Privacy Notice

Last Updated: October 7, 2025 [view last version]
Download

1. Introduction

This Privacy Notice explains how Machinify collects and uses your personal information when you visit our websites, use our products or services, or interact with us. Please read this notice carefully to understand your rights and our practices.

Machinify, Inc. and its affiliates, including The Rawlings Company LLC, Rawlings Financial Services LLC, Apixio Holdings, LLC, and VARIS, LLC (collectively, “Machinify”, “our”, “we” or “us”) operate websites at www.machinify.com, www.rawlingsgroup.com, www.trgclaimsinfo.com, www.rawlingspayments.com, and all other Machinify owned or operated websites (collectively, “Site”), and provide products and services (collectively, “Services”).

When we refer to “you” in this Notice, we mean any individual who visits our Site, uses our Services, or otherwise interacts with Machinify. When we refer to “personal information” in this Notice, we mean information that identifies or could reasonably identify you, such as your name, email address, phone number, or IP address. Machinify, Inc. is the controller of your personal information as described in this Notice.

This Notice does not apply to our handling of personal information gathered about our employees or candidates for employment, which is covered by separate privacy notices.

Important Notice: This Notice does not apply to “Content,” which means data uploaded by authorized users to our Services, information provided by our clients, and any personal information or Protected Health Information (“PHI”) we process as a Business Associate (under HIPAA), processor, or service provider. We process Content pursuant to instructions provided by our client, and our processing is governed by the applicable client agreement. When we contact individuals regarding subrogation or other recovery and reimbursement matters, we are acting as a Business Associate for our client, the applicable health plan or payor. Questions about coverage, benefits, or reimbursement matters should be directed to your health plan or payor. If you wish to exercise your HIPAA or personal information rights regarding Content, please contact your healthcare provider or health plan directly.

2. Types of Personal Information We Collect and Disclose.

We may collect, process, and disclose the following categories of personal information about you for the business and commercial purposes described in this Privacy Notice.

Categories of Personal Information Collected

Disclosed for Business Purposes to
  1. Identifiers and contact details, such as your name, address, email, phone number, unique personal identifiers, online identifiers, IP address, user id, session id, other similar identifiers, information provided when you create an account for a Machinify Service, register and attend an event or obtain access to marketing material
  2. Records about You (defined by California Law), signature and transcriptions of meetings and calls with our teams
  3. Inferences drawn from other Personal Information (defined by California law), such as marketing you may respond positively to
  4. Other information you voluntarily provide to us, such as the content of your communications when you contact us for customer support, provide feedback, or otherwise voluntarily provide information to us

Categories 1 to 4:

  • Machinify subsidiaries
  • Service providers to enable them to perform services on our behalf
  • Third parties at your direction, such as event sponsors
  • Your organization that is a Machinify client
  • Cookies and similar technologies companies, advertising partners, and other business partners
  • In connection with a corporate transaction, such as a proposed or actual merger, acquisition, investment, reorganization, or sale of all or part of our business or assets
  • Professional advisors, such as lawyers, auditors, insurers, and accountants
  • Lawful requests from government authorities and complying with applicable legal obligations
  • Where you have provided your consent
  1. Commercial information, such as your marketing preferences, records of your registration for events, downloads of our marketing content, purchasing history, transactional information, log files, and payment information
  2. Internet or Other Similar Network Activity, such as browsing and search history, UI interactions, device and browser information, engagement with our marketing communications, operating system and device, how you interact with our Site and Services, web page referrers, metrics and analytics
  3. Geolocation data, such as approximate location based on IP address, mobile device location, and city/state provided to us
  4. Sensory data, such as CCTV recorded within our offices, recordings and transcriptions of meetings and calls with our team, messaging logs, and photographs and videos at events and our offices

Categories 5 through 8:

  • Machinify subsidiaries
  • Service providers to enable them to perform services on our behalf
  • Third parties at your direction, such as event sponsors
  • Your organization that is a Machinify client
  • In connection with a corporate transaction, such as a proposed or actual merger, acquisition, investment, reorganization, or sale of all or part of our business or assets
  • Professional advisors, such as lawyers, auditors, insurers, and accountants
  • Lawful requests from government authorities and complying with applicable legal obligations
  • Where you have provided your consent

We may de-identify, anonymize, or aggregate personal information for use and sharing with third parties for any purpose, where permitted by law.

