Privacy Policy

Last updated: January 8, 2026

Protecting your privacy is fundamental to the way Savas Solutions, LLC (“we,” “us,” or “our”) conduct business. Although privacy regulations require companies to inform you of their practices regarding the collection and use of your personal information, keeping your personal information confidential has always been our policy. We have always known that privacy is important to you, and we are committed to safeguarding your personal information. This Privacy Policy explains how we may collect, use and disclose your personal information. This policy applies to all Savas website properties, the Savas EMR and related software platforms, and our learning management system, Absorb LMS (“LMS”).

 

Information We Collect

We collect personal information when you fill out forms on our website, request product demos, subscribe to newsletters, or otherwise interact with us. We may collect identifiers such as name, business email, phone number, job title, and company name.

We also collect personal information when individuals access and use our LMS or other Savas-operated software platforms. When users access the LMS, we collect account and identity information necessary to create and manage training accounts, including name, email address, username, role or permission level, organizational affiliation, department, and manager or supervisor information. Authentication credentials are generated by Absorb LMS and are not managed through SSO.

When customer organizations provide Savas with user information for LMS onboarding, the data supplied by the customer’s Human Resources department typically includes name, email address, username, department, and manager or supervisor information. This information is used to ensure correct account assignment, organizational reporting structure, and proper training visibility within the LMS.

When users interact with the LMS, Absorb automatically collects usage and activity information including IP address, browser type and version, device type, operating system, time zone, cookies and device identifiers, login history, training progress and completion records, navigation and engagement data, and other system-generated activity logs. Absorb LMS may use cookies and similar technologies to maintain sessions, recognize returning users, measure training performance, provide personalized settings, and capture device and usage analytics.

We also collect training-related content uploaded by Savas for LMS delivery, including documents, screenshots, videos, and attachments. Users may submit comments or feedback within the LMS. The LMS is not designed to receive, store, or process Protected Health Information (“PHI”), and users must not upload or submit PHI or other sensitive information into the LMS under any circumstances.

Our web servers may also collect information from visitors such as IP address, browser type and version, time zone setting, operating system and platform. Some web browsers allow users to send “do-not-track” signals to websites, but our website does not respond to those signals.

Our website, like most websites, employs cookies and similar technologies. Cookies are small files stored on your device that allow us to recognize your browser and obtain information about your use of our website.

 

How We Collect Information

We collect personal information directly from individuals who:

  • Request product demonstrations or information about our software;
  • Subscribe to our mailing lists or updates;
  • Contact us through our website or customer support channels; and
  • Use our products as authorized users of a healthcare provider customer.

These submissions are facilitated through a third-party service, Jotform, which provides secure data intake under appropriate agreements.

In addition, when individuals submit inquiries, request product demonstrations, or otherwise register interest in our software through our website, the information provided is collected for the purpose of responding to the request and facilitating follow-up by our internal teams, including our Business Development team. Such information is processed consistent with the individual’s selections and permissions at the time of submission.

We also collect personal information through LMS operations. We collect personal information when Savas creates LMS accounts for internal or external users, when users access and interact with LMS training modules, through the LMS’s automated logging and cookie-based tracking, through feedback or comments submitted within the LMS, and through Absorb LMS’s internal analytics and reporting tools.

When onboarding LMS users, Savas provisions accounts using user reports supplied by the customer’s Human Resources department. These HR-generated rosters include identifying information such as name, email address, department, and managerial assignment. Savas continues to rely on this HR reporting process to perform monthly audits of LMS user accounts to ensure the accuracy of user records, confirm that users retain appropriate access, and remove accounts for individuals who no longer require LMS access.

Absorb LMS is hosted on Amazon Web Services (“AWS”) in the region selected by the customer at onboarding. Data is not replicated across regions but may be accessed by Absorb personnel from other regions as necessary to provide service delivery, support, troubleshooting, and maintenance. AWS performs data deletion and media sanitization consistent with NIST SP 800-88 standards.

Our web servers may also collect information from visitors such as IP address, browser type and version, time zone setting, operating system and platform. Some web browsers allow the user to send “do-not-track” signals to websites, but our website does not respond to those signals.

Our website, like most websites, employs “cookies” and similar technologies. Cookies are small files that are stored on your computer or mobile device when you visit our website and allow us to recognize your browser and obtain information about your use of our website.

 

How We Use Information

We use personal information we collect for the following purposes: (1) to provide, operate, and improve our software and services; (2) to respond to inquiries and provide customer support; (3) to communicate with you about product updates, training, and events; (4) to comply with legal and regulatory obligations; (5) to improve the functionality, security, and user experience of our website; (6) for any other use authorized by you.

