Privacy and Data Use Policy

Effective date: June 23, 2026

Medneed is a healthcare operations and patient-access platform. This Privacy and Data Use Policy explains how Medneed collects, uses, stores, protects, and shares information when you use the Medneed website, platform, account features, resources, Premium / Founding Practice interest form, and related services.

In this policy, “Medneed,” “we,” “us,” and “our” refer to Medneed Inc. “You” refers to a visitor, account holder, healthcare professional, practice representative, or other person using Medneed.

1. Important limitation: do not submit patient-identifying information

Medneed is designed for operational and patient-access challenges, not clinical care, diagnosis, treatment, or patient-specific decision-making.

Do not submit protected health information or patient-identifying information, including patient names, dates of birth, medical record numbers, insurance identifiers, clinical notes, patient contact information, or other information that could identify a patient.

Medneed does not currently claim HIPAA compliance or SOC 2 compliance. You are responsible for ensuring that the information you submit is appropriate for use in Medneed.

2. Information we collect

We may collect the following categories of information.

A. Account and authentication information

When you create or use an account, we may collect:

  • your name;
  • your email address;
  • your authentication provider, such as email/password or Google Sign-In;
  • an internal account identifier;
  • account status and onboarding status; and
  • account-related security and login information needed to operate the service.

B. Practice and organization information

When you complete a practice profile or use Medneed, we may collect information you provide about your organization, such as:

  • practice or organization type;
  • role or job title;
  • organization size;
  • broad geographic area;
  • operational priorities;
  • workflow needs; and
  • other non-patient information you choose to provide.

C. Challenge, outcome, and feedback information

We collect information you submit through Medneed, including:

  • operational or patient-access challenges;
  • challenge category, urgency, impact, and context;
  • follow-up outcomes or implementation updates;
  • feedback about Medneed;
  • resource or recommendation interactions; and
  • information submitted through the Premium / Founding Practice interest form.

Challenges are private by default and are not publicly displayed. Access is limited to you and the systems or authorized service providers needed to operate Medneed and generate requested guidance.

D. Google Sign-In information

When you choose to sign in with Google, Medneed receives only the information made available through Google’s standard openid, email, and profile scopes:

  • your name; and
  • your email address.

Medneed does not access Gmail, Google Drive, Google Calendar, Google Contacts, Google Workspace content, or other Google services.

We do not independently use or store Google access tokens or refresh tokens for access to Google services.

E. Usage, device, and technical information

When you access Medneed, we or our service providers may collect technical and usage information, such as:

  • pages viewed;
  • actions taken within the service;
  • referral source;
  • browser and device information;
  • approximate location inferred from IP address;
  • timestamps;
  • diagnostic logs; and
  • information used to maintain security, prevent abuse, and improve service reliability.

F. Cookies and similar technologies

Medneed and its service providers may use cookies, browser storage, or similar technologies that are necessary to:

  • keep you signed in;
  • maintain session security;
  • remember basic settings;
  • operate the platform; and
  • understand general service usage and performance.

3. How we use information

We may use information to:

  • create and authenticate accounts;
  • provide, maintain, secure, and improve Medneed;
  • deliver operational guidance, resources, and AI-assisted reviews requested by users;
  • personalize the experience based on practice-profile and challenge information;
  • send transactional communications, such as account confirmation, password reset, and security-related messages;
  • respond to support, privacy, and deletion requests;
  • detect, investigate, and prevent fraud, misuse, security incidents, or violations of our Terms;
  • analyze aggregate service performance and product usage; and
  • comply with legal obligations or enforce our rights.

4. AI-assisted guidance and optional anonymized learning

Medneed may use AI service providers to analyze challenge text and generate operational guidance, structured next steps, or resource suggestions.

Challenge text may be processed by an AI provider only as needed to provide the feature you requested. Google Sign-In identity information, including your Google-derived name and email address, is not included in AI prompts.

Medneed may offer an optional anonymized-learning setting. If you choose to enable it, Medneed may use de-identified and aggregated patterns from your use of the service, such as practice type, broad geography, organization size, challenge category, urgency, impact, and outcome status, to improve recommendations and service design.