We engage in routine targeted advertising practices involving third parties that could be considered a “sale” or “sharing” as defined under California law. In the past 12 months, we may have “sold” or “shared” for a commercial purpose the data described in categories 1, 2, 3, 5, 6, and 7 above to third parties that provide cookies and similar technologies, as well as other advertising partners, for targeted advertising purposes. We do not knowingly sell data about minors under 16.

3. Sources of Personal Information.

We may collect personal information from:

  • You directly, when you visit our Site, create a Services account, register and attend events, or otherwise interact with us
  • Third parties, such as joint marketing/co-hosted event providers, payment processors, your employer, social media, and analytics providers
  • You automatically, when you use our Site, Services, through cookies, API calls, and similar technologies.

4. Purposes for Processing Personal Information.

We use your personal information for purposes including:

Processing Purposes
  1. Providing, operating, auditing, and improving our Services, Site, and our business, as well as developing new products or services (including algorithms, artificial intelligence and machine learning tools and models).
  2. Communicating with you, such as sending invoices, announcements, updates, security alerts, surveys, support and administrative messages about our Site, Services, and events.
  3. Detecting, preventing, and responding to security incidents, fraud, and other harmful activities. This includes protecting our property, Site, Services, and personnel, and enforcing our contractual terms.
  1. Sales and marketing, such as advertising and marketing our Services, conducting market research, sending event invitations, and communicating with you. 5. Feedback and interviews, such as requesting, collecting, and publishing client feedback.
  1. Responding to and complying with lawful requests from government authorities and complying with applicable legal obligations. 7. Establishing, exercising, or defending legal claims and protecting our rights and property. 8. Providing reasonable accommodations. 9. Other purposes required by applicable law.
  1. Other purposes with your consent.

When we share your personal information with third parties, those third parties have their own privacy notices that govern how they process your data. We recommend reviewing their privacy notices if you interact with them directly or if they use your personal information for their own business purposes.

5. California Rights.

This section only applies to California residents.

a. California Shine the Light Law: California residents may request to opt out of the disclosure of certain categories of personal information to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us at privacy@machinify.com. This request may be made only once per calendar year. We reserve the right not to respond to requests submitted to any email address other than the one above.

b. Privacy Rights: The CCPA privacy rights include:

  • Right to Correct: Right to request that we correct inaccurate personal information that we maintain about you.
  • Right to Delete: Right to request that we delete the personal information that we collect from you.
  • Right to Know: Right to know: (i) the specific pieces of personal information we collected about you; (ii) the categories of personal information that we collected about you; (iii) categories of sources from which the personal information was collected, (iv) the categories of your personal information that we sold, shared, or disclosed, (v) categories of third parties to whom your personal information was sold, shared or disclosed, and (vi) the purpose for collecting, selling, or sharing your personal information (collectively, a “Report”). You may exercise this right twice a year, free of charge.
  • Right to Opt-Out of Sale or Sharing: Right to opt out of the sale or sharing of your personal information. To exercise the Right to Opt Out of Sales or Sharing with respect to any “sale” or “sharing” of information automatically collected online through cookies or tracking technologies, you may:
    • Use an opt-out preference signal sent in a format commonly used and recognized by businesses, known as global privacy control or GPC. We will process this signal without any additional confirmation from you. We process these requests at the browser level.
    • You may disable the use of targeted advertising, analytics, and other tracking technologies in the preference center. You must complete this step on each of our websites from each browser and on each device that you use.

To submit a privacy rights request, please contact us at 844-584-7022 (California only), email us at privacy@machinify.com, or mail your request to Attn: Chief Privacy Officer, Machinify, 8333 Douglas Ave., Suite 750, Dallas, TX 75225. We will not discriminate against you for exercising your privacy rights.

Verification: To process Requests to Know, Delete, and Correct, we collect information necessary to verify your identity and that you are a California resident, including name, email address, and relationship to Machinify. We may use third parties to assist with identity verification. If you request the specific pieces of personal information we have collected about you, we may also request a signed declaration, under penalty of perjury.

Authorized Agents: Authorized agents may exercise rights on your behalf by emailing us at privacy@machinify.com.

