Privacy Policy

Effective Date: March 9, 2026 · Last Updated: March 9, 2026

Table of Contents

Who We Are
Information We Collect
How We Use Your Information
HIPAA and Medical Data
How We Share Your Information
Data Security
Data Retention
Cookies and Tracking
Your Rights
Children's Privacy
International Data Transfers
Changes to This Policy
Contact Us

    This Privacy Policy explains how Tray IQ ("we," "us," or "our") collects, uses, shares, and protects information about you when you use our services — including the Tray IQ medical tray temperature monitoring platform, the AI Vision Scanner, and all associated tools available at tray-iq.com. By using our services, you agree to the practices described here.
  

1. Who We Are

Tray IQ is a medical technology company providing software solutions for surgical instrument tracking, sterilization verification, temperature monitoring, and medical tray management. Our platform helps sterile processing departments, surgical teams, and medical device representatives ensure compliance and patient safety through AI-assisted scanning and real-time IoT monitoring.

Business Contact:
Tray IQ
Email: [email protected]
Website: tray-iq.com

2. Information We Collect

2.1 Account Information

When you create an account on our platform, we collect:

Full name and email address
Password — stored exclusively as a one-way cryptographic hash; we never store or see your plain-text password
Organization name and organization type (Hospital Enterprise or OEM Enterprise, if applicable)
Your role within your organization (Admin or Member)
Account creation date and subscription status

2.2 Payment and Subscription Information

Subscription payments are processed exclusively by Stripe, Inc. We do not store your credit card number, CVV, or full payment card details on our servers. We store only:

Stripe customer ID and subscription ID (alphanumeric references only)
Subscription status (trialing, active, cancelled, expired)
Subscription start and end dates

Stripe's privacy practices are governed by the Stripe Privacy Policy.

2.3 AI Vision Scanner Data

When you use the AI Vision Scanner, we collect and process:

Photos of surgical instrument trays that you submit for scanning
Reference photos of individual instruments you add to your catalog
Par-level (reference) photos of implant trays
Scan results, AI analysis outputs, missing/extra item reports, and confidence scores
Your instrument catalog: instrument names, categories, descriptions, and visual feature notes
Procedure preference lists: procedure names, specialty, associated instrument lists
Implant catalog entries and implant tray type configurations
Audit trail records for every scan event (who scanned, what tray, what time, what result)

2.4 Temperature Monitoring and IoT Data

For customers using our hardware-integrated temperature monitoring system, we collect:

Real-time and historical temperature readings from TELID® BLE sensors
BLE gateway signals, RSSI (signal strength) data, and tray location calculations
Tray workflow state transitions (On Shelf, Washer, Sterilizer, Transport Ready, etc.)
Sterilization cycle event records with timestamps
Blockchain-verified audit log hashes recorded on the XRP Ledger (XRPL) — hashes only, no personal data

2.5 Organization and Team Data

If you are part of an enterprise organization, we record:

Organization name, type, and creation date
Organization member list (names, emails, roles)
Tray sharing records between organizations (which trays are shared, with whom, by whom)

2.6 Technical and Usage Data

We automatically collect limited technical information including:

IP address and approximate geographic location (country or region)
Browser type, version, and operating system
Device type (mobile, tablet, desktop)
Pages and features accessed, and time of access
Error logs and diagnostic data used to fix bugs and improve the platform

3. How We Use Your Information

We use the information we collect to:

Provide and operate the service: Authenticate your account, process AI scans, generate compliance reports, and operate all platform features
Process payments: Manage your subscription billing through Stripe
Maintain audit trails: Create tamper-evident records of sterilization cycles, scan events, and tray activity for regulatory compliance purposes
Send alerts and notifications: Temperature excursion alerts, sensor offline notifications, and subscription-related emails
Support you: Respond to questions, bug reports, and account requests
Improve the platform: Analyze aggregate, de-identified usage patterns to fix problems and build new features
Maintain security: Detect and prevent unauthorized access, fraud, and abuse
Comply with law: Respond to lawful requests and maintain records as required by applicable regulations

We do not sell your personal information. We do not use your data for advertising. We do not use your scan images or catalog data to train AI models — your images are sent to Anthropic's API solely to generate the scan result returned to you.

