About this Privacy Policy
Lyraks Inc. ("Lyraks", "we", "our", or "us") builds and operates cloud platforms for business operations, commerce, hospitality, healthcare operations, field services, and small business management. This Privacy Policy explains how we collect, use, disclose, store, protect, and process information when you access or use our websites, software, platforms, applications, APIs, integrations, support channels, and related services.
This policy applies to visitors, customers, account users, administrators, business owners, staff members, contractors, partners, applicants, and other individuals who interact with Lyraks services. If a product-specific notice or customer agreement applies, that notice or agreement may supplement this Privacy Policy.
When Lyraks processes information
In many situations, Lyraks processes information on behalf of a business customer. For example, a clinic, store, contractor, hospitality operator, or small business may use a Lyraks platform to manage its own customers, staff, records, appointments, documents, invoices, jobs, or communications. In those cases, the customer is generally responsible for deciding what information is collected, why it is used, how long it is kept, and who may access it.
Lyraks may also process information for its own business purposes, including website operations, account administration, billing, support, security, legal compliance, recruitment, product improvement, and communications.
Information we collect
The information we collect depends on how you interact with Lyraks and which platform or service you use.
Personal information
- Name, email address, phone number, and mailing address
- Account login details and authentication information
- Company name, role, title, and contact preferences
- Billing contact details and support communication records
Business information
- Customer, vendor, employee, contractor, and staff records
- Invoices, appointments, documents, jobs, inventory, and service records
- Property, hospitality, healthcare, field service, and commerce data
- Operational workflows, reports, dashboards, and business activity
Technical information
- IP address, device type, browser, operating system, and language
- Log files, usage analytics, system events, and diagnostics
- Security signals, authentication activity, and session information
Payment and transaction information
- Subscription details, invoices, payment status, and plan information
- Transaction references processed by payment service providers
- We do not intentionally store full payment card numbers when processed by third-party payment providers.
Employment and applicant information
If you apply for a role with Lyraks, we may collect your resume, contact details, work history, portfolio links, interview notes, references, and other information needed to evaluate and manage recruitment.
Sensitive information
We collect sensitive information only where needed for the service, where provided by a customer or user, where permitted by law, or where required for security, compliance, healthcare, employment, or contractual purposes.
How we use information
Lyraks uses information for legitimate business, operational, security, legal, and service-related purposes.
- To provide, maintain, and improve our platforms and websites
- To create, manage, authenticate, and support user accounts
- To process subscriptions, billing, invoices, and service requests
- To deliver dashboards, reports, workflows, notifications, and platform features
- To provide customer support, onboarding, training, and technical assistance
- To monitor security, prevent fraud, investigate misuse, and protect systems
- To analyze performance, reliability, product adoption, and user experience
- To comply with laws, regulations, legal processes, and contractual obligations
- To develop new products, features, integrations, and platform improvements
Legal basis for processing
Where required by applicable law, we process personal information based on one or more recognized legal grounds, including consent, performance of a contract, compliance with legal obligations, legitimate business interests, protection of rights and security, or another lawful basis available under applicable privacy laws.
Data across Lyraks platforms
Lyraks operates multiple SaaS platforms that support commerce, hospitality, healthcare operations, field services, small business management, and future business categories. Each platform may collect and process different categories of information based on the customer’s configuration and use.
Customer-controlled data
Customers are responsible for the accuracy, legality, permissions, and retention requirements of the information they upload, enter, import, or process through Lyraks platforms.
Platform-generated data
We may generate operational logs, audit trails, analytics, reports, usage data, and system records to operate, secure, improve, and support our services.
Aggregated and de-identified information
We may use aggregated, anonymized, or de-identified information for analytics, product development, benchmarking, security, reporting, and business improvement, provided it is not reasonably used to identify an individual.
Healthcare and sensitive records
Certain Lyraks services, including CareCloud™, may be used by healthcare, wellness, clinic, or care-related organizations to manage appointments, records, billing, communications, and operational workflows. Lyraks processes healthcare-related information only as needed to provide the service, as directed by the customer, and as required by applicable agreements and law.
Healthcare customers remain responsible for determining whether laws such as HIPAA, Canadian health privacy laws, provincial health information laws, or other healthcare requirements apply to their use of Lyraks services.
AI, analytics, and automation
Some Lyraks services may include artificial intelligence, machine learning, predictive analytics, automated workflows, recommendations, or intelligent reporting. These features may process customer data, platform activity, or operational information to generate outputs or support business workflows.
Automated outputs may not always be accurate, complete, or appropriate for every situation. Customers and users remain responsible for reviewing outputs and making final business, legal, healthcare, financial, employment, or operational decisions.
Lyraks does not use customer confidential information to train public AI models without authorization.
When we share information
Lyraks does not sell personal information. We may share information only where necessary to provide services, operate our business, comply with law, or protect rights and security.