  • If you designate an authorized agent to submit a Request to Know, Delete, or Correct, we may reach out to you directly to verify your own identity or to confirm that you provided the authorized agent with permission to submit the request.
  • If you designate an authorized agent to submit a Request to Opt Out of Sale/Sharing, we may seek additional information directly from the authorized agent to process the request.

Marketing: If you do not wish to receive marketing-related communications from us, please click the unsubscribe link at the bottom of the marketing email or email us at privacy@machinify.com.

Cookies and Tracking Technologies: Some browsers have incorporated a “Do Not Track” (DNT) preference. Because there is no universal standard of how to apply that setting, we currently do not honor them. See our Cookies and Tracking Technologies section below for more details.

6. Security and Retention.

Although we maintain reasonable security safeguards, no security measures or communications over the Internet can be 100% secure, and we cannot guarantee the security of your information.

We retain your personal information for as long as necessary to fulfill the purposes described in this Notice, as required to operate our business, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, and comply with applicable laws. This includes retaining your information in accordance with our business relationship with your employer (our client), enhancing our business operations, demonstrating our compliance with contractual and legal obligations, and adhering to applicable legal requirements. To determine the appropriate retention period for personal information, we consider the quantity, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the information, and all applicable legal requirements. We retain records of privacy rights requests for a minimum of 24 months, as required under the CCPA.

For further details on the retention periods and our internal retention policies, please contact us using the details below.

7. International Visitors.

Our Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than the United States. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers. Your use of our Services may involve the collection, processing, and transfer of information to or from countries outside of your country of residence, including the United States, which may have different data protection rules than those of your country.

8. Cookies and Tracking Technologies.

We, along with our service providers, may use cookies and similar tracking technologies on our Site to collect information about your interactions with our Site. For more information, please see our Cookie Notice. Cookies may generally be disabled or removed using tools available as part of most commercial browsers, and in some instances, blocked in the future by selecting certain settings. The choices available, and the mechanism used, will vary from browser to browser. Some web browsers (including some mobile browsers) provide settings that allow you to control or reject cookies or alert you when a cookie is placed on your computer or device. You may also be able to reject mobile device identifiers by adjusting the appropriate settings on your mobile device. Such browser settings are typically found in the “options,” “tools,” or “preferences” menu of your browser. You may also consult with your browser’s help menu. Tools from commercial browsers may not be effective on Flash cookies (locally shared objects), HTML5 cookies, or other tracking technologies. If you disable or remove these technologies, some parts of our Site may not work and when you revisit our Site your ability to limit browser-based tracking technologies is subject to your browser settings and limitations. Although you are generally not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services. If you change computers, devices, or browsers; use multiple computers, devices, or browsers; or delete your cookies, you may need to repeat this process for each computer, device, or browser.

Where required under applicable law, we will provide you with means to reject, at any time, the non-essential cookies used on our Sites or within our Services through a consent management platform made available to you when you first visit our Sites or use our Services and always available through this link. We use tracking technologies within our Services to understand your usage patterns, customize your experience, maintain security, and make improvements to our Services.

9. Children's Privacy.

Our Site and Services are not directed to or intended for use by minors. If we learn that we have received information directly from a child under age 16 without their parent or legal guardian’s verified consent, we will use that information only to respond directly to that child (or their parent or legal guardian) to inform the child that they cannot use our Services or Services. Subsequently, we will delete such information. If you believe we have collected information from a child, please contact us at privacy@machinify.com for deletion of that information.

10. Contact Information.

If you have any questions, complaints, or requests relating to this Notice or Machinify’s information handling practices, or wish to exercise your personal information rights, you may email us at privacy@machinify.com or contact us by mail at:

Attn: Chief Privacy Officer
Machinify, Inc.
8333 Douglas Ave., Suite 750
Dallas, TX 75225

If you would like to opt out of receiving promotional email messages from us, please click on the “Unsubscribe” link contained at the bottom of the email. Opting out of promotional emails will not affect our communication with you by email about our contracted Service-related matters.

11. Changes to this Notice.

Machinify may update this Notice from time to time to reflect changes in legal requirements, operational practices, or due to other factors. When required by applicable law, we will notify you of such changes to this Notice by posting a notice on this page before any changes take effect or in another appropriate manner. You can see when this Notice was last updated by checking the “Last Updated” date displayed at the top of this Notice.