Privacy Policy

This Privacy Policy explains how Shuffle Health, LLC (“Shuffle Health,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with the Shuffle Health website, applications, APIs, and related services (the “Service”). It applies to information we process as a controller. By using the Service, you agree to the practices described in this Policy and in our Terms of Service. If you do not agree, do not use the Service.

Shuffle Health is a career-development service, not a healthcare provider. Do not submit protected health information (PHI) about patients or other individuals. Do not use the Service to deliver clinical care.

• “Personal data” or “personal information” means information that identifies, relates to, or could reasonably be linked with you.
• “Processing” means any operation performed on personal data, including collection, use, storage, disclosure, and deletion.
• “Controller” means the entity that determines the purposes and means of processing personal data. Shuffle Health is the controller of the information described in this Policy.
• “Processor” means a service provider that processes personal data on the controller’s behalf and under its instructions.
• “You” means the individual using the Service, including a registered account holder or a visitor to our website.

We collect the following categories of information:

• Account information. Name, email address, password (managed by our authentication provider), and profile attributes you provide. Account authentication is handled by Clerk.
• Career and resume content. Resumes you upload, intake-form answers, free-text inputs to AI features, training assessment responses, and progress data.
• Credentials and certificates. Records of training modules completed, assessment scores, and certificates or credentials we issue to you through the Service.
• Payment information. When you subscribe, payment details are collected and processed by Stripe. We do not store full card numbers; we receive a tokenized identifier and limited metadata such as plan, status, and the last four digits of your card.
• Usage and device data. IP address, browser type, operating system, language, referring/exit pages, pages viewed, time stamps, click paths, and similar telemetry collected automatically when you use the Service.
• Cookies and similar technologies. Strictly-necessary cookies (session, CSRF, auth), and limited analytics cookies. We use PostHog for product analytics, which may set cookies and collect usage data. See Section 8.
• Communications. Messages you send to support, feedback, and email correspondence with us.
• Referral data. If you participate in our referral program, we collect referral-link activity and credit-tracking data.
• Employer- or organization-provided information. If your employer, school, or another organization sponsors your use of the Service, we may receive your name, work email, role, and enrollment details from that organization in order to provision your account.

We do not knowingly collect special categories of personal data (such as biometric data, genetic data, or precise health information) and we ask you not to submit such data to the Service.

We use the information described above to:

• provide, secure, and operate the Service, including matching you to career pathways and generating personalized training content;
• issue certificates and credentials and maintain records of your training history;
• process payments and manage subscriptions;
• communicate with you about your account, security, billing, product updates, and support;
• improve our models, curricula, and product (including by producing de-identified, aggregated metrics);
• monitor for, prevent, and investigate fraud, abuse, security incidents, and violations of our Terms;
• comply with legal obligations and enforce our agreements;
• send marketing communications you can opt out of at any time.

Legal bases (EEA / UK users). We rely on (a) contract necessity to provide the Service, (b) legitimate interests in operating, securing, and improving the Service, (c) consent (where required, for example for certain cookies and marketing emails), and (d) compliance with legal obligations.

De-identified and aggregated data. We may create de-identified or aggregated data from personal information and use and share it for any lawful purpose. We maintain such data in a form that cannot reasonably be linked back to you and do not attempt to re-identify it except to test our de-identification practices.

Some features of the Service use third-party large-language models (currently Anthropic Claude and OpenAI text-embedding models). When you use these features, we transmit relevant inputs (which may include your resume content, intake answers, and free-text inputs) to those providers under data-processing terms that prohibit them from using your inputs or outputs to train their public foundation models. Outputs may be cached by us to improve performance and reliability.

Automated processing.We use automated processing — including AI models — to match you to career pathways, recommend training, generate personalized curriculum, and evaluate assessment responses. These outputs are decision-support tools, not legally or similarly significant decisions about you, and they do not determine employment, credit, housing, or comparable outcomes. You can request human review of any automated output that materially affects your use of the Service by emailing privacy@shuffle.health.

We share information only as described below. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

• Service providers (processors). Vendors who process data on our behalf under contract, including:
  • Clerk — authentication and identity
  • Stripe — payment processing and billing
  • Anthropic — AI inference for matching and curriculum
  • OpenAI — text embeddings used for retrieval
  • PostHog — product analytics and event tracking
  • Cloudflare R2 — resume and asset storage
  • Railway — application hosting
  • Postgres database hosting providers
  • Email and customer-support providers
• Employer marketplace (if you opt in). If you publish a marketplace profile, the information you place on that profile may be visible to subscribed employer accounts. You control whether to publish.
• Sponsoring employers and organizations.If your account is sponsored by an employer, school, or other organization, we may share your enrollment, progress, completion, and certificate data with that sponsor so they can administer the program and verify completion. You will be told at sign-up if your account is sponsored. Sponsors’ use of your information is governed by their own privacy policies.
• Compliance and legal. When we believe in good faith that disclosure is necessary to comply with law, valid legal process, or to protect the rights, safety, or property of Shuffle Health, our users, or others.
• Corporate transactions. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets. We will require the recipient to honor this Policy or notify you of any material change.
• With your consent. Any other sharing will be with your consent or at your direction.

