Privacy Policy

Protecting the privacy, security, and integrity of information across the Lyraks platform ecosystem.

Last updated: March 2026 United States Canada International users
Applies to Lyraks.com, VOGOW™, CommerceOne™, StayOps™, CareCloud™, FieldOps™, CoreBusiness™, customer portals, mobile applications, APIs, integrations, and future Lyraks services.
01 / Scope

About this Privacy Policy

Lyraks Inc. ("Lyraks", "we", "our", or "us") builds and operates cloud platforms for business operations, commerce, hospitality, healthcare operations, field services, and small business management. This Privacy Policy explains how we collect, use, disclose, store, protect, and process information when you access or use our websites, software, platforms, applications, APIs, integrations, support channels, and related services.

This policy applies to visitors, customers, account users, administrators, business owners, staff members, contractors, partners, applicants, and other individuals who interact with Lyraks services. If a product-specific notice or customer agreement applies, that notice or agreement may supplement this Privacy Policy.

02 / Our role

When Lyraks processes information

In many situations, Lyraks processes information on behalf of a business customer. For example, a clinic, store, contractor, hospitality operator, or small business may use a Lyraks platform to manage its own customers, staff, records, appointments, documents, invoices, jobs, or communications. In those cases, the customer is generally responsible for deciding what information is collected, why it is used, how long it is kept, and who may access it.

Lyraks may also process information for its own business purposes, including website operations, account administration, billing, support, security, legal compliance, recruitment, product improvement, and communications.

Customer responsibility: Customers must ensure they have the required authority, consent, notices, contracts, and legal basis to submit information to Lyraks platforms and to use Lyraks services for their business operations.
03 / Collection

Information we collect

The information we collect depends on how you interact with Lyraks and which platform or service you use.

Personal information

  • Name, email address, phone number, and mailing address
  • Account login details and authentication information
  • Company name, role, title, and contact preferences
  • Billing contact details and support communication records

Business information

  • Customer, vendor, employee, contractor, and staff records
  • Invoices, appointments, documents, jobs, inventory, and service records
  • Property, hospitality, healthcare, field service, and commerce data
  • Operational workflows, reports, dashboards, and business activity

Technical information

  • IP address, device type, browser, operating system, and language
  • Log files, usage analytics, system events, and diagnostics
  • Security signals, authentication activity, and session information

Payment and transaction information

  • Subscription details, invoices, payment status, and plan information
  • Transaction references processed by payment service providers
  • We do not intentionally store full payment card numbers when processed by third-party payment providers.

Employment and applicant information

If you apply for a role with Lyraks, we may collect your resume, contact details, work history, portfolio links, interview notes, references, and other information needed to evaluate and manage recruitment.

Sensitive information

We collect sensitive information only where needed for the service, where provided by a customer or user, where permitted by law, or where required for security, compliance, healthcare, employment, or contractual purposes.

04 / Use

How we use information

Lyraks uses information for legitimate business, operational, security, legal, and service-related purposes.

  • To provide, maintain, and improve our platforms and websites
  • To create, manage, authenticate, and support user accounts
  • To process subscriptions, billing, invoices, and service requests
  • To deliver dashboards, reports, workflows, notifications, and platform features
  • To provide customer support, onboarding, training, and technical assistance
  • To monitor security, prevent fraud, investigate misuse, and protect systems
  • To analyze performance, reliability, product adoption, and user experience
  • To comply with laws, regulations, legal processes, and contractual obligations
  • To develop new products, features, integrations, and platform improvements
06 / Platform data

Data across Lyraks platforms

Lyraks operates multiple SaaS platforms that support commerce, hospitality, healthcare operations, field services, small business management, and future business categories. Each platform may collect and process different categories of information based on the customer’s configuration and use.

Customer-controlled data

Customers are responsible for the accuracy, legality, permissions, and retention requirements of the information they upload, enter, import, or process through Lyraks platforms.

Platform-generated data

We may generate operational logs, audit trails, analytics, reports, usage data, and system records to operate, secure, improve, and support our services.

Aggregated and de-identified information

We may use aggregated, anonymized, or de-identified information for analytics, product development, benchmarking, security, reporting, and business improvement, provided it is not reasonably used to identify an individual.

07 / Healthcare

Healthcare and sensitive records

Certain Lyraks services, including CareCloud™, may be used by healthcare, wellness, clinic, or care-related organizations to manage appointments, records, billing, communications, and operational workflows. Lyraks processes healthcare-related information only as needed to provide the service, as directed by the customer, and as required by applicable agreements and law.

Healthcare customers remain responsible for determining whether laws such as HIPAA, Canadian health privacy laws, provincial health information laws, or other healthcare requirements apply to their use of Lyraks services.

No sale of healthcare information: Lyraks does not sell healthcare information or patient records.
08 / AI

AI, analytics, and automation

Some Lyraks services may include artificial intelligence, machine learning, predictive analytics, automated workflows, recommendations, or intelligent reporting. These features may process customer data, platform activity, or operational information to generate outputs or support business workflows.

Automated outputs may not always be accurate, complete, or appropriate for every situation. Customers and users remain responsible for reviewing outputs and making final business, legal, healthcare, financial, employment, or operational decisions.

Lyraks does not use customer confidential information to train public AI models without authorization.

09 / Sharing

When we share information

Lyraks does not sell personal information. We may share information only where necessary to provide services, operate our business, comply with law, or protect rights and security.

