Privacy Policy
MedMalPredict AI
Last updated: March 2026
1. Introduction
NoTreesHarmed LLC, doing business as MedMalPredict AI ("Company," "we," "us," or "our"), is committed to protecting the privacy of users of the MedMalPredict AI service ("Service") available at medmalpredict.com. This Privacy Policy explains what information we collect, how we use it, and your rights with respect to that information.
By using the Service, you agree to the collection and use of information as described in this policy.
2. Information We Collect
2.1 Information You Provide Directly
When you register for or use the Service, we collect:
- Account information: name, email address, firm or organization name, and billing address
- Case input data: the case characteristics you enter when running a prediction (jurisdiction, allegation type, injury severity, practitioner specialty, patient demographics, etc.)
- Payment information: billing name, address, and payment card details, collected and processed by Stripe; we do not store full card numbers
- Communications: any messages, support requests, or feedback you send us
2.2 Information Collected Automatically
When you use the Service, we automatically collect:
- Usage data: pages visited, features used, prediction history, timestamps, and session duration
- Device and connection data: IP address, browser type and version, operating system, and referring URLs
- Analytics data: behavioral data collected through Google Analytics (see Section 5)
2.3 Information We Do Not Collect
We do not collect or store:
- Full payment card numbers (handled by Stripe)
- Social Security numbers or government identification
- Patient names, medical record numbers, or individually identifiable health information; case inputs use categorical and demographic data only, not patient identifiers
3. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Providing the Service: authenticating your account, processing predictions, storing prediction history | Contractual necessity |
| Processing payments | Contractual necessity |
| Communicating with you: account confirmations, support responses, product updates | Contractual necessity / Legitimate interest |
| Improving the Service: analyzing aggregate usage patterns to improve reliability and accuracy | Legitimate interest |
| Complying with legal obligations | Legal obligation |
| Preventing fraud and unauthorized access | Legitimate interest |
We do not use your case input data to retrain our prediction models. Your inputs are used solely to generate your prediction.
4. How We Share Your Information
We do not sell, rent, or share your personal information or case data with third parties, except as follows:
4.1 Service Providers
We share information with third-party vendors who help us operate the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Billing name, email, payment details |
| Clerk | Authentication | Email, account session data |
| Microsoft Azure | Cloud hosting and storage | All account and prediction data |
| Google Analytics | Usage analytics | Anonymized usage and behavioral data |
Each of these providers processes data only as necessary to perform their services and is bound by data processing agreements or their own privacy policies.
4.2 Legal Requirements
We may disclose information if required to do so by law, court order, or government authority, or to protect the rights, property, or safety of the Company, our users, or the public.
4.3 Business Transfers
If the Company is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you before your information is subject to a materially different privacy policy.
4.4 With Your Consent
We may share information for other purposes with your explicit consent.
5. Cookies and Tracking
5.1 Cookies. We use cookies and similar technologies to maintain your authenticated session, remember preferences, and analyze usage patterns.
5.2 Google Analytics. We use Google Analytics to understand how users interact with the Service. Google Analytics collects information such as pages visited, time on site, and general location (country/region level). This data is aggregated and anonymized. You may opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-On.
5.3 Do Not Track. Our Service does not currently respond to "Do Not Track" browser signals.
6. Data Security
We implement technical and organizational measures designed to protect your information from unauthorized access, disclosure, alteration, or destruction:
- All data is stored on Microsoft Azure cloud infrastructure with encryption at rest (AES-256) and in transit (TLS 1.2+)
- Authentication is managed by Clerk with industry-standard session security
- Access to your account data and prediction history is restricted to your authenticated session
- Payment data is processed by Stripe and is not stored on our servers
No security system is impenetrable. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.
7. Data Retention
We retain your information for the duration of your account and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.
- Account data: Retained while your account is active and for up to 24 months after account closure.
- Prediction history: Retained for the duration of your account. You may request deletion of specific predictions by contacting us.
- Payment records: Retained for 7 years as required for tax and accounting purposes.
- Analytics data: Aggregated anonymized data may be retained indefinitely.
8. Your Rights and Choices
8.1 Access and Correction. You may access and update your account information through your account settings at any time.
8.2 Data Deletion. You may request deletion of your account and all associated personal data by contacting privacy@medmalpredict.com. We will process deletion requests within 30 days, subject to our retention obligations under applicable law.
8.3 Prediction History. You may request deletion of specific prediction records without closing your account.
8.4 Marketing Communications. If you have subscribed to marketing emails, you may unsubscribe at any time via the unsubscribe link in any email or by contacting us.
9. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a minor without parental consent, we will delete it promptly.
10. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party services you access.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by email to registered users or by prominent notice on the Service at least 14 days before taking effect. Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.
The date at the top of this policy reflects when it was last updated.
12. Contact Us
For privacy-related questions, requests, or concerns:
- Privacy inquiries: privacy@medmalpredict.com
- General support: support@medmalpredict.com
We will respond to privacy requests within 30 days.