Privacy Policy

Last updated: 2026-05-08

This policy is a working document maintained by the site operator and has not been reviewed by counsel. It describes current practice. If you have questions about how your data is handled, email the address at the bottom of this page before using the site.
What this site collects

Who Owns Your Care is a public reference database. Most visitors browse without identifying themselves. The site collects the following:

  • Submission form data. When you submit information about a healthcare organization, the site stores the organization name, the details you describe, any supporting URLs you supply, and (if you provide them) your name, email, and affiliation. Submitter contact info is used only to follow up on the submission; it is not published.
  • Admin accounts. Editors and administrators have accounts with email, hashed password, and optionally a registered passkey. These accounts exist to manage the database and are not exposed publicly.
  • Server access logs. The web server records standard access logs (IP address, user agent, requested URL, timestamp) for operational purposes. Logs are retained on the server for the lifetime of routine log rotation.
  • Rate-limit state. The site keeps short-lived in-memory counters keyed by IP address to prevent abuse of login and submission endpoints. These counters reset when the server restarts and are not written to disk.
What this site does not do
  • It does not run third-party advertising or analytics.
  • It does not sell or share submitter contact information.
  • It does not set non-essential cookies. The only cookie the site uses is the NextAuth session cookie for signed-in administrators.
Information about people and organizations

The database describes real organizations and the individuals connected to them in their professional capacity (founders, executives, physicians, board members). Information is sourced from public records: state business filings, SEC disclosures, FDA databases, court records, regulatory enforcement records, and verified news reporting.

If you are a subject of an entry and believe specific facts are wrong or have changed, please use the submission form to request a correction with sources, or email the operator at the address below. The editorial process is described on the Editorial Policy page.

Retention
Submission records and admin audit logs are retained indefinitely so that the editorial provenance of every entry can be traced. Submitter contact information is retained with the submission record. To request deletion of submitter contact information specifically, email the operator below.
Contact
Questions, corrections, or removal requests: [email protected]