Acceptable Use Policy

Version1.0.3 Last Updated2024-04-01 APPROVED

1. Overview

AccuCode AI is dedicated to safeguarding its employees, partners, and the company from illegal or harmful actions, whether intentional or unintentional. This policy applies to all internet/intranet/extranet-related systems, which include but are not limited to:

• Computer equipment
• Mobile devices
• Software
• Operating systems
• Storage media
• Network accounts providing electronic mail, internet browsing, and FTP

These systems are the property of AccuCode AI and are intended to be used for business purposes that serve the interests of the company, our clients, and customers during normal operations.

Effective security requires the participation and support of every employee and affiliate who interacts with information and/or information systems. It is the responsibility of each computer user to understand and adhere to these guidelines in their daily activities.

2. Purpose

The purpose of this policy is to outline the acceptable use of computer equipment and other electronic devices at AccuCode AI. These rules are in place to protect the employee and AccuCode AI. Inappropriate use exposes AccuCode AI to cyber risks including virus attacks, ransomware, compromise of network systems and services, data breaches, and legal issues.

3. Scope

This policy applies to the use of information, electronic and computing devices, and network resources to conduct business or interact with internal networks and business systems, whether owned or leased by AccuCode AI, the employee, or a third party. All employees, contractors, consultants, temporary, and other workers at AccuCode AI and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with AccuCode AI policies and standards, and local laws and regulations.

This policy applies to employees, contractors, consultants, temporaries, and other workers at AccuCode AI, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by AccuCode AI.

4. Policy

4.1 General Use and Ownership

1. AccuCode AI proprietary information stored on electronic and computing devices, whether owned or leased by AccuCode AI, the employee, or a third party, remains the sole property of AccuCode AI. You must ensure through legal or technical means that proprietary information is protected in accordance with the Data Protection Standard.

2. You have a responsibility to promptly report the theft, loss, or unauthorized disclosure of AccuCode AI proprietary information.

3. You may access, use, or share AccuCode AI proprietary information only to the extent it is authorized and necessary to fulfill your assigned job duties.

4. Employees are responsible for exercising good judgment regarding the reasonableness of personal use. Individual departments are responsible for creating guidelines concerning personal use of Internet/Intranet/Extranet systems. In the absence of such policies, employees should consult their supervisor or manager.

5. For security and network maintenance purposes, authorized individuals within AccuCode AI may monitor equipment, systems, and network traffic at any time, per Infosec’s Audit Policy.

6. AccuCode AI reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.

4.2 Security and Proprietary Information

1. All mobile and computing devices that connect to the internal network must comply with the Minimum Access Policy.

2. System level and user level passwords must comply with the Password Policy. Providing access to another individual, either deliberately or through failure to secure its access, is prohibited.

3. All computing devices must be secured with a password-protected lock screen with the automatic activation feature set to 10 minutes or less. You must lock the screen or log off when the device is unattended.

4. Postings by employees from an AccuCode AI email address to newsgroups or other online platforms should contain a disclaimer stating that the opinions expressed are strictly their own and not necessarily those of AccuCode AI unless posting is during business duties.

5. Employees must use extreme caution when opening email attachments received from unknown senders, which may contain malware.

4.3 Unacceptable Use

The following activities are prohibited. Employees may be exempted from these restrictions during their legitimate job responsibilities (e.g., systems administration staff may have a need to disable the network access of a host if that host is disrupting production services).

Under no circumstances is an employee of AccuCode AI authorized to engage in any activity that is illegal under local, state, federal, or international law while utilizing AccuCode AI-owned resources.

4.3.1 System and Network Activities

The following activities are strictly prohibited, with no exceptions:

1. Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of “pirated” or other software products that are not appropriately licensed for use by AccuCode AI.

2. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which AccuCode AI or the end user does not have an active license is strictly prohibited.

3. Accessing data, a server, or an account for any purpose other than conducting AccuCode AI business, even if you have authorized access, is prohibited.

4. Exporting software, technical information, encryption software, or technology, in violation of international or regional export control laws, is illegal. The appropriate management should be consulted prior to export of any material that is in question.

5. Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, ransomware, etc.).

6. Revealing your account password/passphrase to others or allowing use of your account by others. This includes family and other household members when work is being done at home.

