Privacy Policy
Thank you for choosing AllMed AI, Inc. ( "AllMed AI," "we," "our," or "us," ). Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit https://allmedai.com(the "Site") , use our revenue‑cycle and patient‑payment platform, interact with our support team, or otherwise engage with AllMed AI (collectively, the "Services").
Scope
This Policy applies to personal information that AllMed AI processes as a controller(e.g., when you browse our Site or contact us) and as a HIPAA business associate(e.g., when we process protected health information ( “PHI”) on behalf of medical‑practice customers). When we handle PHI, our Business Associate Agreement (“BAA”) will govern to the extent of any conflict with this Policy.
Information We Collect
| Category | Examples | Source |
|---|---|---|
| Information you provide | • Name, job title, practice name | |
| • Email address, telephone number | ||
| • Billing‑and‑payment details (limited—processed by our payment partners) | ||
| • Messages sent to support or sales | Directly from you | |
| Automatically collected | • IP address, browser type, device identifiers | |
| • Pages viewed, links clicked, time spent, referring URL | ||
| • Cookie and pixel data, including analytics and session replay | Automatically via cookies, SDKs, and similar tech | |
| Information from third parties | • Payment processors’ confirmation of transaction status | |
| • EHR vendors’ metadata to enable integrations | ||
| • Public or commercial data sets to enrich provider profiles | From integrated partners or public sources | |
| Protected Health Information | • Patient demographic data, CPT/ICD‑10 codes, claim status, remittance advice, and payment history | Provided by customer practices under our BAA |
We do not intentionally collect information from children under 13, nor do we market the Services to them.
Cookies & Tracking Technologies
We use first‑ and third‑party cookies, pixels, and similar technologies ("Cookies") to:
- Remember user preferences
- Perform analytics (e.g., Google Analytics, Hotjar)
- Measure marketing campaign effectiveness
- Secure the Services
You can adjust your browser settings to refuse Cookies or to alert you when Cookies are being used. However, some portions of the Site may not function properly without them.
How We Use Information
We process personal information to:
- Provide, operate, and maintain the Services;
- Perform contractual obligations (e.g., claim submission, payment posting);
- Improve and personalize the user experience, develop new features, and conduct internal research;
- Communicate with you about account matters, upgrades, and security notices;
- Send marketing communications where permitted (you may opt‑out at any time);
- Detect, prevent, and mitigate fraud, abuse, or security threats;
- Comply with legal or regulatory obligations; and
- Enforce our Terms of Service or other agreements.
For individuals located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we rely on one or more of the following legal bases: performance of a contract, legitimate interests, consent, and compliance with legal obligations.
How We Share Information
We do not sell personal information. We may share it only as described below:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Service providers (e.g., cloud hosting, analytics, payment processors, customer‑support platforms) | Operate and improve Services on our behalf | Restricted to contractual instructions; confidentiality & security obligations |
| Integration partners (e.g., Electronic Health Record vendors) | Enable requested data exchanges | BAA or data‑processing agreement, as applicable |
| Affiliated entities or acquirers | Corporate transactions such as mergers, financing, or acquisition | Contractual commitments, continued protection of information |
| Authorities & regulators | Respond to lawful requests or legal process | Evaluate each request; minimize disclosure where possible |
| Others with your consent | Any purpose you expressly authorize | As disclosed at the time of consent |
HIPAA Compliance & PHI
When we act as a business associate, we process PHI only as permitted by our customer BAA—e.g., to perform claims management, payment posting, denial appeals, and analytics. We implement administrative, physical, and technical safeguards aligned with 45 C.F.R. §164.308‑310 and the NIST Cybersecurity Framework.
Security
We employ industry‑standard security measures such as:
- Role-based access and multi-factor authentication
- Vulnerability scanning and penetration testing
- Incident-response procedures
Nevertheless, no Internet transmission or storage system can be guaranteed 100% secure.
Data Retention
We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal/regulatory obligations, resolve disputes, and enforce agreements. Where feasible, we anonymize or de‑identify data when retention is no longer required.
International Data Transfers
We are headquartered in the United States. If you access the Services from outside the U.S., your information may be transferred to, stored, and processed in the U.S. or other jurisdictions that may not provide equivalent data‑protection laws. We implement appropriate safeguards, such as Standard Contractual Clauses, to protect cross‑border transfers where required by law.
Your Rights & Choices
EEA/UK/Swiss Residents
You may have the right to access, correct, delete, restrict, or object to our processing of your personal data, or to receive a portable copy. You also have the right to lodge a complaint with your local supervisory authority.
California Residents (CCPA/CPRA)
California residents may request:
- Categories and specific pieces of personal information we have collected;
- Categories of sources of that information;
- Business purpose for collecting or sharing it;
- Categories of third parties with whom we disclosed information; and
- Deletion or correction of personal information, subject to exceptions.
We will not discriminate against you for exercising CCPA rights.
Marketing Communications
You may opt out of marketing emails at any time by clicking "unsubscribe" in the message or contacting us.
Cookie Controls
Review Section 3 above for browser‑level options to manage Cookies.
Third‑Party Sites & Services
Our Site may contain links to third‑party websites or integrate third‑party SDKs. We have no control over—and are not responsible for—the privacy practices of such parties. We encourage you to review their policies.
Children’s Privacy
The Services are not directed to children under 13, and we do not knowingly collect personal information directly from them. If we learn that we have inadvertently received such data, we will delete it promptly.
Changes to This Policy
We may update this Policy from time to time. When we do, we will revise the "Last Updated" date at the top and, if the changes are material, provide prominent notice (e.g., via the Site or email).
Contact Us
If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact us:
AllMed AI, Inc.
Attn: Privacy Office
Email: [email protected]
Mailing Address: 1240 W Granada Blvd, FL 2, Ormond Beach, FL