Practice Worth LLC

Privacy Policy

Effective April 24, 2026 · Last updated April 24, 2026

Practice Worth LLC (“Practice Worth,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains what information we collect when you use the Practice Worth website and web application at getpracticeworth.com and app.getpracticeworth.com (the “Service”), how we use it, and the choices you have.

1. Information We Collect

We collect the following categories of information:

Account information. The email address you provide at checkout. We use this email to create your account, send you your sign-in link, and notify you about your report and purchases.

Practice information. The practice name, state, specialty, and years in business that you enter during the valuation wizard. This information helps the Service categorize your report and is stored with it.

Financial information. The profit-and-loss line items that you upload or enter during the wizard, along with the valuation assumptions you make (add-back selections, production split, rent normalization, and similar wizard inputs). This information is stored encrypted at rest in our database and is used solely to generate your report and preserve it for re-printing.

Payment information. Card details are collected and processed directly by Stripe, Inc. (“Stripe”). We do not see or store your full card number, CVV, or expiration date. We receive a confirmation token from Stripe and store a record of the transaction (amount, date, session ID, payment status) for accounting and refund purposes.

Usage and device information. Like most websites, we receive basic technical information when you visit the Service: IP address, browser user-agent, referring URL, request timestamps, and pages visited. We use this information for security, performance monitoring, and understanding aggregate usage.

We do NOT collect Social Security numbers, dates of birth, government identifiers, health information, patient identifiers, or any HIPAA-protected data. Do not upload any information that identifies individual patients; remove patient names and identifiers from any document before submitting it to the Service.

2. How We Use Information

We use the information we collect to:

Generate, store, and deliver your valuation report.
Authenticate you when you sign in and protect your account.
Process payments and issue refunds.
Communicate with you about your purchase, account, and the Service.
Improve the accuracy and usability of the Service (using aggregated or de-identified data where possible).
Detect and prevent fraud, abuse, and security incidents.
Comply with our legal obligations.

3. How We Share Information

We do not sell your personal information or your practice’s financial information to anyone. We share information only as described here:

Sub-processors we rely on to operate the Service:

Stripe, Inc. — payment processing. Stripe handles your card details under its own privacy policy at stripe.com/privacy.
Supabase, Inc. — authenticated database and authentication. Stores your account, reports, and wizard data under Row-Level Security policies that restrict access to your own records.
Resend, Inc. — transactional email. Delivers your receipt and sign-in links from noreply@getpracticeworth.com.
Vercel, Inc. — hosting infrastructure. Serves the Service and hosts the serverless functions that process payments and webhooks.

Each sub-processor has its own data-protection posture; we select sub-processors that meet industry-standard security and privacy practices. We do not authorize these sub-processors to use your information for their own marketing.

We may also share information:

When required by a valid legal process (subpoena, court order, or similar). Where legally permissible, we will notify you before complying.
To protect the rights, property, or safety of Practice Worth, our users, or the public.
In connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.
With your consent.

4. Data Retention

We retain your account and report for at least twelve (12) months from the date of purchase so you can re-view and re-print your report. After twelve months, we may move the report to cold storage; we will not permanently delete a paid report without giving you at least thirty (30) days’ notice. Payment records are retained for seven (7) years for tax and accounting purposes. Aggregated or de-identified data may be retained indefinitely.

You can request deletion of your account and data at any time by emailing hello@getpracticeworth.com. We will honor deletion requests within thirty (30) days, subject to any legal retention obligations (e.g., payment records).

5. Your Rights

Depending on your state of residence, you may have the following rights with respect to personal information we hold about you:

Access. Request a copy of the personal information we hold about you.
Correction. Request correction of inaccurate personal information.
Deletion. Request deletion of your account and associated information (subject to legal retention obligations).
Portability. Request a machine-readable export of the personal information you provided to us.
Opt-out. Opt out of non-essential communications at any time (transactional emails about your account and purchases cannot be opted out of while you have an active account).

To exercise any of these rights, email hello@getpracticeworth.com. We may ask you to verify your identity (typically by replying from the email address on your account) before we act on the request.

6. Cookies and Similar Technologies

The Service uses a small number of cookies and similar technologies, all of them essential to operating the site:

A session cookie set by Supabase to keep you signed in after you click your magic link.
A local-storage token that remembers your in-progress wizard state so a page refresh does not lose your work.
A local-storage flag recording that you have paid for your current report, so you are not asked to pay again.

We do not use third-party advertising or retargeting cookies. We do not share your browsing on the Service with advertising networks.

7. Security

We take reasonable administrative, technical, and physical measures to protect your information:

All traffic between your browser and the Service is encrypted with HTTPS (TLS).
Your data is stored in a PostgreSQL database hosted by Supabase, with Row-Level Security policies that restrict every query to your own records.
Secrets (database credentials, payment-provider keys, email-provider keys) are stored in our hosting provider’s encrypted environment-variable vault and are never exposed to browsers.
We limit employee and contractor access to production data to the minimum necessary to operate the Service, and all such access is subject to confidentiality obligations.

No method of electronic transmission or storage is 100% secure. If a breach affects your personal information, we will notify you promptly in accordance with applicable law.

8. Children

The Service is not directed to children under the age of 18 and we do not knowingly collect information from children. If you believe a child has provided us with information, contact hello@getpracticeworth.com and we will delete it.

9. International Users

The Service is operated from the United States, and the data we collect is processed and stored in the United States. If you access the Service from outside the United States, you consent to the transfer of your information to the United States, which may have data-protection laws different from those in your jurisdiction.

10. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date and, where practicable, notify you by email. Your continued use of the Service after a change constitutes acceptance of the updated Policy.

11. Contact

Privacy questions, data access requests, and deletion requests:
hello@getpracticeworth.com — Practice Worth LLC, Missouri.

See also: Terms of Service · Refund Policy