Back to Home

Privacy Policy

Last Updated: February 2026

At DenialDecoded, we recognize the highly sensitive nature of the information you may choose to process using our suggestion tools. This Privacy Policy details how we handle the data routed through our architecture.

1. Collection and Ephemeral Processing of Medical Data

DenialDecoded operates primarily as an ephemeral processing engine. When you upload a denial letter or answer questionnaire forms relating to medical and insurance contexts, this data is loaded into memory solely for the purpose of transmission to our automated Large Language Model (LLM) providers for analysis.

Zero Document Retention: After the interpretation process completes and your appeal materials are generated, the raw text of the denial letter and your questionnaire inputs are purged from our active databases. We do not maintain, store, or archive the raw text of your original denial letter after the generation lifecycle is complete.

2. Account Information

To prevent abuse and facilitate user sessions, we collect standard account metadata (such as your email address and authentication tokens) when you sign up. This account identity data is stored securely via our authentication provider and is completely segregated from the ephemeral medical text described above.

3. Third-Party API Processors

To provide our AI suggestions, your textual inputs are securely transmitted to third-party LLM APIs. We strictly configure these API interactions ensuring they have zero-data retention policies in place for enterprise requests. They do not use your inputs to train their baseline models. Regardless, as stated in our Terms of Service, we strongly advise against including explicit Personally Identifiable Information (PII) such as Social Security Numbers when utilizing the tool.

4. No Sale of Information

DenialDecoded is a non-profit initiative. Under no circumstances do we sell, rent, license, or broker your personal information, email addresses, or medical data queries to data brokers, marketing firms, or third-party insurers.

5. California Privacy Rights (CCPA/CPRA)

As an entity operating under California law guidelines, while we may be exempt as a non-profit entity from certain provisions of the California Consumer Privacy Act, we voluntarily uphold the rights of users to request the deletion of their account metadata. Since we do not store the original denial documents post-processing, there is no historical sensitive medical data to provide in a data request.