Privacy Policy

Effective March 1, 2026

1. Introduction

Cernere Inc. ("Cernere", "we", "us") operates a platform that connects AI laboratories with medical experts for clinical evaluation work. This Privacy Policy describes how we collect, use, store, and protect your personal information.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and medical specialty. Authentication is handled via secure email-based login links. We do not store passwords.

Work Product

Through your use of the platform, we collect reviews, scores, written responses, voice recordings, and transcriptions. As described in our Terms of Service, all work product becomes the property of Cernere upon submission.

Usage Data

We collect information about how you interact with the platform, including session duration, pages visited, features used, and technical data such as browser type, device, and IP address.

3. How We Use Your Information

  • To operate and maintain the platform
  • To authenticate your identity and verify credentials
  • To match you with appropriate evaluation tasks based on your specialty
  • To process compensation payments
  • To deliver work product to our clients (AI laboratories and research partners)
  • To improve platform quality and user experience
  • To communicate with you about your account, assignments, and platform updates

4. Data Sharing

We share data only in the following circumstances:

  • With clients: Work product is shared with the AI laboratories that commissioned the evaluation. Work product is de-identified. Your name and contact information are not shared with clients unless you explicitly consent.
  • Service providers: We use third-party services to operate the platform (see Section 6). These providers process data on our behalf under strict contractual obligations.
  • Legal requirements: We may disclose information if required by law, regulation, or legal process.

We do not sell your personal information to third parties.

5. Data Security

We take data security seriously and implement strict protocols to protect your information:

  • All data is encrypted in transit (TLS 1.2+) and at rest
  • Authentication is handled via secure email-based login links
  • Database access is restricted with application-level authorization checks
  • Voice recordings are processed via secure, HIPAA-eligible transcription services
  • Platform access requires completion of NDA and onboarding verification

6. Infrastructure & Compliance

Cernere is built on enterprise-grade, compliance-certified infrastructure:

  • Database and authentication: SOC 2 Type II certified. Data encrypted at rest (AES-256) and in transit.
  • Application hosting: SOC 2 Type II certified. Edge network with automatic HTTPS.
  • Voice transcription: SOC 2 Type II certified. Audio data is processed in real-time and not retained after transcription.

All infrastructure providers maintain industry-standard security certifications and undergo regular third-party audits.

7. Data Retention

We retain your account information for as long as your account is active. Work product is retained indefinitely as it constitutes deliverables under our client agreements. If you request account deletion, we will remove your personal account information within 30 days, but de-identified work product will be retained per our contractual obligations.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate personal information
  • Request deletion of your account and personal data
  • Export your personal data in a portable format
  • Object to certain processing of your information

To exercise these rights, contact us at support@cernere.co. Note that deletion requests do not apply to work product, which is owned by Cernere per the Terms of Service.

9. Cookies & Analytics

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. We may use analytics tools to understand platform usage patterns and improve the experience.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or platform notification at least 14 days before they take effect. Continued use of the platform after changes take effect constitutes acceptance.

11. Contact

For questions about this Privacy Policy or our data practices, contact us at support@cernere.co.