Privacy Policy

1. Who we are

MDAccept ("we", "our", "us") is a crowdsourced doctor insurance verification platform available at mdaccept.com. We help patients find doctors who accept their health insurance by aggregating real patient reports.

2. What data we collect

We collect the minimum data needed to operate the service:

• Insurance plan selection — stored locally in your browser (localStorage). Not transmitted to our servers.
• Verification reports — when you verify a doctor visit, we record the doctor ID, insurance plan, acceptance result (yes/no), and timestamp. We do not collect your name, email, or any identifying information unless you create an account.
• Call wait time reports — the time bucket you select is stored with the doctor ID and plan. No personal data is attached.
• Usage data — standard server logs including IP address, browser type, pages visited, and timestamps. Used for security and performance monitoring only.

3. What we do not collect

• We do not collect your name, email address, or phone number unless you explicitly provide it.
• We do not collect medical records, diagnoses, or treatment information.
• We do not sell your data to third parties.
• We do not run targeted advertising.

4. How we use your data

Verification and wait time reports are used solely to calculate trust scores and display aggregated, anonymous statistics to other users. No individual report is ever attributed to a specific person on the site.

Usage logs are used to detect abuse, fix bugs, and improve performance. They are not used for marketing profiling.

5. Cookies and local storage

MDAccept uses browser localStorage (not cookies) to remember your selected insurance plan across visits. No tracking cookies are set. If you use a third-party map provider (CARTO via Leaflet), their standard tile-fetching requests are made when you view the map — those requests are subject to CARTO's own privacy policy.

6. Data sharing

We do not sell, rent, or trade your personal information. We may share aggregated, anonymized statistics (e.g. "42% of patients in San Francisco report Aetna PPO is accepted at this practice") publicly — this data cannot be used to identify any individual.

We may disclose data if required by law, court order, or to protect the safety of users or the public.

7. Data retention

Verification reports are retained indefinitely to maintain trust score accuracy. You may request deletion of any report you submitted by contacting us at privacy@mdaccept.com. Because reports are anonymous by default, you will need to provide the doctor ID, plan, date, and result to identify your specific submission.

8. Your rights

Depending on your location, you may have the right to access, correct, or delete personal data we hold about you. To make a request, email privacy@mdaccept.com. We will respond within 30 days.

If you are in the European Economic Area, you have rights under GDPR including the right to data portability and the right to lodge a complaint with your local supervisory authority.

If you are a California resident, you have rights under CCPA including the right to know what data is collected and the right to opt out of sale (we do not sell data).

9. Children

MDAccept is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has submitted data to us, please contact privacy@mdaccept.com and we will delete it promptly.

10. Security

We use industry-standard security practices including HTTPS encryption for all data in transit and secure storage for any server-side data. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

11. Changes to this policy

We may update this policy as the product evolves. When we make material changes, we will update the effective date at the top of this page. Continued use of MDAccept after changes constitutes acceptance of the updated policy.

12. Contact

Questions about this policy? Email us at privacy@mdaccept.com.