recoupr

LEGAL

Privacy Policy

How recoupr collects, uses, and protects your information.

Last Updated: Feb 6, 2026

Recoupr LLC (“recoupr,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, and disclose information when you access or use our website (the “Site”) and our SaaS claims processing platform (the “Service”).

IMPORTANT NOTE ON HIPAA: Much of the data we process is Protected Health Information (PHI). PHI is governed by the Health Insurance Portability and Accountability Act (HIPAA) and the Business Associate Agreement (BAA) we have signed with your Therapy Group. In the event of a conflict between this Privacy Policy and the BAA regarding PHI, the BAA shall control.

1. Information We Collect

A. Information You Provide to Us

  • Account Information: When Therapists or Admin staff register, we collect names, email addresses, NPI numbers, and practice details.
  • Patient/Client Data: When you use the Client Portal, we collect insurance policy details (Member ID, Group Number), dates of birth, and addresses. We do not collect precise GPS location data.
  • Claims Data: To process claims, we collect diagnosis codes (ICD-10), procedure codes (CPT), and billing amounts.

B. Information Collected Automatically

  • Log Data: We collect server logs including IP addresses, browser type, and timestamps to monitor system security and performance.
  • Usage Data: We track user actions within the Service (e.g., “Claim Uploaded,” “Superbill Parsed”) for audit trails and product improvement.
  • Cookies & Tracking:
    • Public Site: We may use cookies or pixels (e.g., Google Analytics) on our public marketing website to understand visitor traffic.
    • Secure Service: We DO NOT use advertising pixels or third-party tracking cookies inside the logged-in Service where PHI is present.

2. How We Use Your Information

We use your information for the following business purposes:

  • Service Delivery: To parse superbills, generate claim packets, submit claims to clearinghouses, and track reimbursement status.
  • Transactional Communications: To send you critical notifications (e.g., “Claim Approved,” “Action Required”). We do not send marketing emails to Patients.
  • Security & Compliance: To verify identities, detect fraud, and maintain HIPAA audit logs.
  • AI Improvement (De-identified Data): We may de-identify and aggregate data (removing all PHI) to train our AI models and generate industry benchmarks, as permitted by HIPAA and our customer agreements.

3. Sharing and Disclosure

We do not sell your Personal Information. We only disclose information as follows:

  • Service Providers: We share data with trusted vendors who assist in providing the Service (e.g., Aptible for hosting, Google Cloud for AI processing). All such vendors are bound by strict confidentiality and HIPAA Business Associate obligations.
  • Legal Requirements: We may disclose information if required by law, subpoena, or regulation (including Texas HB 300).
  • Business Transfers: If recoupr is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Your Privacy Rights (State-Specific)

A. Texas Residents (HB 300 / TMRA)

  • Electronic Copies: You have the right to receive an electronic copy of your health records within fifteen (15) business days of a written request.
  • Prohibition on Sale: We are strictly prohibited under Texas law from selling your Protected Health Information (PHI).

B. California Residents (CCPA/CPRA)

  • Service Provider Status: Recoupr acts as a “Service Provider” to your Therapy Group. We process data solely to fulfill our contractual obligations.
  • No Sale or Share: We do not sell your personal information or “share” it for cross-context behavioral advertising.
  • Rights: You have the right to request access to, correction of, or deletion of your personal information. To exercise these rights, please contact us at support@recoupr.ai.

5. Families and Minors

  • Parental Responsibility: The Service is intended for use by adults. If a patient is a minor (under 18), the Recoupr account must be held and managed by a parent or legal guardian.
  • COPPA: We do not knowingly collect personal information directly from children under 13 without verifiable parental consent. By adding a minor dependent to your account, you act as the parent/guardian providing such consent.

6. Security

We implement industry-standard administrative, physical, and technical safeguards to protect your data, including encryption at rest and in transit (TLS 1.2+). However, no method of transmission over the Internet is 100% secure.

7. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or by email. Continued use of the Service after such changes constitutes acceptance of the new policy.

8. Contact Us

If you have questions about this Privacy Policy or your data rights, please contact us at:

Recoupr LLC
Email: support@recoupr.ai