BabyKong
Back to Home
Privacy-First Design

Privacy Policy

BabyKong is committed to protecting your privacy and ensuring the security of your personal and health information through H33.ai's quantum-resistant architecture.

Last updated: January 31, 2025

Our Privacy Principles

Zero PHI Exposure

Health information never exists in plaintext through our homomorphic encryption.

Transparent Processing

We provide clear information about how your data is processed and protected.

Minimal Collection

We collect only the data necessary for healthcare arbitration services.

Information We Collect

Account Information

When you create a BabyKong account, we collect basic information necessary for account creation and management:

  • Name and professional credentials
  • Email address and phone number
  • Organization information
  • Professional role and licensing information

Healthcare Dispute Data

For arbitration services, we process healthcare dispute information, which may include Protected Health Information (PHI):

  • Medical billing documents and claims data
  • Patient demographic information (encrypted)
  • Provider and payer information
  • Dispute documentation and evidence
  • Arbitration decisions and supporting documentation

PHI Protection

All PHI is processed using H33.ai's homomorphic encryption, ensuring health information never exists in plaintext during processing, storage, or transmission.

Technical Information

We automatically collect certain technical information to provide and improve our services:

  • IP addresses and device information
  • Browser type and version
  • Usage patterns and API access logs
  • Performance and error logs

How We Use Your Information

Service Provision

  • Processing healthcare arbitration cases
  • Generating arbitration decisions and documentation
  • Providing case management and tracking services
  • Ensuring regulatory compliance (HIPAA, CMS IDR)
  • Maintaining audit trails and compliance reporting

Communication

  • Sending service notifications and updates
  • Providing customer support
  • Sharing important security or compliance information
  • Sending requested information about our services

Service Improvement

  • Analyzing usage patterns to improve our platform
  • Developing new features and capabilities
  • Enhancing security and performance
  • Training AI models (using de-identified data only)

Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share information only in the following circumstances:

Authorized Parties

  • Healthcare providers and payers involved in specific arbitration cases
  • Qualified arbitrators assigned to cases
  • Regulatory bodies as required by law
  • Your organization's authorized users and administrators

Service Providers

  • H33.ai for quantum-resistant security services
  • Cloud infrastructure providers (with Business Associate Agreements)
  • Third-party integrations you authorize
  • Professional service providers (legal, accounting, etc.)

Legal Requirements

  • To comply with applicable laws and regulations
  • To respond to lawful requests from public authorities
  • To protect our rights and prevent fraud or abuse
  • In connection with legal proceedings

Data Security

BabyKong employs H33.ai's revolutionary security architecture to protect your data with quantum-resistant encryption and advanced security measures:

Quantum-Resistant Encryption

Post-quantum cryptographic algorithms (CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON) provide 30+ year security guarantees.

Homomorphic Encryption

PHI is processed in encrypted form, ensuring health information never exists in plaintext.

Blockchain Audit Trails

Immutable audit trails track all data access and processing activities.

Zero-Trust Architecture

Multi-layer security with continuous authentication and threat monitoring.

Compliance Certifications

BabyKong maintains SOC 2 Type II, HIPAA, ISO 27001, and CMS IDR certifications, with regular third-party security audits and penetration testing.

Data Retention

We retain information only as long as necessary to provide services and comply with legal obligations:

  • Account Information: Retained while your account is active and for 7 years after closure as required by healthcare regulations
  • Arbitration Records: Maintained for 10 years as required by CMS IDR regulations and state requirements
  • Audit Logs: Preserved for 7 years for compliance and security purposes
  • Technical Logs: Typically retained for 90 days unless required for security investigations

Upon account closure or data deletion requests, we will securely delete personal information while maintaining records required by law or regulation.

Your Privacy Rights

You have the following rights regarding your personal information:

Access and Portability

Request access to your personal information and receive a copy in a portable format.

Correction

Request correction of inaccurate or incomplete personal information.

Deletion

Request deletion of personal information, subject to legal and regulatory requirements.

Restriction

Request restriction of processing in certain circumstances.

Objection

Object to processing of your personal information for certain purposes.

Exercise Your Rights

To exercise any of these rights, contact our privacy team at privacy@babykong.com or through your account settings.

International Data Transfers

BabyKong operates primarily within the United States and processes data in compliance with US healthcare regulations. If data is transferred internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses for EU data subjects
  • Adequate jurisdiction determinations
  • Binding Corporate Rules where applicable
  • Consent for specific transfers when required

Children's Privacy

BabyKong is designed for healthcare professionals and organizations. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Providing in-app notifications
  • Updating the "Last Modified" date at the top of this policy

Your continued use of BabyKong after the effective date of changes constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer

privacy@babykong.com

Mailing Address

BabyKong Enterprise
Privacy Department
1234 Healthcare Drive
San Francisco, CA 94105

Phone

1-800-BABYKONG