MyMedPath

Privacy Policy

Effective Date: October 10, 2025

MyMedPath, LLC ("we," "our," or "us") is committed to protecting the privacy and security of the personal information we collect and process through our SaaS platform, website, and related services (collectively, the "Services").

By using our Services, you are acknowledging that you have read, understood, and accept our Privacy Policy. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT ACCESS OR USE OUR SERVICES.

This Privacy Policy does not extend to anyone whose personal information is not under our control or management, including data that is collected by other websites that you may visit before or after our Services, and that are not governed by this Privacy Policy. We are not responsible for the data protection or privacy policies of any other websites, and accept no responsibility or liability for their practices or policies. Please carefully check the policies of other websites and services you use before you visit or submit personal information.

Our Services are directed only to United States residents.

This Privacy Policy explains:

  • What personal information we collect
  • How we use and share it
  • Your rights under U.S. state privacy laws
  • How we protect your data

1. Scope

This policy applies to:

  • Visitors to our website;
  • Individuals who request information, sign up for trials, or communicate with us;
  • Customers and users of our SaaS platform.

When we process personal information on behalf of our customers (for example, license data, compliance records, or other uploaded documents), we act as a service provider/data processor and follow the customer's instructions.

2. Information We Collect

We collect personal information in the following ways:

Information you provide:

  • Contact details (name, email, phone, company, job title)
  • Account credentials (username, password)
  • Payment and billing information
  • Uploaded documents or compliance records (specialty licensure, CME certificates)
  • Communications (support requests, feedback, survey responses)

Information collected automatically:

  • Device and browser information (IP address, operating system, type, settings)
  • Log data (usage activity, login times, error reports)
  • Cookies and tracking technologies (see Section 8)

Information from third parties:

  • Business partners and service providers (analytics, hosting, payment processors)
  • Publicly available sources

3. How We Use Personal Information

We use personal information to:

  • Provide and operate our Services
  • Manage accounts, billing, and subscriptions
  • Respond to requests, provide customer support, and improve user experience
  • Send product updates, security notices, and marketing communications (where permitted)
  • Conduct analytics, audits, and security monitoring
  • Comply with legal obligations and enforce our agreements

4. Sharing of Personal Information

We share information only as needed to deliver and improve our Services:

  • Service providers (e.g., hosting, payment, analytics, customer support)
  • Affiliates and subsidiaries for business purposes
  • Legal compliance (if required by law, regulation, or legal process)
  • Business transactions (merger, acquisition, or sale of assets)
  • With your consent

We do not sell personal data for monetary value.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

A. Specific Retention Periods

  • Account Information: Retained for the duration of your account plus 3 years after account closure for legal and business purposes
  • Communication Records: Retained for 7 years for customer service and legal purposes
  • Marketing Data: Retained until you unsubscribe or withdraw consent
  • Website Analytics: Aggregated and anonymized data may be retained indefinitely for business analysis

C. Inactive Accounts

Accounts inactive for 24 months may be deleted, with advance notice sent to the registered email address.

D. Legal Requirements

Some information may be retained longer when required by law, such as financial records for tax purposes or data needed for legal proceedings.

You may request deletion of your personal information at any time by contacting us using the information provided below.

6. Data Security

We implement reasonable technical, administrative, and organizational safeguards to protect personal information, consistent with state data security standards. Measures include:

  • Encryption in transit and at rest
  • Role-based access controls
  • Regular audits and penetration testing
  • Incident detection and response processes

7. Children's Privacy

Our Services are not directed to children under 13, and we do not knowingly collect their information. If we become aware of such collection, we will delete it promptly.

8. Cookies & Tracking

We use essential cookies only to:

  • Maintain user authentication and secure sessions
  • Enable core platform functionality
  • Ensure proper security and access controls

We do not currently use cookies for:

  • Analytics or user tracking
  • Marketing or advertising purposes
  • Third-party services (except Google Fonts for typography)

You may manage cookie preferences through your browser settings, though disabling essential cookies will prevent the platform from functioning properly.

If we introduce analytics or marketing cookies in the future, we will update this policy and provide you with appropriate consent options.

9. Email Communications & Marketing

We send various types of email communications as part of our service:

A. Transactional Emails

These emails are essential for platform functionality and cannot be opted out:

  • Account creation and verification
  • Password reset and security alerts
  • Session confirmations and reminders
  • Billing and payment notifications
  • Important platform updates

B. Marketing Communications

With your consent, we may send you marketing communications about our services, educational opportunities, and other relevant information. These emails are optional and sent only with your consent:

  • Newsletter and platform news
  • Feature announcements and tips
  • Special offers and promotions
  • Educational content and resources

C. Managing Your Communication Preferences

You can:

  • Opt-in to marketing communications during account registration or by checking the appropriate box on our forms
  • Opt-out at any time by clicking the “unsubscribe” link in any marketing email, adjusting your account preferences, or contacting us directly

10. Your U.S. State Privacy Rights

Residents of certain U.S. states — including Colorado, Connecticut, and Utah — have additional rights regarding their personal information. These may include the right to:

  • Confirm whether we process your data;
  • Access and obtain a copy of your data;
  • Correct inaccuracies (CO, CT);
  • Request deletion;
  • Receive a portable copy;
  • Opt-out of the sale of personal data, targeted advertising, or certain profiling.

How to exercise your rights: To exercise these rights, contact us at privacy@mymedpath.ai. We will verify your identity before processing your request and respond within the timeframes required by applicable law (typically 30 days).

11. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you by posting a notice on our website or contacting you directly.

12. Contact Us

For questions or to exercise your rights, contact us at:

MyMedPath, LLC

Email: privacy@mymedpath.ai

If you are a resident of Colorado or Connecticut, you may also contact your state Attorney General with concerns about our practices.