Privacy Policy

Last updated: April 3, 2026

1. Introduction

Welcome to AskRN ("AskRN Inc.", "we", "our", or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at askrn.co and use our services. By using AskRN, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

We collect the following types of information:

Account Information: When you register, we collect your name, email address, role, and facility affiliation.
Usage Data: We automatically collect information about your interaction with our platform, including search queries, interactions, IP addresses, device identifiers, and timestamps.
Cookies & Session Data: We use cookies to maintain your session and authenticate your access.
Uploaded Documents: If you are a facility administrator, we collect and store the protocol documents and materials you upload to the platform.

3. How We Use Information

We use the collected information for the following purposes:
• To operate, maintain, and improve our services.
• To process your queries and provide accurate protocol information.
• To generate analytics for facility administrators regarding protocol usage and knowledge gaps.
• To communicate with you regarding updates, support, and administrative matters.
• To ensure the security of our platform and prevent fraud.
• To comply with applicable legal obligations.

4. Legal Basis for Processing

We process your personal data based on several legal grounds:
• Contract Performance: Processing is necessary to provide you with the services under our Terms of Service.
• Legitimate Interests: To improve our platform, ensure security, and conduct analytics.
• Consent: When you have given us explicit consent to process your data for specific purposes.
• Legal Obligation: When we are required to comply with a legal requirement.

5. Data Sharing & Third Parties

We do not sell your personal data. We may share your information with the following third parties solely to provide and improve our services:
• AI Providers: For the processing of queries and returning protocol summaries.
• Payment Processors: Such as Stripe, to securely process subscriptions and payments.
• Service Providers: Including email service providers and hosting platforms.

We may also disclose your information if required by law or in response to valid requests by public authorities.

6. HIPAA Compliance

AskRN is designed with a HIPAA-aware architecture. We offer a Business Associate Agreement (BAA) upon request for covered entities. Important: Users must not input unredacted Protected Health Information (PHI) into the platform unless a specific BAA is established with their facility. We implement technical safeguards including encryption, strict access controls, audit logging, and auto-logout to protect sensitive data.

7. Data Security

We prioritize the security of your data. Our security measures include:
• Encryption of data in transit and at rest.
• Role-based access controls to limit data access.
• Comprehensive audit logging.
• Secure session management and rate limiting.
• Enforcement of strong password policies.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Facility administrators can request the deletion of their facility's data at any time. Upon user or facility deletion, we conduct a full purge of associated data and any potential PHI from our active systems.

9. Your Rights

You have the right to access, correct, or delete your personal information. You may also have the right to data portability, to opt-out of certain communications, or to withdraw your consent where we rely on it to process your data. To exercise these rights, please contact our support team.

10. Cookies & Tracking

We use session cookies primarily for authentication and maintaining your logged-in state securely. We do not use third-party advertising cookies or engage in cross-site tracking.

11. Children's Privacy

Our services are intended strictly for healthcare professionals and adults. We do not knowingly collect personally identifiable information from anyone under the age of 18. If we become aware that we have collected such data, we will take steps to remove it immediately.

12. International Data Transfers

Your information is processed primarily in the United States. If you are accessing AskRN from outside the United States, please be aware that your data may be transferred to, stored, and processed in the US, where data protection laws may differ from those in your jurisdiction.

13. Changes to Policy

We may update our Privacy Policy periodically. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy regularly.

14. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:
AskRN Inc.
Email: support@askrn.co
Website: askrn.co