Legal Documents

These documents govern your use of MilestonesIQ. They are initial drafts prepared for review by qualified legal counsel. For questions, contact [email protected].

These documents are pending review by a licensed attorney and are not yet final. Do not rely on them as legal advice.

Privacy Policy

Effective April 19, 2026 · Last updated April 19, 2026

Questions?

1. Introduction

MilestonesIQ is committed to protecting the privacy of all users of our platform, with particular care for the educational records of GME trainees. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and what rights you have.

2. Information We Collect

Account and Identity Information includes names, institutional email addresses, professional roles, PGY level, specialty, and program affiliation.

Trainee Performance Data includes milestone scores across ACGME competency domains, EPA observation records, rotation evaluation data, ITE scores, procedure logs, research milestone progress, and self-reflection entries.

Learning Plan and Support Data includes ILP goals and progress, PIP records and SMART goals, and digital acknowledgment records.

Automatically Collected Information includes IP address, browser type, pages visited, and session identifiers — used for security and performance monitoring only.

What We Do Not Collect: MilestonesIQ does not collect patient health information (PHI), Social Security numbers, financial account information, or biometric data.

3. How We Use Your Information

We use collected information to operate the Platform, generate AI-assisted summaries, compute milestone trajectory scores, send in-app notifications and meeting reminders, maintain security and audit logs, and produce de-identified aggregate research data. We do not send marketing communications without your consent.

4. FERPA and Educational Records

MilestonesIQ acts as a "school official" with a "legitimate educational interest" as permitted under 34 C.F.R. § 99.31(a)(1). We process education records solely to provide services to the Program. Trainees have the right to inspect their records, request corrections, and consent to disclosures. These rights are administered by the Program and the institution.

5. Data Sharing

We do not sell, rent, or trade personal information or trainee data. We share data only with: (a) service providers under data processing agreements, (b) our AI model provider (Anthropic) under a data processing agreement that prohibits model training on customer data, (c) legal authorities when required by law, and (d) successors in a business transfer with appropriate notice.

6. Data Retention

Trainee performance data is retained for the duration of the Program's subscription and for seven (7) years thereafter, unless a shorter period is required by law or requested by the Program. Audit logs are retained for seven (7) years.

7. Data Security

We implement encrypted data transmission (TLS), encrypted data storage, role-based access controls, session timeout enforcement, and immutable audit logging. In the event of a data breach, we will notify affected Programs and regulatory authorities as required by applicable law.

8. Your Rights

Depending on your jurisdiction and role, you may have rights to access, correct, delete, or port your personal information. Trainees may contest AI outputs through their Program Director. To exercise your rights, contact [email protected] or your Program Director.

9. International Users

For users in the European Economic Area or United Kingdom, we process personal data on the legal bases of contractual necessity, legitimate interests, and legal compliance. You may have additional rights under GDPR or UK GDPR.

10. Changes to This Policy

We will provide at least thirty (30) days' notice of material changes via email or in-Platform notification.

11. Contact

Privacy Office: [email protected] | General: [email protected]


This Privacy Policy is an initial draft prepared for review by qualified legal counsel. It is not a substitute for advice from a licensed attorney.

····[email protected]