Privacy Policy
Last updated: July 7, 2026
1. Who We Are
CareRegistry (www.careregistry.us) is operated by Nicolas Primeau, a sole proprietor based in Ontario, Canada. This policy explains what personal information we collect from you as a user of the Service, how we use it, and your rights under the Personal Information Protection and Electronic Documents Act (PIPEDA).
Public Records, Not Personal Information
Separate from the account information described above, the dataset CareRegistry publishes is compiled entirely from public government records. It contains facility (organization) names, facility addresses, the facility's business telephone line, state license numbers, CMS certification numbers, facility types, operating statuses, and licensure dates only. We deliberately exclude and do not store any administrator, owner, or licensee personal names, or any personal (non-business) phone numbers or email addresses. The Service is a directory of licensed healthcare facilities, not a database of individuals.
Not a Data Broker
Because we do not collect, store, or sell personal information about individual consumers, CareRegistry is not a "data broker" as defined under the California Delete Act (Cal. Civ. Code § 1798.99.80 et seq.) or the Texas, Oregon, or Vermont data-broker registration statutes. The information we provide consists solely of public business and regulatory records.
2. Information We Collect
- Email address: when you subscribe to alerts, create an account, or contact us
- Billing information: collected and stored by Stripe; we do not store full card numbers
- API usage logs: request timestamps, endpoints called, response codes, and your IP address
- Browser data: anonymized analytics via Google Analytics (GA4) including page views and session data
3. How We Use Your Information
- Deliver the API service and authenticate your requests
- Send alert emails and transactional notifications you have opted into
- Process payments and issue invoices
- Monitor service performance and prevent abuse
- Communicate service updates and material changes
4. Third-Party Services
- Stripe: payment processing (Stripe Privacy Policy)
- Amazon Web Services: API hosting, email delivery (SES), and data storage; infrastructure in ca-central-1 (Canada)
- RapidAPI: API distribution; usage data governed by RapidAPI's Privacy Policy
- Google Analytics: anonymized traffic analytics; IP anonymization enabled
5. Data Retention
- API access logs: 90 days
- Email addresses: retained until you unsubscribe or request deletion
- Billing records: 7 years as required by Canadian tax law
6. Your Rights
Under PIPEDA, you have the right to access, correct, or request deletion of your personal information. To exercise these rights, contact us using the form below. We will respond within 30 days.
7. Cookies
We use cookies for Google Analytics (anonymized) and session management. You can disable cookies in your browser settings; this will not affect API access.
8. Changes to This Policy
We may update this policy from time to time. The updated date at the top of this page reflects the latest revision. Continued use of the Service constitutes acceptance of the revised policy.
9. Contact
Privacy inquiries: contact form or legal@careregistry.us.