Privacy Policy

Effective Date: February 5, 2026

Sounder is a HIPAA compliance scanning and managed services platform operated by Sounder Sounder (“Sounder,” “we,” “us,” or “our”) is a registered DBA of Sounder This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use the Sounder scanning tool, or engage with our managed compliance services.

By accessing or using Sounder, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the website and services immediately.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with Sounder, you may voluntarily provide us with the following information:

  • Your name and email address (when submitting a scan request or contacting us)
  • The URL of a website you wish to have scanned for HIPAA compliance
  • Your organization name, job title, and phone number (if provided through contact or consultation forms)
  • Any additional information you choose to share via email, phone, or form submissions

1.2 Information Collected Automatically

When you visit the Sounder website, certain information may be collected automatically, including:

  • IP address and approximate geographic location
  • Browser type, device type, and operating system
  • Pages viewed, time spent on pages, and referring URLs
  • Cookies and similar tracking technologies (see Section 5)

1.3 Information Collected Through the Scanning Service

When you request a HIPAA compliance scan, our scanning tool collects publicly available information from the target website, including:

  • HTML source code and metadata of publicly accessible pages
  • Third-party scripts, cookies, and tracking technologies detected on those pages
  • Embedded content such as videos, maps, and form elements
  • Content management system (CMS) platform information

Important: Sounder only scans publicly accessible portions of websites. We do not access password-protected areas, patient portals, electronic health records, or any protected health information (PHI).

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To perform HIPAA compliance scans and deliver scan reports to you
  • To communicate with you about scan results, services, and follow-up consultations
  • To improve and optimize the Sounder platform and services
  • To send you relevant information about HIPAA compliance, industry updates, and our services (you may opt out at any time)
  • To respond to your inquiries and provide customer support
  • To protect against fraud, unauthorized access, and other security threats
  • To comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

  • Service Providers: We use third-party service providers to help operate our platform, including web hosting (DigitalOcean), website scanning infrastructure (ScraperAPI), CRM systems (Zoho), email delivery services, and analytics tools. These providers are contractually obligated to protect your information and use it only for the purposes we specify.
  • Within Pilot Digital Marketing: Your information may be shared internally among Pilot team members to facilitate service delivery, including our compliance specialists, account managers, and technical staff.
  • Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share your information for other purposes with your express consent.

4. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Scan results and associated contact information are retained for as long as needed to provide our services and for a reasonable period thereafter for follow-up and record-keeping purposes.
  • Marketing communications data is retained until you opt out or request deletion.
  • Website usage data collected through analytics tools is retained in accordance with those tools’ standard retention policies.

You may request deletion of your personal information at any time by contacting us (see Section 10).

5. Cookies and Tracking Technologies

The Sounder website may use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic. These may include:

  • Essential Cookies: Required for the website to function properly, such as session management and security.
  • Analytics Cookies: Used to understand how visitors interact with our website, helping us improve functionality and content.
  • Marketing Cookies: Used to deliver relevant information and measure the effectiveness of our outreach (if applicable).

You can control cookie preferences through your browser settings. Disabling certain cookies may affect your experience on our website.

6. Data Security

We implement appropriate technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for all data transmitted between your browser and our servers
  • API key authentication and IP whitelisting for our scanning infrastructure
  • Secure server hosting with firewalls and access controls
  • Regular security reviews of our systems and processes

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

  • Access: The right to request a copy of the personal information we hold about you.
  • Correction: The right to request correction of inaccurate or incomplete personal information.
  • Deletion: The right to request that we delete your personal information, subject to certain exceptions.
  • Opt-Out: The right to opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.
  • Data Portability: The right to request your personal information in a structured, commonly used, and machine-readable format, where applicable.
  • Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

7.1 State-Specific Privacy Rights

If you are a resident of California, Colorado, Connecticut, Virginia, or another U.S. state with comprehensive privacy legislation, you may have additional rights under applicable state law. These may include the right to know what personal information we collect and how it is used, the right to delete personal information, and the right to opt out of the sale or sharing of personal information. We do not sell personal information.

To exercise any of these rights, please contact us using the information in Section 10.

8. Third-Party Links

Our website and scan reports may contain links to third-party websites, such as HIPAA compliance resources, government websites, or educational materials. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

9. Children’s Privacy

Sounder’s website, content, and services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child, we will take steps to delete that information promptly.

10. Contact Us

If you have questions or concerns about this Privacy Policy, wish to exercise your privacy rights, or need to contact us for any reason, please reach out to:

Sounder
Attn: Privacy Inquiries
4753 N. Broadway, Suite T110
Chicago, IL 60640

Email: [email protected]

Phone: 312.600.4516

We will respond to your inquiry within a reasonable timeframe and in accordance with applicable law.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the “Effective Date” at the top of this page and, where appropriate, notify you via email or a prominent notice on our website.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Sounder’s Commitment to Responsible Data Practices

As a company dedicated to helping healthcare organizations achieve HIPAA compliance, we hold ourselves to the same high standards we advocate for our clients. Pilot Digital Marketing is a certified B Corporation, reflecting our commitment to using business as a force for good—including protecting the privacy and data of the individuals and organizations we serve.