Privacy Policy.

Last Updated: February 12, 2025

Overview

This Privacy Policy covers all websites, services, and mobile apps (the “Services”) provided or hosted by MedRecords.me (sometimes referred to as “we”). This Policy applies to the Personal Information we collect from your use of our services, website, or mobile application, and through any other means by which you engage with us. “Personal Information” means information that can be used to identify you, including personal identifiers like name, address, date of birth, contact information, and Social Security number; and information related to your physical or mental health or healthcare services, including medical records and treatment history.

MedRecords.me is proudly owned and operated by Tekmir Solutions, LLC, a Pennsylvania company. Where our Privacy Policy or Terms of Service differ from Tekmir’s, our policies control with respect to your use of the Services.

Definition of Services

"Services" refers to all websites, mobile applications, software platforms, and related functionalities offered, operated, or provided by MedRecords.me. These include, but are not limited to:

  • Tools enabling individuals to collect, maintain, and share their health information.

  • Features for identity verification and secure access to health records.

  • Data analysis, insights, and machine learning capabilities for managing and interpreting health-related information.

  • Communication tools, such as email notifications and text message updates, used to deliver relevant updates or features.

  • Any customer support, research, educational resources, or promotional activities associated with MedRecords.me.

"Services" also encompass any future updates, enhancements, or modifications to the functionalities and features mentioned above.

Acceptance of This Policy

By using our Services, you say to us that you agree to the terms of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Services. Your continued use of the Services after we make changes to this Privacy Policy will mean that you agree to those changes.

Changes to this policy

This Privacy Policy may be revised from time to time as we add new features and services, as laws change, and as industry privacy and security best practices evolve. We will give you advance notice of any material changes so you can decide if you want to maintain your account with MedRecords.me (except changes that need to be made immediately in order to comply with law or to deal with an urgent situation that threatens the security of information held by us or which severely impacts our functionality). The updated Privacy Policy will be effective as of the time of posting, or such later date as may be specified in the updated Privacy Policy.

Account Creation & Maintenance

When you sign up for and use the Services, we collect personal and business information from you for account creation and maintenance (“Account Information''). Such Account Information includes, as applicable or permitted under law, items such as your name, address, e-mail address, telephone numbers, contact preferences, device identifiers, IP address, and prior names and addresses.

Health Records & Self-Reported Information

We enable you to receive copies of your health information and medical records (“Health Records”) through the “patient access” granted to you under HIPAA, HITECH, and/or the laws applicable where you are located, as well as through online portal accounts that may be made available to you by some health care providers, health plans, or independent app developers.

To collect those Health Records on your behalf, we collect information such as name, birth date, gender, medical or health plan record numbers, or information about your doctors, medical providers and health plans. We will let you know when it is optional for you to provide certain information, and when that information is necessary to use certain Services.

Any information we receive from outside sources will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party’s policies or practices.

Identity Verification

In order to verify your identity, we use a third-party identity verification provider that collects a copy of your official government photo ID and images of your face, which are analyzed and compared to your official ID. The third-party identity verification provider uses your official ID and images solely for purposes of identity verification for MedRecords.me. For information on this third-party’s privacy practices, please visit ID.me

If you decide you want friends, family members, or others to have access to your MedRecords.me account or to be a personal representative, we will collect personal information about those individuals to fulfill your request. Such information may include name, email, telephone, a health care proxy, a power of attorney, or other information used to confirm their identity and authority to represent you.

How We Use Your Personal Information

MedRecords.me uses your information to deliver, improve, and personalize our Services while ensuring you retain control over your data. Specifically, we use your information for the following purposes:

1. Requesting your health records

  • To locate your health records and help providers and health plans accurately match and send the correct information to us.

2. Delivering and personalizing our Services

  • To create, manage, and personalize your account.

  • To provide secure access to your health records and allow you to share them with others as authorized by you.

  • To deliver tailored content, product recommendations, and service updates based on your preferences and usage.

