Privacy Policy

Last updated: January 2026

1. Introduction

SettleOn AI ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical chronology service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials. For billing purposes, we collect payment information through our secure payment processor (Stripe).

Uploaded Documents

We process medical records and documents you upload to generate chronologies. These documents may contain Protected Health Information (PHI) and are handled in accordance with HIPAA requirements. See our HIPAA Compliance page for details.

Usage Data

We automatically collect certain information when you use our Service, including IP address, browser type, pages visited, time spent on pages, and other diagnostic data.

3. How We Use Your Information

We use your information to:

  • Provide and maintain our Service
  • Process your documents and generate chronologies
  • Process payments and manage your account
  • Send you service-related communications
  • Improve and optimize our Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Data Retention

Uploaded Documents: Medical records and documents you upload are automatically deleted from our servers 30 days after processing. You may request earlier deletion at any time.

Generated Chronologies: Chronologies are retained as long as your account is active, unless you delete them earlier.

Account Data: We retain your account information for as long as your account is active. You may request account deletion at any time.

5. Data Security

We implement industry-standard security measures to protect your data:

  • 256-bit AES encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • AWS HIPAA-eligible infrastructure
  • Regular security audits and penetration testing
  • Access controls and authentication

6. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Third parties that help us operate our Service (e.g., cloud hosting, payment processing)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually obligated to protect your data and comply with applicable privacy laws.

7. Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent

To exercise these rights, contact us at support@settleon.ai.

8. Cookies and Tracking

We use essential cookies to maintain your session and provide core functionality. We may use analytics tools to understand how our Service is used. You can control cookies through your browser settings.

9. Children's Privacy

Our Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes constitutes acceptance.

11. Contact Us

For questions about this Privacy Policy or our data practices, contact us at support@settleon.ai or visit our Contact page.