Privacy Policy

1. Introduction

This Privacy Policy describes how LiaisonIQ by NexReach ("Company," "we," "our," or "us") collects, uses, processes, and shares personal information through the LiaisonIQ Physician Relationship Management (PRM) platform (the "Platform" or "Service").

LiaisonIQ is a product of NexReach, LLC, the parent company operating the LiaisonIQ platform. LiaisonIQ is a specialized enterprise tool designed for Physician Liaisons and healthcare outreach organizations. We are committed to protecting the privacy and security of your professional data and ensuring compliance with applicable data protection laws.

2. Role of the Company

When you use liaisonIQ as part of a Team Workspace, your organization is the Data Controller, and liaisonIQ is the Data Processor. We process your data according to the instructions provided by your organization (the Workspace Owner). For individual "Solo" users, liaisonIQ acts as the Data Controller.

3. Information We Collect

3.1. Account Information

We collect information necessary to create and manage your account, including your full name, professional email address, job title, and organization name.

3.2. Professional Outreach Data

The Service is designed to store and process data related to your professional outreach activities, including:

• Clinic and provider target lists.
• Visit logs, meeting notes, and relationship history.
• Referral attribution data and clinical specialty mappings.
• Expense records, mileage logs, and professional tasks.

3.3. Location and GPS Data

To provide core features like route optimization and visit verification, we collect precise GPS coordinates. This data is collected only when you are actively using the Platform to start or end a visit, or when requesting a route plan. We do not track your location in the background or sell your movement history to third parties.

3.4. AI and Voice Processing Data

If you utilize our Speech-to-Text feature, audio data is transmitted to our sub-processors for real-time transcription. We do not retain raw audio files after the transcript has been generated. AI-powered features (like Visit Prep and Coaching) process the professional notes and data you provide to generate insights. AI output is advisory only and may be inaccurate; see our Terms of Service for full AI disclaimer terms.

3.5. NPI Registry Data

When you use provider search or NPI enrichment features, liaisonIQ queries the NPPES National Provider Identifier Registry, a publicly available federal database maintained by CMS. NPI data displayed in the Platform is sourced from NPPES and is not independently verified by liaisonIQ. We do not store full NPPES records beyond the provider profile information you choose to save to your workspace. Fuzzy matching for NPI-1 (individual providers) may return approximate results; always verify provider data independently. For authoritative NPI data, consult nppes.cms.gov.

4. Data Sub-Processors

We utilize trusted third-party sub-processors to maintain the Service. These include:

• Google Cloud & Firebase: Secure data hosting, authentication, email verification, password reset, and crash analytics.
• RevenueCat & Stripe: Subscription and entitlement management. Solo and individual plans are billed via App Store / Google Play (RevenueCat). Team workspace owners are billed via Stripe web checkout; that subscription covers all member seats.
• Resend: Transactional email delivery (account verification, welcome emails, invite notifications). Resend processes your email address solely to deliver these messages.
• Loops.so: Lifecycle marketing email automation. If you opt in to marketing communications at sign-up or in Profile settings, your name, email address, role, subscription status, and account type may be shared with Loops.so to trigger relevant email sequences. You can unsubscribe at any time via the link in any marketing email.
• Google Maps API: Map display, geocoding, and route optimization features.
• Google Gemini (AI): AI-powered intelligence features (visit prep, coaching, route planning, chat). Data sent to AI providers is governed by enterprise-grade data privacy agreements. Google states that API input/output data is not used to train its models by default. Do not submit patient-identifiable or Protected Health Information (PHI) to AI features.
• Google Sheets (optional): If you connect your Google account for referral or visit log sync, Google processes spreadsheet metadata and content on your behalf.
• Cloud Hosting: Storage and processing of your data in secure cloud infrastructure.

5. Data Security & Compliance

We implement robust technical and organizational measures to protect your data:

• Encryption: All data is encrypted in transit via TLS 1.2+ and at rest using AES-256 encryption standards.
• Audit Logging: We maintain detailed audit logs of all Workspace activity, including data access, modifications, and team interactions, to support organizational oversight and compliance.
• Access Controls: We implement strict Role-Based Access Control (RBAC) to ensure team members can only access the data authorized by their Workspace Owner.

