Privacy Policy

Last Updated: January 2025

Our Commitment to Privacy

At Zyme, we are committed to protecting your privacy and ensuring the security of your information. This Privacy Policy explains how we handle information when you use our healthcare contract repricing platform.

Important Note: We do not sell, rent, or share your personal data with third parties for their marketing purposes. We do not store user data beyond what is necessary for providing our services.

Information We Collect

Information You Provide

  • Contact information (name, email, phone number) when you request a demo or contact us
  • Organization details when you sign up for our services
  • Healthcare contracts and claims data you upload for processing

Automatically Collected Information

  • Log data (IP address, browser type, pages visited)
  • Usage information to improve our services
  • Cookies for session management and site functionality

How We Use Information

We use collected information solely to:

  • Provide and improve our contract repricing services
  • Process your healthcare contracts and claims as requested
  • Communicate with you about our services
  • Ensure platform security and prevent fraud
  • Comply with legal obligations

Data Storage and Security

We implement industry-standard security measures including:

  • AES-256 encryption for data at rest and in transit
  • HIPAA-compliant infrastructure and processes
  • Regular security audits and assessments
  • Limited access controls and authentication
  • Secure data centers with SOC 2 certification

Data Retention: We retain processed data only for the duration necessary to provide our services and comply with legal requirements. Contract data is automatically deleted after processing unless you explicitly request storage for future use.

HIPAA Compliance

As a healthcare technology provider, we:

  • Sign Business Associate Agreements (BAAs) with all covered entities
  • Maintain comprehensive HIPAA compliance programs
  • Provide audit logs for all PHI access and processing
  • Report any potential breaches within required timeframes
  • Train all employees on HIPAA requirements

Your Rights

You have the right to:

  • Access information we have about you
  • Request correction of inaccurate information
  • Request deletion of your information
  • Opt-out of marketing communications
  • Request data portability
  • Lodge a complaint with supervisory authorities

To exercise these rights, contact us at privacy@zyme.com

Third-Party Services

We may use trusted third-party services for:

  • Cloud infrastructure (AWS)
  • Analytics (privacy-focused, anonymized data only)
  • Communication services (email delivery)

All third-party providers are carefully vetted and required to maintain appropriate security and privacy standards.

Cookies

We use essential cookies to:

  • Maintain your session
  • Remember your preferences
  • Ensure platform security

We do not use tracking cookies or third-party advertising cookies.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children.

International Data Transfers

If you access our services from outside the United States, your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for such transfers.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through our platform. Continued use of our services after changes constitutes acceptance of the updated policy.