Privacy Policy

RecordIQ Privacy Policy

RecordIQ Enterprise Edition — Version 5.13.0 — Effective: March 31, 2026

RecordIQ is designed from the ground up as a privacy-first, Zero Trust application. We do not collect, transmit, store, or have access to any patient or document data.

1. Zero Collection – What We Do Not Collect

RecordIQ Enterprise Edition operates entirely offline for all document processing. The Software does not collect, transmit, or access any of the following during normal operation:

No Document Data: No access to files, PDFs, images, or any processed content.

No OCR Output: No extracted text, classifications, or processing results are transmitted.

No PHI: No Protected Health Information of any kind leaves your machine.

No Usage Data in the Desktop Software: The RecordIQ desktop application does not collect telemetry, analytics, session data, or behavioral tracking. Website analytics are described in Section 10.

Diagnostic Data: The Software includes an optional, user-initiated diagnostic submission feature. This feature is strictly opt-in and requires explicit user action. All PHI (23 types) is automatically filtered from log data before transmission. No diagnostic data is collected or transmitted without Licensee’s affirmative consent.

The Software connects to RecordIQ servers only for the following limited purposes: (a) EULA acceptance and email verification; (b) license activation and periodic validation; (c) optional software update checks; (d) support ticket submission (when you contact support@recordiq.app). These connections transmit only your email address, License Key, and a hardware-derived device identifier — never any document data, PHI, or processing results. See Section 4 for full details on data collected for licensing.

2. Software Architecture

The Software operates entirely on your local workstation. All features—including document processing, classification, chronology building, search, duplicate detection, ICD/CPT extraction, local encryption, and audit logging—are performed offline.

The Software connects to RecordIQ cloud servers (Microsoft Azure) for license activation, periodic license validation, EULA verification, optional update checks, and support ticket processing. No document data, OCR results, or PHI is ever transmitted during these connections.

3. Data Security

Encryption: All processed data is encrypted locally using AES-256-GCM, a NIST-approved (FIPS 197 (GCM mode per NIST SP 800-38D)) standard. Encryption keys are generated locally and never leave your machine. Plaintext data is automatically deleted after encryption.

Data Lifecycle and Metadata Scrubbing: Upon completion of each processing job, all temporary plaintext files, intermediate extraction data, and processing metadata are permanently destroyed using multi-pass random overwrite (secure deletion). No residual document content, extracted text, OCR output, or processing artifacts remain on disk after the job completes. A startup sweep automatically detects and destroys any residual temporary files from prior sessions (e.g., due to unexpected shutdown). A retry mechanism handles Windows file-lock scenarios, retrying deletion up to 10 times over 5 minutes. An immutable audit log entry confirms each secure deletion event. Only the final encrypted output files (AES-256-GCM) remain on the local workstation under the user’s control.

Audit Logs: Immutable, append-only logs track all local processing activities to support compliance with HIPAA and other regulatory requirements. Audit logs remain on your local machine and are never transmitted to RecordIQ servers.

4. Licensing and Payment

License Validation: License keys are validated via secure cloud connection to RecordIQ’s Azure-hosted license server. Validation uses cryptographic signatures (Ed25519) and transmits only your license key and a hardware-derived device identifier. License validation occurs at activation and periodically thereafter, with a 30-day offline grace period for uninterrupted use.

Information Collected for Licensing: When you purchase RecordIQ, we collect six pieces of information about you:

1. Your name (from Stripe Checkout)
2. Your email address (from Stripe Checkout)
3. Your selected plan tier (Standard or Pro)
4. The amount you paid
5. A Stripe transaction reference (for refund and dispute handling)
6. A hardware-derived device identifier (machine ID) — added when you first activate the license, so the license can be bound to your installation per HIPAA §164.312(a)(1) access control requirements.

We also store internal operational metadata (timestamps, status flags, activation history) needed for license validation, customer support, and audit logging. This metadata is non-personal — it describes the license state, not you.

All collection is for license fulfillment, customer support, accounting, and audit purposes only. RecordIQ does not use this information for marketing, profiling, or any third-party sharing other than the sub-processors listed in Section 6.

