Effective date: January 1, 2025. Last updated: March 2026.
The short version
We collect only what we need to generate your report. We strip patient data automatically. We don't sell your data. We don't use advertising tracking. Reports auto-delete after 90 days.
When you use igion.ai, we collect the following categories of information: Account information: Your name and email address when you create an account via Manus OAuth. Payment information: Stripe processes all payments. igion.ai does not store your card number, CVV, or any raw payment credentials. We retain only a Stripe customer ID to associate your account with your payment history. Uploaded data: CSV or XLSX files you export from your practice management software. These files contain carrier-level financial data (production, adjustments, collections by carrier). Patient-identifying information — names, dates of birth, insurance IDs — is automatically stripped at ingestion and never stored. Report data: The output of your analysis, stored in your account for 90 days. Usage data: Standard server logs including IP address, browser type, pages visited, and timestamps. We use this data to operate and improve the Service.
igion.ai does not collect, store, or process patient health information (PHI) as defined under HIPAA. The Service is designed to work exclusively with carrier-level financial aggregates — not individual patient records. We do not collect Social Security numbers, driver's license numbers, or any government-issued identification.
We use the data we collect to generate your reports, operate and improve the Service, process payments, send transactional emails (report delivery, receipts, support responses), and maintain security and prevent fraud. We do not use your data for advertising. We do not sell your data to third parties. We do not share your data with third parties except as described in Section 5.
Carrier-level financial aggregates from completed reports may be incorporated into anonymized industry benchmarks. These benchmarks improve the accuracy of the Service for all users. No patient-identifying information, practice name, NPI, or any data that could identify your practice is included in benchmarks. Aggregates are combined with data from other practices before any benchmark calculation. You may opt out of benchmarking at any time by contacting [email protected].
igion.ai uses the following third-party services: Stripe: Payment processing. Stripe's privacy policy governs how Stripe handles your payment data. Manus OAuth: Authentication. Your account login is handled via Manus OAuth. AWS S3: Encrypted file storage for uploaded data and generated reports. We do not use Google Analytics, Facebook Pixel, or any advertising tracking technology.
Uploaded files are deleted immediately after your report is generated — they are not retained. Generated reports are stored in your account for 90 days from the date of generation, then permanently deleted. Account information is retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting [email protected].
igion.ai uses industry-standard security measures including TLS encryption for all data in transit, AES-256 encryption for data at rest in AWS S3, access controls limiting data access to authorized personnel, and regular security reviews. No method of transmission or storage is 100% secure. If you become aware of a security issue, please contact [email protected] immediately.
You have the right to access the personal data we hold about you, request correction of inaccurate data, request deletion of your account and associated data, opt out of anonymized benchmarking, and receive a copy of your data in a portable format. To exercise any of these rights, contact [email protected].
igion.ai uses a single session cookie to maintain your login state. We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You may disable cookies in your browser, but doing so will prevent you from logging in.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, contact [email protected] and we will delete it.
igion.ai may update this Privacy Policy at any time. Changes will be posted on this page with an updated effective date. Continued use of the Service after changes are posted constitutes acceptance of the revised policy. For material changes, we will notify you by email.
Questions about this Privacy Policy or how we handle your data? Contact us at [email protected].
Questions? Contact us at [email protected].