6. Data Retention and Deletion

We retain your data while your account is active or as needed to provide services. Specific retention periods by data type:

• Account and profile data: Retained while your account is active; deleted within 30 days of an account deletion request.
• Visit logs and clinic data: Retained while your account is active; deleted upon account deletion.
• AI interaction logs: Not stored beyond the session. The AI provider may retain data per their own policies.
• Audit logs and security records: Retained for up to 2 years for compliance and security purposes, even after account deletion.
• Payment records: Retained as required by applicable financial regulations (typically 7 years).

Workspace Owners may request a complete export or deletion of their Workspace data at any time. You may also delete your account via Profile → Delete Account in the app. Contact support@liaisoniq.app with any data deletion requests.

7. HIPAA & PHI Statement

liaisonIQ is a B2B relationship management tool. It is not intended for the storage of patient-level Protected Health Information (PHI) as defined under HIPAA. Users are prohibited from entering patient Social Security numbers, full medical histories, or other identifiers into free-text fields. For enterprise clients requiring a Business Associate Agreement (BAA), please contact our legal team.

8. Rights Under GDPR and CCPA

Depending on your location, you may have the following rights:

• Access your data: Profile → Export My Data (JSON export of your profile, clinics, visits, chat history, referrals, expenses, route plans, tasks, and related activity).
• Delete your account and data: Profile → Delete Account (type "DELETE" to confirm; permanent and irreversible).
• Correct inaccurate information: Update in Profile settings at any time.
• Opt out of marketing emails: Unsubscribe link in any marketing email, or update preferences in Profile settings.
• CCPA (California residents): We do not sell personal information. You have the right to know what categories of personal information we collect and how they are used. We do not discriminate against you for exercising any of these rights.
• GDPR (EU/UK residents): You have the right to data portability, the right to restrict processing, and the right to object to processing based on legitimate interests. You may lodge a complaint with your local supervisory authority.

To exercise your rights, contact us at support@liaisoniq.app or use Profile → Contact Support in the app.

9. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you without undue delay — and in any case within 72 hours of becoming aware of the breach — to the extent required by applicable law (including GDPR Article 33 and applicable US state breach notification laws).

Notification will be provided via the email address associated with your account. The notification will include: the nature of the breach, the categories of data affected, the likely consequences, and the measures we are taking to address the breach. Some breach notifications may be delayed if required by law enforcement.

10. International Data Transfers

Your data may be processed in the United States or other regions where our service providers operate. By using the Service, you consent to such transfers.

For users in the European Economic Area (EEA) or United Kingdom: we transfer personal data to the US and other countries that may not provide the same level of data protection as your home country. Where required, we rely on adequacy decisions or Standard Contractual Clauses (SCCs) approved by the European Commission to safeguard such transfers.

11. Cookies and Analytics

The liaisonIQ mobile app does not use browser cookies. We use Firebase Analytics and Crashlytics (Google) for crash reporting and usage analytics within the app. These tools collect anonymous device identifiers and usage events to help us improve app stability and performance.

You can opt out of analytics tracking via your device settings (iOS: Settings → Privacy & Security → Tracking; Android: Settings → Privacy → Ads). Opting out does not affect your ability to use the app.

12. Children

liaisonIQ is not intended for users under 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will promptly delete it. If you believe we have collected information from a minor, please contact us at support@liaisoniq.app.

13. Changes to this Policy

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. For material changes, we will provide at least 30 days' advance notice via in-app notification or the email address associated with your account. Continued use after changes constitutes acceptance of the updated policy.

14. Contact

Questions or privacy requests? Contact us at support@liaisoniq.app or use Profile → Contact Support in the app.

NexReach, LLC d/b/a LiaisonIQ
2501 Chatham Rd # 6587
Springfield, IL 62704
Phone: 630-866-8260