Last Updated: November 1, 2023
This Privacy Notice describes how Medical Bill AI Labs, Inc. (“MedBill AI”, we”, “us”, “our”) collects, uses and discloses information about you when you use our website (www.medbill.ai), applications, services, tools and features, or otherwise interact with us (collectively, the “Services”). For the purpose of this Privacy Notice, and “you” and “your” means you as the user of the Services. Please note that the Services are designed for users in the United States only and are not intended for users located outside the United States.
Please read this Privacy Notice carefully. By using any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Notice. If you do not agree to this Privacy Notice, please do not use or access the Services.
Changes to this Privacy Notice
We may modify this Privacy Notice from time to time, in which case we will update the “Last Updated” date at the top of this Privacy Notice, post the updated version on our Services and take any other steps required by applicable law. If you do not agree to any updates to this Privacy Notice, please do not continue to use or access the Services.
Collection and Use of Information
When you use or access the Services, we collect certain information about you from different sources.
Information You Provide to Us
Some features of the Services may require you to directly provide us with certain information. You may elect not to provide this information but doing so may prevent you from using or accessing these features. Information that you directly submit through our Services includes:
- Contact information, such as your name, email address, telephone number, physical address and billing address.
- Account information, such as username, password, security questions that you select and the answers you provide and other profile or account information that you provide. If you choose to register an account, you are responsible for keeping your account credentials safe. We recommend you do not share your access details with anyone else. If you believe your account has been compromised, please contact us immediately.
- Identify information, such as your date of birth, insurance member ID number, insurance membership card and account number for healthcare providers and hospitals.
- Billing related information, such as information contained in bills that you upload or email to the Services, information on services received, payment transactions, identity of healthcare providers and third party payors, submitted insurance claims and coverage information.
- Payment information, such as credit or debit card information and billing address, collected on our behalf by our payment processor, and information about your transactions with us.
- User Interactions and Input, such as communications and requests made through our Services, text prompts that you enter and any supporting documentation or information you provide.
- Other information you choose to provide in communications with us, for example, when sending us an email, interacting with us through our online chatbot or responding to surveys.
When you create an account with us and use our Services, you may provide us with certain health information, such as information about health-related procedures, treatments, conditions, medication and diagnostic testing. You may authorize us to receive certain health-related information from your health insurance company, healthcare providers or other third parties that we interact with. In addition, we may record or create transcripts of phone calls and communications with these third parties, as part of providing the Services to you.
While some of the information that we receive from certain third parties may be considered “protected health information” or “PHI” under the Health Insurance Portability and Accountability Act (“HIPAA”) while maintained by the healthcare provider or third party payor, MedBill AI is not a covered entity or business associate and therefore is not subject to HIPAA.
Information Collected Automatically
We, and third parties on our behalf, may automatically collect certain information about your interactions with the Services and emails, including through cookies and other tracking technologies (“Tracking Technologies”). We may associate this information with the device you use to access the Services, email accounts you use to engage with us, and other information collected directly from you or other sources. Such information includes:
- Device information, such as device type, operating system, screen size, unique device identifier, Internet protocol (IP) address, preferred language and browser information.
- Location information, such as approximate location.
- Other information regarding your interaction with the Services, such as browser type, log data, date and time stamps, emails you have opened and clickstream data (e.g., page requests, page views, how much time is spent on a page, content viewed or interacted with, text entered, etc.).
For further information on how we use Tracking Technologies and your choices, see the section below, Cookies and Other Tracking Technologies.
Information Collected from Other Sources
We may obtain information about you from outside sources, including:
- Health insurance information, such as historical and ongoing coverage information and explanation of benefits, that we receive when you connect your health insurance account with our Services.
- Information received from healthcare providers and other third parties, such as when interacting with such third parties on your behalf, as described further in the Health Information section above.
- Information we receive from social media platforms, such as when you interact with us on Facebook or Instagram.
Any information received from outside sources will be treated in accordance with this Privacy Notice. We are not responsible for the accuracy of the information provided to us by third parties and are not responsible for any third party’s policies or practices. For more information, see the Third Party Websites and Links section below.
Use of Information
- Administer and otherwise provide the Services, including to create and maintain your account, process your payments and provide you with products and services that you have requested.
- Verify your identity and our authority to act on your behalf when interacting with healthcare providers and other third parties.
- Monitor and analyze trends, better understand user interactions and experiences, tailor your experience with the Services, conduct internal research and development, train the models that power our Services and improve and develop our products and technology.
- Enhance the safety and security of our Services, such as to conduct troubleshooting, data analysis, testing, system maintenance and reporting.
- Provide customer support, respond to your queries, tell you about products or services that may be of interest and send you announcements in relation to your account and other communications.
- Comply with applicable legal obligations, enforce our contractual arrangements and policies, and protect or defend the Services, our rights and the rights of our users or others.
We may also aggregate or deidentify information such that it no longer identifies you, and use that information in accordance with applicable law.