- With authorized users, administrators, and account owners
- With service providers and vendors that support our operations
- With payment processors for billing and subscription processing
- With integration partners selected or authorized by customers
- With professional advisors such as legal, accounting, insurance, or compliance advisors
- With authorities or third parties where required by law or legal process
- In connection with a merger, acquisition, financing, restructuring, or transfer of business assets
Vendors and subprocessors
We may use third-party service providers, vendors, infrastructure providers, payment processors, communication tools, analytics providers, support platforms, and security services to operate Lyraks. These providers are expected to process information only for authorized purposes and subject to appropriate confidentiality, security, and contractual controls.
Customers using Lyraks services for regulated or sensitive operations should review applicable customer agreements, data processing terms, business associate agreements where required, and any relevant subprocessor disclosures made available by Lyraks.
International data transfers
Lyraks may process or store information in the United States, Canada, and other jurisdictions where we, our affiliates, vendors, partners, or infrastructure providers operate. These jurisdictions may have privacy laws that differ from those in your location.
Where required, we use appropriate measures to support lawful data transfer, which may include contractual controls, data protection terms, vendor assessments, technical safeguards, and other lawful transfer mechanisms.
How we protect information
Lyraks uses administrative, technical, organizational, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, misuse, loss, and destruction.
- Encryption and secure transmission protocols where appropriate
- Access controls and role-based permissions
- Authentication and account protection mechanisms
- Security monitoring, logging, and threat detection
- Backup, recovery, and business continuity practices
- Vendor review and internal security controls
No online service, cloud system, or transmission method can be guaranteed to be completely secure. Customers and users are responsible for maintaining strong passwords, secure devices, and appropriate internal access controls.
Data ownership and control
Unless otherwise stated in a separate written agreement, customers retain ownership of the business data, customer records, documents, transactions, and operational information they submit to Lyraks platforms.
Lyraks retains ownership of its websites, software, platform architecture, intellectual property, design systems, infrastructure, workflows, analytics models, trademarks, product names, documentation, and technology.
Your privacy rights
Depending on your location and applicable law, you may have the right to request access to, correction of, deletion of, restriction of, objection to, or portability of your personal information.
You may also have the right to withdraw consent where processing is based on consent, subject to legal or contractual limitations.
For information controlled by a Lyraks customer, such as employee, patient, client, or business records, we may direct your request to the relevant customer because they determine how that information is collected and used.
Customers may request account-level export, correction, deletion, or closure according to their agreement, platform capabilities, legal retention requirements, and security verification procedures.
How long we keep information
We retain information for as long as necessary to provide services, operate our platforms, comply with legal obligations, resolve disputes, enforce agreements, maintain records, support security, and meet legitimate business requirements.
Retention periods may vary based on the platform used, account status, customer agreement, type of information, legal requirements, and jurisdiction.
Cookies and similar technologies
Lyraks may use cookies, pixels, local storage, analytics tools, and similar technologies to keep services secure, remember preferences, understand usage, improve performance, and support marketing or communications where permitted.
You may control cookies through browser settings. Some features may not work correctly if cookies are disabled.
Emails and communications
We may send service messages, security alerts, billing notices, product updates, onboarding messages, and support communications related to your account or use of Lyraks services. These operational messages are necessary for service delivery and account administration.
Where permitted, we may also send marketing or educational communications about Lyraks products, platforms, events, and business updates. You may unsubscribe from marketing emails using the instructions in those messages.
Security incidents and notifications
If we become aware of a security incident involving information processed by Lyraks, we will investigate and respond according to our internal procedures, contractual obligations, and applicable law. Where legally required, we will notify affected customers, users, regulators, or other parties within required timeframes.
Children’s privacy
Lyraks services are designed for business and professional use. They are not directed to children under the age required by applicable law to provide independent consent.
We do not knowingly collect personal information from children without appropriate authorization. If you believe a child has provided information to us improperly, please contact us.
Legal and regulatory framework
Lyraks is designed to support responsible privacy practices across the United States, Canada, and international markets. Depending on the service, customer, user location, and information involved, applicable laws may include privacy, data protection, consumer protection, electronic communications, healthcare, employment, financial, and business record laws.
- Canadian privacy laws, including PIPEDA and applicable provincial privacy laws
- United States federal and state privacy and consumer protection laws
- California privacy requirements, including CCPA/CPRA where applicable
- Quebec Law 25 and other provincial requirements where applicable
- Healthcare privacy and security obligations where applicable through customer agreements
- International privacy and data protection principles, including GDPR-style rights where applicable
- Anti-spam and electronic communications requirements, including CASL and CAN-SPAM where applicable
Customers remain responsible for determining and complying with laws that apply to their own business, industry, employees, customers, patients, and records.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our services, platforms, technologies, legal requirements, business operations, or privacy practices.
When we make updates, we will revise the “Last updated” date. Continued use of Lyraks services after an updated policy becomes effective means you acknowledge the revised policy.
Contact Lyraks
For privacy questions, data requests, legal inquiries, security concerns, or policy-related matters, please contact Lyraks using the details below.
Privacy Office
Lyraks Inc.
Email: privacy@lyraks.com
Security: security@lyraks.com
General: contact@lyraks.com