9xClinic Logo
Platform Plans FAQ Login Request Demo

Privacy Policy

Last Updated: Nov 4, 2025

1. Introduction

9x Innovations LLC (“9x Innovations,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy (“Policy”) applies to individuals who visit our website, 9xClinic.com, and use our AI-powered patient acquisition platform and associated services (collectively, the “Service”). This Policy explains how we collect, use, disclose, and safeguard your Personal Information and outlines your rights concerning this data.

By using our Service, you acknowledge that you have read and understood the terms of this Policy. If you do not agree with the practices described, please do not use our Service.

This Policy should be read in conjunction with our Terms and Conditions of Service (“Terms”).

2. Information We Collect

We collect information necessary to provide, improve, and secure our Service. The specific types of information depend on your interaction with us.

2.1. Information You Provide Directly:

  • Account Information: When you register, we collect your name, practice name, email address, phone number, and account credentials (username, password).
  • Payment Information: For paid subscriptions, our third-party payment processors collect your payment details (e.g., credit card information, billing address).
  • Communication Information: If you contact us for support or feedback, we may collect your name, email, phone number, and the content of your message.
  • Practice Profile Information (via Google API): When you connect your Google Business Profile(s) (GMB) to our Service via Google OAuth, we access and store information from your GMB account(s) as authorized by you. This includes: business name, address, phone, website, categories, photos, posts, reviews, Q&A, GMB Insights, and other related content.
  • Communication Preferences: Your choices for receiving marketing communications.

2.2. Information Collected Automatically:

  • Usage Data: Details about your interaction with our Service, such as features used, pages viewed, time spent, and clicks.
  • Device and Connection Information: IP address, browser type, operating system, device identifiers, and time zone.
  • Cookies and Similar Technologies: We use cookies and web beacons. Please see Section 5 for details.

2.3. Information from Third Parties:

  • Google: As noted, we receive information from your GMB account(s) when you grant authorization.
  • Business and Marketing Partners: We may receive information from trusted partners, provided they have a lawful basis to share it.
  • Public Databases: We may collect information from publicly available sources.

3. How We Use Your Information

We use your Personal Information for these primary purposes:

3.1. To Provide and Maintain the Service:

  • To create, manage, and secure your account.
  • To process subscriptions and payments.
  • To enable you to use our AI-powered marketing features (SEO, reputation, social media, etc.).
  • To provide customer support and respond to inquiries.
  • To send essential service-related communications.

3.2. To Improve and Personalize the Service:

  • To analyze usage to improve functionality and user experience.
  • To personalize your experience.
  • To develop new features and capabilities.

3.3. For Marketing and Advertising (Our Own Services):

  • To send you promotional communications about our services, where permitted.
  • To measure the effectiveness of our marketing.

3.4. For Legal, Safety, and Security Purposes:

  • To comply with legal obligations or court orders.
  • To protect the rights, property, or safety of 9x Innovations, our users, or the public.
  • To prevent and investigate fraud, security breaches, and illegal activities.
  • To enforce our Terms and Conditions.

3.5. Use of Information Obtained from Google APIs:

Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Information from Google APIs will only be used to provide or improve user-facing features of the 9xClinic platform.
  • We will not use Google API data for serving advertisements.
  • We will not transfer Google API data to others unless necessary to provide the Service, comply with applicable law, or as part of a merger or acquisition.
  • We will not allow humans to read Google API data unless we have your affirmative consent, for security purposes, to comply with law, or for aggregated and anonymized internal operations.

4. Legal Basis for Processing (for EEA/UK Users)

If you are in the European Economic Area (EEA) or the UK, our legal basis for processing your Personal Information includes: performing our contract with you, complying with legal obligations, pursuing our legitimate interests (e.g., improving the Service, security), and, where required, your consent.

5. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., pixels, web beacons) to operate and enhance our Service. This includes essential cookies, analytics cookies (to understand usage), and functionality cookies. You can manage your cookie preferences through your browser settings. For more information, please see our Cookie Policy. For details on how Google uses data, visit www.google.com/policies/privacy/partners/.