3. Responding to requests

  • To respond to customer service inquiries and fulfill your requests efficiently.

  • To process transactions and administer promotions, surveys, or other features of the Services.

4. Improving our Services

  • To analyze how users interact with our Services and gather feedback to enhance existing features and develop new ones.

  • To conduct research, including aggregated and anonymized analyses, for improving our offerings and generating insights.

5. Enhancing security and fraud prevention

  • To detect, prevent, and mitigate unauthorized access, fraud, and abuse of the Services.

  • To maintain and improve account and network security.

6. Contacting you

We may contact you via the following methods to ensure you are informed about your account and services:

  • Email: To send important updates about your account, changes to terms or policies, and optional newsletters or promotional offers.

  • Phone: To address urgent matters, such as account security, or to respond to specific customer support requests when necessary.

  • Text Messages: If you opt-in, we may send occasional text messages to provide updates about the Services. Message frequency may vary. Standard message and data rates may apply based on your carrier.

7. Sending important communications

  • To send essential notices regarding your account, changes to policies, or updates to the Services. These communications are mandatory and cannot be opted out of.

Sharing of Personal Information

1. Sharing with service providers

We may share your personal information under confidentiality agreements with trusted third-party service providers who assist us in operating, developing, or maintaining the Services. These include:

  • Identity verification services (e.g., ID.me) to ensure secure access to your health records.

  • Cloud hosting providers for data storage.

  • Analytics providers for usage analysis and service improvements.

  • Email and text communication vendors.

  • Marketing service providers for delivering promotional materials.

These companies use your data solely to provide services to MedRecords.me and do not have independent rights to share your information.

2. Legal and safety requirements

We may disclose your personal information:

  • To comply with legal obligations, such as subpoenas, court orders, or government regulations.

  • To establish or defend legal claims.

  • To prevent fraud, unauthorized access, or threats to safety.

3. Business transfers

In the event of a business transaction such as a merger, acquisition, or sale, your personal information may be transferred to the new entity. We will require the new entity to adhere to this Privacy Policy.

4. User-controlled sharing

  • You have full control over sharing your medical information with others, for instance lawyers, family, and caregivers. Use the account settings to manage these permissions. We will not share your health records without express, written authorization in accordance with all applicable laws and regulations.

  • When you make a decision to share your data outside of Tekmir and MedRecords.me--including your Health Records--the data practices under this Privacy Policy will no longer apply to the information held by that outside entity. We recommend that you review and determine you are comfortable with that entity’s privacy policy prior to sharing your data (including Account Information and Health Records).

Changing or Deleting Your Information

You may review and request changes to your personal information.

You may also request deletion of your Personal Information, including Health Records. When you choose to delete your account, all of your Personal Information associated with the account will be deleted as soon as is reasonably possible and will no longer be accessible by you or MedRecords.me through our application. The only data that is not deleted is disclosure log information that we keep for audit and legal purposes.

You may submit requests to change or delete your Personal Information using the account settings within your MedRecords.me application. For further assistance, email: support@Medrecords.me.

Opting Out of Communications

You can opt out of receiving optional emails and promotional phone calls through your account settings or by following the instructions in the communication.

To opt out of text messages, reply STOP to any text. You can also text HELP for further assistance. Note that opting out of text messages will not affect important notices related to your account or the Services.

Children’s Privacy Policy

Our website and Services are not intended for individuals under 18 years of age. If you are under 18 years of age, do not use this website, its features, or our Services in any capacity. Do not provide us with any information about yourself.

We will not knowingly collect data on anyone under the age of 18. If we learn we have collected or received personal information from someone under 18 without valid parental consent, we will delete that information. Please contact us if you believe we might have information from or about a child under 18.

Non-United States Residents

Our website is operated in the United States. If you are located outside of the United States, please be aware that any personal information you provide to us will be transferred to the United States. By using our website and/or providing us with your personal information, you agree to this transfer.