M
IMEPro

Privacy Policy

Last updated: April 8, 2026

1. Information We Collect

We collect information in the following ways:

Information you provide

  • Account registration data (name, email, professional credentials)
  • Case and document data submitted through the platform
  • Communications with our support team

Information collected automatically

  • Usage data (pages visited, features used, timestamps)
  • Device information (browser type, operating system, screen resolution)
  • IP address and approximate geographic location
  • Cookies and similar tracking technologies

Information from third parties

  • Physician directory data from the California DWC and NPI Registry (public records)
  • Payment information processed by Stripe (we do not store card numbers)

2. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Process transactions and send billing communications
  • Send transactional emails (verification, password reset, case updates)
  • Respond to support requests
  • Analyze usage patterns to improve user experience
  • Comply with legal obligations, including HIPAA requirements
  • Detect and prevent fraud or security incidents

3. Protected Health Information (PHI)

IMEPro is designed to handle protected health information in compliance with HIPAA. PHI is encrypted at rest and in transit, access is logged for audit purposes, and we maintain a Business Associate Agreement (BAA) with covered entities. We never use PHI for marketing, advertising, or analytics purposes.

4. Information Sharing

We do not sell your personal information. We may share information with:

  • Service providers who assist in operating the platform (hosting, email, payment processing) under contractual data protection obligations
  • Legal authorities when required by law, subpoena, or court order
  • Business transfers in connection with a merger, acquisition, or sale of assets

5. Cookies and Tracking

We use cookies and similar technologies for essential site functionality and analytics. You can control cookie preferences through your browser settings or our cookie consent banner. Essential cookies required for the Service to function cannot be disabled.

6. Data Retention

We retain personal information for as long as your account is active or as needed to provide the Service. Case data and PHI are retained in accordance with applicable medical record retention laws (minimum 7 years in California). You may request deletion of your account data at any time, subject to legal retention requirements.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal information
  • Object to or restrict processing of your data
  • Data portability (receive your data in a structured format)
  • Withdraw consent where processing is based on consent
  • Opt out of the sale of personal information (California CCPA)

To exercise these rights, contact us at support@imepro.io .

8. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information.

9. Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, access controls, audit logging, and regular security assessments. However, no method of transmission or storage is 100% secure.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date.

11. Contact

For privacy-related questions or requests, contact us at support@imepro.io .