clinical_notes
Prosivo
Log In Join Waitlist

Privacy Policy

Last updated: January 30, 2026

1. Introduction

Prosivo Inc. ("Prosivo," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our educational clinical reasoning platform.

Prosivo is an educational tool only. It is not designed for clinical use with real patients, and users must never enter Protected Health Information (PHI) or real patient data.

2. Critical: No Protected Health Information (PHI)

Prosivo is NOT designed to collect, store, or process Protected Health Information (PHI) or any real patient data.

You must NEVER enter real patient information into Prosivo, including:

  • Patient names, initials, or identifiers
  • Medical record numbers (MRNs)
  • Social Security numbers
  • Dates of birth, admission, or discharge
  • Contact information (phone, address, email)
  • Photographs or biometric data
  • Any information that could identify a real patient

PHI Detection and Blocking: Prosivo employs automated systems to detect potential PHI in user inputs. If PHI is detected:

  • The input is blocked and not processed
  • The input is not stored in our systems
  • The input is not sent to AI providers
  • You will receive a warning message

However, no automated system is perfect. You remain solely responsible for ensuring no real patient data is entered into Prosivo.

3. Information We Collect

3.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (stored securely using industry-standard hashing)
  • Training level (e.g., MS1, MS2, Resident) if provided
  • Institution name (optional)

3.2 Usage and Learning Data

To provide and improve our educational service, we collect:

  • Case interactions (questions asked, answers submitted)
  • Learning progress and performance metrics
  • Session duration and activity timestamps
  • Feature usage patterns

This data is used to personalize your learning experience, track progress, and improve our educational content. This data contains NO real patient information — only your interactions with synthetic educational cases.

3.3 Technical Information

We automatically collect:

  • IP address (for security and fraud prevention)
  • Browser type and version
  • Device type and operating system
  • Referring URLs and pages visited

3.4 Payment Information

If you purchase a subscription, payment is processed by Stripe. We do not store your full credit card number. We receive only:

  • Last four digits of your card
  • Card expiration date
  • Billing address
  • Transaction confirmation

4. How We Use Your Information

We use collected information to:

  • Provide and maintain the Prosivo platform
  • Personalize your learning experience
  • Track your educational progress
  • Process payments and manage subscriptions
  • Send service-related communications
  • Improve our educational content and AI models
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

5. AI and Third-Party Services

Prosivo uses AI services (including Anthropic's Claude) to power educational interactions. When you interact with our AI tutor:

  • Your inputs are sent to AI providers to generate responses
  • PHI detection occurs before any data is sent to AI providers
  • AI providers may process data according to their own privacy policies
  • We use enterprise-grade AI services with data protection agreements

We do not use your inputs to train AI models. Your educational interactions remain private and are not shared with AI providers for model training purposes.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties who help us operate our platform (hosting, payment processing, analytics) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • Aggregated Data: We may share anonymized, aggregated statistics that cannot identify individuals

7. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Secure password hashing (PBKDF2 with high iteration count)
  • Two-factor authentication (2FA) option
  • Regular security audits and monitoring
  • Access controls and audit logging
  • Cloud infrastructure with SOC 2 compliance

However, no system is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

  • Account data: Retained until you delete your account
  • Learning progress: Retained to track your educational journey
  • Security logs: Retained for up to 7 years for compliance
  • Blocked PHI inputs: NOT retained — blocked inputs are discarded immediately

You may request deletion of your account and associated data by contacting us.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Delete your account and personal data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at [email protected].

10. Cookies and Tracking

We use essential cookies for:

  • Session management and authentication
  • Security (CSRF protection)
  • User preferences

We may use analytics cookies to understand how users interact with our platform. You can control cookies through your browser settings.

11. Children's Privacy

Prosivo is intended for medical students and healthcare professionals. We do not knowingly collect information from children under 18. If we learn we have collected data from a child under 18, we will delete it promptly.

12. International Data Transfers

Prosivo is based in the United States. If you access our service from outside the US, your information may be transferred to and processed in the US, which may have different data protection laws than your country.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or prominent notice on our platform. Your continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions or to exercise your rights:

Email: [email protected]
Address: Prosivo Inc., United States