Privacy Policy

PRIVACY POLICY / POLITIQUE DE CONFIDENTIALITÉ

Last Updated / Dernière mise à jour: 2026-01-08

This Privacy Policy is available in English and French. In accordance with Quebec's Charter of the French Language, this document is available in French. La présente est disponible en français. To obtain the French version, contact: codefindermd@gmail.com.
Cette politique de confidentialité est disponible en anglais et en français. Conformément à la Charte de la langue française, la présente est disponible en français. Pour obtenir la version française, veuillez nous contacter à codefindermd@gmail.com.

1. INTRODUCTION

This Privacy Policy describes how Codefinder MD ("we," "our," or "us") collects, uses, discloses, and protects your personal information when you use our mobile application (the "App").

Codefinder MD is an independent tool and is not affiliated with, endorsed by, or officially connected to any governmental entity, billing authority, or health organization. The App is intended to help physicians and authorized medical professionals across all Canadian provinces organize and formulate billing information; it is not an official billing system.

This Privacy Policy is intended to be consistent with:
- Quebec's Act respecting the protection of personal information in the private sector ("Law 25");
- Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

2. PERSONAL INFORMATION WE COLLECT

We collect only what we need to run the App and help you with billing-related tasks.

2.1 Account Information (Required)
- Email address (authentication, recovery, notifications)
- Name or display name (to identify your account)
- Authentication/identity data handled by Auth0
- Date/time of account creation

2.2 Professional / App Information (Optional but useful)
- Specialty or role
- Region/city of practice (not a full civic address)
- Billing preferences, saved templates, and custom descriptions
- Language/display settings
- Audio recordings of procedure descriptions (processed for billing code identification and then deleted)

2.3 Technical Information (Automatic)
- Device type, OS version, app version
- Basic usage analytics (which screens/features are used)
- IP address at the time of access (for security and rate limiting)
- Crash/error logs to improve stability

2.4 Communications
- Support emails and messages sent to codefindermd@gmail.com
- Our replies to you
- Voluntary feedback or survey responses

3. INFORMATION WE DO NOT COLLECT

This App is not designed for patient data. You must not enter any patient-identifying information.

We do NOT collect:
- Patient names, patient identification numbers, MRNs, dates of birth, or any combination that could identify a patient
- Diagnoses or treatments tied to an identifiable person
- Social Insurance Numbers
- Payment card/bank account numbers (payments, if any, are processed by platforms)
If you accidentally enter patient data, you should delete it and notify us.

4. PURPOSES AND LEGAL BASES

We process your data in order to:
- create and manage your account,
- provide billing reference/assistance features,
- process audio recordings for billing code identification (audio is deleted after processing),
- secure and improve the App,
- respond to support requests,
- comply with legal obligations.

Legal bases: your consent, performance of a contract (you asked us to provide the App), our legitimate interest in operating a secure and useful app, and, where applicable, legal requirements.

5. DATA SHARING AND DISCLOSURE

We do not sell or rent your personal information.

We may share limited data with:
- Auth0 (for secure authentication)
- Cloud/hosting providers (to store app data)
- Optional analytics/crash services (to improve quality)
These providers process data only to deliver their service to us and must protect it.

We may also disclose information:
- if required by law or a valid legal process,
- to protect our rights, users, or the service,
- in connection with a business transfer (you will be informed).

6. STORAGE, SECURITY, AND RETENTION

6.1 Storage
We use reputable cloud/identity providers. We try to keep data in Canada when feasible, but some processing (for example by Auth0) may occur outside Canada.

6.2 Security
We use reasonable security measures for an app of this nature: HTTPS/TLS, access controls, and separation between authentication and app data. No security is perfect; if we detect a breach that affects you, we will notify you.

6.3 Retention
- Active accounts: we keep your data while your account is active so the App works.
- Deleted accounts: when you delete your account or request deletion, we delete active data within about 30 days.
- Backups/logs: older backups may retain data for up to ~90 days, then roll off.
- Inactive accounts: if you simply stop using the App without deleting your account, we may treat the account as inactive and delete or anonymize data after 24 months of inactivity.
- You can request early deletion at any time by emailing codefindermd@gmail.com.
- We may retain minimal data longer if required by law or to resolve disputes.

7. INTERNATIONAL TRANSFERS

Because we rely on external providers (e.g. Auth0), your data may be processed in other jurisdictions. We limit what is sent and choose providers with appropriate safeguards.

8. YOUR RIGHTS

You can:
- request access to the personal information we hold about you;
- request correction of inaccurate information;
- request deletion of your account/data;
- withdraw consent for optional features (analytics, certain notifications);
- ask which service providers we use.

To exercise any right, email: codefindermd@gmail.com. We aim to respond within 30 days.

If you are not satisfied, you may contact:
- Commission d'accès à l'information du Québec: www.cai.gouv.qc.ca
- Office of the Privacy Commissioner of Canada: www.priv.gc.ca

9. CONSENT AND WITHDRAWAL

You give consent when creating an account and using the App. You may withdraw consent for non-essential processing at any time. If you withdraw consent for essential processing (like authentication), the App may no longer function.

10. LOCAL STORAGE / TOKENS

The App may store tokens and preferences locally on your device to keep you signed in and remember your settings. Optional analytics SDKs may also store minimal data; you can ask us to turn this off.

11. DATA BREACH NOTIFICATION

If a breach creates a risk of significant harm, we will notify affected users and, where applicable, Quebec/Canadian authorities, with information on what happened and what to do.

12. CHILDREN

This App is for healthcare professionals 18+. If we learn we collected data from someone under 18, we will delete it.

13. CHANGES TO THIS POLICY

We may update this Policy as the App evolves. We will update the "Last Updated" date and may notify you in-app or by email for material changes.

14. CONTACT

All privacy questions, deletion/portability requests, and language requests:
Email: codefindermd@gmail.com
We handle privacy matters electronically. A business mailing address can be provided on request or as required under Quebec law.

15. GOVERNING LAW

This Policy is governed by the laws of Quebec and Canada.

16. ACKNOWLEDGMENT

By using the App, you acknowledge that you have read and understood this Policy, that you will not enter patient-identifying information, and that you may request deletion at any time.