pyboxtech
FeaturesHow it worksPricingLegalLog in Start free

Legal & Compliance

Our commitments to you

Transparent policies that govern how we handle your data, protect your practice, and ensure regulatory compliance.

Last updated: June 2025

Terms of ServicePrivacy PolicyRefund PolicyCookie PolicyCompliance

Terms of Service

Rules and guidelines for using the pyboxtech platform

Acceptance of Terms

By accessing or using pyboxtech you agree to be bound by these Terms of Service and applicable laws. If you disagree with any part, you may not use the service.

Use License

Permission is granted to use pyboxtech for medical practice management. Under this license you may not:

  • Modify or copy proprietary materials or software.
  • Use the platform for any unlawful purpose or outside of clinical use.
  • Attempt to decompile, reverse engineer, or extract source code.
  • Remove any copyright or proprietary notices.
  • Transfer account access to unauthorized third parties.

Account Responsibilities

You are responsible for maintaining the confidentiality of your credentials and restricting access to your account.

Service Modifications

pyboxtech reserves the right to modify or discontinue the service, temporarily or permanently, with or without notice.

Responsibility over Patient Data

As a user you are the data controller responsible for the processing of your patients' personal and health data. pyboxtech acts as a data processor.

Termination

We may suspend or cancel your access immediately, without prior notice or liability, for any breach of these Terms. Upon termination you may request an export of your data within 30 days.

Limitation of Liability

To the maximum extent permitted by law, pyboxtech shall not be liable for any indirect, incidental, special, consequential, or punitive damages.

Governing Law

These terms are governed by the laws of the United Mexican States. Any dispute shall be submitted to the competent courts of Mexico City.

Privacy Policy

How we protect and handle your data

Information We Collect

pyboxtech collects information necessary to provide our services, including:

  • Practice information (name, address, contact details).
  • Provider credentials and professional information.
  • Patient demographic and clinical data entered by your team.
  • Billing and payment information.
  • Usage data and system analytics (anonymized).

How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our platform services.
  • Process transactions and send related confirmations.
  • Respond to your support requests and questions.
  • Send technical notices, security alerts, and update notifications.
  • Monitor and analyze usage trends to improve product quality.

Data Security

We implement appropriate technical and organizational measures to protect your data. Our protocols include:

  • Encryption for all data transmissions (TLS 1.2+).
  • Regular security audits and vulnerability assessments.
  • Strict access controls and multi-factor authentication.
  • Automated data backup and disaster recovery procedures.

Information Sharing

We do not sell, trade, or transfer your personally identifiable information to outside parties, except:

  • With your explicit written consent.
  • To comply with legal obligations or court orders.
  • To protect and defend our rights and property.
  • With trusted service providers under strict confidentiality agreements.

Your Rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact us at support@pyboxtech.com.

Data Retention

We retain your data for as long as your account is active. Upon cancellation you may request deletion. Certain data may be retained as required by law.

Refund Policy

Our billing and cancellation terms, processed by FastSpring

Payment Processor

All payments for pyboxtech subscriptions are processed by FastSpring (Bright Market, LLC), our authorized Merchant of Record. FastSpring handles payment processing, invoicing, tax collection, and refund execution on our behalf. By purchasing a pyboxtech subscription you also agree to FastSpring's applicable terms.

Free Trial Account

Every new account starts on a free trial with access to all core features, up to 100 patients and up to 3 users. No payment method is required to start. The trial has no time limit as long as the account remains active.

Accounts that remain on the free tier and show no activity for 60 consecutive days will be automatically deleted. You will receive an email warning 7 days before deletion. To upgrade to a paid plan, go to the Plans section inside pyboxtech at any time.

Refund Eligibility

Because every account starts on a free trial with full feature access before any payment is required, refunds are evaluated on objective grounds rather than subjective satisfaction. We issue refunds in the following cases:

  • Billing error: You were charged an incorrect amount, charged twice, or charged after cancellation. We will refund the full erroneous amount.
  • Unauthorized charge: You did not authorize the transaction and have reported it promptly.
  • Extended service outage: pyboxtech experienced a verified outage of more than 72 consecutive hours and you request a prorated credit or refund for the affected period.
  • Annual plan — first 7 days: If you upgrade to an annual plan and decide to revert within 7 calendar days of that specific charge, we will refund the annual payment and return you to the free account.