Payment Processing: All transactions are handled by Stripe, a PCI DSS Level 1 certified payment processor. RecordIQ does not access full credit card numbers, CVV, or bank account details. See Stripe’s privacy policy at stripe.com/privacy.

License Data Storage: License information (name, email, license key, purchase date, tier, and machine identifier) is encrypted at rest (AES-256) in Microsoft Azure Table Storage (US East 2 and Canada East regions). Data is used exclusively for license validation, customer support, and compliance auditing.

EULA Acceptance Data (Licensing Data): When you accept the End User License Agreement, the following is recorded in Microsoft Azure Table Storage: your email address, a hardware-derived device identifier (machine ID), EULA version accepted, app version, and acceptance timestamp. A 6-digit email verification code is sent to confirm your email address before acceptance. Your email is verified but not stored beyond the EULA acceptance record.

Support Ticket Data: When you contact support@recordiq.app, your email is processed by RecordIQ’s cloud-based support system (Microsoft Azure). The following is stored in Azure Table Storage: your email address, subject line, message body (with PHI automatically filtered using pattern matching for 23 PHI categories before transmission), ticket ID, priority classification, and resolution status. Support ticket data is retained for three (3) years after ticket resolution for audit and quality assurance purposes. No document data or attachments are stored in the cloud.

Data Retention: License and EULA acceptance data is retained for the duration of your active license plus three (3) years after expiration or termination for standard license data, or plus seven (7) years where required by applicable provincial health privacy legislation (e.g., PHIPA), for tax and audit purposes. You may request deletion of your data at any time by contacting support@recordiq.app.

5. Your Privacy Rights

Since all document data remains local, you retain full control over your data at all times. You may request access, correction, deletion, or portability of license-related information. You may also withdraw consent for optional data processing at any time by contacting support@recordiq.app or calling 1-877-217-4501.

We respect the following privacy rights where applicable:

CCPA: California Consumer Privacy Act. Licensee may request disclosure of personal information collected, request deletion, and opt out of sale. RecordIQ Software LLC does not sell personal information. To exercise CCPA rights, contact legal@recordiq.app or call 1-877-217-4501.

PIPEDA: Canada’s Personal Information Protection and Electronic Documents Act

PHIPA: Ontario’s Personal Health Information Protection Act

PIPA: British Columbia and Alberta privacy acts

Quebec Law 25: Act respecting the protection of personal information in the private sector

RecordIQ does not sell personal information under any jurisdiction.

6. Canadian Privacy Compliance

RecordIQ is designed to support PIPEDA compliance and provincial equivalents. Compliance with applicable laws and regulations remains the sole responsibility of the Licensee, as stated in the End User License Agreement §7.2. Our Zero Trust architecture is designed to support compliance with PIPEDA Schedule 1 principles:

Accountability: RecordIQ Software LLC is responsible for all personal information under its control. Contact: legal@recordiq.app

Identifying Purposes: Name and email are used only for license fulfillment and support.

Consent: Explicit consent is obtained at the time of license purchase.

Limiting Collection: Minimal data collection—name, email, and payment via Stripe.

Limiting Use, Disclosure, and Retention: Data is used solely for its stated purpose and retained only for the duration of the license plus any legally required period.

Accuracy: License data can be corrected on request.

Safeguards: License data is encrypted at rest (AES-256). Document data remains local and encrypted (AES-256-GCM).

Openness: This Privacy Policy and our Privacy Impact Assessment (PIA) are publicly available at recordiq.app/privacy and recordiq.app/pia respectively, or may be requested by emailing legal@recordiq.app.

Individual Access: Users may request access to personal information at any time.

Challenging Compliance: Complaints may be submitted to legal@recordiq.app or the Office of the Privacy Commissioner of Canada.

Breach Notification (PIPEDA s. 10.1): In the event of a security breach involving personal information that creates a real risk of significant harm, affected individuals and the Privacy Commissioner of Canada will be notified per PIPEDA requirements. RecordIQ will notify affected customers without unreasonable delay and within the timeframes required by applicable law: sixty (60) calendar days under HIPAA; as soon as feasible under PIPEDA; with diligence under Quebec Law 25.