6. Information Sharing and Disclosure

We do not sell your Personal Information. We may share your information in the following limited circumstances:

  • Service Providers: With third-party vendors and partners who help us operate our Service (e.g., payment processors, cloud hosting).
  • Google: As necessary to provide the GMB-related features of the Service.
  • Advertising and Analytics Partners: To help us market our *own* services.
  • Legal Authorities: If required by law or to protect safety and rights.
  • Business Transfers: In connection with a merger, sale, or acquisition.
  • With Your Consent: If you explicitly authorize us to share your information.

7. Data Retention

We retain your Personal Information only for as long as necessary to fulfill the purposes for which it was collected, such as providing the Service, complying with legal obligations, and for legitimate business needs. When you terminate your account, your data will be deleted or anonymized in line with our Terms, typically within 30 days for active data and up to 90 days for backups.

8. Your Privacy Rights and Choices

Depending on your location, you may have rights to Access, Correct, Delete, or Port your data, or to Restrict or Object to certain processing. You can opt-out of marketing emails by clicking the "unsubscribe" link. To exercise any of these rights, please contact us at hello@9xclinic.com.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the Right to Know, Delete, and Correct your Personal Information. We do not “sell” or “share” (for cross-context behavioral advertising) your Personal Information. You also have the Right to Limit the Use of Sensitive Personal Information and the Right to Non-Discrimination. To exercise these rights, please contact us at hello@9xclinic.com.

10. Data Security

We implement reasonable and appropriate technical and organizational security measures (such as encryption, access controls, and security reviews) to protect your Personal Information. However, no digital transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. International Data Transfers

Your Personal Information may be transferred to, stored in, and processed in countries outside of your own, including the United States. For transfers from the EEA, UK, or Switzerland, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs).

12. Children’s Privacy

Our Service is not intended for or directed to children under the age of 13. We do not knowingly collect Personal Information from children. If you believe we have inadvertently collected such information, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated Policy on our website or via other communication. Your continued use of the Service after such changes signifies your acceptance of the new Policy.

14. Contact Information

If you have questions, concerns, or requests about this Privacy Policy, please contact us:

9x Innovations LLC
Email: hello@9xclinic.com

Data Processing Addendum (DPA)

This Data Processing Addendum (“DPA”) is part of the Agreement between 9x Innovations LLC (“Processor”) and the Customer (“Controller”).

1. Definitions

Terms such as “Applicable Data Protection Law,” “Controller,” “Processor,” “Personal Data,” etc., will have the meanings given to them in laws like the GDPR. “Customer Data” means Personal Data Processed on behalf of the Controller.

2. Roles and Responsibilities

The Controller is the controller of Customer Data, and 9x Innovations is the Processor. We will process data only in accordance with the Controller's lawful instructions.

3. Details of Processing

  • Subject Matter: Providing the 9xClinic AI-powered marketing services.
  • Duration: For the term of the Agreement.
  • Nature and Purpose: To enable the Controller to manage its online presence, GMB profile(s), SEO, and reputation.
  • Types of Personal Data: GMB Profile Information and Controller's user contact details.
  • Categories of Data Subjects: Controller’s customers, employees, and users.

4. Processor’s Obligations

We commit to confidentiality, maintaining security measures, providing general authorization for sub-processors (see Annex 1), assisting with Data Subject Rights requests, notifying of Personal Data Breaches, assisting with DPIAs, deleting/returning data on termination, and facilitating audits.

5. Controller’s Obligations

Controller must comply with all its obligations under Applicable Data Protection Law and provide lawful instructions for data processing.

6. International Data Transfers

Data transfers will be governed by appropriate safeguards, such as the Standard Contractual Clauses (SCCs).

Annex 1: List of Sub-processors

This list is current as of the “Last Updated” date of this policy.

  • Payment Processors: Stripe, Inc.; PayPal Holdings, Inc.
  • Analytics Providers: Google LLC (Google Analytics); Plausible Analytics (Plausible Insights OÜ).
  • Email Delivery Provider: SendGrid (Twilio Inc.).
  • Cloud Infrastructure Hosting: Amazon Web Services, Inc. (AWS), Google Cloud Platform (GCP), Microsoft Corporation (Azure), DigitalOcean, LLC. (Location: US)