Non-Refundable Situations

Refunds will not be issued in the following cases:

  • Dissatisfaction with the product after having used the free trial account.
  • Monthly subscription charges already rendered for a completed billing period.
  • Annual plan cancellations after the 7-day revert window (remaining months are not refunded).
  • Accounts suspended or terminated for violations of our Terms of Service.
  • Add-on services or one-time fees already consumed or delivered.

How to Request a Refund

To request a refund, contact us at support@pyboxtech.com with the subject line "Refund Request" and include your account email and the reason for the request. We will respond within 3 business days. Approved refunds are processed by FastSpring and typically appear on your statement within 5–10 business days, depending on your payment method and bank.

Cancellation

You may cancel your subscription at any time from your account settings. Cancellation takes effect at the end of the current billing period — you retain full access until then. Cancelling does not automatically trigger a refund; please submit a refund request separately if you believe you qualify under this policy.

Changes to This Policy

We reserve the right to modify this Refund Policy at any time. Changes will be posted on this page with an updated date. Continued use of pyboxtech after changes are posted constitutes acceptance of the revised policy.

Cookie Policy

How we use cookies and similar technologies

What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work correctly and to provide information to site owners about usage patterns.

How We Use Cookies

pyboxtech uses cookies for the following purposes:

  • Essential cookies: Required for authentication, session management, and core functionality. These cannot be disabled.
  • Analytical cookies: Allow us to understand how users interact with the platform so we can improve it. Data is anonymized.
  • Functional cookies: Remember your preferences such as language, theme, and workspace settings.
  • Security cookies: Used to detect and prevent fraudulent or unauthorized access attempts.

Managing Cookies

Most web browsers allow control of cookies through their settings. Note that disabling essential cookies will prevent you from logging into pyboxtech.

Third-Party Cookies

We use a limited set of trusted third-party services (such as authentication providers) that may set their own cookies. We do not use advertising or tracking cookies of any kind.

Compliance

Our commitment to regulatory standards

NOM-004-SSA3-2012 — Clinical Records

pyboxtech is designed so that your clinical records comply with NOM-004-SSA3-2012, the Mexican official standard for electronic clinical records.

  • Complete recording of clinical history, progress notes, prescriptions, and results.
  • Support for ICD-10 and ICD-11 (International Classification of Diseases) catalogs.
  • Secure record retention in accordance with the timeframes established by the standard.
  • Role-based access control to protect the confidentiality of the clinical record.

NOM-024-SSA3-2012 — SIRES Certification in progress with DGIS · 2025

pyboxtech is in the process of registration with the Dirección General de Información en Salud (DGIS) of the Secretaría de Salud to obtain certification under NOM-024-SSA3-2012, which governs Electronic Health Record Information Systems (SIRES).

This standard establishes the functional and interoperability requirements that electronic clinical record systems must meet in order to exchange information with the national health information system.

Security Controls Inspired by HIPAA

pyboxtech was engineered with the administrative, physical, and technical safeguards described in the U.S. HIPAA as a reference framework for clinical-data security — not as a claim of legal compliance with that statute.

Our platform implements controls consistent with those principles: encryption at rest and in transit, role-based access control (RBAC), audit logs of PHI access, automatic session expiration, least-privilege policies, documented incident-response procedures, and regular security assessments. If your practice operates under HIPAA jurisdiction or requires a Business Associate Agreement (BAA), please contact us.

Privacy-by-Design Principles

pyboxtech was built applying privacy-by-design and data-minimization principles drawn from international frameworks, including the GDPR. This reflects our engineering approach — it is not a declaration of legal compliance with the GDPR or any certification under Article 42.

We provide tools for data export, deletion requests, access logs, and documented data-processing practices. Users operating in jurisdictions with their own data-protection laws remain responsible for verifying that their use of the platform meets local requirements.

Data Processing Agreements

We offer Data Processing Agreements (DPAs) to customers who require them for regulatory compliance (LFPDPPP, or other applicable regulations). Contact us at support@pyboxtech.com.

Data Retention & Deletion

We retain your data while your account is active. You may request deletion at any time. Certain data may be retained due to legal obligation.

Security Controls & Audits

pyboxtech maintains ongoing security practices including:

  • Regular internal and external security assessments.
  • Encryption of data at rest and in transit at all layers.
  • Role-based access control (RBAC) and least-privilege enforcement.
  • Audit logs for all access to protected health information (PHI).
  • Automatic session expiration and multi-factor authentication.
  • Documented incident-response and disaster-recovery procedures.
  • Annual review of security policies and access controls.