Privacy Statement - Neuriphy

Privacy Statement

Effective Date:7/13/2025

Introduction and Scope

Neuriphy LLC (“Neuriphy,” “we,” “us,” or “our”) operates a healthcare claims denial management platform, the website https://neuriphy.ai/, and related services. This Privacy Policy (“Policy”) explains how we collect, use, disclose, transfer, secure, and manage your personal data. It also outlines your rights under applicable privacy, health, and data protection laws including HIPAA, GDPR, CCPA/CPRA, and other analogous international laws. This Policy applies to all visitors, clients, users, prospective customers, and business partners interacting with our website or services. Where applicable, Neuriphy acts as a Business Associate under HIPAA and maintains Business Associate Agreements (BAAs) and safeguards consistent with regulatory requirements. By using our website or services or providing your personal data to Neuriphy, you acknowledge that you have read, understood, and consent to this Policy and our processing of your data as described herein. We reserve the right to update this Policy at our sole discretion and will notify you of any material changes prior to their effective date when feasible. Continued use after changes constitutes acceptance.

Data Protection Officer

Neuriphy is headquartered in the United States. Neuriphy has appointed an internal data protection officer for you to contact if you have any questions or concerns about Neuriphy’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to Neuriphy’s data protection officer: info@neuriphy.ai

How we collect and use (process) your personal information

We collect personal data including, but not limited to, identifiers and contact information such as name, job title, employer, business address, email, and phone number; device and usage data including IP address, browser type, operating system, and session logs; service- and claims-related data including claim identifiers, payer data, denial reasons, appeals, and audit logs; third-party data from public or licensed sources like LinkedIn; and data you provide voluntarily such as support inquiries and form submissions. We may also generate derived or analytical data, such as scores or predictions, which may be pseudonymized or anonymized when feasible. We do not sell your personal data and only use or share it as permitted by law or described in this Policy.

Use of the Neuriphy Website

As is true of most other websites, Neuriphy’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Neuriphy’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

Neuriphy has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Neuriphy with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.

Legal Bases for Processing and Consent

Neuriphy processes personal data on one or more legal bases including your explicit consent (which you may withdraw), performance of a contract, compliance with legal obligations, legitimate interests that do not override your rights, and, where applicable, public or vital interests. Sensitive data, including health information beyond what is necessary for core services, or automated profiling, will only be processed with your explicit consent and subject to applicable legal restrictions.

Cookies and tracking technologies

Our website automatically collects technical and usage data such as IP addresses, browser details, and session logs to improve functionality and security. We use cookies and tracking technologies to enhance user experience, including analytics and marketing cookies. You can manage your cookie preferences via our consent banner or browser settings. Currently, we do not honor “Do Not Track” browser signals but may adjust this as standards evolve. Processing of this data is done under legitimate interests or your consent as required.

Use of Services, Including AI and Claims Processing

Neuriphy processes health and claims data, including associated metadata and audit trails, to provide claims denial management services. We may employ AI and machine learning technologies to generate predictions, scores, or recommendations designed to assist human decision-making. Such automated systems do not make final determinations without human oversight. All data is handled in accordance with stringent confidentiality standards, with safeguards consistent with HIPAA, GDPR, and similar laws, including anonymization where practical.

Automated Decision-Making, AI Transparency, and Bias

While leveraging AI tools to improve services, automated decision-making processes are subject to strict human review; no adverse decisions are based solely on automated outputs. Neuriphy expressly disclaims liability for inaccuracies, biases, or errors in AI-generated content or predictions. We do not guarantee accuracy, fairness, or completeness of AI outputs. Where required by law, you may request information about the logic involved in automated decisions, their significance, and seek human review or contestation. We reasonably comply with applicable AI regulations, including the EU AI Act and relevant U.S. executive orders, and reserve the right to update or modify AI systems without prior notice.

Sharing and Disclosure

Personal data is disclosed only to authorized subprocessors and vendors under strict confidentiality and data protection agreements, to comply with lawful requests, to protect our rights or safety, or with your consent. Data may also be disclosed in corporate reorganizations or as aggregated, non-identifiable information. We disclaim liability for third-party actions beyond our control except as prohibited by law.

The personal information Neuriphy collects from you is stored in one or more databases hosted by trusted third-party service providers located in the United States. These third parties are contractually obligated and technically restricted from using or accessing your personal data for any purpose other than secure cloud storage and data retrieval services on Neuriphy’s behalf.

