← Back to GradeOneView
Privacy Policy
Last updated: March 11, 2026
1. Introduction
GradeOneView LLC ("we," "us," or "our") operates the GradeOneView platform, including web applications at app.gradeoneview.io, mobile applications for iOS and Android, and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, and protect your information when you use the Service.
By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
2. Who We Serve
GradeOneView is designed for anesthesia practices and healthcare professionals. Our platform includes:
- Anesthesia Practice Management — scheduling, case management, billing audit, secure messaging, and practice analytics
- CME Compliance Tracking — continuing medical education tracking and certificate management
- Financial Tools — tax projections, portfolio tracking, and business management for physician practices
3. Information We Collect
3a. Information You Provide
- Account information — name, email address, username, practice group affiliation, and professional role
- Authentication credentials — password (stored as a salted hash, never in plaintext), two-factor authentication secrets, and passkey/WebAuthn credentials
- Practice data — case records, scheduling assignments, physician rosters, facility information, and billing configurations
- Patient information — limited to hashed patient initials (SHA-256) for case identification. We do not collect patient names, medical record numbers, dates of birth, Social Security numbers, or other direct patient identifiers
- Messaging content — messages sent through the platform's secure messaging system
- CME records — continuing education activities, certificates, and compliance documents you upload
- Feedback and support — bug reports, feature requests, and other feedback you submit through the platform
3b. Information Collected Automatically
- Device information — device type, operating system version, and app version (for mobile applications)
- Crash and error reports — stack traces and error metadata collected via Sentry for application stability monitoring. These reports are scrubbed of patient data, authentication tokens, and other sensitive information before transmission
- Usage analytics — anonymized feature usage patterns to improve the Service (via PostHog, configured for HIPAA compliance with session replay disabled)
3c. Information We Do NOT Collect
- We do not collect precise geolocation data
- We do not access your device contacts, photos, or microphone
- We do not collect advertising identifiers (IDFA/GAID)
- We do not track you across other apps or websites
- We do not store full patient names, MRNs, DOBs, or SSNs
4. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Authenticate your identity and secure your account
- Generate practice analytics, billing reports, and scheduling views
- Deliver secure messages between members of your practice group
- Send notifications about schedule changes, billing status, and compliance deadlines
- Monitor application stability and fix bugs (crash reporting)
- Improve the Service based on aggregated, anonymized usage patterns
- Comply with legal obligations and respond to lawful requests
5. How We Protect Your Information
5a. Technical Safeguards
- Encryption at rest — all data stored with AES-256 encryption. Full-disk encryption (FileVault) on all servers
- Encryption in transit — all connections secured with TLS 1.2+ via Cloudflare
- Dedicated infrastructure — the Service runs on dedicated hardware, not shared cloud servers. Your data is not co-mingled with other organizations' data at the infrastructure level
- Multi-tenant isolation — each practice group's clinical data is stored in a separate, isolated database. Authentication data is shared only for login purposes
- Access controls — role-based permissions with six tiers, two-factor authentication required for all users, rate-limited login attempts with lockout
- Backup encryption — all backups encrypted with AES-256-CBC before transmission to HIPAA-compliant storage (Backblaze B2, BAA on file)
5b. Organizational Safeguards
- Patient identifiers are stored only as one-way cryptographic hashes (SHA-256 of initials)
- Error reports and logs are automatically scrubbed of sensitive data before storage
- No Protected Health Information is included in application logs, error messages, or source code
6. HIPAA Compliance
GradeOneView maintains compliance with the Health Insurance Portability and Accountability Act (HIPAA) for any Protected Health Information (PHI) processed through the Service. This includes:
- Administrative, physical, and technical safeguards as required by the HIPAA Security Rule
- Business Associate Agreements (BAAs) with all subprocessors that handle PHI
- Minimum necessary principle — we limit access to PHI to only what is needed for the requested function
- Audit logging of access to clinical data
For practice groups that process PHI through the Service, a separate Business Associate Agreement governs our obligations and supplements this Privacy Policy.
7. Data Sharing and Disclosure
We do not sell your data. We do not share your data with advertisers. We do not use your data for targeted advertising.