7. Using a computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user’s local jurisdiction.

8. Making fraudulent offers of products, items, or services originating from any AccuCode AI account.

9. Making statements about warranty, expressly or implied, unless it is a part of normal job duties.

10. Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the employee is not an intended recipient or logging into a server or account that the employee is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, “disruption” includes, but is not limited to, network sniffing, ping floods, packet spoofing, denial of service, brute-forcing accounts, and forged routing information for malicious purposes.

11. Port scanning or security scanning is expressly prohibited unless prior notification to the Infosec Team is made.

12. Executing any form of network monitoring which will intercept data not intended for the employee’s host, unless this activity is a part of the employee’s normal job/duty.

13. Circumventing user authentication or security of any host, network, or account.

14. Introducing honeypots, honeynets, or similar technology on the AccuCode AI network.

15. Interfering with or denying service to any user other than the employee’s host (for example, denial of service attack).

16. Using any program/script/command, or sending messages of any kind, with the intent to interfere with, or disable, a user’s terminal session, via any means, locally or via the Internet/Intranet/Extranet.

17. Providing information about, or lists of, AccuCode AI employees to parties outside AccuCode AI.

4.3.2 Email and Communication Activities

1. Sending unsolicited email messages, including the sending of “junk mail” or other advertising material to individuals who did not specifically request such material (email spam).

2. Any form of harassment via email, telephone, text, or paging, whether through language, frequency, or size of messages.

3. Unauthorized use, or forging, of email header information.

4. Solicitation of email for any other email address, other than that of the poster’s account, with the intent to harass or to collect replies.

5. Creating or forwarding “chain letters”, “Ponzi”, or other “pyramid” schemes of any type.

6. Use of unsolicited email originating from within AccuCode AI’s networks of other Internet/Intranet/Extranet service providers on behalf of, or to advertise, any service hosted by AccuCode AI or connected via AccuCode AI’s network.

7. Posting the same or similar non-business-related messages to large numbers of Usenet newsgroups (newsgroup spam).

4.3.3 Blogging and Social Media

1. Blogging or posting to social media platforms by employees, whether using AccuCode AI’s property and systems or personal computer systems, is also subject to the terms and restrictions set forth in this Policy. Limited and occasional use of AccuCode AI’s systems to engage in blogging or other online posting is acceptable, provided that it is done in a professional and responsible manner, does not otherwise violate AccuCode AI’s policy, is not detrimental to AccuCode AI’s best interests, and does not interfere with an employee’s regular work duties. Blogging or other online posting from AccuCode AI’s systems is also subject to monitoring.

2. AccuCode AI’s Confidential Information policy also applies to blogging. As such, Employees are prohibited from revealing any AccuCode AI confidential or proprietary information, trade secrets, or any other material covered by AccuCode AI’s Confidential Information policy when engaged in blogging.

3. Employees shall not engage in any blogging that may harm or tarnish the image, reputation, and/or goodwill of AccuCode AI and/or any of its employees. Employees are also prohibited from making any discriminatory, disparaging, defamatory, or harassing comments when blogging or otherwise engaging in any conduct prohibited by AccuCode AI’s Non-Discrimination and Anti-Harassment policy.

4. Employees may also not attribute personal statements, opinions, or beliefs to AccuCode AI when engaged in blogging. If an employee is expressing his or her beliefs and/or opinions in blogs, the employee may not, expressly or implicitly, represent themselves as an employee or representative of AccuCode AI. Employees assume any and all risk associated with blogging.

5. Apart from following all laws pertaining to the handling and disclosure of copyrighted or export-controlled materials, AccuCode AI’s trademarks, logos, and any other AccuCode AI intellectual property may also not be used in connection with any blogging or social media activity.

5. Policy Compliance

5.1 Compliance Measurement

The Infosec Team will verify compliance to this policy through various methods, including but not limited to, business tool reports, internal and external audits, and feedback to the policy owner.

5.2 Exceptions

Any exception to the policy must be approved by the Infosec Team in advance.

5.3 Non-Compliance

An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Artificial Intelligence Policy

Version1.0.4 Last Updated2023-11-06 APPROVED

1. Introduction

AccuCode AI Inc. is committed to the responsible and ethical development and use of artificial intelligence (AI) in our products and services. As a company focused on using AI to automate and streamline healthcare billing and clinical abstraction processes, we recognize the importance of establishing clear guidelines and principles for the use of AI within our organization.

