Privacy Policy

Last updated: 11/5/2025

1. Introduction

Percisio ("we," "our," or "us") is committed to protecting the privacy and security of your personal information and protected health information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical assistance platform and related services.

This Privacy Policy applies to all users of Percisio's services, including healthcare professionals, medical institutions, and patients whose data may be processed through our platform.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Account Information: Name, email address, professional credentials, institutional affiliation, and contact information
  • Professional Information: Medical license numbers, specialty areas, certifications, and professional qualifications
  • Usage Data: Information about how you interact with our platform, including login times, feature usage, and system performance data
  • Communication Data: Records of communications with our support team, feedback, and service requests

2.2 Protected Health Information (PHI)

In the course of providing our medical assistance services, we may process PHI, including:

  • Medical imaging data (CT scans, MRI images, ultrasound data)
  • Procedure-related information and clinical notes
  • Patient identifiers and demographic information (when required for clinical context)
  • Treatment outcomes and procedure results

2.3 Technical Information

We automatically collect certain technical information, including:

  • Device information (hardware specifications, operating system, browser type)
  • Network information (IP address, connection type, location data)
  • System performance metrics and error logs
  • Security and authentication data

3. How We Use Your Information

3.1 Service Provision

We use your information to:

  • Provide and maintain our medical assistance platform
  • Process medical imaging data and provide real-time guidance
  • Authenticate users and manage access to the platform
  • Provide technical support and customer service
  • Ensure system security and prevent unauthorized access

3.2 Quality Improvement

We may use de-identified data to:

  • Improve our algorithms and system performance
  • Conduct research and development activities
  • Generate anonymized analytics and insights
  • Enhance user experience and platform functionality

3.3 Legal and Regulatory Compliance

We use your information to:

  • Comply with applicable laws and regulations
  • Respond to legal requests and court orders
  • Maintain audit trails and compliance records
  • Protect our rights and interests

4. HIPAA Compliance and PHI Protection

HIPAA Compliance: Percisio is designed to comply with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable healthcare privacy regulations. We implement appropriate administrative, physical, and technical safeguards to protect PHI.

4.1 Safeguards

  • Administrative Safeguards: Comprehensive privacy policies, staff training, and access controls
  • Physical Safeguards: Secure data centers, access controls, and environmental protections
  • Technical Safeguards: Encryption, secure transmission, access controls, and audit logs

4.2 Business Associate Agreements

When required, we enter into Business Associate Agreements (BAAs) with covered entities to ensure proper handling of PHI in accordance with HIPAA requirements.

5. Information Sharing and Disclosure

5.1 Limited Sharing

We do not sell, rent, or trade your personal information or PHI. We may share information only in the following limited circumstances:

  • With Your Consent: When you explicitly authorize us to share your information
  • Service Providers: With trusted third-party vendors who assist in providing our services under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Emergency Situations: To protect the health and safety of individuals in emergency circumstances

5.2 De-identified Data

We may share de-identified, aggregated data that cannot be used to identify individuals for research, analytics, and improvement purposes.

6. Data Security

We implement comprehensive security measures to protect your information, including:

  • Encryption: End-to-end encryption for data in transit and at rest
  • Access Controls: Multi-factor authentication and role-based access controls
  • Network Security: Firewalls, intrusion detection, and secure network architecture
  • Regular Audits: Ongoing security assessments and vulnerability testing
  • Staff Training: Regular privacy and security training for all personnel

7. Data Retention

We retain your information only as long as necessary to provide our services and comply with legal obligations:

  • Account Information: Retained while your account is active and for a reasonable period thereafter
  • PHI: Retained in accordance with applicable healthcare regulations and institutional requirements
  • Technical Data: Retained for system maintenance and security purposes
  • Legal Requirements: Some data may be retained longer to comply with legal obligations

8. Your Rights and Choices

8.1 Access and Correction

You have the right to:

  • Access your personal information and PHI
  • Request corrections to inaccurate or incomplete information
  • Request copies of your data in a portable format

8.2 Deletion and Restriction

You may request:

  • Deletion of your personal information (subject to legal and regulatory requirements)
  • Restriction of processing in certain circumstances
  • Objection to certain types of data processing

8.3 Withdrawal of Consent

Where processing is based on consent, you may withdraw your consent at any time. However, this may affect your ability to use certain features of our platform.

9. International Data Transfers

If you are located outside the United States, please note that your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and adequacy decisions where applicable.

10. Children's Privacy

Our services are not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

12. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: hello@percisio.com

13. Complaints

If you believe we have violated your privacy rights, you may file a complaint with us or with the appropriate regulatory authority in your jurisdiction. We will investigate all complaints promptly and take appropriate corrective action.