We may share your information only in these limited circumstances:
- Within your practice group — your schedule, case data, and messages are visible to other authorized members of your practice group according to the permission settings configured by your group administrators
- Service providers — we use a limited number of service providers to operate the platform (see Section 8)
- Legal requirements — we may disclose information if required by law, regulation, legal process, or governmental request
- Safety — we may disclose information if we believe in good faith that disclosure is necessary to protect the safety of any person
8. Service Providers (Subprocessors)
We use the following third-party service providers:
| Provider |
Purpose |
Data Processed |
BAA |
| Cloudflare |
CDN, DDoS protection, DNS |
Network traffic metadata |
Yes |
| Backblaze B2 |
Encrypted backup storage |
Encrypted database backups |
Yes |
| Sentry |
Error and crash monitoring |
Scrubbed error reports (no PHI) |
N/A (no PHI) |
| PostHog |
Product analytics |
Anonymized usage events (no PHI, replay OFF) |
N/A (no PHI) |
| Stripe |
Payment processing (CME subscriptions) |
Payment method, email |
N/A (no PHI) |
| Apple / Google |
App distribution |
App binaries only (no user data) |
N/A |
We do not use third-party analytics SDKs that track users across apps. We do not integrate any advertising networks.
9. Data Retention
- Account data — retained for as long as your account is active
- Clinical data — retained according to your practice group's retention requirements and applicable state/federal medical record retention laws
- Crash reports — automatically purged after 90 days
- Analytics events — anonymized and aggregated; individual events purged after 12 months
- Backups — encrypted backups retained for 30 days, then automatically deleted
Upon account termination or at your request, we will delete or de-identify your personal data within 30 days, except where retention is required by law (e.g., HIPAA requires 6 years for certain records).
10. Your Rights
You have the right to:
- Access your personal data held by the Service
- Correct inaccurate data in your account or profile
- Delete your account and personal data (subject to legal retention requirements)
- Export your data in a standard, machine-readable format
- Revoke connected third-party integrations at any time
- Opt out of non-essential analytics
To exercise any of these rights, contact us at info@gradeoneview.io. We will respond within 30 days.
11. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- The right to know what personal information we collect, use, and disclose
- The right to request deletion of your personal information
- The right to opt out of the "sale" of personal information — we do not sell personal information
- The right to non-discrimination for exercising your privacy rights
12. Mobile Application Privacy
Our iOS and Android applications collect the same categories of data described in Section 3. Additionally:
- Push notifications — if you enable push notifications, we use Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM) to deliver schedule and messaging alerts. You can disable notifications in your device settings at any time
- Biometric authentication — if you enable biometric login (Face ID, Touch ID, or fingerprint), your biometric data is processed entirely on your device by the operating system. We never receive, store, or transmit biometric data
- Local storage — authentication tokens and user preferences are stored securely on your device using platform-provided secure storage (Keychain on iOS, Keystore on Android)
- No background data collection — the app does not collect data when it is not in active use
Apple App Privacy Summary
For Apple's App Store privacy labels, here is a summary of our data practices:
| Data Type |
Collected? |
Linked to Identity? |
Used for Tracking? |
| Name |
Yes |
Yes |
No |
| Email Address |
Yes |
Yes |
No |
| User ID |
Yes |
Yes |
No |
| Health & Fitness (case records) |
Yes |
Yes |
No |
| Crash Data |
Yes |
No |
No |
| Performance Data |
Yes |
No |
No |
| Product Interaction |
Yes |
No |
No |
| Precise Location |
No |
— |
— |
| Contacts |
No |
— |
— |
| Photos or Videos |
No |
— |
— |
| Browsing History |
No |
— |
— |
| Advertising Data |
No |
— |
— |
13. Children's Privacy
The Service is designed for healthcare professionals and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it promptly.
14. International Users
The Service is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service at least 30 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was most recently revised.
16. Contact Us
For questions about this Privacy Policy, to exercise your privacy rights, or to report a concern:
GradeOneView LLC · 1608 W Campbell Ave PMB 246, Campbell, CA 95008