RecordIQ Software LLC maintains records of all security breaches for a minimum of twenty-four (24) months as required by the Breach of Security Safeguards Regulations (SOR/2018-64).

Quebec Law 25: RecordIQ has completed a Privacy Impact Assessment (PIA) as required. French-language privacy policy is available at recordiq.app/politique-confidentialite. A Privacy Impact Assessment has been completed as required by Quebec Law 25. Full interface localization for Quebec Law 25 compliance is in development.

6.1 Designated Privacy Officer (Quebec Law 25 §3.1)

In accordance with Quebec Law 25 (Act to modernize legislative provisions as regards the protection of personal information, formerly Bill 64) section 3.1, RecordIQ Software LLC has formally designated a Privacy Officer who is accountable for RecordIQ's compliance with privacy obligations applicable to personal information of Quebec residents and, by extension, personal information of all individuals whose data is processed in connection with RecordIQ licensing.

Contact for Privacy Officer:

Name: Ulises Rodriguez

Title: Privacy Officer, RecordIQ Software LLC

Email (primary): legal@recordiq.app

Email (secondary): support@recordiq.app

Mail: RecordIQ Software LLC, Attn: Privacy Officer, 30 N Gould St Ste N, Sheridan, WY 82801, United States. D-U-N-S: 14-453-0140

Languages accepted: English and French (Français) — requests in French will be responded to in French.

Response commitment: Requests acknowledged within five (5) business days; substantive response within thirty (30) calendar days, with a possible extension to sixty (60) days where legally permissible and with prior notice to the requester (Law 25 s. 35).

Privacy Officer Roles and Responsibilities:

• Ensure organization-wide compliance with Quebec Law 25, PIPEDA, PHIPA (Ontario), PIPA (BC, Alberta), HIA (Alberta), and equivalent provincial statutes.
• Receive, process, and respond to privacy requests from individuals exercising their rights (access, rectification, deletion, portability, objection, withdrawal of consent, and right to de-indexing where applicable).
• Oversee the Privacy Impact Assessment (PIA) process for new or materially changed products, features, or data flows as required by Law 25 s. 3.3.
• Maintain and periodically review RecordIQ's privacy governance framework, including policies, procedures, retention schedules, breach response plans, and vendor management.
• Serve as the principal point of contact with the Commission d'accès à l'information du Québec (CAI), the Office of the Privacy Commissioner of Canada (OPC), and provincial information & privacy commissioners.
• Notify affected individuals and regulators of confidentiality incidents (breaches) per Law 25 s. 3.5, PIPEDA s. 10.1, HIPAA 45 CFR §§164.404–164.408, and equivalent statutes within applicable timelines.
• Coordinate annual privacy training for all personnel with access to personal information, and maintain records of completion.
• Report directly to the Chief Executive / Managing Member of RecordIQ Software LLC, with independent authority to raise concerns, halt non-compliant processing, and escalate to external counsel when necessary.

Privacy Program — Ongoing Governance:

• Annual policy review: Privacy Policy, EULA, BAA, and DPA reviewed at least annually, or within 30 days of any material change in applicable law.
• Quarterly internal audits: Sample review of access requests, consent records, retention schedules, and breach logs.
• Privacy training: Mandatory onboarding training for all new personnel plus annual refresher covering HIPAA, PIPEDA, Quebec Law 25, and role-specific obligations.
• Vendor management: Periodic review of sub-processors (Microsoft Azure, Stripe, Cloudflare, Google Workspace, Azure Communication Services) to verify continued alignment with data protection obligations.

Sub-processor details: • Microsoft Azure: License key storage and validation (US East 2 and Canada East regions; SOC 2 Type II, ISO 27001) • Stripe, Inc.: Payment processing (PCI DSS Level 1; no payment data is stored by RecordIQ) • Cloudflare, Inc.: Website content delivery and DDoS protection (SOC 2 Type II) • Google Workspace: Business email communications (support@recordiq.app, legal@recordiq.app) • Azure Communication Services: Email verification codes for EULA acceptance • Google Analytics: Anonymous website usage statistics (see Section 10) • Tawk.to: Website live chat support (session cookies for chat functionality; no PHI or document data shared)

• Incident response drills: Simulated breach scenarios at least annually to validate notification procedures and response timelines.
• Alignment with SOC 2: Privacy controls mapped to the Trust Services Criteria (Privacy category, P1–P8) and evaluated internally against SOC 2 Trust Services Criteria (Privacy category, P1-P8). SOC 2 Type I audit is planned but not yet certified.