Disclosure of Information
We may disclose your information in certain circumstances, subject to this Privacy Notice, including:
- Through your use of the Services, when we engage on your behalf with third parties such as health insurance providers, healthcare billing offices, healthcare providers and debt collectors, through various channels such as emails, letters, faxes, forms, online portals and APIs, and phone calls. We will disclose what we deem necessary, within reason, to address your specific issues.
- To vendors or other service providers who help us provide the Services, including for cloud storage, system administration, security, customer relationship management, payment processing, marketing communications, data analytics and the deployment of Tracking Technologies. We generally require service providers to only process personal information about you to provide services to us.
- For legal and security reasons and to protect our services and business, such as with regulators, law enforcement agencies, public authorities, or any other relevant organizations to comply with applicable law or obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries, to protect the interests of, and ensure the safety and security, of us, our users, a third party or the public, to exercise or defend legal claims, and to enforce our Terms of Service or other agreements.
- In connection with or anticipation of a business transaction , such as an asset sale, merger, bankruptcy, share sale or other business transaction or re-organization (including while negotiating or in relation to a change of corporate control).
- With professional advisors, such as auditors, law firms or accounting firms, to the extent necessary for purposes of receiving advice from them.
- To our affiliates or others within our corporate group.
- When you otherwise request or direct us to disclose information, such as when you direct us to communicate with your healthcare provider, with your consent or to perform our contract with you.
Cookies and Other Tracking Technologies
We use Tracking Technologies to collect information about your browsing activities, including your browsing over time and across different websites following your use of our Services. These Tracking Technologies may be placed by us or third parties, including Google, and allow us to recognize and count the number of users and see how users move around our website. This helps us analyze and improve our products and services and deliver ads targeted to your interests.
Most browsers accept Tracking Technologies automatically, but you may be able to control the way in which your devices permit the use of Tracking Technologies. If you so choose, you may block or delete certain Tracking Technologies from your browser; however, blocking or deleting Tracking Technologies may cause some of the Services, including login features and general functionality, to work incorrectly.
Your browser settings may also allow you to transmit a “Do Not Track”, “opt-out preference” signal or other mechanism for exercising your choices regarding the collection of your information when you visit various websites. Like many websites, our website is not designed to respond to such signals. To learn more about “Do Not Track” signals, you can visit www.allaboutdnt.com. To opt out of tracking by Google Analytics, you can download and install a plug-in available here.
User Generated Content
The Services may host forums, message boards and other opportunities to collaborate with other users, which you may choose to participate in. You may submit your contact information, messages and other information (“UGC”). We or others may use UGC, and may or may not attribute it to you. If you submit UGC to any public area of the Services, your UGC will be considered “public” and will be accessible by anyone, including others who may share it with third parties. We are not responsible for the accuracy, use, privacy, or security of any UGC you choose to make public, or disclose or receive from third parties.
Certain features of the Services allow you to initiate interactions between the Services and third-party services or platforms, such as Facebook, Instagram, YouTube, TikTok, LinkedIn, X (“Social Features”). Social Features include features that allow you to access our pages on third-party platforms, and from there “like” or “share” our content. Use of Social Features may allow a third party to collect and/or use your information. If you use Social Features, information you post or make accessible may be publicly displayed by the third-party service. Both we and the third party may have access to information about you and your use of both the Services and the third-party service. For more information, see the section below, Third Party Websites and Materials.
Third Party Websites and Links
We may provide links to third party websites or platforms, or make available content, data or materials from third parties. If you follow links to sites or platforms that we do not control and are not affiliated with us, you should review the applicable privacy notice, policies and other terms. We are not responsible for the privacy or security of, or information found on, these sites, or the accuracy, completeness or reliability of third-party materials. Information you provide on public or semi-public venues, such as third-party social networking platforms, may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators.
Our Services are not intended for children, and we do not seek or knowingly collect any personal information from children. If we become aware that we have unknowingly collected information from a child, in particular children under 13 years of age, we will make commercially reasonable efforts to delete such information from our database. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us using the below information to request that it be deleted.
Data Security and Retention
Please note that any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure while in transit. We recommend that you do not use unsecure channels to send us sensitive or confidential information. Despite our commercially reasonable efforts, no security measures are impenetrable, and we cannot guarantee “perfect security.”
We retain your information for as long as is reasonably necessary in order to provide our products and services, or for other legitimate purposes such as safety and security reasons, complying with our legal obligations or for other purposes specified in this Privacy Notice. The length of time we retain information depends on various criteria, including the amount, nature and sensitivity of the information, whether we need the information to continue to administer your account, provide the Services, enforce our contracts, prevent harm, promote integrity, or protect ourselves, including our rights, property or products.
Depending on where you live, you may have certain rights in relation to your personal information, such as the right to request to access the information we hold about you, obtain information regarding our collection, use and disclose of information, delete information or withdraw consent to process your information. You may also be able to object to receiving marketing by using the unsubscribe/opt-out function displayed in our communications to you.
However, these rights are not absolute, and may apply only in certain circumstances. To exercise any of these rights, you can contact us at email@example.com.
Should you have any questions about our privacy practices or this Privacy Notice, please email us at firstname.lastname@example.org or contact us at 169 Madison Ave #2473, New York NY 10016, USA.