Legal

Privacy Policy

Effective date: April 26, 2026  ·  Last updated: April 26, 2026

DermEstimator is a cost estimation tool for dermatology practices. We do not store patient Protected Health Information (PHI). Estimates are calculated in real time and are not transmitted to or stored on our servers.

Overview

DermEstimator, LLC ("DermEstimator," "we," "us," or "our") operates the DermEstimator software-as-a-service platform available at www.dermestimator.com and app.dermestimator.com. This Privacy Policy describes how we collect, use, and protect information when you use our services.

By using DermEstimator, you agree to the practices described in this policy. If you do not agree, please discontinue use of the service.

Information We Collect

Account information. When you register for DermEstimator, we collect your name, email address, practice name, and a password. This information is used to create and manage your account.

Billing information. Subscription payments are processed by PayPal. DermEstimator does not store your credit card or bank account details. PayPal's privacy policy governs how your payment information is handled.

Usage data. We collect information about how you use the platform — such as features accessed, session duration, and error logs — to improve the service and diagnose issues.

Practice configuration. Settings you configure within DermEstimator (payer rates, contracted rate percentages, custom fee schedules) are stored to provide the service. This data belongs to your practice.

Log data. Our servers automatically record standard log data including IP addresses, browser type, and pages accessed. This data is used for security monitoring and debugging.

How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the DermEstimator platform
  • Process subscription payments and manage your account
  • Send transactional emails (account creation, password reset, billing receipts)
  • Respond to support requests and inquiries
  • Improve and develop new features based on usage patterns
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

We do not sell your information to third parties. We do not use your data for advertising.

Patient Information & PHI

DermEstimator is designed to minimize contact with patient Protected Health Information (PHI) as defined under HIPAA.

  • DermEstimator does not require you to enter patient names, dates of birth, insurance ID numbers, or any other individually identifiable health information to generate an estimate.
  • Cost estimates are calculated locally within your browser session using procedure codes and payer rates. Patient-specific inputs (such as remaining deductible amounts) are not transmitted to or stored on our servers.
  • If your practice chooses to save estimates, those records are stored under your account. It is your practice's responsibility to ensure that any information you enter into saved estimates complies with your HIPAA obligations.

Practices that require a Business Associate Agreement (BAA) may request one by emailing dermestimator@gmail.com.

Sharing & Disclosure

We do not sell or rent your information. We may share information with:

  • Service providers. Third-party vendors who help us operate the platform (hosting, payment processing, email delivery). These vendors are contractually bound to use your data only to provide services to us.
  • Legal requirements. We may disclose information if required by law, subpoena, or other legal process, or to protect the rights, property, or safety of DermEstimator, our users, or the public.
  • Business transfers. If DermEstimator is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.

Security

We implement industry-standard security measures to protect your information, including encrypted data transmission (TLS/HTTPS), secure password hashing, and session-based authentication with single-session enforcement per user account.

No method of transmission over the internet or electronic storage is 100% secure. While we take commercially reasonable steps to protect your data, we cannot guarantee absolute security.

Data Retention

We retain your account information for as long as your account is active or as needed to provide services. If you cancel your account, we will delete or anonymize your data within 90 days, unless we are required to retain it for legal or compliance purposes.

Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Request deletion of your account and associated data
  • Export your practice configuration data in a portable format
  • Opt out of non-transactional communications

To exercise any of these rights, contact us at dermestimator@gmail.com. We will respond within 30 days.

Cookies

DermEstimator uses a single session cookie (dermestimator_session) to keep you logged in. This cookie expires after 30 days or when you log out. We do not use advertising cookies or third-party tracking cookies.

Children

DermEstimator is intended for use by healthcare professionals and administrative staff. We do not knowingly collect personal information from anyone under the age of 18. If you believe a minor has provided us with personal information, contact us at dermestimator@gmail.com and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify account holders via email and update the "Last updated" date at the top of this page. Continued use of DermEstimator after changes take effect constitutes acceptance of the revised policy.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: