Legal
Privacy Policy
Last updated: June 16, 2025
1. Introduction
Telescope ("Telescope," "we," "our," or "us") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our web platform, iOS application, and Android application (collectively, the "Services"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Services.
Our Services are designed for home care agencies, their administrators, schedulers, caregivers, clients, and authorized family members. By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Name, email address, phone number, job title, and password when you register.
- Agency Information: Agency name, address, NPI number, tax ID, and billing details.
- Client & Care Information: Client names, addresses, care plans, health-related notes, medication records, and emergency contacts.
- Caregiver Information: Credentials, certifications, employment history, payroll information, and background check results.
- Communication Data: Messages sent through our HIPAA-compliant in-app messaging system.
- Survey Responses: Responses to caregiver satisfaction and client satisfaction surveys.
2.2 Information Collected Automatically
- Location Data (GPS): Precise GPS coordinates are collected at clock-in and clock-out events for Electronic Visit Verification (EVV) compliance. Location data is only collected when a caregiver actively initiates a clock-in or clock-out action. Continuous background location tracking is not performed.
- Device Information: Device type, operating system version, unique device identifiers, and mobile network information.
- Usage Data: Pages viewed, features used, timestamps, and clickstream data within the app.
- Log Data: IP address, browser type, referring URLs, and error logs.
2.3 Information from Third Parties
- Background check results from authorized background screening providers.
- Job application data from third-party job boards when caregivers apply through integrated platforms.
- Payroll data synchronized from QuickBooks, ADP, Paychex, or Viventium when integrations are enabled by the agency administrator.
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Telescope platform and mobile applications.
- Verify caregiver visit attendance and location for EVV compliance with state Medicaid programs and aggregators (including HHAeXchange, Sandata, Tellus, and CareBridge).
- Generate schedules, care plans, billing records, and compliance reports.
- Process invoices, payroll exports, and financial transactions.
- Send notifications, reminders, and alerts related to scheduling, compliance, and care documentation.
- Facilitate HIPAA-compliant messaging between caregivers, coordinators, clients, and family members.
- Conduct caregiver hiring workflows including job posting, screening, interview scheduling, background checks, and onboarding.
- Administer satisfaction surveys and 30/60/90-day caregiver check-ins.
- Improve platform features, diagnose technical issues, and conduct internal analytics.
- Comply with applicable laws, regulations, and legal obligations.
4. Location Data — Specific Disclosures
The Telescope mobile app requests access to device location for the sole purpose of Electronic Visit Verification (EVV). Location is captured only at the moment a caregiver taps "Clock In" or "Clock Out." We do not track caregiver location continuously, in the background, or outside of visit verification events.
Location data is used to:
- Confirm the caregiver was present at the client's service location at the time of the visit.
- Transmit visit data to authorized state EVV aggregators as required by the 21st Century Cures Act.
- Generate audit-ready visit records for Medicaid billing and compliance.
You may deny location permissions in your device settings, but doing so will prevent EVV clock-in/out functionality from working correctly, which may affect compliance with your state's Medicaid EVV requirements.
5. HIPAA Compliance
Telescope is a HIPAA-compliant platform. We act as a Business Associate under HIPAA for agency customers who are Covered Entities. We enter into Business Associate Agreements (BAAs) with applicable customers. Protected Health Information (PHI) is:
- Encrypted in transit using TLS 1.2 or higher.
- Encrypted at rest using AES-256 encryption.
- Accessible only by authorized personnel with role-based access controls.
- Never shared with third-party advertising networks, AI training services, or analytics platforms that would involve disclosure of PHI.
- Subject to audit logging — all access to PHI is recorded with timestamps and user identity.
6. How We Share Your Information
We do not sell your personal information. We may share information in the following circumstances:
- Within Your Agency: Agency administrators, schedulers, and authorized staff can view data within the scope of their role-based permissions.
- State EVV Aggregators: Visit verification data (caregiver ID, client ID, service type, location, timestamps) is transmitted to state-mandated EVV aggregators to satisfy Medicaid compliance requirements.
- Third-Party Integrations (Agency-Enabled): When your agency enables payroll integrations (QuickBooks, ADP, Paychex, Viventium) or background check services, relevant data is shared with those providers under appropriate data processing agreements.
- Service Providers: We use vetted subprocessors (e.g., cloud hosting, email delivery, error monitoring) that process data solely on our behalf under confidentiality and data protection obligations.
- Legal Requirements: We may disclose information when required by law, court order, or governmental authority, or to protect the rights, property, or safety of Telescope, our users, or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred. We will notify affected users before data is subject to a different privacy policy.
7. Data Retention
We retain personal data for as long as necessary to provide the Services and comply with our legal obligations:
- Account data is retained for the duration of your subscription and for 7 years after account closure to satisfy healthcare recordkeeping requirements.
- Visit and EVV records are retained for a minimum of 7 years or as required by your state's Medicaid program, whichever is longer.
- GPS location snapshots associated with EVV events are retained as part of the visit record per the above schedule.
- Caregiver application and hiring data is retained for 2 years after the application date.
- After account closure, data may be retained in encrypted backups for up to 90 days before permanent deletion.
8. Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete personal data.
- Deletion: Request deletion of your personal data, subject to our legal retention obligations.
- Portability: Request your data in a structured, machine-readable format.
- Opt-Out of Marketing: Unsubscribe from marketing emails using the link in any email or by contacting us.
- Location Permission: Revoke location access at any time through your device settings.
To exercise any of these rights, contact us at hello@telescopehr.com. We will respond within 30 days.
Data Deletion Requests: To request deletion of your account and associated data, email hello@telescopehr.com with subject line "Data Deletion Request" and your account email address. We will process your request within 30 days. Note that records required by law or for ongoing Medicaid compliance may be retained for the periods described in Section 7.
9. Children's Privacy
The Telescope Services are designed for use by home care agency professionals and are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it promptly. If you believe a child under 13 has submitted personal information to us, please contact us at hello@telescopehr.com.
10. Security
We implement administrative, technical, and physical safeguards designed to protect your information, including:
- TLS encryption for all data in transit.
- AES-256 encryption for data at rest.
- Role-based access controls and least-privilege principles.
- Multi-factor authentication for administrative access.
- Regular security assessments and penetration testing.
- Comprehensive audit logging of all data access.
No method of transmission over the Internet is 100% secure. While we use industry-standard safeguards, we cannot guarantee absolute security.
11. Third-Party Services and Links
Our Services may contain links to or integrations with third-party websites and services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.
12. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know, delete, correct, and opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising. To exercise your California rights, contact us at hello@telescopehr.com.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page with an updated "Last updated" date and, where required, by sending an in-app notification or email. Your continued use of the Services after changes are posted constitutes your acceptance of the revised policy.
14. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us: