MD-reviewed ·  Healthcare editorial
MedAI Verdict
All sections

Legal

Privacy Policy

Last updated: May 21, 2026

1. Controller (Operator)

HR Online Consulting LLC
550 Kings Mountain, Mooresville, NC 28117, United States
Email: legal@medaiverdict.com
Web: medaiverdict.com

2. Scope of This Policy

This Privacy Policy explains what categories of personal data we process when you visit medaiverdict.com(the “Service”), for what purposes, and to what extent. The Service has no user accounts, no comment system, no payment processing, and no contact forms. We collect the minimum data required to operate the Service and to measure aggregate traffic.

3. Categories of Data Processed

  • Usage data: page views, time on page, click paths, referrer URL, device type, operating system.
  • Log data: IP address (truncated where supported by the hosting provider), user-agent string, timestamps, HTTP method and status code, requested URL.
  • Newsletter subscription data (when applicable): email address that you voluntarily submit to subscribe to our weekly newsletter. Used solely to deliver the newsletter.
  • Affiliate-link click data: when you click an affiliate link, the destination vendor (Abridge, Freed AI, Heidi Health, etc.) may set its own cookies for attribution. We receive aggregated commission reports but no individually identifiable click data.

We do not collect: names, postal addresses, phone numbers, social security numbers, financial information, biometric data, medical or health information about you, education records, or any sensitive personal information.

4. Sources of Personal Data

  • Directly from your interaction with the Service (your browser sending requests, your newsletter subscription if applicable).
  • Publicly available sources: we aggregate publicly posted clinician discussions from Reddit (subreddits r/medicine, r/familymedicine, r/Residency, r/psychotherapy, and similar) for the “clinician sentiment” sections of each tool review. These are public posts and comments whose authors made them publicly available under Reddit's own terms; we quote with attribution under fair-use commentary and do not republish full posts.

5. Purposes of Processing

  • Providing, securing, and improving the Service.
  • Aggregate traffic measurement to understand which content clinicians find useful.
  • Detecting and preventing security incidents, abuse, and scraping by unauthorized bots.
  • Newsletter delivery (only with explicit subscription).
  • Complying with legal obligations.

6. Legal Bases for Processing

  • Consent: newsletter subscription processing relies on your explicit opt-in. You can withdraw consent at any time via the unsubscribe link in every email.
  • Legitimate interests: server-log processing, security measures, and aggregate traffic measurement are based on our legitimate interest in operating a secure, performant Service without overriding your fundamental rights.
  • Statutory obligations: processing required by applicable law (e.g. legitimate law-enforcement requests).

U.S. federal law and the laws of North Carolina, United States apply generally. For California residents, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) applies (see Section 11). For EU/EEA users, the substantive requirements of the General Data Protection Regulation (GDPR) are respected where applicable.

7. Security Measures

Connections to the Service are TLS-encrypted (HTTPS). The hosting provider implements physical and electronic access controls. We regularly review the third-party services we integrate and discontinue any that fail to meet our security standards.

8. Transmission and International Transfers

Hosting is performed by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA (vercel.com/legal/privacy-policy). Transfer basis: Data Privacy Framework (DPF), with Standard Contractual Clauses as a fallback.

Newsletter delivery (when activated) is performed by Beehiiv Inc., a U.S. company; their privacy policy is at beehiiv.com/privacy.

9. Data Retention and Deletion

We retain personal data only for as long as needed for the purposes for which it was collected, or as required by law:

  • Server log files: retained for a maximum of 30 days before deletion or anonymization, except where retention is required for incident-response purposes.
  • Newsletter subscriber data: retained until you unsubscribe, at which point your email is removed from the active list within 7 days.
  • Aggregated traffic measurements: retained indefinitely in aggregated, non-identifiable form.

10. Your Rights

  • Right of access: request confirmation as to whether we process data about you, and a copy if so.
  • Right to rectification: request correction of inaccurate data.
  • Right to erasure: request that data concerning you be deleted, subject to applicable retention exceptions.
  • Right to restrict or object: object to processing based on our legitimate interests where you have grounds relating to your particular situation.
  • Right to data portability: request a structured, commonly used, machine-readable copy of data you provided to us.
  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: EU/EEA users may complain to the supervisory authority of their habitual residence; U.S. users may complain to the FTC or their state attorney general.

To exercise any right, email legal@medaiverdict.com. We respond within 30 days.

11. California Consumer Privacy Act (CCPA / CPRA) Disclosure

In the past twelve (12) months, we have collected the following categories of personal information about California consumers:

  • Identifiers: IP address, device identifiers.
  • Internet activity information: browsing within the Service, referrer URL.
  • Geolocation (approximate, IP-derived): city, region, country. Never precise GPS.
  • Email address: only if you voluntarily subscribe to our newsletter.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We do not collect sensitive personal information as defined under the CPRA.

California rights: right to know, right to delete, right to correct, right to opt out of sale/sharing (we do neither), right to limit use of sensitive personal information (we do not collect any), right to non-discrimination. To exercise: email legal@medaiverdict.comwith subject “California Privacy Request.”

12. Cookies and Local Storage

The Service uses a minimal set of cookies and local-storage entries:

NamePurposeDurationConsent
(none currently)The Service does not currently set first-party tracking cookies.n/an/a

When the Beehiiv newsletter embed is enabled, Beehiiv may set its own cookies on the iframe domain; those are covered by Beehiiv's privacy policy linked above.

13. Affiliate Disclosure

Some outbound links to AI-tool vendors are affiliate links. When you click an affiliate link and subsequently subscribe to or purchase the linked product, we may receive a commission at no additional cost to you. Affiliate relationships are disclosed inline at the point of occurrence and on our dedicated affiliate disclosure page. Affiliate revenue never influences our editorial rankings.

14. Medical-Information Notice

Content on the Service is informational and intended for healthcare professionals evaluating software tools. Nothing on the Service constitutes medical advice, diagnosis, or treatment. Clinical decisions remain the responsibility of qualified healthcare professionals. We do not collect or process patient health information (PHI) and the Service is not a HIPAA Business Associate.

15. Children Under 13 (COPPA)

The Service is directed at healthcare professionals and is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have, contact legal@medaiverdict.com and we will delete the information promptly.

16. Changes to This Policy

We may update this Privacy Policy. Material changes will be reflected with a new “Last updated” date at the top of this page. Continued use of the Service after such changes constitutes acceptance.

17. Contact

HR Online Consulting LLC
550 Kings Mountain, Mooresville, NC 28117, United States
Email: legal@medaiverdict.com