4. HIPAA and Medical Data

Important HIPAA Notice: Tray IQ is a software tool for tracking surgical instruments, trays, and sterilization processes. The platform is intentionally designed to operate without requiring the entry of Protected Health Information (PHI) as defined by HIPAA.

Our platform tracks instruments and equipment — not patient identities or medical records. Tray identification numbers, sterilization cycle logs, and instrument scan records do not inherently constitute PHI. However:

If your organization configures the system in a way that links tray or scan data to specific patients (e.g., using patient identifiers as tray labels), those records may become PHI under HIPAA.
We strongly recommend against entering patient names, medical record numbers, date of birth, or any other patient identifiers into the platform.
Enterprise healthcare customers who require a Business Associate Agreement (BAA) should contact us at [email protected] before use.

4.1 Security Safeguards Relevant to Healthcare

All data is transmitted over TLS-encrypted connections (HTTPS)
Role-based access control prevents unauthorized access to organization data
Passwords are stored as one-way cryptographic hashes
Audit trails are designed to be tamper-evident with optional blockchain verification
Sensitive data can be archived with encryption at rest

5. How We Share Your Information

5.1 Third-Party Service Providers

We share data with trusted providers who help us operate the platform. All are contractually bound to protect your data and use it only for the specified service:

Stripe — Payment processing and subscription management
Anthropic (Claude AI) — AI vision analysis for instrument identification. Tray scan images are sent to Anthropic's API to generate identification results. Anthropic's use of API data is governed by their Privacy Policy and API terms, which prohibit using API data to train models.
Neon / PostgreSQL — Cloud database hosting for your account and scan data
HiveMQ — MQTT cloud service for real-time IoT sensor data transmission
XRP Ledger (XRPL) — Public blockchain for immutable event log verification. Only cryptographic hashes are recorded on-chain; no personal data or PHI is written to the blockchain.
Twilio — SMS alert delivery for temperature and sensor notifications

5.2 Within Your Organization

Hospital Enterprise accounts: Your scan activity, instrument catalog entries, and procedure lists are visible to all members of your hospital organization. Your name and email are visible to organization admins.
OEM Enterprise accounts: Your catalog and scan data are isolated to your individual account. Organization admins may see aggregate activity metrics but not your individual scan records without explicit access.

5.3 Cross-Organization Tray Sharing

When an authorized admin uses the tray-sharing feature to share a tray with a partner organization, the tray's name and configuration data are made available to that organization. No personal account details (email, payment info) are shared in this process. Shares are revocable at any time by an admin.

5.4 Legal Requirements

We may disclose your information when required by law, court order, or valid governmental authority, or when we have a good-faith belief that disclosure is reasonably necessary to protect the rights, property, or safety of Tray IQ, our users, or the public.

5.5 Business Transfers

If Tray IQ is involved in a merger, acquisition, asset sale, or other business transition, your information may be transferred as part of that transaction. We will provide notice via email and/or a prominent notice on our platform at least 14 days before any such transfer takes effect, and you will have the opportunity to close your account if you do not wish to proceed.

5.6 What We Do Not Do

We do not sell your personal information to data brokers, advertisers, or any third party
We do not share your data for third-party marketing or advertising purposes
We do not use your scan images, catalog data, or audit logs to train AI or machine learning models

6. Data Security

We implement the following technical and organizational measures to protect your data:

Encryption in transit: All data between your browser and our servers is encrypted using TLS (HTTPS)
Password hashing: Passwords are hashed using scrypt and are never stored or transmitted in plain text
Token-based authentication: Sessions use signed tokens scoped to your account with no sensitive data in the token payload
Role-based access control: Users can only access data their account is authorized to view; hospital and OEM data is strictly separated
Tamper-evident audit trails: Sterilization and scan records are designed to be immutable, with optional blockchain verification
Data scoping: Hospital organizations use shared data scopes; OEM accounts use per-user isolated scopes — neither can access the other's data

No system can guarantee absolute security. If you believe your account has been compromised or you discover a security vulnerability, please contact us immediately at [email protected] with the subject line "URGENT: Security."