We also use personal information collected through our website and other non-LMS channels to register interest in our products, respond to inquiries, schedule product demonstrations, and manage prospective customer and business contacts, including maintaining records in our customer relationship management systems (such as Zoho).

Where an individual has provided permission, we may also use contact information to send communications regarding product updates, training opportunities, events, blogs, industry insights, and similar informational or marketing content through email communication platforms (such as Mailchimp). Individuals may opt out of marketing communications at any time as provided in those communications.

We use LMS personal information to create and authenticate user accounts; deliver training modules; track course progress, completion, and engagement; generate training activity reports for Savas and customer organizations; facilitate communication with users; maintain and improve LMS performance; ensure system security, integrity, and proper access control; and comply with contractual or legal obligations associated with LMS delivery.

Savas does not use LMS personal information to improve or develop our EMR platform, nor do we create aggregated analytics unrelated to training. Use of LMS training activity for HR or employment decisions is determined solely by customer organizations and not by Savas.

 

Disclosure of Information

We may disclose personal information we collect for the following purposes: (1) with Jotform, solely to facilitate secure data intake; (2) to provide and improve our software and services; (3) to respond to customer inquiries and technical support requests; (4) to comply with any court order, law or legal process, including responding to any government or regulatory request; (5) to communicate with you about product updates, training, and events; (6) with your consent, for other specified purposes. We do not sell or otherwise share personal information with third parties for direct marketing purposes.

We disclose LMS personal information to Absorb LMS to enable LMS access, training delivery, system administration, and support. Absorb may use de-identified or aggregated information for internal analytics but does not use personal information for advertising or marketing.

We disclose training information to customer organizations, including assigned courses, in-progress training, completion status, and activity records. Customer administrators have visibility only into their own users’ LMS activity. Savas does not disclose LMS information to third-party marketing platforms such as Meta, LinkedIn, or Google.

We may also disclose LMS personal information when necessary to comply with legal obligations, enforce our contractual rights, protect the security or integrity of our systems, or protect the rights, safety, or property of Savas, our users, or others. We may disclose information with your explicit consent when required.

 

Our Role Under HIPAA

We are not a healthcare provider or health plan. We provide electronic medical record (EMR) software to healthcare organizations. When we handle Protected Health Information (PHI) on behalf of our customers, we do so only as a ‘business associate’ under HIPAA, subject to the terms of our Business Associate Agreements (BAAs). Requests to access, amend, or restrict PHI should be directed to your healthcare provider.

The LMS does not store, process, or transmit PHI and is not used for any clinical or HIPAA-regulated purpose. Users must not upload or enter PHI into the LMS, and Savas does not act as a business associate with respect to LMS-related data.

 

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access and disclosure. The use of, and access to, your personal information by us is restricted to employees and contractors who need to know that information to provide services to you. We maintain physical, electronic and procedural safeguards to limit access to your nonpublic personal information. We implement industry-standard safeguards, including encryption in transit and at rest, access controls, audit logging, and secure hosting environments.

For LMS data, we maintain administrative and technical safeguards appropriate to the LMS environment, including encryption in transit, role-based access controls, logging and monitoring through Absorb LMS, and strict internal limitations on Savas personnel access. Internal access is limited to team members with a business need to fulfill support, administrative, or operational functions, and we apply the principle of minimum necessary access.

Unfortunately, transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to us through our website or other electronic means. Any electronic transmission of personal information is at your own risk.

 

Third-Party Providers

Some applications and services embedded within, or linked from, our website, such as hosting providers, analytics platforms, and customer relationship management tools are controlled by third-parties. These third-parties may use cookies, alone or in conjunction with other tracking technologies, to collect information about you when you use our website or navigate away from our website. These third parties may also have privacy policies that differ from ours. For example, they may collect personal information about your online activities over time and across different websites, and other online services, and may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third-parties or their privacy practices, and this Privacy Policy does not apply to any third-party website or service you may access through our website. If you have any questions about a third-party provider’s privacy policies or advertising, you should contact the responsible provider directly.

 

Non-Personal Information

This Privacy Policy does not restrict our collection, use or disclosure of any aggregated information or information that does not identify, or cannot be reasonably linked to, any individual.

 

Your California Privacy Rights

If you are a California resident and interact with us as a website visitor, prospective customer, or software user, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA. To learn more about your California privacy rights, visit the CCPA Privacy Policy page.

 

Changes to Our Privacy Policy

We may update this Privacy Policy as needed. If we make material changes to how we treat personal information we collect from you, we will notify you by email or through a notice on our website homepage. The date this Privacy Policy was last revised is identified above. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting this Privacy Policy on our website to check for any changes.

 

Contact Information

If you have questions or comments about this Privacy Policy, please contact us at: