Bison Ridge Healthcare Consulting and Management, LLC ("Bison Ridge", "we", "us") respects your privacy. This policy explains what personal data we collect through this website, why we collect it, and the rights you hold over that data.
Bison Ridge Healthcare Consulting and Management, LLC is a Wyoming limited liability company providing healthcare turnaround, fractional C-level leadership, and management advisory services. Our operational base is in England, United Kingdom.
For the purposes of UK GDPR and the UK Data Protection Act 2018, Bison Ridge is the data controller for personal data collected through this website.
Contact for data matters: privacy@bisonridgehealthcare.com
When you submit an enquiry through our website, we collect:
Our web hosting provider may log standard server data including IP addresses, browser type, and page request timestamps. This data is retained for security and operational purposes only and is not used to identify individuals.
This site uses essential cookies only — specifically a single first-party cookie to record your cookie consent choice. We do not use advertising, tracking, or analytics cookies. No third-party cookies are set by this site.
We use the information you submit through the contact form solely to:
We do not use your data for marketing without your separate consent, and we do not profile, score, or subject your data to automated decision-making.
We process your personal data on the basis of legitimate interests (UK GDPR Article 6(1)(f)): you have actively submitted a business enquiry, and we have a legitimate interest in responding to it. Where you contact us and the subject matter relates to a potential engagement, processing is also necessary for steps prior to entering a contract (Article 6(1)(b)).
We do not sell, rent, or trade your personal data. We do not share your data with third-party marketing platforms.
Your data may be accessed by:
Any third-party processors we engage are required to handle your data in compliance with UK GDPR and applicable data protection law.
Bison Ridge operates across the UK and the United States. Where personal data is transferred from the UK to the US, we rely on appropriate safeguards including Standard Contractual Clauses (SCCs) as approved under UK law, or equivalent transfer mechanisms. We do not transfer data to jurisdictions that lack adequate data protection frameworks without such safeguards in place.
We retain contact form data for as long as is necessary to fulfil the purpose for which it was collected — typically for the duration of any resulting engagement discussion plus a reasonable follow-up period, and no longer than 3 years from last contact. Server log data is typically retained for up to 90 days. You may request earlier deletion at any time (see Section 8).
As a data subject under UK GDPR, you have the following rights. To exercise any of them, contact us at privacy@bisonridgehealthcare.com. We will respond within one calendar month.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK supervisory authority — at ico.org.uk or by calling 0303 123 1113.
This website does not collect, process, or transmit Protected Health Information (PHI) as defined under the US Health Insurance Portability and Accountability Act of 1996 (HIPAA). Our website is a professional services marketing site. Any engagement with clients involving PHI or clinical data is governed by separate Business Associate Agreements (BAAs) and engagement-level data handling protocols, consistent with HIPAA Privacy and Security Rule requirements.
This section applies to California residents under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA).
We do not sell or share your personal information for cross-context behavioural advertising. We do not use sensitive personal information for inferencing or profiling. Given the limited nature of our data collection (contact form enquiries only), California residents have the right to:
To exercise California rights, contact privacy@bisonridgehealthcare.com. We do not discriminate against individuals who exercise their privacy rights.
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. Our website is served over HTTPS (TLS encryption). Access to submitted contact data is restricted to personnel who require it to respond to your enquiry.
Given the nature of internet transmission, we cannot guarantee absolute security, but we take our obligations under UK GDPR seriously and maintain appropriate security standards commensurate with the sensitivity of the data we hold.
This website is directed at healthcare and business professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.
We may update this Privacy Policy from time to time to reflect changes in law, our data practices, or the services we offer. The effective date at the top of this page will always reflect the most recent version. Material changes will be noted on this page. We encourage you to review this policy periodically.
To exercise any of your rights, make a data request, or raise a privacy concern, please contact our privacy lead directly:
privacy@bisonridgehealthcare.com
Bison Ridge Healthcare Consulting and Management, LLC · Wyoming LLC · Operating in England, UK