In the event of a data breach affecting your personal information, we will notify affected users within 72 hours of becoming aware of the breach, consistent with applicable law.

7. Data Retention

We retain your data as long as your account is active or as needed to fulfill the purposes described in this policy. Specific retention periods:

Account information: Retained while your account is active, plus up to 90 days after deletion for recovery purposes
Scan audit trails and sterilization records: Retained for a minimum of 7 years to support regulatory and compliance requirements applicable to medical equipment and sterilization processes
Temperature monitoring data: Retained for the duration of your subscription; data older than 6 months is compressed and archived
Scan images (tray photos): Retained while your account is active; deleted within 30 days of account deletion upon written request
Payment records: Retained for 7 years as required by financial record-keeping regulations
Blockchain records (XRPL): Cryptographic hashes recorded on the public XRPL blockchain are permanent by the nature of blockchain technology and cannot be deleted

To request early deletion of your personal data, email [email protected]. Note that mandatory retention requirements (e.g., sterilization audit logs) may prevent immediate deletion of certain records.

8. Cookies and Tracking

8.1 Essential Browser Storage

We use browser localStorage — not traditional cookies — to operate the platform:

Authentication tokens: Stored as authToken or scannerToken in localStorage to keep you signed in. These contain your account ID, name, subscription status, and org role — no sensitive personal data or payment information.
UI preferences: Display settings, tab selections, and other non-personal preferences

8.2 What We Do Not Use

Third-party advertising or targeting cookies
Cross-site tracking cookies or tracking pixels
Social media tracking integrations
Google Analytics or similar behavioral analytics

8.3 Clearing Your Data

You can clear localStorage through your browser settings at any time. Doing so will sign you out of the platform. No data is permanently lost as your account data is stored on our servers.

9. Your Rights

9.1 Rights for All Users

Regardless of your location, you may request:

Access: A copy of the personal data we hold about you
Correction: Updates to inaccurate or incomplete data
Deletion: Removal of your personal data (subject to mandatory retention requirements)
Portability: An export of your data in a structured, machine-readable format

9.2 California Residents (CCPA / CPRA)

California residents have the right to:

Know what personal information we collect, use, disclose, and share
Opt out of the sale or sharing of personal information (we do not sell personal information)
Limit the use of sensitive personal information
Correct inaccurate personal information
Delete personal information
Non-discrimination for exercising any of these rights

9.3 EEA, UK, and Swiss Residents (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you additionally have the right to:

Object to processing of your personal data based on legitimate interests
Request restriction of processing
Lodge a complaint with your local data protection authority (DPA)

Our lawful basis for processing your data is primarily: (a) performance of a contract — to provide the services you subscribed to; and (b) legitimate interests — to maintain platform security, prevent fraud, and improve the service.

9.4 How to Exercise Your Rights

Email [email protected] with the subject line "Privacy Request". Please include your account email address. We will respond within 30 days. We may ask you to verify your identity before fulfilling a request.

10. Children's Privacy

Our platform is designed for use by healthcare professionals and enterprise business users. We do not knowingly collect personal information from anyone under the age of 18. If you believe a minor has created an account with us, please contact [email protected] and we will delete the account promptly.

11. International Data Transfers

Tray IQ is based in the United States. If you access our platform from outside the United States, your information will be transferred to, stored, and processed in the United States where our servers and service providers operate. By using our services, you acknowledge this transfer.

For users in the EEA or UK, we rely on standard contractual clauses or other appropriate safeguards to ensure your data receives an adequate level of protection in compliance with GDPR requirements.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the services we offer, or applicable law. When we make material changes, we will:

Update the "Last Updated" date at the top of this page
Send an email notification to all active users at least 14 days before changes take effect
Display a notice within the platform

Your continued use of the platform after changes take effect constitutes your acceptance of the updated policy. If you do not agree, you may discontinue use and request account deletion.

13. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

Tray IQ — Privacy Inquiries
Email: [email protected]
Website: tray-iq.com

For urgent security or data breach matters, use subject line: URGENT: Security
We will respond to all privacy requests within 30 days, and urgent security matters within 24 hours.

If you are not satisfied with our response, you have the right to file a complaint with your applicable data protection authority.