Privacy Policy

1. Introduction

IntentPi Software Pvt. Ltd. ("Company," "we," "us," or "our") operates the PixelMD platform, an AI-powered diagnostic imaging and clinical intelligence system designed for healthcare institutions. This Privacy Policy describes how we collect, use, disclose, and protect information obtained through the PixelMD platform (the "Service"), our website at pixelmd.ai, and related services.

By accessing or using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of the Service immediately.

2. Information We Collect

• Medical Imaging Data: DICOM files, X-ray images, CT scans, endoscopy videos, and other diagnostic imaging studies uploaded by authorized healthcare providers for AI-assisted analysis.
• Protected Health Information (PHI): Patient identifiers associated with imaging studies, including patient name, date of birth, medical record number, accession number, and study metadata as transmitted via DICOM headers.
• User Account Information: Name, professional credentials, email address, institutional affiliation, role, and login credentials for authorized platform users.
• Usage and Analytics Data: Platform interaction logs, feature usage patterns, diagnostic queue activity, report generation metrics, browser type, IP address, and device information.
• AI Interaction Data: Model inference results, radiologist validation decisions, accuracy ratings, and feedback submitted through the validation workflow.

3. How We Use Your Information

• AI Diagnostic Processing: Running imaging studies through our CNN-based pre-screening models and LLM clinical reasoning engine to generate AI-assisted diagnostic reports.
• Platform Operations: Providing, maintaining, and improving the Service, including diagnostic queue management, report generation, and radiologist validation workflows.
• Model Improvement: Using de-identified and aggregated data to train, validate, and improve our AI diagnostic models. Individual PHI is never used for model training without explicit authorization.
• Analytics and Reporting: Generating institutional performance metrics, diagnostic throughput analytics, and model accuracy statistics.

4. HIPAA Compliance

PixelMD is designed to operate as a HIPAA-compliant platform. We function as a Business Associate under HIPAA and will enter into a Business Associate Agreement (BAA) with each covered entity prior to processing any PHI.

5. Data Retention

Medical imaging data and associated AI-generated reports are retained for the duration specified in your institution's BAA and service agreement. User account information is retained for the duration of the account's active status and for 90 days following deactivation. Usage and analytics data is retained in aggregate, de-identified form indefinitely.

6. Third-Party Sharing

We do not sell, rent, or trade personal information or PHI. We may share information with:

• Cloud Infrastructure Providers: We use AWS for hosting and data storage. All sub-processors who may access PHI are bound by BAAs.
• AI Model Providers: Certain workflows utilize third-party LLMs via HIPAA-eligible API endpoints. No PHI is retained by third-party model providers.
• Legal and Regulatory: We may disclose information as required by law, regulation, subpoena, or court order.

7. Your Rights

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Portability: Request a copy of your data in a structured, machine-readable format.