This Artificial Intelligence Policy outlines AccuCode AI’s requirements and standards for the adoption, development, and deployment of AI systems. It applies to all AccuCode AI employees, contractors, and third-party partners involved in AI-related activities.

2. Guiding Principles

1. Compliance: AccuCode AI will comply with all applicable laws, regulations, and industry standards related to the use of AI in the healthcare sector.

2. Ethics: AI systems developed and used by AccuCode AI will adhere to ethical principles, ensuring fairness, transparency, and the avoidance of bias.

3. Privacy and Security: AccuCode AI will prioritize the protection of sensitive healthcare information and personal data when using AI. We will obtain Business Associate Agreements (BAAs) from any AI inference providers and host models privately whenever possible.

4. De-identification: AccuCode AI will use de-identified information for AI development and training to protect patient privacy.

5. Transparency: AccuCode AI will maintain transparency about the use of AI in our products and services, providing clear information to clients and stakeholders.

6. Human Oversight: AI systems will be subject to human oversight and control, with qualified professionals monitoring and validating AI outputs.

3. AI Development and Deployment

1. Embedded AI Tools: When using embedded AI tools in existing software, AccuCode AI employees should exercise caution and ensure that the tools align with our guiding principles and do not introduce undue risks.

2. Model Hosting: AI models should be hosted privately whenever feasible to maintain control over data and ensure security.

3. Data Quality: AccuCode AI will ensure that the data used for AI training and development is accurate, relevant, and representative of the intended use cases.

4. Testing and Validation: AI systems will undergo rigorous testing and validation processes to assess their performance, fairness, and potential biases before deployment.

5. Monitoring and Maintenance: Deployed AI systems will be continuously monitored and maintained to ensure their ongoing effectiveness, reliability, and adherence to ethical standards.

4. Prohibited Uses

AccuCode AI prohibits the use of AI systems for the following high-risk purposes:

1. Diagnosing or treating medical conditions without human oversight and validation.
2. Making decisions that directly impact patient care or treatment plans without human review.
3. Analyzing or processing sensitive personal information without explicit consent and necessary safeguards.
4. Engaging in any activities that violate privacy laws, such as HIPAA, or other applicable regulations.

5. Employee Responsibilities

1. AccuCode AI employees involved in AI development and use must adhere to this policy and the guiding principles outlined herein.
2. Employees should report any concerns or potential violations of this policy to their supervisor or the designated AI ethics officer.
3. Employees must complete required training on AI ethics, privacy, and security before engaging in AI-related activities.

6. Third-Party Partnerships

1. AccuCode AI will conduct due diligence on third-party AI providers and partners to ensure their practices align with our AI policy and guiding principles.
2. Third-party agreements will include provisions related to data privacy, security, and ethical AI use.
3. AccuCode AI will obtain BAAs from AI inference providers before engaging in any data sharing or processing activities.

7. Policy Enforcement and Review

1. This AI policy will be enforced by the designated AI ethics officer and the AccuCode AI leadership team.
2. Violations of this policy may result in disciplinary action, up to and including termination of employment or contract.
3. This policy will be reviewed and updated annually, or as needed, to ensure its relevance and effectiveness in light of evolving AI technologies and regulations.

By establishing and adhering to this Artificial Intelligence Policy, AccuCode AI aims to harness the power of AI responsibly and ethically to improve healthcare processes while prioritizing patient privacy, data security, and the highest standards of professional conduct.

Employee Internet Use Monitoring and Filtering Policy

Version1.0.4 Last Updated2024-02-22 APPROVED

1. Purpose

The purpose of this policy is to define standards for monitoring and filtering employee internet use at AccuCode AI Inc. These measures are designed to ensure employees use the internet in a safe and responsible manner that protects sensitive healthcare data, and enables monitoring and investigation of employee web activity if needed for security incidents.

2. Scope

This policy applies to all employees, contractors, vendors and agents using an AccuCode AI-owned or personally-owned computer or device connected to the company network. It covers all user-initiated web traffic and communications between AccuCode AI’s network and the internet, including web browsing, instant messaging, file transfers and sharing. Server-to-server traffic like SMTP, backups, automated data transfers and database communications are excluded.

3. Policy

3.1 Internet Activity Monitoring

The IT department shall monitor all internet activity from devices connected to the corporate network. The monitoring system must log the source IP address, date, time, protocol, and destination site/server for all traffic. Where feasible, it should also log the User ID associated with the activity. Internet activity logs must be retained for at least 180 days.

