← Back to ToolsIQ

Privacy Policy

How ToolsIQ LLC collects, uses, and protects your information.

Effective Date: April 3, 2026

ToolsIQ LLC (“ToolsIQ,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our websites, applications, and services (collectively, the “Services”). By accessing or using our Services, you agree to this Privacy Policy.

1. Information We Collect

Personal Information

When you create an account, purchase a subscription, or contact us, we may collect:

  • Name and email address
  • Institutional or organizational affiliation
  • Billing information (processed securely through Stripe; we do not store full payment card numbers)
  • Professional role and practice information (for healthcare products)

Usage Data

We automatically collect certain information when you use our Services:

  • IP address and browser type
  • Device information and operating system
  • Pages visited, features used, and time spent
  • Referring URLs and search terms

Content Data

Depending on the product, we may process content you provide, such as case study submissions (CasesIQ), patient communication records (DentalIQ), or career profiles (CareersIQ). This content is processed solely to deliver the Services and is handled according to applicable data protection standards.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our products and features
  • Account Management: To manage your account, process payments, and communicate about your subscription
  • Product Improvement: To analyze usage patterns and improve our AI models, interfaces, and user experiences
  • Communication: To send service updates, security alerts, and (with your consent) marketing communications
  • Security: To detect, prevent, and respond to fraud, abuse, and security incidents
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes

3. Data Sharing

We do not sell your personal data. We only share information in the following limited circumstances:

  • Service Providers: We share data with trusted third-party providers who help us operate our Services (e.g., Stripe for payment processing, cloud hosting providers for infrastructure). These providers are contractually obligated to protect your data.
  • AI Model Providers: Content processed through our AI features may be sent to third-party AI providers (e.g., OpenAI, Anthropic, Google) for processing. We use API-level integrations that do not use your data for model training.
  • Legal Requirements: We may disclose information if required by law, court order, or government request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We take the security of your data seriously and implement industry-standard measures to protect it:

  • Encryption: All data is encrypted in transit (TLS 1.3) and sensitive data is encrypted at rest using AES-256-GCM encryption
  • API Key Security: Third-party API keys are encrypted with AES-256-GCM and managed through zero-knowledge key management
  • Authentication: Secure authentication with session management, rate limiting, and brute-force protection
  • Healthcare Data: For our dental and healthcare products, we implement HIPAA-conscious data handling practices, including access controls, audit logging, and data minimization
  • Infrastructure: Our Services are hosted on secure cloud infrastructure with regular security updates and monitoring

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

5. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete personal data
  • Deletion: Request deletion of your personal data, subject to legal retention requirements
  • Portability: Request your data in a structured, machine-readable format
  • Opt-Out: Opt out of marketing communications at any time via the unsubscribe link in our emails

To exercise any of these rights, please contact us at g.scheller@northeastern.edu. We will respond to your request within 30 days.

6. Cookies and Tracking

We use cookies and similar tracking technologies to operate and improve our Services:

  • Essential Cookies: Required for the Services to function (authentication, session management, security)
  • Analytics Cookies: Help us understand how users interact with our Services so we can improve them
  • Preference Cookies: Remember your settings and preferences (e.g., theme, language)

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect the functionality of our Services.

7. Children's Privacy

Our Services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child under 13, please contact us at g.scheller@northeastern.edu.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the “Effective Date” at the top of this page and, where appropriate, sending you a notification via email or through our Services. We encourage you to review this policy periodically.

9. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ToolsIQ LLC

Connecticut, USA

Email: g.scheller@northeastern.edu

Related legal documents