Last updated: September 19, 2025
This Privacy Policy explains how meddataflow collects, uses, discloses, and safeguards personal information when you use our platform and related services. We are committed to protecting your privacy and handling data in accordance with applicable laws.
We may collect information you provide directly (such as account details, contact information, and content you upload) and information collected automatically (such as IP address, device identifiers, usage data, and cookies). For enterprise integrations, we may process data on your behalf, including healthcare data, in accordance with your instructions and applicable agreements.
We use information to provide, maintain, and improve the Services; authenticate users; prevent fraud and misuse; enable customer support; analyze usage; and comply with legal obligations. We may also use de-identified or aggregated data for analytics and product improvement.
We do not sell personal information. We may share information with trusted service providers (e.g., hosting, storage, email delivery, analytics) under contractual obligations; with your consent; to comply with law; to protect our rights; or in connection with a merger, acquisition, or sale of assets.
We employ administrative, technical, and physical safeguards designed to protect information. However, no method of transmission or storage is entirely secure. You are responsible for maintaining the confidentiality of your credentials.
We retain information for as long as necessary to provide the Services and for other legitimate business purposes, such as complying with legal obligations, resolving disputes, and enforcing agreements.
Depending on your location, you may have rights to access, correct, delete, or restrict the processing of your personal information, and to object to certain processing. You can manage preferences within your account or contact us to exercise these rights.
For customers subject to HIPAA, we act as a Business Associate when processing PHI under a BAA. We implement safeguards required by HIPAA and process PHI solely as permitted by the BAA and your instructions.
Where applicable, we implement appropriate safeguards for cross-border transfers of personal information in accordance with applicable laws.
The Services are not directed to children under 13 (or other age as defined by local law), and we do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. Material changes will be communicated as appropriate. Your continued use of the Services signifies acceptance of any updates.
If you have questions or requests regarding this Privacy Policy, please contact us at privacy@meddataflow.com.