Privacy Policy
Last updated: February 1, 2026
1. Information We Collect
We collect the minimum information necessary to provide and improve the Service:
| Data | Purpose | Retention |
|---|---|---|
| Email address | Account login, digest delivery | Until account deletion |
| NPI number (optional) | Provider verification via CMS NPPES | Verified status stored; NPI not retained |
| Usage analytics | Service improvement, content curation | Aggregated; PII removed after 90 days |
| Browser cookies | Authentication session | Session duration |
2. How We Use Your Information
We use your information to:
- Provide and maintain the Service, including delivering digest emails
- Verify provider credentials via the CMS NPI Registry
- Generate AI-powered clinical analysis of healthcare articles
- Improve content curation and relevance
- Communicate service updates or changes
3. Third-Party Services
We use the following third-party services to operate:
- Supabase — Authentication and database hosting
- Anthropic (Claude) — AI-powered article analysis
- Resend — Email delivery for digest emails
- Vercel — Application hosting and analytics
- CMS NPPES — NPI number verification
Each provider operates under their own privacy policy. We share only the minimum data necessary with each provider.
4. Anonymized Data Sharing
We may share anonymized, aggregated data with healthcare industry partners. This includes trend data such as which topics are most read, engagement metrics by medical specialty, and content popularity. This data is fully de-identified and cannot be traced back to individual users. We never sell personal information.
5. Your Rights
You have the right to:
- Access — Request a copy of your personal data
- Rectification — Correct inaccurate personal data
- Deletion — Request deletion of your account and data
- Portability — Receive your data in a structured format
- Objection — Object to processing of your data
- Unsubscribe — Opt out of digest emails at any time via the unsubscribe link
To exercise any of these rights, contact us at privacy@healthaidigest.com.
6. Cookies
We use essential cookies only for authentication purposes. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Our analytics are privacy-focused and do not track individual users across sites.
7. Data Security
We implement industry-standard security measures to protect your data, including encrypted connections (TLS), secure authentication via Supabase, and restricted access controls. However, no method of electronic transmission or storage is 100% secure.
8. Data Retention
We retain your personal data only as long as necessary to provide the Service. When you delete your account, we remove your personal data within 30 days. Anonymized, aggregated data may be retained indefinitely for analytics purposes.
9. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If we learn that we have collected data from a minor, we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of significant changes via email or a prominent notice on the Service. Continued use after changes constitutes acceptance.
11. Contact
For questions or concerns about this Privacy Policy, contact us at privacy@healthaidigest.com.
© 2026 AI Healthcare Digest. All rights reserved.