How Samson Advisory collects, uses, and protects information across our website and the Awali platform.
Samson Advisory (“we”, “us”, or “our”) respects your privacy. This Privacy Policy explains what information we collect, why we collect it, how we protect it, and the limited circumstances under which we would ever share it. It applies to two distinct experiences: our marketing website at samsonadvisory.com (the “Site”) and the Awali Technology application we operate for our engaged clients (the “Application”).
The short version. Information you submit on our website is used only to follow up with you about your request. Information collected inside the Awali Application is used only to run the engagement you hired us to run. Protected Health Information (PHI) is used only for the specific purposes set out in the applicable Statement of Work and is governed by a Business Associate Agreement with the covered entity. All data is encrypted at rest, and no client data is ever shared with a third party without the client’s specific, authorized permission.
Our website is intentionally lightweight. When you submit a contact form, a customer support request, an access request, or a whistleblower report, we collect only the information you provide in that form — typically your name, email address, phone number (if you supply one), your company or role, and the message you’ve written.
We also receive standard technical information that any website receives: your IP address, browser type, referring page, and pages viewed. We use Google Analytics to understand aggregate site traffic (e.g., which pages are most useful). Analytics data is not used to identify individual visitors or combined with any information you submit through our forms.
How we use website information. Information you submit through a website form is used solely to respond to and follow up on the request you made. We do not sell it, rent it, or add it to marketing lists. We do not use it to profile you for advertising. We do not share it with third parties for their marketing.
The Awali Application is provided to clients under a Master Services Agreement and one or more Statements of Work. In the course of a client engagement, the Application collects information in three categories, each tied to a specific operational purpose:
We collect only what is necessary to deliver the scope described in the Statement of Work. We do not collect information from the Application for any purpose outside that engagement.
When we are engaged by a HIPAA-regulated client (a “Covered Entity” or an existing Business Associate) and the engagement requires access to Protected Health Information, that access is governed by a signed Business Associate Agreement (“BAA”) between Samson Advisory and the client.
In every such engagement:
If you believe an incident involving PHI has occurred, contact us immediately using the details in Section 11.
All data we collect — whether from the website or the Awali Application — is stored in an encrypted-at-rest format. Data in transit between your browser or device and our systems is protected by industry-standard TLS encryption.
Additional safeguards we apply include:
No security program can promise perfect security, but we design ours to meet the expectations of the regulated industries and clients we serve.
We do not sell, rent, license, or otherwise disclose client data to any third party for any purpose — ever — unless the client has specifically and expressly authorized that disclosure. This is the single most important commitment in this Policy.
The limited exceptions are:
Beyond those two narrow situations, your data stays with us and with you.
The Site uses a small number of cookies to remember display preferences and to enable Google Analytics. You can disable cookies in your browser settings; the Site will continue to function. We do not use advertising cookies, cross-site tracking, or third-party marketing pixels.
We retain website contact submissions for as long as reasonably needed to complete follow-up and any resulting business relationship, and then in accordance with our records-retention schedule.
Application data is retained for the term of the engagement and, unless the underlying Statement of Work requires otherwise, is deleted or returned to the client on request after the engagement ends. HIPAA-covered records are retained and disposed of in accordance with the applicable BAA and applicable law.
Depending on where you live, you may have the right to request access to, correction of, or deletion of personal information we hold about you. To exercise these rights, contact us at the address in Section 11. We will respond within the time frames required by applicable law.
For information that Samson Advisory processes on behalf of a client (for example, information inside the Awali Application about the client’s own employees or patients), please direct your request to the client. We will support the client in responding as required by the applicable agreement.
Neither the Site nor the Application is directed to children under the age of 13, and we do not knowingly collect information from children under 13. If you believe a child has provided information to us, contact us and we will delete it.
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Material changes affecting the Awali Application will be communicated to affected clients through the notice provisions of their agreement. Continued use of the Site or the Application after a change indicates acceptance of the updated Policy.
Questions about this Policy, or requests concerning your information, should be directed to:
Samson Advisory
Attn: Privacy
2301 W Anderson Ln #102-126
Austin, TX 78757
United States
Phone: 512-635-2718
Email: robert@samsonadvisory.com