3.2 Internet Activity Reports

General trend and activity reports will be provided to employees upon request to IT. The Computer Security Incident Response Team (CSIRT) shall have access to all reports and logs as needed for security incident investigations. Specific reports identifying users, sites, teams or devices will only be provided to HR upon written request.

3.3 Web Content Filtering

The IT department shall block access to websites and protocols deemed inappropriate for AccuCode AI’s corporate environment, including but not limited to:

• Adult/sexually explicit content
• Advertisements & pop-ups
• Chat and instant messaging
• Gambling
• Hacking
• Illegal drugs
• Intimate apparel and swimwear
• Peer-to-peer file sharing
• Personals and dating
• Social networking
• SPAM, phishing and fraud
• Spyware
• Tasteless and offensive content
• Violence, intolerance and hate speech
• Web-based email

3.4 Filtering Rule Changes

IT shall periodically review and recommend changes to the web filtering rules. HR will review the recommendations and decide on any changes, which will be documented in this policy.

3.5 Filtering Exceptions

Employees may request an exception to unblock a miscategorized site by submitting an IT help desk ticket. For blocked sites that are categorized correctly, employees must submit an exception request to HR. Approved exceptions will be submitted to IT in writing. IT will unblock approved sites for that user only and maintain a log of exceptions.

4. Policy Compliance

4.1 Compliance Measurement

The InfoSec team will verify compliance with this policy through methods such as periodic walkthroughs, video monitoring, tool reports, audits and feedback.

4.2 Exceptions

Any policy exceptions must be approved in advance by the InfoSec team.

4.3 Non-Compliance

Violating this policy may result in disciplinary action up to and including termination of employment.

Privacy Policy

Version1.0.3 Last Updated2024-02-27 APPROVED

1. Introduction

a. Purpose of the Privacy Policy: At AccuCode AI, we are committed to protecting the privacy and security of the personal and sensitive information we process in the course of providing our AI-powered healthcare document processing services. This Privacy Policy outlines how we collect, use, disclose, and safeguard the data entrusted to us by our clients, which include hospitals, clinics, and other healthcare providers. By clearly communicating our privacy practices, we aim to foster transparency and trust with our clients and their patients.

b. AccuCode AI’s Commitment to Protecting Privacy: Accucode recognizes the importance of maintaining the confidentiality and security of the healthcare data we process. We are dedicated to upholding the highest standards of privacy and complying with all applicable laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) in the United States and other relevant data protection regulations worldwide. Our commitment to privacy is integral to our mission of revolutionizing healthcare document processing while respecting the rights and privacy of individuals.

2. Information We Collect

a. Types of personal information collected: AccuCode AI collects various types of personal information from the healthcare documents we process, including but not limited to:

• Patient names, addresses, and contact information
• Patient demographic information such as age, gender, and date of birth
• Medical record numbers and patient ID numbers
• Diagnosis, treatment, and procedure information from patient charts and records
• Health insurance policy numbers and coverage details
• Other personal health information (PHI) necessary to provide our data abstraction, medical coding or billing services

b. How the information is collected: The personal information processed by AccuCode AI is collected from:

• Healthcare provider organizations such as hospitals and clinics that are our customers
• These providers securely transfer patient medical records, charts and other documents containing personal information to AccuCode AI
• AccuCode AI does not collect personal information directly from patients

c. Purpose for collecting the information: AccuCode AI collects and processes this personal information for the purpose of:

• Providing our AI-powered document abstraction, medical coding and billing services to healthcare provider customers
• Automating and streamlining the insurance claims and verifications process on behalf of our providers
• Improving the efficiency and accuracy of medical billing and claims submission
• Personal information is used only for the business purposes it was collected for and not for other reasons

The personal information collected is necessary for AccuCode AI to analyze medical documentation, determine appropriate insurance codes, and submit claims on behalf of healthcare providers. AccuCode AI is committed to responsibly using AI technologies to process PHI, protect individual privacy rights, and maintain the confidentiality and security of all personal data handled.

