SettleTrack SettleTrack
HomeWhy SettleTrackFeaturesSolutionsHow It WorksFAQ
Log inRequest Demo

Privacy Policy

Effective date · July 13, 2026

SettleTrack (“SettleTrack”, “we”, “us”) provides Letter of Protection (LOP) case management software that connects personal injury attorneys, ER facilities and notaries across the United States. This Privacy Policy explains what information we collect through our website (settletrack.io) and our application (the “Service”), how we use it, and the choices you have.

The short version: we collect only what we need to run the Service, we never sell your information, protected health information is handled under HIPAA safeguards, and you can contact us at any time at hello@settletrack.io.

1. Information we collect

Information you provide

  • Account information — name, work email address, phone number, organization and role, provided when an account is created for you by your organization's administrator.
  • Case information — information entered into the Service in the course of managing LOP cases, which may include patient information that constitutes protected health information (PHI) under HIPAA. PHI is processed on behalf of our customers as described in our HIPAA Notice.
  • Website enquiries — if you submit the “Request a Demo” or “Contact Sales” form we collect your name, work email, contact number, company and any message you include, solely to respond to your enquiry.
  • Support communications — the contents of support tickets and correspondence with our team.

Information collected automatically

  • Usage and log data — IP address, browser type, pages visited, and actions performed in the Service. Within the application, activity is also recorded in audit logs as required for HIPAA accountability.
  • Cookies and similar technologies — we use strictly necessary cookies for authentication and session security. Our website stores a small preference (such as your day/night theme choice) in your browser. We do not use advertising cookies.
  • Bot protection — our public forms are protected by Google reCAPTCHA, which is subject to the Google Privacy Policy and Terms of Service.

2. How we use information

  • To provide, operate, secure and maintain the Service.
  • To authenticate users and enforce role-based access controls.
  • To send transactional communications such as account credentials, case notifications and reminders.
  • To respond to demo requests, sales enquiries and support tickets.
  • To maintain audit trails, detect abuse and comply with legal obligations.
  • To improve the Service using aggregated, de-identified usage information.

3. What we never do

  • We never sell personal information or PHI.
  • We never use PHI for marketing or advertising of any kind.
  • We never share your information with third parties except the service providers listed below, or where required by law.

4. Sharing and service providers

We rely on a small number of infrastructure providers to operate the Service — including cloud hosting, database hosting, file storage and transactional email delivery. Each provider processes data only on our instructions and under appropriate contractual safeguards. Where a provider may handle PHI, a Business Associate Agreement (BAA) is put in place as described in our HIPAA Notice.

We may disclose information where required by law, subpoena or court order, or where necessary to protect the rights, safety and security of SettleTrack, our customers or the public.

5. Security

  • Encryption in transit using TLS 1.2 or higher for every connection.
  • Encryption at rest using AES-256 for sensitive fields, including PHI.
  • Role-based, least-privilege access controls — users see only what their role requires.
  • Comprehensive audit logging of access to and changes of sensitive records.
  • Session timeouts, rate limiting, and secure credential storage.

6. Data retention

We retain account and case information for as long as the customer relationship is active and as required to meet legal, regulatory and audit obligations. Website enquiry details are kept only as long as needed to handle the enquiry. When information is no longer required, it is securely deleted or de-identified.

7. Your choices and rights

  • You may request access to, correction of, or deletion of your personal information by contacting us.
  • Patients whose information is managed in the Service on behalf of a provider or law firm should direct requests to that organization; we will support our customers in fulfilling them.
  • You can opt out of non-essential email notifications using the unsubscribe controls provided.

8. Children's privacy

The Service is a business-to-business platform and is not directed to children. We do not knowingly collect information directly from children under 13. Patient records relating to minors are processed solely on behalf of our customers under HIPAA safeguards.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be signposted on this page with an updated effective date, and customers will be notified of significant changes.

Contact us

Questions about this policy or our privacy practices? Email hello@settletrack.io and we will respond within one business day.

SettleTrack

LOP management software for attorneys, ER facilities and notaries.

PRODUCT

FeaturesHow It WorksWhy SettleTrackResources

SOLUTIONS

For AttorneysFor ER FacilitiesFor NotariesReferral Partners

COMPANY

What is an LOP?FAQRequest DemoContact

LEGAL

Privacy PolicyTerms of ServiceHIPAA Notice
© 2026 SettleTrack. All rights reserved. settletrack.io