You may also choose to receive SMS/text messages from us through your mobile device. You may unsubscribe at any time by replying ‘STOP’. By opting into our SMS messaging, you consent to receive mobile text alerts using automatic telephone dialing systems. Standard messaging and data may apply depending on your mobile carrier and plan. After opting out you will no longer receive SMS messages, unless you opt back in. You may receive additional messages after option out to confirm you have unsubscribed.

YOUR RIGHTS AS OUR PATIENT

When it comes to your PHI, you have certain rights. This section explains your rights and some of our responsibilities to help you. If someone has authority to act as your personal representative, such as if someone has your medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.

•      You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.

•      We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.

•      You can ask us to correct health information about you that you think is incorrect or incomplete. Please note we may deny your request, but we will explain any denial within 60 days.

•      You can ask us to contact you in a specific way (for example, home, office, or cell phone) or to send mail to a different address.

•      You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no,” for example, if it could affect your care. If we agree to your request, we may still share this information in the event that you need emergency treatment.

•      If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer.

•      You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically.

•      You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.

•      You can complain if you feel we have violated your rights by contacting us. You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights.  We will not retaliate against you for filing a complaint.

CONTACT INFORMATION

If you have any concerns about our privacy practices, wish to file a complaint, or would like to exercise any of your rights, please contact:

Referral Intel: info@referralintel.com

For additional information, you may also contact the U.S. Department of Health and Human Services, Office for Civil Rights.