Privacy Policy

Effective date: May 3, 2026

This Privacy Policy explains how Clinical Insight MD ("we," "us," or "our") collects, uses, discloses, and protects personal information when you visit or use our website, mobile applications, services, or otherwise interact with us (collectively, the "Services"). By using the Services, you agree to the collection and use of information in accordance with this policy.

  1. Information We Collect

  • Information you provide directly: name, email address, postal address, phone number, professional credentials, organization, billing information, account username and password, messages and communications you send to us, and any other information you choose to provide.

  • Health and clinical information: if you submit clinical data, case details, or patient information (including Protected Health Information), you acknowledge and warrant that you have the legal right to submit that information and that you will comply with applicable laws, including HIPAA. We do not seek or require PHI to provide general content; any submission of PHI is at your discretion and risk unless otherwise covered by a separate Business Associate Agreement.

  • Usage and device information: IP address, browser type and version, device identifiers, operating system, pages viewed, referral URLs, access times, and other diagnostic and usage data collected automatically through cookies, web beacons, and similar technologies.

  • Cookies and tracking: we use cookies and similar technologies to provide, improve, and secure the Services, to remember preferences, and to analyze usage. You can control cookie preferences through your browser settings; rejecting cookies may limit some functionality.

  1. How We Use Information We use personal information to:

  • Provide, operate, maintain, and improve the Services.

  • Create and manage your account, verify identity, and provide customer support.

  • Respond to inquiries, requests, and communications.

  • Process payments, invoices, and billing.

  • Personalize content and communications, and deliver relevant information about products, services, updates, and promotions (subject to your communication preferences).

  • Analyze usage patterns and trends to enhance user experience and develop features.

  • Detect, prevent, and address technical issues, fraud, and security incidents.

  • Fulfill legal obligations and enforce our terms, policies, and agreements.

  1. Legal Bases for Processing (where required) Where applicable under data protection laws, we rely on the following legal bases to process personal information: consent; performance of a contract; compliance with legal obligations; legitimate interests, such as improving services, ensuring security, and preventing fraud. We will not process personal data beyond what is necessary for these purposes.

  2. Information Sharing and Disclosure We may share personal information with:

  • Service providers and subcontractors who perform services on our behalf (hosting, analytics, payment processing, email delivery, customer support).

  • Professional advisors (legal, accounting) when necessary to provide services or comply with legal obligations.

  • Affiliates and partners for business purposes, subject to confidentiality obligations.

  • Third parties in connection with a sale, merger, reorganization, acquisition, or other change of corporate control (we will notify users where required by law).

  • Law enforcement, regulators, or other third parties when required by law, lawful process, or to respond to claims, protect rights, property, or safety.

  • With your consent or at your direction.

We do not sell personal information for monetary consideration.

  1. Data Security We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. No data transmission or storage system is completely secure; while we strive to protect your information, we cannot guarantee absolute security.

  2. Data Retention We retain personal information as long as necessary to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and for legitimate business purposes. Retention periods vary based on the type of data and purposes for which it was collected.

  3. International Transfers Clinical Insight MD operates in the United States. Personal information may be processed and stored in the United States or other countries where our service providers operate. When we transfer personal information across borders, we will protect it in accordance with this Privacy Policy and applicable law.

  4. Your Rights and Choices Subject to applicable law, you may have rights to:

  • Access and obtain a copy of personal information we hold about you.

  • Request correction or update of inaccurate or incomplete information.

  • Request deletion or restriction of processing of your personal information.

  • Object to processing based on legitimate interests or for direct marketing.

  • Withdraw consent where processing is based on consent. To exercise these rights or update preferences, contact us as provided below. We may need to verify your identity before fulfilling requests. Some requests may be limited by legal obligations or other valid reasons.

  1. Children and Minors The Services are not directed to children under 16 (or other applicable age