Security Statement

Sniffle, Inc. (“Sniffle,” “we” or “us”) values your data security. Sniffle offers a Telemedicine Platform and Service (the “Services”). This Security Statement applies to our Mobile Applications, website https://www.sniffle.com (the “Site”), and any services accessible through the Mobile Applications or the Site. Through the Services, participating healthcare professionals and their staff (“Healthcare Providers” or “Providers”) can provide healthcare services to patients with whom they have a professional relationship.

Sniffle protects all data in its control using reasonable industry standards.

Sniffle is concerned with the confidentiality, integrity, and availability of Provider and patient data. Our servers are protected by firewall systems, and scans are performed regularly to ensure that any vulnerabilities are found and patched in a timely manner. Services have measured failover points and redundant hardware, with complete backups performed periodically, consistently with industry standards.

Sniffle applies all software developer patches in a timely, professional manner, as deemed suitable by its engineers, industry professionals, and developer standards.

Providers, patients, and users are responsible for patching their operating systems and applications, and for configuring their own operating systems, databases, and applications.

Sniffle uses industry standard designs to silo data, and otherwise reasonably minimize horizontal access across its systems.

Customer data may be stored in a specific location or in cloud-based resources suitable for the security needs of that data.

Sniffle uses Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data.

It is important for Providers, patients, and users to practice sound security practices including, among other things, using strong passwords (and never sharing them or writing them down) and restricting physical access to their devices.

HITECH (Health Information Technology for Economic and Clinical Health Act) and HIPAA rules to ensure that data, including PHI and ePHI, are protected and appropriate security practices followed. Sniffle safeguards customer data and uses secure data centers to ensure appropriate protection is provided, consistently with HITECH requirements.

Questions regarding this statement may be sent to us at info@sniffle.com or Sniffle, Inc., 400 West Capitol Avenue, Suite 1700, Little Rock AR 72201, Attention: Security Officer.