Privacy Policy
Last Updated: February 16, 2026
Dicyd, Inc. ("Dicyd," "we," "us," or "our") provides a pre-visit, non-clinical decision layer for outpatient clinics. This Privacy Policy explains how we collect, use, disclose, and protect information when you use Dicyd websites, intake pages, portals, APIs, and messaging services (collectively, the "Services").
1. Scope
This Privacy Policy applies to:
- Patients using clinic intake pages and follow-up messaging
- Clinic staff and admins using the Dicyd portal
- Authorized integration and API users
- Visitors to Dicyd websites
2. Information We Collect
2.1 Information You Provide
- Patient intake details (name, contact details, date of birth)
- Insurance and administrative readiness details
- Referral or authorization status indicators
- Staff account data (name, email, role, login credentials)
- Practice and location configuration data
- Message content submitted through intake or SMS replies
2.2 Information Collected Automatically
- IP address, device type, and browser metadata
- Request logs, timestamps, and route usage
- Security events and rate-limit activity
- Messaging delivery status (sent, delivered, failed)
2.3 Information from Connected Services
If enabled by a clinic, we may receive limited data from approved integrations such as messaging providers, schedulers, or billing-support tools used for operational workflows.
3. Data We Do Not Intend to Collect
Dicyd is designed for non-clinical pre-visit workflows. We minimize PHI and do not intentionally collect or store full medical records, clinical notes, diagnoses, treatment plans, or medical histories.
4. How We Use Information
We use information to:
- Evaluate intake completeness and administrative readiness
- Apply explicit clinic/location rule sets
- Create and manage operational tasks for staff
- Send transactional follow-up messages, including SMS (when opted in)
- Operate, secure, troubleshoot, and improve the Services
- Meet contractual, legal, and compliance obligations
We do not sell personal information.
5. How We Share Information
We may share information:
- With the clinic associated with a patient intake/case
- With subprocessors that support hosting, email, and SMS delivery
- When required by law, regulation, subpoena, or court order
- To investigate fraud, abuse, or security incidents
We do not share personal information with third parties for their own advertising or marketing purposes.
6. SMS and Mobile Privacy
If you opt in to text messages, we process your mobile number and related messaging data to support appointment-readiness communication.
Mobile opt-in data and consent records are never sold or shared with third parties or affiliates for marketing or promotional use.
Message and data rates may apply. You can opt out any time by replying STOP. Reply HELP for assistance, or email hello@dicyd.com.
7. Retention
We retain information only as long as needed for operational, legal, and contractual purposes. Retention periods vary by data type and clinic configuration. We may de-identify or delete data when no longer needed.
8. Security
We use safeguards including:
- TLS encryption in transit
- Access controls and role-based permissions
- Webhook signature verification
- Immutable decision/audit records for state transitions
- Infrastructure monitoring and incident response controls
9. HIPAA and Healthcare Data Roles
Dicyd is not a healthcare provider and does not provide clinical care. Where required, we operate as a service provider/business associate to clinics under applicable agreements.
10. Your Privacy Choices
Subject to applicable law, you may request to:
- Access information associated with you
- Correct inaccurate information
- Delete information when retention is not required
- Opt out of SMS by replying STOP
Patients should also contact their clinic directly for case-specific records and requests.
11. Cookies and Session Data
We use limited cookies/technologies for:
- Portal authentication and session continuity
- Security controls
- Basic service analytics and reliability monitoring
12. Children
The Services are not directed to children under 13, and we do not knowingly collect personal information directly from children under 13.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted with a revised "Last Updated" date.
14. Contact
Dicyd, Inc.
Email: hello@dicyd.com
Website: https://dicyd.com