We are based in the United States and our service providers may process data in other countries. Where required, we use appropriate safeguards (such as the European Commission’s Standard Contractual Clauses or the UK International Data Transfer Addendum) for cross-border transfers. Copies of relevant transfer mechanisms are available on request to privacy@shuffle.health.

We use strictly necessary cookies for authentication and security. We also use PostHog, a product analytics platform, to understand how users interact with the Service — including page views, feature usage, and navigation paths. PostHog may set analytics cookies and collect usage telemetry such as IP addresses, browser type, and click paths. This data is used to improve the Service and is processed under PostHog’s data processing terms. You can control cookies through your browser settings. Most browsers also support a “Do Not Track” signal; because there is no industry standard for interpreting that signal we currently treat all users consistently regardless of DNT setting.

We retain personal information for as long as your account is active and as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. After account closure, we typically delete or de-identify personal data within ninety (90) days, except where longer retention is required by law (for example, tax and accounting records) or for ongoing fraud prevention or dispute resolution. Backups may persist for a limited additional period and are overwritten on our standard backup rotation.

We use technical and organizational measures designed to protect personal information, including encryption in transit, encryption at rest for sensitive stores, role-based access controls, audit logging, and least-privilege access for employees. No method of transmission or storage is completely secure; absolute security cannot be guaranteed.

Breach notification. If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and regulators as required by applicable law.

Your responsibility. You are responsible for keeping your account credentials confidential and for activity that occurs under your account. Notify us promptly at privacy@shuffle.health if you suspect unauthorized access.

Depending on your jurisdiction, you may have the right to (a) access the personal information we hold about you; (b) correct inaccurate information; (c) request deletion or restriction of processing; (d) object to processing based on our legitimate interests; (e) request portability of information you provided to us; (f) withdraw consent (without affecting the lawfulness of prior processing); and (g) lodge a complaint with your local data-protection authority.

How to exercise rights. Email privacy@shuffle.health describing the right you wish to exercise. We may need to verify your identity — typically by confirming control of the email address on your account or by asking you to provide information that matches what we already have on file — before responding. We will respond within the timeframe required by applicable law (generally 30–45 days), and we may extend that period where the law permits. We will not discriminate against you for exercising your rights.

California residents.Under the California Consumer Privacy Act (as amended by the CPRA) you may have the right to know, delete, correct, and limit the use of sensitive personal information, and to opt out of the “sale” or “sharing” of personal information. Shuffle Health does not sell personal information and does not share it for cross-context behavioral advertising.

Other US state residents. Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws have similar rights, including the right to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, sale, or certain profiling. Because we do not sell personal data, engage in targeted advertising, or conduct profiling that produces legal or similarly significant effects, the opt-out rights largely do not apply to our processing. You may still exercise access, correction, deletion, and portability rights as described above.

EEA / UK residents. You have the rights described above under the GDPR and UK GDPR and may lodge a complaint with your supervisory authority. If we have appointed an EU or UK representative, their contact details will appear in Section 17.

Shuffle Health is not a covered entity or business associate under the U.S. Health Insurance Portability and Accountability Act (“HIPAA”) for purposes of the personal data you submit, and the Service is not designed to receive or process protected health information (PHI). Do not upload PHI of patients or any third party. We host on infrastructure that supports HIPAA-eligible configurations to protect our users’ data, but the Service is intended for your own career-development information only.

You can unsubscribe from marketing emails using the link in the footer of any marketing message or by emailing privacy@shuffle.health. Transactional emails (for example, billing receipts and security notices) cannot be opted out of while your account is active.

The Service is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe a child has provided us personal information, contact privacy@shuffle.health and we will take appropriate steps to delete it.

The Service may link to third-party sites and services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

We may update this Policy from time to time. Material changes will be posted on this page with a revised effective date and, where appropriate, communicated to you by email or in-app notice. Non-material changes (such as clarifying edits or updates to vendor lists) will be reflected by updating the “Last updated” date above. Your continued use of the Service after the effective date of any update constitutes acceptance of the updated Policy.

For privacy questions or to exercise any rights under this Policy, contact:

Shuffle Health, LLC
privacy@shuffle.health

EU representative (Art. 27 GDPR): to be appointed if and when required.
UK representative: to be appointed if and when required.

• Severability. If any provision of this Policy is held to be invalid or unenforceable, the remaining provisions will remain in full force and effect.
• No waiver. Our failure to enforce any provision of this Policy will not be deemed a waiver of that provision or of our right to enforce it later.
• Controlling language. The English version of this Policy is the controlling version. Any translation is provided for convenience only.
• Accessibility. We are committed to making the Service accessible. If you need this Policy in an alternative format, email privacy@shuffle.health.