Consumer Health Data Privacy Policy

CANDID HEALTH DATA CONSENT
Version 1.4 — Effective April 8, 2026
Operated by Airgetlam Labs LLC

IMPORTANT: This is a SEPARATE consent from the Terms of Service and Privacy Policy. Under the Washington My Health My Data Act (RCW 19.373) and the California Consumer Privacy Act (CCPA/CPRA), your medical billing data is classified as sensitive consumer health data requiring specific, informed consent before collection. You must accept this consent before uploading any health-related documents to Candid.

1. CATEGORIES OF HEALTH DATA COLLECTED
When you upload documents to Candid, we may collect and process the following categories of consumer health data:
- Medical bills and itemized hospital bills (provider names, dates of service, charge amounts)
- Explanation of Benefits (EOB) documents (insurer determinations, allowed amounts, patient responsibility)
- Insurance statements and Summary of Benefits and Coverage (SBC) documents
- Insurance card images (member ID, group number, plan identifiers, insurer contact information)
- Claims data and billing line items (claim numbers, adjudication details, per-charge amounts, adjustment reason codes)
- Procedure codes (CPT, HCPCS) and diagnosis codes (ICD-10) extracted from your documents
- Provider names, facility names, and National Provider Identifiers (NPIs) from your documents
- Charge amounts, payment amounts, adjustment amounts, and balance-due amounts
- Dispute records (generated letter drafts, dispute status, correspondence tracking)
We do NOT collect or store: Social Security numbers, medical record numbers, clinical notes, lab results, or diagnostic images. We do NOT collect individual prescription fill records or pharmacy history. We DO extract plan formulary information (which drug categories your plan covers and at what tier) from plan documents — this describes your plan's drug coverage structure, not your personal prescriptions. If such information appears in uploaded documents, we do not extract or retain it.

2. SPECIFIC PURPOSES FOR WHICH YOUR HEALTH DATA IS USED
Your uploaded health documents will be used exclusively for:
(a) Bill Parsing — Extracting structured billing data (provider, codes, charges, adjustments) from your uploaded documents using optical character recognition (OCR) and document analysis.
(b) Audit Analysis — Comparing your charges against public pricing benchmarks (CMS Medicare Physician Fee Schedule, published hospital price transparency files) to identify potential overcharges, billing errors, unbundling violations, upcoding, and duplicate charges.
(c) Benefit Matching — Comparing procedures on your bills against your insurance plan's covered benefits to identify coverage gaps or missed in-network savings.
(d) Dispute Letter Generation — Populating dispute letter templates with facts extracted from your documents, including provider names, dates, codes, and charge amounts. You review and send all letters yourself.
(e) Cost Estimation — Displaying price comparison estimates for your specific procedures across providers in your area.
(f) Plan Catalog Improvement — Contributing extracted plan structure data (benefits, cost-sharing terms, formulary tiers) to a de-identified canonical plan database. This improves benefit matching accuracy for all users with similar plans. Individual user identity is never associated with canonical plan records.
Your health data will NOT be used for any purpose not listed above without obtaining separate, additional consent.

3. THIRD-PARTY PROCESSORS WHO ACCESS YOUR HEALTH DATA
The following service providers may process your health data under strict data processing agreements:

No other third party receives, accesses, or processes your identifiable health data. We do not share your health documents with advertisers, data brokers, insurers, providers, employers, or any other party.

4. DATA RETENTION AND STORAGE
- Your uploaded documents and extracted data are retained for the lifetime of your account or until you delete them, whichever comes first.
- Upon consent revocation, all uploaded documents and extracted health data are deleted within 30 days.
- Upon account deletion, all health data is deleted within 30 days.
- Encrypted backups that may contain health data are purged within 90 days of deletion.
- Health data is encrypted at rest (AES-256) and in transit (TLS 1.2+).

5. WHAT THIS CONSENT DOES NOT AUTHORIZE
This consent does NOT authorize:
- Sale of your identifiable health data to any third party — ever
- Sharing your documents or extracted data with insurers, providers, employers, or other users
- Use of your health data for advertising, marketing, or profiling
- Use of your health data for purposes other than those listed in Section 2
- Geofencing of healthcare facilities to collect or infer health data about you
If we wish to use your data for additional purposes (such as anonymized aggregate research), we will request separate, additional consent at that time.

6. YOUR RIGHT TO REVOKE CONSENT
You may revoke this health data consent at any time. Revoking consent will:
- Immediately prevent further processing of your uploaded documents
- Queue all uploaded documents and extracted health data for deletion within 30 days
- Preserve your account, subscription, and non-health personal data
- Not affect the legality of processing performed before revocation
To revoke, visit your account Settings page and select "Revoke Health Data Consent," or submit a support ticket.

7. YOUR RIGHT TO DELETE
Under the Washington My Health My Data Act and CCPA/CPRA, you have the right to request deletion of all consumer health data we hold about you. Upon receiving a verified deletion request, we will:
- Delete all uploaded documents from file storage within 30 days
- Delete all extracted billing data, audit results, and dispute letter drafts within 30 days
- Confirm deletion to you in writing
To request deletion, visit your account Settings page and select "Delete My Account," or submit a support ticket with the subject "Health Data Deletion Request."

8. YOUR RIGHT TO ACCESS
You may request a copy of all health data we hold about you. We will provide it in a structured, machine-readable format (JSON or CSV) within 30 days.

9. HIPAA NOTICE
Candid is not a healthcare provider, health plan, healthcare clearinghouse, or Business Associate as defined under the Health Insurance Portability and Accountability Act (HIPAA). When you upload your own medical documents to Candid, you are exercising your right to access, use, and share your own health information as a consumer.
While HIPAA does not directly regulate Candid, we voluntarily adopt security practices consistent with the HIPAA Security Rule as a best-practice standard for protecting your health data. See our HIPAA Storage Practices documentation for details.

10. CANDID IS NOT A HEALTHCARE PROVIDER
Candid does not provide medical advice, diagnoses, treatment recommendations, or clinical opinions. All health-related outputs (audit findings, benefit analyses, cost estimates) are informational tools for your independent use. Always consult qualified healthcare and legal professionals for advice specific to your situation.

11. WASHINGTON STATE RESIDENTS — ADDITIONAL RIGHTS
Under the My Health My Data Act, Washington residents have the right to:
- Receive this consent in a clear, standalone format (separate from Terms of Service)
- Know the specific categories of health data collected and each purpose for collection
- Know the specific categories of third parties and affiliates with whom health data is shared
- Revoke consent and have health data deleted within 30 days
- Bring a private cause of action under the Washington Consumer Protection Act (RCW 19.86) for violations
This consent document is designed to satisfy all requirements of RCW 19.373.

12. CONTACT
For questions about this Health Data Consent or to exercise your rights:
Airgetlam Labs LLC
Contact us via your account Settings page or by submitting a support ticket at candidclaim.com.