Tengine.AI

Privacy Policy

Last updated: 4/14/2025

1. Introduction

Patient Access Portal LLC, doing business as Tengine AI ("we," "our," or "us"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

This policy applies to all users of our service, including developers integrating our API, end-users of applications built with our API, and visitors to our website. By accessing or using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

We are registered in New Jersey, USA, and operate globally. Our service is designed to comply with international data protection regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.

2. Information We Collect

2.1 Personal Information

We collect various types of information that you provide directly to us or that we collect automatically when you use our service:

  • Contact Information: Full name, email address, phone number, and business contact details
  • Business Information: Company name, industry, size, and business requirements
  • Account Information: Username, password (encrypted), and account preferences
  • Payment Information: Credit card details (processed through Stripe), billing address, and payment history
  • Usage Data: API calls, response times, error rates, and system performance metrics
  • Integration Data: Configuration settings, API keys, and third-party service connections
  • Communication Data: Support tickets, feedback, and correspondence history
  • Technical Data: IP address, browser type, device information, and operating system

2.2 Third-Party Integrations

Our service allows integration with various third-party services. When you connect these services:

  • We securely store authentication credentials using industry-standard encryption and security practices
  • We maintain secure storage of access tokens and API keys using enterprise-grade security measures
  • We maintain a record of integration configurations and connection status
  • We log API call metadata but do not store the actual content of your data
  • We track integration performance metrics and error rates
  • You maintain full control over these integrations and can revoke access at any time
  • We only store metadata and configuration information necessary for the integration to function

2.3 Cookies and Tracking Technologies

We use various technologies to collect and store information, including:

  • Essential Cookies: Required for basic site functionality and security
  • Analytics Cookies: Google Analytics and custom tracking for usage patterns
  • Performance Cookies: Monitor system performance and reliability
  • Security Cookies: Protect against unauthorized access and fraud
  • Preference Cookies: Remember your settings and preferences
  • Session Cookies: Maintain your login state and session information

You can control cookie settings through your browser preferences. Note that disabling certain cookies may impact the functionality of our service.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: Delivering and maintaining our API and platform services
  • Account Management: Creating and managing user accounts and access controls
  • Billing and Payments: Processing payments and managing subscription plans
  • Communication: Sending service updates, security alerts, and support responses
  • Analytics: Understanding usage patterns and improving service performance
  • Security: Protecting against fraud and unauthorized access
  • Personalization: Customizing the user experience based on preferences
  • API Monitoring: Tracking performance, reliability, and usage metrics
  • Compliance: Meeting legal obligations and regulatory requirements
  • Support: Providing technical assistance and troubleshooting
  • Development: Enhancing features and developing new functionality

4. Data Storage and Security

We use enterprise-grade cloud infrastructure providers and implement comprehensive security measures to protect your information:

  • Encryption: All sensitive data is encrypted at rest and in transit using industry-standard protocols
  • Secure Storage: Credentials and sensitive data are stored using enterprise-grade security systems
  • Network Security: Firewalls and DDoS protection
  • Cloud Security: We leverage security features provided by our enterprise cloud providers
  • Monitoring: System monitoring and alerts
  • Security Response: Active monitoring and response to security events
  • Backup Systems: Data backups to prevent data loss
  • Access Controls: Restricted access to production systems

5. Data Retention and Deletion

We retain your information according to the following schedule:

  • Account Data: Retained until account deletion request (processed within 30 days)
  • Billing Records: Retained for 7 years as required by tax laws
  • API Logs: Retained for 1 year for debugging and analytics
  • Backup Data: Retained for 90 days before permanent deletion
  • Analytics Data: Anonymized and retained indefinitely
  • Support Tickets: Retained for 2 years after resolution
  • Integration Data: Retained until integration is removed or account is deleted

When you request account deletion, we will:

  • Delete your personal information within 30 days
  • Remove your access tokens and API keys
  • Anonymize your usage data
  • Retain necessary billing records as required by law
  • Remove your data from active systems and backups

6. Your Rights

Under applicable data protection laws, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we use your data
  • Right to Portability: Receive your data in a structured format
  • Right to Object: Object to certain data processing activities
  • Right to Withdraw Consent: Revoke previously given consent
  • Right to Complain: Lodge a complaint with a supervisory authority

To exercise these rights, please contact us at hi@tengine.ai. We will respond to your request within 30 days.

7. International Data Transfers

We operate globally and may transfer your data to countries outside your jurisdiction. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses for EU-US data transfers
  • Data Processing Agreements with all third-party providers
  • Compliance with international data protection laws
  • Regular assessment of third-party data processors
  • Data localization options where required by law
  • Transparent documentation of data flows

8. Third-Party Services

We use the following types of third-party services:

  • Payment Processing: For secure handling of payments and subscriptions
  • Cloud Infrastructure: For secure and reliable hosting services
  • Analytics: For website analytics and usage tracking
  • Integration Services: For connecting with external services and APIs
  • Email Services: For transactional and marketing communications
  • Customer Support: For help desk and support ticket management
  • Monitoring: For system performance and reliability tracking

Each third-party service provider has their own privacy policy and data processing practices. We carefully select our partners and ensure they meet our security and privacy standards.

9. Age Restrictions

Our service is not intended for use by individuals under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

Parents or guardians who believe their child has provided us with personal information should contact us immediately at hi@tengine.ai.

10. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Sending an email notification for significant changes
  • Displaying a notice on our website for material changes

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

For EU residents, you have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Please also review our Terms of Service for additional information about using our Service.