  • With authorized users, administrators, and account owners
  • With service providers and vendors that support our operations
  • With payment processors for billing and subscription processing
  • With integration partners selected or authorized by customers
  • With professional advisors such as legal, accounting, insurance, or compliance advisors
  • With authorities or third parties where required by law or legal process
  • In connection with a merger, acquisition, financing, restructuring, or transfer of business assets
10 / Service providers

Vendors and subprocessors

We may use third-party service providers, vendors, infrastructure providers, payment processors, communication tools, analytics providers, support platforms, and security services to operate Lyraks. These providers are expected to process information only for authorized purposes and subject to appropriate confidentiality, security, and contractual controls.

Customers using Lyraks services for regulated or sensitive operations should review applicable customer agreements, data processing terms, business associate agreements where required, and any relevant subprocessor disclosures made available by Lyraks.

11 / Transfers

International data transfers

Lyraks may process or store information in the United States, Canada, and other jurisdictions where we, our affiliates, vendors, partners, or infrastructure providers operate. These jurisdictions may have privacy laws that differ from those in your location.

Where required, we use appropriate measures to support lawful data transfer, which may include contractual controls, data protection terms, vendor assessments, technical safeguards, and other lawful transfer mechanisms.

12 / Security

How we protect information

Lyraks uses administrative, technical, organizational, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, misuse, loss, and destruction.

  • Encryption and secure transmission protocols where appropriate
  • Access controls and role-based permissions
  • Authentication and account protection mechanisms
  • Security monitoring, logging, and threat detection
  • Backup, recovery, and business continuity practices
  • Vendor review and internal security controls

No online service, cloud system, or transmission method can be guaranteed to be completely secure. Customers and users are responsible for maintaining strong passwords, secure devices, and appropriate internal access controls.

13 / Ownership

Data ownership and control

Unless otherwise stated in a separate written agreement, customers retain ownership of the business data, customer records, documents, transactions, and operational information they submit to Lyraks platforms.

Lyraks retains ownership of its websites, software, platform architecture, intellectual property, design systems, infrastructure, workflows, analytics models, trademarks, product names, documentation, and technology.

Business control: Lyraks does not claim ownership over customer business records simply because they are processed through a Lyraks platform.
14 / Rights

Your privacy rights

Depending on your location and applicable law, you may have the right to request access to, correction of, deletion of, restriction of, objection to, or portability of your personal information.

You may also have the right to withdraw consent where processing is based on consent, subject to legal or contractual limitations.

For information controlled by a Lyraks customer, such as employee, patient, client, or business records, we may direct your request to the relevant customer because they determine how that information is collected and used.

Customers may request account-level export, correction, deletion, or closure according to their agreement, platform capabilities, legal retention requirements, and security verification procedures.

15 / Retention

How long we keep information

We retain information for as long as necessary to provide services, operate our platforms, comply with legal obligations, resolve disputes, enforce agreements, maintain records, support security, and meet legitimate business requirements.

Retention periods may vary based on the platform used, account status, customer agreement, type of information, legal requirements, and jurisdiction.

16 / Cookies

Cookies and similar technologies

Lyraks may use cookies, pixels, local storage, analytics tools, and similar technologies to keep services secure, remember preferences, understand usage, improve performance, and support marketing or communications where permitted.

You may control cookies through browser settings. Some features may not work correctly if cookies are disabled.

17 / Communications

Emails and communications

We may send service messages, security alerts, billing notices, product updates, onboarding messages, and support communications related to your account or use of Lyraks services. These operational messages are necessary for service delivery and account administration.

Where permitted, we may also send marketing or educational communications about Lyraks products, platforms, events, and business updates. You may unsubscribe from marketing emails using the instructions in those messages.

18 / Incidents

Security incidents and notifications

If we become aware of a security incident involving information processed by Lyraks, we will investigate and respond according to our internal procedures, contractual obligations, and applicable law. Where legally required, we will notify affected customers, users, regulators, or other parties within required timeframes.

19 / Children

Children’s privacy

Lyraks services are designed for business and professional use. They are not directed to children under the age required by applicable law to provide independent consent.

We do not knowingly collect personal information from children without appropriate authorization. If you believe a child has provided information to us improperly, please contact us.

20 / Compliance

Legal and regulatory framework

Lyraks is designed to support responsible privacy practices across the United States, Canada, and international markets. Depending on the service, customer, user location, and information involved, applicable laws may include privacy, data protection, consumer protection, electronic communications, healthcare, employment, financial, and business record laws.

  • Canadian privacy laws, including PIPEDA and applicable provincial privacy laws
  • United States federal and state privacy and consumer protection laws
  • California privacy requirements, including CCPA/CPRA where applicable
  • Quebec Law 25 and other provincial requirements where applicable
  • Healthcare privacy and security obligations where applicable through customer agreements
  • International privacy and data protection principles, including GDPR-style rights where applicable
  • Anti-spam and electronic communications requirements, including CASL and CAN-SPAM where applicable

Customers remain responsible for determining and complying with laws that apply to their own business, industry, employees, customers, patients, and records.

21 / Updates

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, platforms, technologies, legal requirements, business operations, or privacy practices.

When we make updates, we will revise the “Last updated” date. Continued use of Lyraks services after an updated policy becomes effective means you acknowledge the revised policy.

22 / Contact

Contact Lyraks

For privacy questions, data requests, legal inquiries, security concerns, or policy-related matters, please contact Lyraks using the details below.

Privacy Office

Lyraks Inc.

Email: privacy@lyraks.com

Security: security@lyraks.com

General: contact@lyraks.com

Back to top ↑