3. How We Use the Information

We use the personal and health information we collect in the following ways:

a. To provide our AI healthcare automation services: We process patient charts, medical records, and other documents provided by hospitals and clinics in order to automate and streamline insurance billing and clinical abstraction using our artificial intelligence systems. This includes extracting relevant data from the documents, analyzing it, and generating insurance claims and bills.

b. To improve our services: We use the information to continuously monitor, test, and enhance the performance, accuracy, and capabilities of our AI insurance billing platform. This allows us to optimize our algorithms, fix any issues, and develop new features that better serve the needs of our healthcare provider clients and their patients.

c. For research and development of our AI systems: The de-identified health information we process helps to train and improve our machine learning models and natural language processing capabilities. Our data science and engineering teams analyze the data to identify patterns, correlations and opportunities to make our AI smarter and expand its knowledge. We never share or allow access to our proprietary AI models outside of AccuCode AI. Furthermore, we ensure that no real patient personally identifiable information (PII) is ever incorporated into the models during training - only de-identified data is used for R&D purposes.

d. Aggregation of de-identified data for analytics: We may compile and analyze aggregated, de-identified data across our platform to uncover trends, insights and benchmarks related to insurance billing, revenue cycle management, and the healthcare industry. This statistical data cannot be used to identify any individual patient. We may share these de-identified learnings with clients, partners, or publicly.

4. Information Sharing and Disclosure

At AccuCode AI, we are committed to protecting the privacy and confidentiality of the personal information entrusted to us. We do not sell any personal information to third parties under any circumstances.

We only share personal information in the following limited situations:

a. Healthcare Providers (Our Clients): We share relevant personal information with the healthcare providers who are our clients and from whom we receive patient charts and other documents for processing. This sharing is necessary to provide our AI-powered abstraction, coding & billing automation services and is carried out in compliance with applicable laws and regulations, such as HIPAA.

b. Service Providers Under Contract: We may engage trusted third-party service providers to assist us in delivering our services effectively. These service providers undergo a thorough vetting process to ensure they meet our stringent security and privacy standards, including compliance with HIPAA regulations. We require all service providers to sign a formal Business Associate Agreement (BAA) that legally obligates them to safeguard the personal information we share with them according to HIPAA laws and regulations.

Our service providers are only permitted to use the information for the specific purposes outlined in our contracts and are prohibited from using it for their own purposes or from disclosing it to others. They must implement appropriate technical, physical, and administrative safeguards to protect the confidentiality, integrity, and availability of the personal information they process on our behalf.

c. As Required by Law: In certain circumstances, we may be compelled to disclose personal information to comply with legal obligations, such as in response to a valid court order, subpoena, or government request. We will only disclose the minimum amount of information necessary to fulfill the legal requirement and will take steps to ensure the confidentiality of the data shared.

d. De-Identified or Aggregated Data: We may share de-identified or aggregated data that cannot be used to identify specific individuals with third parties for research, analysis, or other purposes. This data is stripped of all personally identifiable elements and is used in a manner that does not compromise the privacy of our business clients or their patients.

5. Data Security

a. Security Measures: AccuCode AI is committed to protecting the confidentiality, integrity, and availability of the personal information we process. We employ a comprehensive, defense-in-depth security program that includes:

• Firewalls and intrusion detection systems to monitor and block unauthorized access attempts

• Endpoint Detection and Response (EDR) software to detect, investigate and respond to advanced threats

• Formal vulnerability and patch management program to identify, prioritize and remediate vulnerabilities

• IP whitelisting and required access through Virtual Private Networks (VPNs) to reduce attack surface

• Regular vulnerability scanning and penetration testing to identify and address security weaknesses

• Timely installation of software patches and updates to remediate known vulnerabilities

• Client-specific data segmentation and encryption to ensure that each client’s data is isolated and protected from unauthorized access

• Data sovereignty measures to ensure that all data is stored and processed within the United States, in compliance with applicable laws and regulations

• Comprehensive access logging and monitoring to track and audit all access to sensitive data, enabling detection and response to any unauthorized access attempts

• Strict adherence to the principle of least privilege through Role-Based Access Control (RBAC), ensuring that users are granted only the minimum permissions necessary to perform their job functions

b. Data Encryption: All personal information is encrypted in transit and at rest using FIPS 140-3 compliant encryption algorithms. We use Transport Layer Security (TLS 1.3) for data in transit and AES-256 or stronger encryption for data at rest.

Each client’s data is segregated and encrypted with a unique client-specific key, which is rotated periodically. Encryption keys are generated using a hardware-based random number generator and stored in a secure, SOC-II compliant key management system with strict access controls and auditing.

