Legal & Compliance

Privacy Policy.

How Mendrix Inc. and its affiliated entities collect, use, and protect your information.

Effective: January 1, 2026 HIPAA Compliant Mendrix Inc.

This Privacy Policy describes how Mendrix Inc. and its affiliated entities — including Mendrix Care Solutions LLC, Mendrix Medical Associates PC (California and Tennessee), Round-ing, NRUSA Luxury Med Spa, Mendrix Agency Group, Mendrix Care Capital, and A Beacon Affairs Foundation (collectively, "Mendrix," "we," "our," or "us") — collect, use, and protect your information when you use our websites, platforms, or services.

01

Information We Collect

We may collect the following categories of information when you interact with our services, platforms, or websites:

Identity & Contact
Name, address, phone number, email address, and date of birth.
Health Information
Medical records, diagnoses, insurance details, and clinical notes collected through our healthcare entities. This constitutes Protected Health Information (PHI) governed under HIPAA.
Financial Information
Billing and payment details processed through secure, PCI-DSS compliant third-party processors.
Employment & Credentialing
Resume, licensure, work history, and background check results collected through our staffing operations.
Technical Data
IP address, browser type, device identifiers, and usage activity collected through our websites and platforms.
Communications
Messages and inquiries you submit to us through any of our platforms or contact forms.
02

How We Use Your Information

We use the information we collect to deliver and improve our services across the Mendrix enterprise:

  • Delivering healthcare, staffing, NEMT, wellness, and SaaS services.
  • Supporting clinical care coordination, billing, and revenue cycle operations.
  • Recruiting, credentialing, and managing healthcare professionals.
  • Improving our platforms and services through analytics.
  • Complying with HIPAA, CMS regulations, and applicable state and federal law.
  • Sending service updates and, where you have consented, marketing communications.
  • Detecting and preventing fraud and security incidents.
03

Protected Health Information & HIPAA

Where we operate as a Covered Entity or Business Associate under HIPAA, your PHI is handled according to our Notice of Privacy Practices, available upon request.

PHI is never sold, used for commercial purposes, or transmitted to third-party AI systems in identifiable form. Our Round-ing platform's AI engine operates exclusively on de-identified data.

04

Disclosure of Information

We do not sell your personal information. We may share information with the following parties under appropriate legal safeguards:

  • Affiliated Mendrix entities providing integrated services.
  • Healthcare partners and facilities under executed Business Associate Agreements.
  • Technology and infrastructure vendors under appropriate data protection agreements.
  • Legal and regulatory authorities as required by law.
  • Professional advisors bound by confidentiality obligations.
  • Successor entities in connection with a merger or asset sale.
05

Cookies

Our websites use cookies to support functionality, analyze traffic, and improve user experience. You may manage cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality.

06

Data Security

We maintain comprehensive administrative, technical, and physical safeguards to protect your information:

AES-256 Encryption at Rest
TLS 1.3 in Transit
Role-Based Access Controls
Private Network Infrastructure
Regular Security Assessments
07

Data Retention

We retain information as long as necessary to fulfill the purposes described in this policy, satisfy legal and regulatory requirements, and resolve disputes. Medical records are retained per California and Tennessee law and applicable CMS standards.

08

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Right to Access
Request a copy of the personal information we hold about you.
Right to Correct
Request correction of inaccurate or incomplete information.
Right to Delete
Request deletion of your personal information where applicable.
Right to Portability
Receive a portable copy of your data in a structured format.
Opt-Out of Marketing
Unsubscribe from marketing communications at any time.
CCPA / CPRA Rights
California residents have additional rights under the CCPA/CPRA.

To submit a rights request, contact us at privacy@mendrix.org.

09

Children's Privacy

Our commercial websites are not directed to children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent.

10

Changes to This Policy

We may update this policy from time to time. Material changes will be posted on our website with an updated effective date. Continued use of our services after any update constitutes acceptance of the revised policy.

11

Contact Us

For privacy-related inquiries or to exercise your rights, please contact us through any of the following channels:

Questions about your privacy?

Mendrix Inc. · Marina del Rey, CA · www.mendrix.org

privacy@mendrix.org contact@mendrix.org