Credium Back to home
Legal

Privacy Policy

Effective date: July 1, 2026

Last updated: July 1, 2026

This Privacy Policy explains how Credium ("Credium," "we," "us," or "our") collects, uses, discloses, stores, and protects your information when you use our website at credium.ai, our web application at app.credium.ai, and our Credium mobile app for iOS (together, the "Services"). It also describes the choices and rights you have regarding your information. Please read it carefully. By using the Services, you agree to the practices described here.

On this page
  1. Who we are
  2. Information we collect
  3. How we use your information
  4. Automated processing and AI extraction
  5. How we share your information
  6. Service providers and sub-processors
  7. Mobile app permissions
  8. Cookies and analytics
  9. Data retention
  10. How we protect your information
  11. Your rights and choices
  12. Deleting your account and data
  13. Health information and HIPAA
  14. Children's privacy
  15. Data location and transfers
  16. Changes to this policy
  17. Contact us

1. Who we are

Credium is a healthcare credentialing platform. Providers use Credium to build a verified credentialing profile once, keep track of license and certification expirations, and share a credentialing packet with hospitals, health systems, and credentialing teams in one step. Credentialing teams use Credium to review and manage the credentials of the providers they work with.

Credium is the data controller for personal information processed through the Services, except where we act as a service provider or business associate to a healthcare organization, in which case that organization directs how the information is used.

2. Information we collect

We collect the following categories of information.

Account and identity information

Professional and credentialing information

To perform its core function, Credium collects the professional information that credentialing requires. Depending on what you provide, this may include:

Sensitive information. Credentialing documents can contain sensitive personal information, including government identifiers and health or professional-fitness records. You control what you upload. We use this information only to provide the credentialing features you request and to build the packets you choose to share.

Content and usage information

Information from third parties

When you use our provider onboarding feature, we look up publicly available registry data (for example from the U.S. National Library of Medicine NPI registry and the Centers for Medicare and Medicaid Services public directories) to help pre-fill your profile. You review and confirm this information before it is saved.

3. How we use your information

We use the information we collect to:

We do not sell your personal information, and we do not use your credentialing documents or health-related information for advertising.

4. Automated processing and AI extraction

When you upload a document, Credium uses an artificial intelligence model to read the document and extract structured fields (for example a license number or an expiration date) so you do not have to type them by hand. This processing is performed by our sub-processor Anthropic on our behalf under a data protection agreement. Documents and extracted text sent for this purpose are not used to train third-party models.

Automated extraction can make mistakes. Extracted fields are always presented to you for review, and no field is treated as final until you confirm or edit it. You remain responsible for verifying the accuracy of your credentialing information before you share it.

5. How we share your information

We share information only in the following circumstances:

6. Service providers and sub-processors

We rely on the following categories of service providers. Each is bound by contract to protect your information and to use it only to provide services to Credium.

ProviderPurpose
Amazon Web Services (AWS)Cloud hosting, database, and encrypted document storage in the United States.
AnthropicAI extraction of fields from uploaded documents.
BrevoDelivery of transactional email (verification, reminders, alerts).
GoogleWebsite analytics and address autocomplete.
CrispIn-app support chat.

We may update this list as our Services evolve. Where a healthcare organization requires it, we will enter into a Business Associate Agreement so that sub-processors provide equivalent protection for health information.

7. Mobile app permissions

The Credium iOS app provides a secure view of your Credium account. It may request the following device permissions, and only when you use the related feature:

You can grant or revoke these permissions at any time in your device's system settings. Denying a permission only disables the related feature.

8. Cookies and analytics

Our website and web app use cookies and similar technologies to keep you signed in, remember your preferences, and understand how the Services are used. We use Google Analytics to measure aggregate traffic and usage. You can control cookies through your browser settings. Disabling some cookies may affect how the Services work.

9. Data retention

We keep your information for as long as your account is active and as needed to provide the Services. When you delete a document, its stored file and extracted data are removed. When you delete your account, we delete or de-identify your personal information and uploaded documents, except where we must retain limited records to comply with legal obligations, resolve disputes, or enforce our agreements. Backups are purged on a rolling schedule.

10. How we protect your information

No method of transmission or storage is completely secure, but we work continuously to protect your information and to limit access to those who need it to operate the Services.

11. Your rights and choices

Depending on where you live, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. Through the Services you can, at any time:

To exercise a right that is not available directly in the app, contact us at info@credium.ai. We will respond within the time required by applicable law. We will not discriminate against you for exercising your privacy rights.

12. Deleting your account and data

You can delete your account at any time from Settings in the web app or the iOS app. Deleting your account removes your profile, uploaded documents, and associated stored files from active systems, subject to the limited legal retention described above. If you are unable to access your account, email info@credium.ai and we will process your deletion request.

13. Health information and HIPAA

Some information handled through Credium may constitute protected health information. When Credium processes such information on behalf of a covered entity or its business associate, we act as a business associate and handle that information in accordance with the applicable Business Associate Agreement and the requirements of HIPAA. Credium is a tool for organizing and sharing credentialing records; it is not a source of medical advice.

14. Children's privacy

The Services are intended for licensed healthcare professionals and credentialing staff and are not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact us and we will delete it.

15. Data location and transfers

Credium is operated from and stores data in the United States. If you access the Services from outside the United States, you understand that your information will be processed in the United States, where data protection laws may differ from those in your country.

16. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you through the Services or by email. Your continued use of the Services after an update means you accept the revised policy.

17. Contact us

If you have questions about this Privacy Policy or how we handle your information, contact us at: