Privacy Policy
1. What This Policy Covers
This Privacy Policy describes how ProtoAT collects, uses, stores, and discloses information in connection with the ProtoAT website, web application, and related services (collectively, the "Service").
ProtoAT is a clinical decision-support and documentation support tool designed for use by credentialed Athletic Trainers and other authorized professional users in accordance with the Terms of Service. The Service is intended for professional use only. It is not intended for use by patients, consumers, or the general public.
This Privacy Policy applies to information collected through your access to and use of the Service, including information submitted for credential verification, subscription access, support, and use of Service functionality.
2. Information ProtoAT Collects
2a. Credential Verification Information
When you access certain parts of the Service, ProtoAT may require you to provide credential-verification information, including your first name, last name, and National Provider Identifier (NPI). This information is used to verify eligibility for access through public or third-party sources, including NPPES. ProtoAT does not persist your NPI on ProtoAT servers after verification. Verification state is maintained in your browser session and is cleared when the session ends or when you use the Lock/Sign-Out function.
2b. Subscription and Access Information
ProtoAT may collect your email address in connection with trial access, subscription lookup, subscription management, and access-tier resolution. ProtoAT uses this information to determine whether you have an active trial or subscription, to associate your access with Stripe subscription records where applicable, and to administer Service access. ProtoAT does not use that email address to create a traditional username/password account, and it is not added to a marketing list solely because you use the Service.
2c. Service Inputs and Generated Outputs
When you use the Service, you may submit structured clinical or documentation-related inputs, including selected form values and limited free-text notes. Those inputs are used to generate outputs through ProtoAT's AI processing workflow. ProtoAT is designed for use with de-identified or otherwise non-patient-identifying information. Clinical inputs and generated outputs are not stored by ProtoAT as persistent user-content records on ProtoAT servers and are intended to exist only within the active user session, except to the limited extent necessary for transient processing, rate limiting, or other operational functions described in this Privacy Policy.
2d. Sensitive-Information Warnings and User Safeguards
ProtoAT may use automated detection tools to identify potentially sensitive or identifying information in user-submitted free text before that information is processed through the Service. If potentially sensitive information is flagged, ProtoAT may display a warning and ask the user to revise the submission or affirmatively choose whether to proceed. These safeguards are intended to help users avoid submitting impermissible information, but they do not replace the user's responsibility to review and control what is submitted through the Service.
2e. Bug Reports and Diagnostic Information
If an error occurs during use of the Service, ProtoAT may collect limited diagnostic information to identify, troubleshoot, and improve the Service. This may include error type, message, selected structured input values, browser metadata, and timestamps. Free-text user inputs are designed to be scrubbed from bug-report submissions before transmission, and bug reports are intended to exclude patient-identifying information.
2f. Information ProtoAT Does Not Intend to Collect as User Content
ProtoAT is designed so that users should not submit patient names, dates of birth, medical record numbers, Social Security numbers, insurance identifiers, education records, or other directly identifying information in connection with Service use. ProtoAT does not intend for users to submit protected health information, student records, or other identifying records through the Service as user content, and users are solely responsible for ensuring that their use of the Service is consistent with applicable privacy, confidentiality, and professional obligations.
2g. Payment Information
ProtoAT does not collect or store payment card numbers through its own interface. Subscription payments are processed by Stripe, which collects and stores billing and payment information in accordance with its own privacy practices. ProtoAT may receive limited subscription-related information from Stripe, such as subscription status, billing events, and associated account identifiers, in order to administer access to the Service.
