Back

Privacy Policy

RYCO AI · Effective Date: May 1, 2026 · Last Updated: May 1, 2026

Summary: RYCO AI does not collect, store, or transmit any patient-identifying information. No Protected Health Information (PHI) enters the platform at any time. Slide images are processed without patient identifiers and are stored securely.

1. Who We Are

RYCO AI is an AI-powered intraoperative cytology evaluation platform developed and operated by Stefan Potteiger, RRT, RPFT ("we," "us," or "our"). RYCO AI is accessible at rycoai.com. For privacy-related inquiries, contact us at [email protected].

2. Information We Collect

RYCO AI is designed to operate without collecting Protected Health Information (PHI). The platform collects only the following categories of information:

Slide Images

Cytology slide images uploaded by users for AI analysis. These images are de-identified — no patient names, dates of birth, medical record numbers, or other identifiers are attached to or collected alongside these images. Users are strictly prohibited from uploading images that contain patient-identifying information.

Analysis Results

The AI-generated analysis output (verdict, cell types, confidence scores) associated with each uploaded image. These results are stored without patient identifiers.

Contact Form Data

When you submit the contact or demo request form, we collect your name, institution, email address, role, and message. This information is used solely to respond to your inquiry.

Session Data

Anonymous session identifiers used to associate analyses within a single browser session. These do not contain personal information and are not linked to patient records.

Usage Analytics

Aggregate, anonymized usage data (page views, feature usage) to improve the platform. No personally identifiable information is included.

3. HIPAA and Protected Health Information

RYCO AI is designed to operate outside the scope of the Health Insurance Portability and Accountability Act (HIPAA) by ensuring that no Protected Health Information (PHI) is collected, processed, or stored on the platform. Specifically:

  • No patient names, dates of birth, medical record numbers, Social Security numbers, or any other HIPAA-defined identifiers are collected.
  • Slide images are submitted and stored without any patient-identifying metadata.
  • Users are responsible for ensuring that uploaded images do not contain patient identifiers, visible labels, or other PHI.
  • RYCO AI does not interface with electronic health record (EHR) systems or any other patient data repositories.

Institutions considering deployment of RYCO AI in a clinical setting are encouraged to conduct their own HIPAA risk assessment and consult with a qualified healthcare compliance attorney.

4. How We Use Your Information

Information collected through RYCO AI is used exclusively for the following purposes: (1) providing the AI-powered slide analysis service; (2) storing analysis history for session review; (3) responding to contact and demo requests; (4) improving the accuracy and performance of the platform; and (5) fulfilling obligations under institutional pilot agreements. We do not sell, rent, or share your information with third parties for marketing purposes.

5. Data Storage and Security

All data transmitted to and from RYCO AI is encrypted using HTTPS/TLS. Slide images and analysis results are stored on enterprise-grade cloud infrastructure with access controls, encryption at rest, and regular security monitoring. Session authentication uses cryptographically signed tokens (JWT). We implement reasonable technical and organizational measures to protect data against unauthorized access, loss, or disclosure.

6. Data Retention

Slide images and analysis results are retained for the duration of the institutional pilot agreement or until deletion is requested. Contact form submissions are retained for up to 24 months for follow-up purposes. Users may request deletion of their data at any time by contacting [email protected].

7. Third-Party Services

RYCO AI uses the following third-party services to operate the platform: cloud hosting and storage infrastructure (Manus); AI vision model API for slide analysis (accessed server-side only — no user data is transmitted to the AI provider beyond the de-identified slide image). We do not use third-party advertising networks, social media trackers, or data brokers.

8. Your Rights

You have the right to request access to, correction of, or deletion of any personal information we hold about you. To exercise these rights, contact us at [email protected]. We will respond to all requests within 30 days.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of RYCO AI after changes are posted constitutes acceptance of the updated policy.

10. Contact

For questions about this Privacy Policy or RYCO AI's data practices, contact:
Stefan Potteiger, RRT, RPFT
Developer & Owner · RYCO AI
[email protected] · rycoai.com