Privacy Policy
Last updated: May 26, 2026
Revyola
Revyola

Privacy Policy

How Revyola collects, uses, and protects your information.

Effective May 1, 2026HIPAA CompliantSOC 2 Type II

1. Who We Are

Revyola LLC ('Revyola,' 'we,' 'us,' or 'our') is a revenue cycle management (RCM) intelligence platform that helps medical practices identify underpayments, manage denials, and recover revenue. This Privacy Policy describes how we handle your information when you use the Service.

2. Information We Collect

Account information: Name, email address, practice name, NPI number, specialty, and billing contact details provided during registration.

Claims data: EDI 835/837 files, CSV exports, and other medical billing data you upload. This may include protected health information (PHI) as defined under HIPAA.

Usage data: Log files, IP addresses, browser type, pages visited, and feature usage patterns to improve the Service.

Communications: Emails and support messages you send us.

3. How We Use Your Information

Provide, operate, and improve the Revyola platform

Analyze claims data using AI agents to identify recovery opportunities

Send transactional emails (activation, reports, alerts)

Respond to support requests

Comply with legal obligations

Detect and prevent fraud or abuse

4. PHI and HIPAA Compliance

We act as a Business Associate under HIPAA. Patient identifiers are stripped before any data is sent to AI processing systems. We execute a Business Associate Agreement (BAA) with all covered entity clients. See our HIPAA Notice for full details.

5. Data Sharing

We do not sell your data. We share data only with:

Anthropic (AI processing) — under BAA and DPA

Supabase (database hosting) — SOC 2 Type II certified

Vercel (infrastructure) — SOC 2 Type II certified

Legal authorities when required by law

6. Data Retention

Claims data is retained for the duration of your subscription plus 90 days. You may request deletion at any time by emailing info@revyola.com. Deletion is completed within 30 days.

7. Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Access is role-based and logged. See our Security page for full details.

8. Your Rights

You have the right to access, correct, export, or delete your data. Contact us at info@revyola.com to exercise these rights.

9. Changes to This Policy

We will notify you by email at least 14 days before material changes take effect. Continued use of the Service constitutes acceptance.


Questions about this document?

Contact us at info@revyola.com. We aim to respond within 2 business days.

© 2026 Revyola · All rights reserved · Privacy · Terms · HIPAA · Security