Our encryption practices fully comply with FIPS 140-3, HIPAA and HITRUST requirements for protecting sensitive healthcare information.

c. Backup Security and Ransomware Prevention: All client data backups are encrypted with the same strong, client-specific encryption used for data at rest. Backups are retained for 180 days and securely destroyed thereafter.

To protect against ransomware, we employ:

• Regular backups isolated from the main network and inaccessible to unauthorized users

• Immutable backups that cannot be altered or deleted once written

• Strict access controls and network segmentation to contain potential attacks

• Continuous monitoring for suspicious activity and prompt incident response

• Disaster Recovery and Business Continuity plans to ensure data availability and integrity

d. Access Controls & Employee Training: Access to personal data is strictly limited based on least privilege principles and controlled through secure multi-factor authentication.

All employees undergo mandatory annual training on HIPAA compliance, proper handling of personal information, identifying and reporting security incidents, secure development practices, and phishing awareness. Employees must pass assessments to demonstrate understanding and retention of training content.

Employees are bound by confidentiality agreements, and any violation of our privacy and security policies results in disciplinary action up to termination.

e. Third-Party Risk Management: AccuCode AI conducts thorough due diligence and ongoing monitoring of all third-party service providers and partners with access to personal data. All vendors must adhere to strict contractual requirements for data protection.

g. Incident Response and Breach Notification: In the event of a data breach, AccuCode AI will execute our Incident Response Plan to contain the incident, assess the impact, and restore the integrity of our systems. We will notify affected clients and relevant authorities in accordance with with the Arkansas Personal Information Protection Act (Ark. Code § 4-110-101 et seq.)

6. Data Retention

a. Personal Information: AccuCode AI will retain personal information only for as long as necessary to fulfill the purposes for which it was collected and to provide the services requested by our clients. Once the personal information is no longer needed for these purposes, we will securely delete or anonymize the data in accordance with our data destruction policies and applicable laws and regulations.

b. De-Identified Information: In order to improve our services and advance our research and development efforts, AccuCode AI may retain de-identified information derived from the processed healthcare documents for a longer period. This de-identified information will have all personally identifiable elements removed, making it impossible to associate the data with any specific individual. The retention of de-identified information will be in compliance with applicable laws and regulations, and will be used solely for the purposes of enhancing our AI algorithms, conducting research, and improving our service offerings.

7. Your Privacy Rights

At AccuCode AI, we respect privacy rights and are committed to providing you with the necessary tools to manage your personal information. As a business client, you have the following rights:

a. Right to access your personal information: You have the right to request access to the personal information we hold about you. Upon request, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format.

b. Right to request corrections: If you believe that the personal information we hold about you is inaccurate, incomplete, or outdated, you have the right to request corrections. We will take reasonable steps to verify the accuracy of the information and make the necessary updates.

c. Right to request deletion: You have the right to request the deletion of your personal information from our systems. We will comply with your request unless we have a legal obligation to retain the information or if it is necessary for the establishment, exercise, or defense of legal claims.

d. How to submit a privacy request: To submit a privacy request, please follow these steps:

1. Email privacy@accucodeai.com with the subject line “Privacy Request.”
2. In the body of the email, clearly state the nature of your request (access, correction, or deletion) and provide the necessary details to help us process your request.
3. Our privacy team will acknowledge receipt of your request within 5 business days and provide you with an estimated timeline for resolution.
4. We may require additional information to verify your identity before processing your request to ensure the security of your personal information.

Please note that in some cases, we may not be able to fully comply with your request due to legal obligations. In such instances, we will provide you with a detailed explanation and work with you to find an appropriate solution.

8. Policy Updates

a. Privacy Policy Updates: AccuCode AI reserves the right to update or modify this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your information.

b. Privacy Policy Update Notice: In the event of any significant changes to this Privacy Policy, AccuCode AI will provide notice to our clients through email, prominent notice on our website, or other appropriate communication channels. It is your responsibility to review the updated Privacy Policy and ensure your continued agreement with its terms.

9. Contact Us

a. Contact Information: If you have any questions, concerns, or requests regarding this Privacy Policy or AccuCode AI’s privacy practices, please contact our Privacy Officer at:

  AccuCode AI, Inc.
  815 Technology Dr
  Unit 241124
  Little Rock, AR 72223

  (501) 442-4421
  privacy@accucode.com

We are committed to addressing your privacy concerns and will strive to respond to your inquiry in a timely manner.