Privacy Policy

1. Information We Collect

Information You Provide

When you create an account and use RepXD, we collect:

• Email address: Required for account creation, login, and service communications
• Name: First and last name for account personalization
• Company name: Optional, to help customize your experience
• Password: Securely hashed and stored; we never store passwords in plain text

Payment Information

When you subscribe to a paid plan:

• Payment processing is handled entirely by Stripe
• We do not store credit card numbers, CVVs, or full payment details
• We receive only: card type, last 4 digits, expiration date, and billing address for record-keeping

Usage Data

We automatically collect information about how you use the service:

• Searches performed and search parameters
• Pages visited and features used
• Login times and session duration
• Browser type, device type, and IP address

This data helps us improve the service and troubleshoot issues.

2. How We Use Your Information

We use the information we collect to:

• Provide the service: Authenticate your account, save your preferences, and deliver features
• Process payments: Manage subscriptions and billing through Stripe
• Communicate with you: Send transactional emails (password resets, billing receipts, important notices)
• Improve RepXD: Analyze usage patterns to enhance features and fix bugs
• Provide support: Respond to your questions and help requests
• Ensure security: Detect and prevent fraud, abuse, and unauthorized access

What We Don't Do

• We do not sell your personal information to third parties
• We do not share your data with advertisers
• We do not send marketing emails without your consent

3. Third-Party Services

We use a limited number of trusted third-party services to operate RepXD:

Stripe (Payment Processing)

Stripe handles all payment processing. When you provide payment information, it goes directly to Stripe. Their privacy policy is available at stripe.com/privacy.

ZeptoMail (Email Delivery)

We use ZeptoMail to send transactional emails (password resets, receipts, notifications). They process your email address solely to deliver these messages.

Google Analytics (Website Analytics)

We use Google Analytics to understand how visitors interact with our website. Google Analytics uses cookies to collect anonymous usage data such as pages visited, time spent on the site, and referral sources. This data helps us improve the user experience. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Data Sharing

We may share information with third parties only when:

• Required to provide the service (as described above)
• Required by law or legal process
• Necessary to protect our rights or the safety of our users

4. Cookies

We use cookies to provide essential functionality:

Session Cookies

• Purpose: Keep you logged in to your account
• Duration: Expire when you close your browser or after 30 days
• Required: Yes, for authentication

Analytics Cookies

• Purpose: Google Analytics cookies (_ga, _gid) help us understand how visitors use our site
• Duration: Up to 2 years
• Required: No — you can opt out via the Google Analytics Opt-out Browser Add-on

What We Don't Use

• No advertising cookies
• No social media tracking pixels

We keep our cookie usage minimal and focused on essential functionality and analytics.

5. Data Retention

We retain your data as follows:

• Active accounts: We retain your data while your account is active
• Canceled accounts: We retain data for 90 days after cancellation, then delete it
• Billing records: We retain transaction records for 7 years as required for tax and legal compliance
• Deleted accounts: When you request account deletion, we remove your personal data within 30 days

6. Your Rights

You have the right to:

• Access your data: View your account information and download your saved searches
• Correct your data: Update your profile information from the Account page
• Delete your data: Request deletion of your account and personal data
• Export your data: Download your saved searches, code sets, and watchlists
• Opt out: Unsubscribe from any non-essential communications

To exercise these rights, contact us at [email protected] or use the contact form.

7. Security

We implement industry-standard security measures to protect your data:

• Encryption in transit: All data is transmitted over HTTPS/TLS
• Password security: Passwords are hashed using bcrypt with secure salt
• Session security: Session tokens are cryptographically random and stored securely
• Access controls: Internal access to user data is strictly limited and logged
• Infrastructure: Our servers are hosted in secure data centers with regular security updates

While we take security seriously, no system is completely secure. Please protect your password and notify us immediately if you suspect unauthorized access to your account.

8. Children's Privacy

RepXD is designed for business professionals and is not intended for use by anyone under 18 years of age.

We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

• We will update the "Effective Date" at the top of this page
• For material changes affecting how we use your data, we will notify you by email
• Your continued use of RepXD after changes take effect constitutes acceptance of the updated policy

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

PXM Labs LLC
Email: [email protected]
Website: Contact Form

About Healthcare Provider Data

The healthcare provider data displayed in RepXD (physician names, practice addresses, procedure volumes, payment records) comes from publicly available government sources:

• CMS Medicare Provider Utilization and Payment Data
• CMS Open Payments database
• NPPES National Provider Identifier Registry

This data is published by the Centers for Medicare & Medicaid Services (CMS) and is available to the public under the Freedom of Information Act. We aggregate and present this public data to help medical sales professionals identify relevant healthcare providers.

If you are a healthcare provider with questions about data displayed about you, please note that this data originates from CMS. For corrections to the source data, contact CMS directly.