Neuriphy does not disclose your personal information to any non-affiliated persons or businesses for their independent use, except in the following circumstances:

  • You have expressly requested or authorized such disclosure;
  • It is in connection with Neuriphy-hosted or co-sponsored conferences or events, as described elsewhere in this Policy;
  • Disclosure is necessary to comply with applicable laws, regulations, court orders, or legal processes such as search warrants or subpoenas, or to enforce agreements or protect Neuriphy’s rights, property, or safety, or the rights, property, or safety of our employees or others;
  • Personal data is shared with Neuriphy’s authorized agents, vendors, or service providers who perform functions on our behalf under strict confidentiality and data protection agreements;
  • Disclosure is required to address emergencies or acts of God affecting safety or service continuity;
  • To resolve disputes, claims, or respond to authorized representatives with valid legal authority acting on your behalf.

In addition, Neuriphy may collect and aggregate non-personally identifiable information about website visitors and service usage. Such aggregated data may be disclosed to partners, service providers, advertisers, or other third parties solely for marketing, promotional, or analytical purposes, provided it does not include personally identifiable information.

Neuriphy’s website may integrate with or link to third-party platforms and social media services such as Facebook, LinkedIn, and Twitter. If you choose to share information from Neuriphy’s website through these services, your information will be subject to their respective privacy policies. Additionally, these third-party services may associate your visit to our site with your personal data held by them, depending on your membership or account settings with those platforms.

Neuriphy expressly disclaims all liability for the privacy practices or data handling of any third-party websites or services linked from or integrated with our website.

Transferring personal data to the U.S.

Neuriphy has its headquarters in the United States. Information we collect about you will be processed in the United States. By using Neuriphy’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, Neuriphy is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, Neuriphy also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Neuriphy in a manner that does not outweigh your rights and freedoms. Neuriphy endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Neuriphy and the practices described in this Privacy Statement. Neuriphy also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Neuriphy has received zero government requests for information.

For more information or if you have any questions, please contact us at info@neuriphy.ai

Your Rights and Choices

Depending on your jurisdiction, you have rights to access, correct, delete, restrict processing, or object to our use of your data, as well as rights to data portability and withdrawal of consent. You may exercise these rights by contacting info@neuriphy.ai. We may require identity verification and will respond within applicable legal timelines. Exercising your rights will not result in discrimination or denial of service except as allowed by law.

Security and Breach Notification

Neuriphy employs industry-standard security measures, including encryption, access controls, role-based permissions, network protections, audits, and incident response protocols. In the event of a data breach impacting your personal data, we will notify you and relevant authorities as required by HIPAA, GDPR, CCPA, and applicable law to the extent such notification is legally required and practical. We disclaim all liability for unauthorized access resulting from factors outside our reasonable control.

Data Retention and Deletion

Personal data is retained only as long as necessary for its intended purpose, compliance, or legal obligations. Customer service data is retained during active engagement and for up to seven years thereafter unless otherwise required by law. Prospect data is retained as long as it maintains legitimate business value. Upon verified request, we will delete or anonymize personal data unless retention is required by law or contract.

Children’s Privacy

Our services and website are not intended for children under 18, and we do not knowingly collect data from minors. If we become aware of such data, we will promptly delete it upon verification.

Confidentiality and Vendor Obligations

All employees, contractors, and vendors with access to personal or health data are contractually bound by strict confidentiality and data protection obligations. Access is limited to need-to-know personnel, with regular audits to detect unauthorized use. Vendors and subprocessors must comply with equal or stricter privacy and security standards and submit to audits.

Indemnification and Limitation of Liability

By using Neuriphy’s services or website, you agree to indemnify, defend, and hold harmless Neuriphy and its affiliates, officers, employees, and contractors from any claims, damages, or expenses arising from your breach of this Policy, misuse of services, or violation of applicable laws. To the fullest extent permitted by law, Neuriphy’s aggregate liability for any damages arising out of or related to this Policy or our services, whether in contract, tort, or otherwise, shall not exceed the amount you have paid to Neuriphy in the 12 months preceding the claim We disclaim liability arising from use or inability to use AI-generated outputs, including any alleged bias, errors, or inaccuracies.

Governing Law and Dispute Resolution

This Policy is governed by the laws of the State of Colorado, USA, excluding conflict-of-law principles. Disputes shall be resolved by binding arbitration in Denver under American Arbitration Association rules unless otherwise mandated by law. Invalid provisions will not affect the remainder of the Policy. No waiver is effective unless in writing.

Miscellaneous

We are not responsible for the privacy practices of third-party websites linked from ours. Testimonials or case studies involving your data or identity will only be published with your explicit consent, which may be revoked. We may update this Policy periodically; material changes will be notified in advance where feasible. Continued use constitutes acceptance of updates.

Questions, Concerns, or Complaints

If you have any questions, concerns, complaints, or wish to exercise your privacy rights, please contact us at info@neuriphy.ai