Privacy Policy
Important Notice: Binding Arbitration and Class Action Waiver
Introduction and Overview
At Serent.ai (“Serent,” “we,” “us,” or “our”), we understand that healthcare data privacy is paramount. As a multi-agentic healthcare Revenue Cycle Management (RCM) platform, we are committed to protecting the privacy and security of all personal information and protected health information (PHI) we process.
This Privacy Policy describes how Serent.ai collects, uses, processes, stores, and protects information in connection with our AI-powered healthcare RCM services, website, platform, and related applications (collectively, the “Services”). We provide artificial intelligence-powered document processing, claims management, and business process automation services specifically designed for healthcare providers.
By using our Services, you acknowledge that you have read, understood, and agree to this Privacy Policy and consent to our collection, use, and disclosure of information as described herein.
Our Services are directed exclusively toward healthcare providers and their business operations. They are not intended for personal, family, or household use. Our processing of data on behalf of our healthcare provider customers is governed by the agreements we enter into with our customers, which may include Business Associate Agreements as applicable and required under the Health Insurance Portability and Accountability Act (“HIPAA”).
1.1 Agreement Formation
1.2 Authority to Accept
By accepting these Terms, you represent that you have the legal authority to accept these Terms on behalf of yourself and any entity you represent in connection with your use of the Services. If you do not agree to these Terms, you are not authorized to use the Services.
1.3 Relationship to Customer Agreements
These Terms, along with any applicable Customer Agreements and Business Associate Agreements, form a binding legal agreement. In the event of a conflict between these Terms and a Customer Agreement, the Customer Agreement prevails for healthcare provider customers.
Eligibility and Registration
2.1 Age and Capacity Requirements
You must be at least 18 years old and have the legal capacity to enter into binding contracts. Our Services are designed exclusively for healthcare providers and business operations, not for personal, family, or household purposes.
2.2 Business Eligibility
You represent and warrant that you are not:
A Specially Designated National or other U.S. Department of Treasury denied party
Excluded from federal health care programs or other government programs
Prohibited from using the Services under any U.S. or foreign export law
Engaged in activities that compete directly with our business
2.3 Account Registration
When registering for an account, you agree to:
Provide accurate, complete, and current information
Maintain the security of your passwords and login credentials
Promptly update your contact information to ensure we can reach you
Accept full responsibility for all activities under your account
Not create accounts on behalf of others without proper authorization
Information we collect
2.1 Personal Information You Provide
We collect personal information when you request demos or information about our services, create accounts or use our platform, communicate with us or our support teams, attend events or conferences, or apply for employment. This information may include name, job title, and company information; contact information (email, phone, mailing address); professional credentials and billing information; and communications and correspondence with us.
2.2 Protected Health Information (PHI)
As a healthcare RCM provider, we may process PHI on behalf of our healthcare provider clients, including patient demographic information, medical chart data and clinical documentation, insurance and billing information, claims data and payment records, and provider referral forms and intake documentation.
2.3 Automatically Collected Information
When you use our Services, we may automatically collect Log Data (IP addresses, browser type, operating system, pages visited, and timestamps), Device Data (device type, operating system, and browser information), Usage Data (features used, actions taken, time spent, and interaction patterns), Location Data (general geographic location derived from IP address), and Performance Data (system performance metrics and error logs).
2.4 Cookies and Tracking Technologies
We use cookies and similar technologies to operate and administer our platform, analyze usage patterns and improve user experience, provide personalized content and features, and ensure security and prevent fraud. You can control cookie preferences through your browser settings, though limiting cookies may affect platform functionality.
How we use the information collected
3.1 For Service Provision
We use information to provide and maintain our AI-powered RCM services, automate administrative healthcare processes, facilitate appointment scheduling and patient communications, and deliver customer support and technical assistance.
3.2 For Business Operations
We analyze and improve our Services and algorithms, develop new features and capabilities, conduct research and development for healthcare automation, perform quality assurance and system monitoring, and maintain security and prevent fraud.
3.3 For Communication
We respond to inquiries and provide customer support, send administrative information and service updates, provide marketing communications (with opt-out options), and deliver educational content and industry insights.
3.4 For Compliance and Legal
We use information to comply with healthcare regulations and legal obligations, protect our rights, property, and user safety, prevent illegal activities and policy violations, and respond to legal processes and regulatory requests.
3.5 For De-Identified Data Use
We may create de-identified data by removing personal identifiers to conduct healthcare industry research and analytics, improve our AI algorithms and machine learning models, develop benchmarking and industry insights, and enhance service capabilities and performance.
Information Sharing and Disclosure
We never sell personal information or PHI. We only share information with your consent or as described below.
4.1 Service Providers and Vendors
We may share information with trusted third-party service providers who assist with cloud hosting and data storage in the US, payment processing and billing services, customer support and communication tools, analytics and performance monitoring, and security and fraud prevention services. All service providers are bound by strict contractual obligations to protect your information and comply with healthcare regulations.
4.2 Healthcare Provider Clients
When processing PHI on behalf of healthcare providers, we share processed information only with the respective healthcare provider client according to our Business Associate Agreement.
4.3 Legal Requirements
We may disclose information when required by law, including compliance with court orders, subpoenas, or legal processes; protection of our rights, property, or safety; prevention of fraud or illegal activities; response to regulatory investigations or requests; and national security or law enforcement requirements.
4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the transaction, subject to equivalent privacy protections.
4.5 Professional Advisors
We may share information with lawyers, auditors, consultants, and other professional advisors bound by confidentiality obligations.
Data Retention and Storage
5.1 Data Location
All data is stored exclusively within the United States using HIPAA-compliant cloud infrastructure.
5.2 Retention Periods
PHI is retained according to healthcare provider client agreements and applicable regulations. Personal Information is retained only as long as necessary for service provision and legal compliance. Usage Data is generally retained for shorter periods unless required for security or compliance. De-identified Data may be retained indefinitely for research and development purposes.
5.3 Data Disposal
When data reaches the end of its retention period, it is securely deleted using industry-standard methods to prevent recovery. We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security.
Your Data Privacy Rights
Depending on your location and applicable laws, you may have the following rights:
6.1 Access and Portability
Request access to your personal information at no cost. If access cannot be provided within a reasonable time frame, Serent will provide a date when the information will be provided. Obtain copies of your data in a portable format and understand how your information is being processed.
6.2 Correction and Updates
Update your personal information and preferences. When you update information, we may maintain a copy of the unrevised information in our records.
6.3 Deletion and Restriction
Request deletion of your personal information (subject to legal and contractual obligations) and object to specific uses of your information.
International Data Transfers
Our Services are hosted in the United States. If you are located outside the U.S., your information will be transferred to and processed in the United States, which may have different data protection laws. We implement appropriate safeguards to protect your information during international transfers.
Children’s Privacy
Our Services are not directed to individuals under 13 years of age. We do not knowingly collect personal information from children. If you are under 13, please do not attempt to send any personal information about yourself to us. If we become aware that we have collected information from a child without parental consent, we will delete that information promptly.
Third-Party Links and Services
Our Services may contain links to third-party websites or integrate with third-party services. These links are not an endorsement of, or representation that we are affiliated with, any third party. This Privacy Policy does not apply to third-party practices. We encourage you to review the privacy policies of any third-party services you access.
Updates to this Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. If we make material changes, we will post updated policies on our website. Your continued use of our Services after policy updates constitutes acceptance of the revised terms.
Contact Information
You may contact us at privacy@demo.serent.ai if you have any questions.