3. How Information Is Used
| Data Type | Purpose | Retention |
|---|---|---|
| Credential verification information, including submitted first name, last name, and NPI | To verify eligibility for access to certain parts of the Service through NPPES or other public or third-party verification sources | Verification status is maintained only for the active browser session and is cleared when the session ends or the user uses the Lock/Sign-Out function. ProtoAT does not retain the NPI on ProtoAT servers as a persistent user-content record. |
| Email address and subscription-access information | To determine trial eligibility, identify subscription status, associate access with Stripe subscription records, administer access tiers, and support account-related Service functions | Retained only as long as reasonably necessary to administer trial access, subscription status, usage limits, related operational records, and applicable legal, tax, or billing obligations. |
| Structured Service inputs and limited free-text inputs | To generate requested outputs and operate Service functionality | Intended to exist only within the active session, except to the limited extent necessary for transient processing, rate limiting, diagnostics, or other operational functions described in this Privacy Policy. ProtoAT does not maintain those inputs as persistent user-content records in the ordinary course of Service use. |
| Generated outputs | To deliver requested results to the user through the Service | Intended to exist only within the active session and not as persistent stored output records on ProtoAT systems in the ordinary course of Service use, except to the limited extent required for transient processing or technical operation. |
| Automated sensitive-information detection and warning activity | To help identify potentially sensitive or identifying information in user-submitted free text and present user warnings before processing | Processed as part of the active Service session and retained only to the extent reasonably necessary for operation of the warning function or related technical logs, if any. |
| Bug reports and diagnostic information | To troubleshoot errors, maintain the Service, improve performance, and resolve technical issues | Retained only as long as reasonably necessary to investigate, resolve, and document the relevant issue, and may then be archived or deleted in the ordinary course. |
| Subscription, billing-status, and related account information received from Stripe | To support subscription activation, renewals, cancellations, failed-payment handling, billing administration, and related customer-service functions | Retained only as long as reasonably necessary for subscription administration, recordkeeping, dispute handling, tax or accounting support, and legal compliance. Payment card data is retained by Stripe, not by ProtoAT. |
ProtoAT does not sell, rent, or disclose user information to third parties for their own advertising or marketing purposes. ProtoAT discloses information only as described in this Privacy Policy and as reasonably necessary to operate, secure, and support the Service.
4. Third-Party Services
ProtoAT uses the following third-party services and providers in connection with operation of the Service:
| Service | Provider | Purpose | Data transmitted |
|---|---|---|---|
| Credential verification source | National Plan and Provider Enumeration System (NPPES) | To verify submitted credential information for access eligibility | Submitted first name, last name, NPI, and related verification data necessary to perform the verification query |
| AI processing | Anthropic Claude API | To generate requested outputs through the Service's AI workflow | Structured user inputs and limited free-text inputs submitted through the Service, which are intended to be de-identified or otherwise non-patient-identifying |
| Verification and operational proxy services | Google Apps Script | To support credential-verification workflow and certain operational functions described in the Service | Verification-related data and limited operational data reasonably necessary for those functions |
| Hosting, delivery, and site infrastructure | Netlify | To host and deliver the website and web application | Technical request and transmission data reasonably necessary to host and deliver the Service |
| API routing, security, and access-control infrastructure | Cloudflare | To route requests, support security protections, apply access controls, support rate limiting, and operate the Service's processing workflow | Technical request and transmission data, access-control information, and limited operational data reasonably necessary to operate, secure, and support the Service |
| Payment processing and subscription billing | Stripe | To process subscription payments, manage billing, support renewals and cancellations, and administer customer billing functions | Billing, payment, subscription, and related transaction information submitted through Stripe or transmitted in connection with subscription status and account administration |
| Diagnostic and issue-tracking tools | Google Sheets or related Google services | To receive and maintain limited bug-report and troubleshooting records | Error type, message, selected structured input values, timestamps, browser/session metadata, and related diagnostic information; free-text user content is intended to be scrubbed before transmission |
Each third-party provider is responsible for its own privacy and security practices with respect to information it receives. ProtoAT uses third-party providers only as reasonably necessary to operate, secure, support, and improve the Service, and does not disclose user information to third parties for their own advertising or marketing purposes.
5. Data Security
ProtoAT uses administrative, technical, and organizational measures designed to protect information processed in connection with the Service and to support the Service's intended de-identified-use model.
These measures may include:
- session-based access controls and sign-out functionality designed to limit persistent access;
- architecture intended to avoid maintaining clinical inputs and generated outputs as persistent user-content records in the ordinary course of Service use;
- proxy-based processing and related access controls designed to protect service credentials and support secure operation of the Service;
- rate limiting, access controls, and related technical safeguards designed to protect Service availability and reduce misuse;
- diagnostic and bug-report workflows designed to exclude or scrub free-text user content before transmission where applicable; and
- automated warnings or detection tools intended to help users identify potentially sensitive or identifying information before submission.
No method of transmission, storage, or electronic processing is completely secure, and ProtoAT cannot guarantee absolute security. You are responsible for reviewing the information you choose to submit through the Service and for using the Service in a manner consistent with your own legal, professional, and organizational obligations.
6. HIPAA Considerations
ProtoAT is designed for use with de-identified or otherwise non-patient-identifying information and is intended to operate outside workflows that require ProtoAT to receive or maintain protected health information as user content.
