VProGo

Getting your facility ready…

Privacy Policy

Last updated: June 11, 2026

1. Introduction

VProVOB LLC d/b/a VProGo ("VProGo," "we," "our," or "us") provides an operations platform for behavioral health organizations. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our websites (including vprogo.com and its subdomains) and our products and services, including the VProGo platform, VProBilling, VProSEO, VProMove, and the free tools available on our public website (together, the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Full name and email address
  • Facility or company name and NPI number
  • Business address and phone number
  • Role and permission assignments within your organization

2.2 Payment and Billing Information

Billing and invoicing is managed through Intuit QuickBooks Online. We store your customer billing ID, subscription status, credit balance, and invoice and transaction history. We do not store full credit card numbers or bank account details; payment processing is handled by our invoicing provider in compliance with PCI-DSS standards.

2.3 Insurance Verification and Patient Data

When customers perform insurance verifications or connect EMR, billing, or communications systems, the Service processes information that may include patient names, dates of birth, insurance member IDs, payer information, verification results (deductibles, co-insurance, eligibility), authorization and census data, and claim and remittance data. This information is processed on behalf of our customers under the HIPAA terms described in Section 8.

2.4 Website and SEO Data (VProSEO)

For VProSEO customers, we analyze publicly available information about your website — page content, metadata, performance metrics, search rankings, and competitor positioning — collected from public sources and third-party SEO data providers. With your explicit authorization, we also access data from Google Search Console (see Section 6).

2.5 Business Tool Inputs

If you use the free business tools on our public website (such as the benefits calculator, valuation tool, or assessment checklists), we collect the information you enter, including contact details and financial figures you choose to provide, in order to generate your results and any follow-up materials you request.

2.6 Usage Data

We automatically collect:

  • IP address, browser type and version, and device information
  • Pages visited, time spent, and actions taken within the platform
  • Error logs and diagnostic data

3. How We Use Your Information

  • Service delivery: to provide insurance verification, operations, billing, marketing intelligence, and patient engagement services
  • Account management: to manage accounts, subscriptions, and credits
  • Communication: to send service updates, billing notifications, and support responses, and reports you have opted into
  • Improvement: to analyze usage patterns and improve the Service
  • Compliance and security: to comply with legal obligations and to detect and prevent fraud and security threats

4. How We Share Your Information

4.1 Service Providers

We share data with trusted third-party service providers:

  • Supabase — database hosting and authentication
  • Vercel — application hosting
  • Intuit QuickBooks — billing and invoicing
  • Insurance payers and clearinghouses — to perform real-time benefit verifications and process claims on behalf of our customers
  • Google — analytics on our public marketing pages (Section 5) and Search Console data you authorize (Section 6)

4.2 Legal Requirements

We may disclose information if required by law, or to comply with legal process, enforce our Terms of Service, protect the rights, property, or safety of VProGo, our users, or others, or detect and prevent fraud or security issues.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email of any such change.

4.4 No Sale of Personal Information

We do not sell your personal information, and we do not share it with third parties for their own marketing purposes.

5. Cookies and Analytics

We use cookies and similar technologies for:

  • Essential cookies — required for authentication and security
  • Functionality cookies — remembering your preferences and settings

Our public marketing pages use Google Analytics 4 to understand how visitors find and use our website (pages viewed, links clicked, and general location derived from IP). We do not load analytics scripts on authenticated application surfaces where customer operational data or patient information is handled. You can opt out of Google Analytics using Google's browser opt-out tools, and you can control cookies through your browser settings; disabling essential cookies may affect platform functionality.

6. Google API Services User Data Policy

VProSEO's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We request only the minimum scopes necessary (Search Console read access), store OAuth tokens encrypted, use Google data only for the authorized purposes, and do not use Google data for advertising. You may revoke authorization at any time through your Google Account settings.

7. Data Security

  • Encryption: data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls: role-based access with multi-factor authentication and database-level row security
  • Audit logs: comprehensive logging of data access and changes
  • Backups: automated daily backups with retention controls
  • Monitoring: continuous monitoring for suspicious activity

No method of transmission or storage is 100% secure.

8. HIPAA

VProGo is not a healthcare provider and is not itself a HIPAA covered entity. When we create, receive, maintain, or transmit Protected Health Information (PHI) on behalf of customers who are covered entities or business associates under HIPAA, we act as a business associate and execute Business Associate Agreements (BAAs) with those customers. In that capacity we:

  • limit PHI processing to what is necessary to provide the Service
  • apply the security measures described in Section 7 to all PHI
  • log access to PHI and make audit trails available
  • train staff on healthcare data privacy and conduct compliance reviews

Covered-entity customers must execute a BAA with us before submitting PHI to the Service, as described in our Terms of Service.

9. Data Retention

  • Verification and claims records: 7 years (healthcare record-keeping requirements)
  • Account data: duration of active account plus 2 years
  • Billing data: 7 years (tax and accounting)
  • Usage logs: 90 days

You may request earlier deletion of your data, subject to our legal obligations and our customers' instructions for data we process on their behalf.

10. Your Privacy Rights

You have the right to:

  • Access a copy of your personal data
  • Correct inaccurate or incomplete data
  • Delete your data (subject to legal requirements)
  • Port your data in a machine-readable format
  • Opt out of marketing communications
  • Revoke Google API authorizations through your Google Account

To exercise these rights, contact us at support@vprogo.com. If we process the data at issue on behalf of a customer (for example, patient data submitted by a treatment facility), we may refer your request to that customer and assist them in responding.

11. California Privacy Rights (CCPA/CPRA)

California residents have the right to:

  • know what personal information is collected and how it is used
  • delete personal information (subject to exceptions)
  • opt out of the sale or sharing of personal information — we do not sell or share personal information as defined by the CCPA
  • non-discrimination for exercising privacy rights

12. European Privacy Rights (GDPR)

If you are in the EU/EEA, you additionally have:

  • a lawful basis for our processing (contract, legal obligation, or legitimate interest)
  • the right to restrict processing and to object to processing
  • the right to lodge a complaint with a supervisory authority

13. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence, including the United States. We ensure appropriate safeguards for such transfers, including standard contractual clauses where required.

14. Children's Privacy

The Service is not intended for individuals under 18, and we do not knowingly collect personal information from children. If you believe we have collected data from a child, contact us immediately.

15. Third-Party Links

Our websites may link to third-party sites. We are not responsible for their privacy practices and encourage you to read their policies.

16. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email to your registered address or prominent notice on the Service, and by updating the "Last updated" date above. Continued use of the Service after changes constitutes acceptance of the updated policy.

17. Contact Us

VProVOB LLC d/b/a VProGo
ATTN: Privacy Officer
Email: support@vprogo.com