Privacy Policy

1. Introduction

CoreWorx Global Solutions ("CoreWorx," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including:

• CoreWorx Global Solutions (coreworx.io)
• GolfWorx Division (golfworx.io)
• AiRN Healthcare Division (askairn.com)

2. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide, including:

• Name, email address, and contact information
• Company name and job title
• Billing and payment information
• Account credentials
• Communications with us (emails, support requests)

Automatically Collected Information

When you access our services, we may automatically collect:

• IP address and device information
• Browser type and operating system
• Pages visited and time spent on our websites
• Referring URLs and search terms
• Cookies and similar tracking technologies

Healthcare Data (AiRN Division)

For our AiRN healthcare division, we may process Protected Health Information (PHI) on behalf of covered entities under Business Associate Agreements. This data is handled in strict compliance with HIPAA regulations.

Golf Data (GolfWorx Division)

For our GolfWorx division, we may collect golf-related information including handicap data, round scores, course information, and GHIN numbers in connection with USGA services.

3. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Respond to inquiries and provide customer support
• Send marketing communications (with your consent)
• Monitor and analyze usage patterns
• Detect, prevent, and address technical issues
• Comply with legal obligations

4. Information Sharing and Disclosure

We may share your information with:

• Service Providers: Third parties who assist in providing our services (hosting, payment processing, analytics)
• Business Partners: Including the USGA for GolfWorx services and healthcare partners for AiRN services
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with mergers, acquisitions, or asset sales

We do not sell your personal information to third parties.

5. HIPAA Compliance (AiRN Division)

For healthcare-related services through our AiRN division:

• We maintain comprehensive HIPAA compliance programs
• All PHI is encrypted in transit and at rest
• Access to PHI is restricted to authorized personnel
• We conduct regular security audits and risk assessments
• Business Associate Agreements govern all PHI processing
• We maintain detailed audit logs for all PHI access
• Breach notification procedures comply with HIPAA requirements

6. Data Security

We implement industry-standard security measures including:

• TLS/SSL encryption for data in transit
• AES-256 encryption for data at rest
• Multi-factor authentication
• Regular security assessments and penetration testing
• SOC 2 Type II and HITRUST certifications (AiRN)
• 24/7 security monitoring
• Employee security training

7. Data Retention

We retain personal information for as long as necessary to:

• Provide our services
• Comply with legal obligations (healthcare records as required by law)
• Resolve disputes and enforce agreements

Healthcare data retention follows HIPAA requirements and applicable state regulations, typically 6-10 years depending on jurisdiction.

8. Your Privacy Rights

Depending on your location, you may have the right to:

• Access your personal information
• Correct inaccurate data
• Delete your personal information
• Opt-out of marketing communications
• Data portability
• Withdraw consent

For healthcare data processed by AiRN, patients have additional rights under HIPAA including the right to access, amend, and receive an accounting of disclosures of their PHI.

9. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences
• Analyze website traffic
• Personalize content
• Provide secure authentication

You can control cookies through your browser settings. Disabling cookies may affect the functionality of our services.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where applicable.

12. California Privacy Rights

California residents have additional rights under the CCPA, including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

13. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Oklahoma, United States. Any disputes arising from this Privacy Policy shall be resolved exclusively in the state or federal courts located in Oklahoma County, Oklahoma City, Oklahoma.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website with a new effective date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

• CoreWorx: support@coreworx.io
• GolfWorx: support@golfworx.io
• AiRN: support@askairn.com

For HIPAA-related inquiries or to report a privacy concern related to healthcare data, please contact our Privacy Officer at support@askairn.com.