Quebec residents have the right to lodge a complaint with the Commission d'accès à l'information du Québec (CAI) at cai.gouv.qc.ca if they believe their rights under Law 25 have been infringed. Complaints should first be directed to RecordIQ's Privacy Officer, who will acknowledge within five business days and substantively respond within the statutory timeline.

6.2 Provincial Privacy Acts — Compliance Scope

Beyond PIPEDA and Quebec Law 25, RecordIQ's offline architecture supports compliance with the following provincial privacy statutes. Because no Protected Health Information ever leaves the Licensee's workstation, these acts apply primarily to the Licensee as the Health Information Custodian or data controller; RecordIQ Software LLC acts as a software vendor with no access to regulated information. The sections below describe the Licensee's rights and RecordIQ's supporting obligations under each statute.

Ontario — Personal Health Information Protection Act (PHIPA), S.O. 2004, c. 3

Law firms, legal nurse consultants, and related professionals acting as Health Information Custodians (HICs), or agents of HICs under PHIPA s. 2, remain responsible for compliance. RecordIQ Software LLC does not collect, use, or disclose PHI and therefore is not an 'electronic service provider' under PHIPA s. 10(4)(a); however, we support Licensees with access and correction rights (PHIPA ss. 52–55), consent and lockbox enforcement (PHIPA s. 19), no third-party PHI sharing, retention for the license term plus seven (7) years for tax/audit, AES-256-GCM safeguards, and an available BAA upon request at legal@recordiq.app.

British Columbia — Personal Information Protection Act (PIPA), SBC 2003, c. 63

BC organizations collecting personal information of BC residents retain sole responsibility for PIPA compliance. RecordIQ's Zero Trust architecture supports PIPA consent (ss. 6–8), access (s. 23), correction (s. 24), reasonable security (s. 34), retention/disposal, and third-party disclosure requirements.

Alberta — Personal Information Protection Act (PIPA) & Health Information Act (HIA)

Alberta custodians under HIA and organizations under PIPA remain responsible for PHI and personal information safeguards. RecordIQ supports explicit consent (PIPA s. 13; HIA s. 34), access rights (PIPA s. 24; HIA s. 7), security safeguards (HIA s. 60; PIPA s. 34), no third-party PHI sharing (HIA s. 27), breach notification (PIPA s. 34.1; HIA s. 60.1), and retention / secure destruction per NIST SP 800-88 Rev. 1.

Other Provincial Statutes

• Nova Scotia — Personal Health Information Act (PHIA), 2010: supported via the same offline architecture; Licensee retains custodianship.
• New Brunswick — Personal Health Information Privacy and Access Act (PHIPAA), 2009: same approach; BAA available.
• Newfoundland and Labrador — Personal Health Information Act (PHIA), 2008: same approach.
• Manitoba — Personal Health Information Act (PHIA), 1997: same approach.
• Saskatchewan — Health Information Protection Act (HIPA), 1999: same approach.

Licensees who are Health Information Custodians or controllers under any provincial statute are responsible for entering into a Business Associate Agreement (HIPAA) or Data Processing Agreement (PIPEDA / provincial) with RecordIQ Software LLC where required. Contact legal@recordiq.app to request a jurisdiction-specific agreement. RecordIQ maintains template DPAs for each Canadian province and can adapt to meet specific regulatory requirements.

7. Children’s Privacy

RecordIQ is designed for use by legal and healthcare professionals. The Software is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information through our licensing process, please contact support@recordiq.app and we will promptly delete it.

8. Policy Changes

RecordIQ may update this Privacy Policy from time to time. Material changes will be communicated through the Software (via the EULA re-acceptance mechanism) or by email to registered licensees. The “Effective Date” at the top of this policy indicates the date of the most recent revision. Continued use of the Software after changes constitutes acceptance of the updated policy.