Users are solely responsible for determining whether and how their use of the Service fits within the privacy, confidentiality, and regulatory obligations applicable to their own practice setting, employer, school, supervising organization, or professional role, including any obligations arising under HIPAA or similar laws.
ProtoAT does not undertake to act as a healthcare provider, covered entity, or Business Associate in connection with user-submitted content merely because a user practices in a HIPAA-regulated environment. ProtoAT does not agree through this Privacy Policy to assume HIPAA-regulated responsibilities that would apply only if the Service were used in a different manner or under a separate written agreement.
Users must not submit patient-identifying information, protected health information, or other information they are not authorized to use or disclose in connection with the Service. ProtoAT may provide warnings or safeguards intended to help users avoid submitting such information, but those safeguards do not replace the user's independent responsibility to review and control what is submitted.
7. Data Retention and Deletion
| Data type | Retention period | How to delete |
|---|---|---|
| Credential verification information, including submitted name and NPI | Verification status is maintained only for the active browser session and is cleared when the session ends or when the user uses the Lock/Sign-Out function. ProtoAT does not retain the NPI on ProtoAT servers as a persistent user-content record in the ordinary course of Service use. | End the session, close the browser tab, or use the Lock/Sign-Out function. |
| Email address and subscription-access information | Retained only as long as reasonably necessary to administer trial access, subscription status, usage limits, related operational records, and applicable legal, tax, or billing obligations. | Contact ProtoAT using the contact information in this Privacy Policy to request deletion, subject to ProtoAT's need to retain certain records for billing, legal, tax, accounting, dispute-resolution, security, or compliance purposes. |
| Structured Service inputs and limited free-text inputs | Intended to exist only within the active session, except to the limited extent necessary for transient processing, rate limiting, diagnostics, or other operational functions described in this Privacy Policy. ProtoAT does not maintain those inputs as persistent user-content records in the ordinary course of Service use. | End the session, close the browser tab, refresh the page, or use the Lock/Sign-Out function. |
| Generated outputs | Intended to exist only within the active session and not as persistent stored output records on ProtoAT systems in the ordinary course of Service use, except to the limited extent required for transient processing or technical operation. | End the session, close the browser tab, refresh the page, or use the Lock/Sign-Out function. |
| Automated sensitive-information detection and warning activity | Retained only to the extent reasonably necessary to operate the warning function or related technical logs, if any. | Contact ProtoAT using the contact information in this Privacy Policy to request deletion of retained technical records, if any, subject to ProtoAT's legitimate operational, security, or compliance needs. |
| Bug reports and diagnostic information | Retained only as long as reasonably necessary to investigate, resolve, and document the relevant issue, and may then be archived or deleted in the ordinary course. | Contact ProtoAT using the contact information in this Privacy Policy to request deletion, subject to ProtoAT's legitimate need to retain diagnostic, security, or compliance records. |
| Subscription, billing-status, and related account information received from Stripe | Retained only as long as reasonably necessary for subscription administration, recordkeeping, dispute handling, tax or accounting support, and legal compliance. Payment card data is retained by Stripe in accordance with Stripe's own policies. | Subscription and billing records maintained by ProtoAT may be deleted upon request, subject to ProtoAT's recordkeeping, legal, tax, accounting, dispute-resolution, security, and compliance needs. Payment-method and other billing data held by Stripe must be managed through Stripe or as otherwise permitted by Stripe's systems and policies. |
8. Children's Privacy
ProtoAT is intended for professional use by adult users and is not directed to children or individuals under the age of 18. ProtoAT does not knowingly collect personal information directly from children under 18 in connection with the Service.
If ProtoAT becomes aware that personal information has been collected directly from a child under 18 in a manner not permitted by this Privacy Policy, ProtoAT will take reasonable steps to delete that information, subject to applicable legal or compliance obligations.
9. Changes to This Policy
ProtoAT may update or modify this Privacy Policy from time to time in its discretion. If ProtoAT makes material changes, ProtoAT may provide notice by posting the updated Privacy Policy through the Service, updating the "Effective Date," or using other reasonable means of notice.
Unless otherwise stated, the revised Privacy Policy will become effective when posted. By continuing to access or use the Service after the effective date of any revised Privacy Policy, you acknowledge the updated Privacy Policy as it applies to your continued use of the Service.
10. Contact
For questions about this Privacy Policy or ProtoAT's information practices, or to submit a deletion request where applicable:
Tyler Volkmann, MS, ATC, LAT
Email: tylervolkmann@gmail.com
Address: Moscow, Idaho