This setting is off by default and may be changed in your profile. Medneed does not use Google Sign-In data to train AI models.

5. How we share information

Medneed does not sell personal information.

Medneed does not share personal information with advertisers or use Google Sign-In information for advertising, behavioral targeting, profiling, or marketing.

We may disclose information only to the following categories of recipients when reasonably necessary to operate Medneed:

  • Hosting, database, and authentication providers, including Lovable Cloud and Supabase;
  • Google, when you choose Google Sign-In, for authentication and OAuth-related processing;
  • Transactional email providers, such as Resend, to send account confirmation, password reset, and other account-related emails;
  • AI service providers used to generate requested operational guidance from challenge text;
  • Professional advisers, such as lawyers, accountants, or auditors, when necessary;
  • Government authorities, law enforcement, or other parties when required by law, legal process, or to protect rights, safety, and security; and
  • A successor organization if Medneed is involved in a merger, acquisition, financing, sale of assets, reorganization, bankruptcy, or similar transaction.

Service providers may process information only to provide services to Medneed or as otherwise required by law.

6. Google Sign-In and Google user data

Medneed uses Google Sign-In only to create and authenticate accounts.

Medneed requests only the standard identity scopes:

  • openid
  • email
  • profile

Medneed receives only your name and email address through Google Sign-In.

Medneed does not access, read, store, analyze, sell, or share your Gmail messages, Google Drive files, Google Calendar events, Google Contacts, or other Google account content.

Google-derived identity information is used only to:

  • create and authenticate your Medneed account;
  • populate basic account and profile information; and
  • support account-related communications.

Google-derived identity information is stored in Medneed’s authentication system and user-profile record. It is not sold, shared with advertisers, or used to train AI models.

7. Data retention

We retain account, profile, challenge, outcome, and related service information for as long as reasonably necessary to provide Medneed, maintain your account, protect the service, resolve disputes, comply with legal obligations, and enforce our agreements.

If you request account deletion, we will delete or de-identify applicable personal information unless we need to retain limited information for legitimate security, legal, fraud-prevention, dispute-resolution, backup, or recordkeeping purposes.

De-identified or aggregated information that cannot reasonably identify you may be retained.

8. Security

Medneed uses reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, alteration, or disclosure.

These safeguards include authentication controls and row-level access controls intended to limit users’ access to their own account-related data.

No online service can guarantee absolute security. You should use a strong password, protect your login credentials, and notify us promptly if you believe your account has been accessed without authorization.

9. Your choices and privacy requests

Subject to applicable law, you may request to:

  • access personal information we hold about you;
  • correct inaccurate account or profile information;
  • request deletion of your account and associated personal information;
  • ask questions about our data practices; or
  • change your optional anonymized-learning preference through your profile where that feature is available.

To submit a privacy, access, correction, or deletion request, contact us at:

iraneuso@gmail.com

We may need to verify your identity before completing a request. We may limit or decline a request where permitted by law, including where we cannot verify the request, where the request is excessive, or where retention is necessary for security, legal, or operational reasons.

10. California privacy notice

Medneed does not sell personal information or share personal information for cross-context behavioral advertising.

Where applicable, California residents may have rights to know what personal information is collected, used, disclosed, or retained; request correction or deletion of certain personal information; and exercise other privacy rights provided by California law.

To submit a privacy request, contact us at iraneuso@gmail.com. We will not discriminate against you for exercising applicable privacy rights.

11. Children

Medneed is intended for adults and healthcare organizations. It is not directed to children.

We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to Medneed, contact us at iraneuso@gmail.com so we can review and take appropriate action.

12. Third-party links and services

Medneed may link to third-party websites, resources, or tools. Those third parties have their own privacy practices, and this policy does not govern their services.

You should review the privacy policies of third-party services before providing information to them.

13. Changes to this policy

We may update this Privacy and Data Use Policy from time to time. When we do, we will post the updated version on this page and revise the effective date.

If we make a material change to how we use Google user data, we will provide notice and obtain any consent required before using that data in a materially different way.

14. Contact us

For privacy questions, account deletion requests, or other data-related concerns, contact:

iraneuso@gmail.com