9. Contact

For privacy questions or to exercise your rights, contact:

Privacy Team Email: legal@recordiq.app Support: support@recordiq.app Address: 30 N Gould St Ste N, Sheridan, WY 82801 US

10. SMS / Text Messaging

This section describes how RecordIQ Software LLC handles SMS (text message) communications sent to or from our toll-free number 1-877-217-4501.

Opt-In Consent: RecordIQ does not send SMS messages to any individual who has not provided prior express written consent. Consent is obtained exclusively through the contact form at recordiq.app/contact, where visitors may voluntarily provide their phone number and check a clearly labeled consent checkbox acknowledging they agree to receive text messages from RecordIQ Software LLC. Checking the SMS consent box is not a condition of purchase, access to any service, or submission of the contact form itself.

Message Purpose and Content: SMS messages from RecordIQ are strictly transactional and customer-support in nature. Typical messages include: (a) order confirmations; (b) license activation details and activation codes; (c) responses to support inquiries initiated by the customer; (d) appointment or demo confirmations. RecordIQ does not send marketing, promotional, or advertising SMS content.

Message Frequency: Message frequency varies and depends on the nature of each customer’s interaction with RecordIQ. Most customers receive no more than 2–6 messages per month.

Message and Data Rates: Standard message and data rates from your mobile carrier may apply. RecordIQ does not charge any additional fee for SMS communications.

Opt-Out (STOP): Recipients may opt out of SMS communications at any time by replying STOP, UNSUBSCRIBE, END, QUIT, or CANCEL to any message received from RecordIQ. An opt-out confirmation message will be sent, after which no further messages will be delivered unless the recipient re-consents. Opt-out requests are honored within 24 hours.

Help (HELP): Recipients may reply HELP or INFO to any message to receive contact information for RecordIQ support (support@recordiq.app / 1-877-217-4501) and a link to this Privacy Policy.

Carrier Disclaimer: Carriers (including T-Mobile, Verizon, AT&T, US Cellular, and others) are not liable for delayed or undelivered messages. Delivery is subject to the recipient’s wireless carrier network availability.

Data Handling: Phone numbers and SMS consent records are stored in Microsoft Azure (US East 2 region) and are encrypted at rest using AES-256. Records retained include: the phone number provided, the consent timestamp (ISO 8601 format), the IP address of the submission, the URL where consent was collected, and the exact consent language shown to the user at the time of submission. This retention supports TCPA, CTIA, and carrier audit requirements. Phone numbers and consent data are never sold, rented, shared, or licensed to third parties or affiliates for their own marketing purposes. Mobile opt-in data and consent records are not shared with third parties for any purpose.

Retention: Opt-in consent records are retained for the duration of the customer relationship plus four (4) years after last message activity, as required for TCPA compliance and carrier audit. Opt-out records are retained indefinitely to ensure continued honoring of the opt-out.

Governing Law: SMS communications are governed by the U.S. Telephone Consumer Protection Act (TCPA, 47 U.S.C. §227), FCC rules (47 CFR §64.1200), the CTIA Messaging Principles and Best Practices, and applicable state laws. Canadian recipients are additionally protected by Canada’s Anti-Spam Legislation (CASL, S.C. 2010, c. 23).

Contact for SMS Inquiries: Questions, complaints, or requests regarding SMS communications should be directed to support@recordiq.app or 1-877-217-4501.

11. Website Privacy

The RecordIQ website (recordiq.app) uses Google Analytics to collect anonymous usage statistics such as page views, referral sources, and browser type. This data is used solely to improve the website experience. No personally identifiable information is linked to website analytics. For more information, see Google’s privacy policy at policies.google.com/privacy. The website uses Cloudflare for content delivery and security, which may set essential cookies for security and performance. Google Analytics sets cookies for anonymous usage tracking (you may opt out via Google’s browser add-on at tools.google.com/dlpage/gaoptout). Tawk.to sets session cookies for live chat functionality. No advertising or behavioral tracking cookies are used. Tawk.to: The RecordIQ website uses Tawk.to for live chat support. Tawk.to may set cookies for session management. No PHI or document data is shared with Tawk.to. Chat transcripts may contain contact information voluntarily provided by the visitor.

For questions about this document, contact support@recordiq.app.