← Back to Sign In

Privacy Policy

Last updated: March 5, 2026

1. Introduction

Qantev ("we", "us", "our") is committed to protecting the privacy and security of personal data processed through our Claims Operations Platform. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with GDPR, HIPAA, and applicable data protection regulations.

2. Data We Collect

We collect and process the following categories of data:

  • Account Data: Name, email address, profile picture, and role information provided through Google OAuth authentication.
  • Claims Data: Health insurance claims information, supporting documents, and related data submitted by your organization for processing.
  • Usage Data: Platform interaction logs, feature usage patterns, and session data collected to maintain and improve our services.
  • Audit Data: Records of user actions within the Platform for compliance and security purposes.

3. How We Use Your Data

We process your data for the following purposes:

  • Providing and operating the Claims Operations Platform.
  • Authenticating users and managing access controls.
  • Processing claims using AI-powered data extraction and validation.
  • Maintaining audit trails for regulatory compliance.
  • Improving Platform performance, reliability, and features.

4. Legal Basis for Processing

We process personal data under the following legal bases: (a) performance of our contract with your organization, (b) compliance with legal obligations including HIPAA and insurance regulations, (c) legitimate interests in maintaining platform security and improving services, and (d) your consent where required.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • TLS/SSL encryption for all data in transit.
  • AES-256 encryption for data at rest.
  • Role-based access controls and audit logging.
  • Regular security assessments and penetration testing.
  • SOC 2 Type II compliance.

6. Data Retention

We retain your data for the duration of your organization's subscription and for a period of 90 days following termination. Claims data may be retained longer if required by applicable insurance regulations or legal obligations. Audit logs are retained for a minimum of 7 years.

7. Data Sharing

We do not sell your data. We may share data with: (a) cloud infrastructure providers who host the Platform under strict data processing agreements, (b) AI service providers for claims processing under data processing agreements, and (c) regulatory authorities when required by law.

8. Your Rights

Under GDPR and applicable data protection laws, you have the right to:

  • Access your personal data and obtain a copy.
  • Rectify inaccurate or incomplete personal data.
  • Request erasure of your personal data (subject to legal retention requirements).
  • Restrict or object to certain processing activities.
  • Data portability — receive your data in a structured, machine-readable format.
  • Lodge a complaint with a supervisory authority.

9. International Transfers

Data may be processed in the United States and the European Union. For transfers outside the EEA, we rely on Standard Contractual Clauses approved by the European Commission and implement additional safeguards where appropriate.

10. HIPAA Compliance

For protected health information (PHI) processed through the Platform, Qantev acts as a Business Associate under HIPAA. We maintain a Business Associate Agreement (BAA) with each covered entity and implement all required administrative, physical, and technical safeguards.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes at least 30 days before they take effect via email or through the Platform.

12. Contact Us

For privacy-related inquiries or to exercise your data rights:

Data Protection Officer: privacy@qantev.com

General inquiries: legal@qantev.com