Privacy Policy
Last updated: July 3, 2026
This Privacy Policy describes how Micah Latty (doing business as medicalfeeschedules.com) ("we", "us", or "our") collects, uses, and shares information when you visit our website, create an account, subscribe to a paid plan, or use our API (together, the "Service"). By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
1. Information we collect
Information you provide
- Account information. When you register we collect your name, email address, and authentication credentials (a hashed password or passkey public key). We never store plaintext passwords.
- Billing information. Payments are processed by Stripe, our payment processor. We do not receive or store full payment card numbers. We retain billing records such as your plan, invoices, billing address, and the last four digits and brand of your card as provided to us by Stripe.
- Alert preferences. If you sign up for rate-change alerts, we collect the email address and preferences (for example, a specialty filter) you provide.
- Communications. If you contact us, we keep the correspondence and any information you choose to include in it.
Information collected automatically
- API usage records. We log API requests — including the endpoint, query parameters (such as procedure codes, localities, and dates of service), the API token used, timestamps, and response metadata — to meter usage, enforce rate limits, bill correctly, prevent abuse, and improve the Service.
- Server logs. Like most websites, our servers record technical information such as IP address, browser type, requested pages, and timestamps.
- Cookies. We use only essential cookies — for session management, authentication, and security (for example, CSRF protection). We do not use advertising or cross-site tracking cookies.
- Analytics. We use Fathom Analytics, a privacy-focused analytics service that does not use cookies and does not track visitors across sites, to collect aggregate, anonymized traffic statistics.
2. Protected health information — do not submit it
The Service is a fee-schedule data tool. It works with procedure codes, localities, dates, and dollar amounts — it does not need, and is not designed to receive, patient information. Do not submit protected health information (PHI) or any patient-identifying information to the Service, including in API requests, calculator inputs, or support messages. We are not a "covered entity" or "business associate" as defined by HIPAA, we do not enter into Business Associate Agreements, and the Service must not be used to store or transmit PHI. If we become aware that PHI has been submitted, we may delete it without notice.
3. How we use information
- To provide, operate, and maintain the Service, including authenticating you and responding to API requests.
- To meter usage, enforce plan limits, and process payments and invoices.
- To send transactional emails (account verification, receipts, security notices) and, if you opted in, rate-change alerts. Every non-essential email includes a way to unsubscribe.
- To secure the Service, prevent fraud and abuse, and enforce our Terms of Service.
- To understand aggregate usage and improve the Service.
- To comply with legal obligations, such as tax and accounting requirements.
We do not sell your personal information, and we do not share it with third parties for their own advertising or marketing purposes.
4. How we share information
We share personal information only in the following circumstances:
- Service providers. With vendors who process data on our behalf and only as needed to run the Service — for example, Stripe (payments), our hosting and infrastructure providers, our transactional email provider, and Fathom Analytics. These providers are bound by their own contractual and legal obligations regarding your data.
- Legal requirements. When we believe in good faith that disclosure is required by law, regulation, legal process, or an enforceable governmental request, or to protect the rights, property, or safety of Micah Latty (doing business as medicalfeeschedules.com), our users, or the public.
- Business transfers. In connection with a merger, acquisition, financing, or sale of assets, in which case we will notify you before your personal information becomes subject to a different privacy policy.
- With your consent. In any other case, only with your direction or consent.
5. Data retention
We keep account information for as long as your account is active and for a reasonable period afterward. We keep billing records for as long as required by tax, accounting, and other legal obligations. Server logs and API usage records are retained for a limited period for security, metering, and billing-dispute purposes and are then deleted or aggregated. You may request deletion of your account at any time (see "Your rights" below); some records may be retained where the law requires or permits it.
6. Security
We use reasonable technical and organizational safeguards to protect your information, including encryption in transit (HTTPS), hashed credentials, scoped API tokens, and access controls. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your password, passkeys, and API tokens confidential.
7. Your rights and choices
Depending on where you live, you may have rights under applicable privacy laws (such as the EU/UK GDPR or the California Consumer Privacy Act), including the right to access, correct, export, or delete your personal information, to object to or restrict certain processing, and to not be discriminated against for exercising these rights. We honor such rights as required by the laws that apply to you.
To exercise any of these rights, email us at micah@linkfount.com. We will verify your request and respond within the time required by applicable law. You can also update account details and unsubscribe from alerts directly in the Service. If you are in the EEA or UK, you may also have the right to lodge a complaint with your local supervisory authority.
8. International transfers
The Service is operated from the United States and information we collect is processed and stored in the United States, which may have data-protection laws different from those in your jurisdiction. By using the Service, you understand that your information will be transferred to and processed in the United States.
9. Children
The Service is a professional tool intended for adults. It is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it.
10. Third-party links
The Service links to third-party sites (for example, CMS.gov). We are not responsible for the privacy practices of those sites, and this policy does not apply to them.
11. Changes to this policy
We may update this policy from time to time. We will post the updated policy on this page and revise the "Last updated" date above. For material changes, we will provide additional notice, such as an email to account holders or a prominent notice in the Service, before the change takes effect.
12. Contact us
Questions about this policy or our data practices? Email micah@linkfount.com.
See also our Terms of Service.