Privacy Policy
Effective Date: May 21, 2026 · Last Updated: May 21, 2026
Welcome to My Nurse Passport ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal and professional information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://mynursepassport.com) and use our platform, including our services and tools (collectively, the "Services").
Please read this Privacy Policy carefully. By accessing or using our Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the site or use our Services.
1. Information We Collect
We collect only the information necessary to provide and improve our Services. We do not collect more information than we need.
A. Information You Provide to Us
When you create an account, we collect only the following:
- Full name — used to personalize your account.
- Email address — used to identify your account, send renewal reminders, and communicate with you.
- Password — stored in hashed (encrypted) form; we never have access to your plaintext password.
We do not collect phone numbers, mailing addresses, or any other contact details at signup or anywhere else on the platform.
B. User-Entered Platform Data
Once you are logged in, you may voluntarily enter professional data into the platform to use its features — such as license numbers, CE hours, immunization dates, work history, and uploaded documents. This data is stored in your encrypted vault and is entered entirely at your discretion. We do not require you to enter any of this information, and we do not access, review, or share the contents of your vault.
C. Payment Information
Subscription payments are processed by Stripe, a third-party payment processor. When you subscribe to a paid plan, your payment details (such as credit card number, billing address, and CVV) are entered directly into Stripe's secure interface. We never see, receive, store, or have access to your full payment card details. We only receive a confirmation from Stripe that a payment was successful, along with a non-sensitive billing reference (e.g., last four digits of your card, subscription tier, and renewal date).
For more information on how Stripe handles your data, please review Stripe's Privacy Policy.
D. Information Collected Automatically
When you access or use our Services, we may automatically collect limited technical information about your device and session, including:
- IP address and general geographic region (country/state level).
- Browser type and operating system.
- Pages visited, features used, and timestamps.
- Referral source (e.g., how you arrived at our website).
This information is used solely to maintain platform security, diagnose technical issues, and understand aggregate usage patterns. It is not used to build individual profiles or for targeted advertising.
E. Cookies and Tracking Technologies
We use essential cookies to keep you logged in and maintain your session. We may also use limited analytics tools (such as privacy-respecting page-view counters) to understand how users navigate the platform. We do not use advertising cookies or sell your browsing data to third parties.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Account management: To create and maintain your account, authenticate your login, and manage your subscription.
- Service delivery: To enable the core features of the platform, including license tracking, renewal reminders, state requirement lookups, and eligibility checks.
- Communications: To send you transactional emails such as renewal reminders, expiration alerts, account confirmations, and responses to support inquiries.
- Platform improvement: To analyze aggregate, anonymized usage data to improve the functionality and user experience of our Services.
- Security: To detect and prevent unauthorized access, fraud, and abuse of our platform.
- Legal compliance: To comply with applicable laws, regulations, and legal processes.
We do not use your information for targeted advertising, and we do not sell your data to any third party.
3. How We Share Your Information
We do not sell, rent, or trade your Personal Information. We share your information only in the following limited circumstances:
- Stripe (Payment Processing): As described above, payment transactions are processed by Stripe. Only the data necessary to complete a transaction is shared with Stripe.
- Hosting and Infrastructure Providers: We use third-party cloud infrastructure providers to host and operate the platform. These providers process data on our behalf under strict data processing agreements and are not permitted to use your data for their own purposes.
- Legal Requirements: We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of our users or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such change via email or a prominent notice on our website.
4. Data Security
We take the security of your data seriously and implement the following measures:
- Encryption at rest and in transit: All data stored in your vault and transmitted between your browser and our servers is encrypted using industry-standard protocols (TLS/HTTPS and AES-256 encryption).
- Hashed passwords: Your password is never stored in plaintext. We use strong one-way hashing algorithms so that even our own team cannot read your password.
- Access controls: Access to production systems and user data is restricted to authorized personnel only, on a need-to-know basis.
- Regular security reviews: We conduct periodic reviews of our security practices to identify and address potential vulnerabilities.
While we implement strong security measures, no system is entirely immune to risk. We encourage you to use a strong, unique password for your account and to notify us immediately if you suspect any unauthorized access.
5. Data Retention
We retain your account information (name and email) for as long as your account is active. If you delete your account, we will delete your account information and any data stored in your vault within a reasonable period, unless a longer retention period is required by law.
Anonymized, aggregated usage data (which cannot be linked back to you) may be retained indefinitely for platform analytics and improvement purposes.
6. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights with respect to your Personal Information:
- Right to Access: You may request a copy of the Personal Information we hold about you.
- Right to Correction: You can update your name and email address directly within your account settings at any time.
- Right to Deletion: You may request the deletion of your account and associated data. You can initiate this by contacting us at the address below.
- Right to Data Portability: You may download documents and data you have entered into your vault at any time from within the platform.
- Right to Opt-Out of Communications: You may opt out of non-essential emails (such as product updates) by clicking the unsubscribe link in any such email. Transactional emails related to your account (e.g., renewal reminders you have configured) may require you to adjust your in-app notification settings.
California Residents (CCPA/CPRA): If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete personal information, and the right to non-discrimination for exercising your privacy rights. We do not sell personal information. To exercise your California privacy rights, please contact us using the information below.
To exercise any of the above rights, please contact us at support@mynursepassport.com. We will respond to all verified requests within 30 days.
7. Third-Party Links
Our Services may contain links to third-party websites, such as official state Boards of Nursing, licensing authority portals, and Nursys. This Privacy Policy does not apply to those third-party websites. We encourage you to review the privacy policies of any external sites you visit before providing them with your information.
8. Children's Privacy
Our Services are intended exclusively for licensed nursing professionals (RNs, NPs, and APRNs) and are not directed to individuals under the age of 18. We do not knowingly collect Personal Information from anyone under 18. If we become aware that we have inadvertently collected information from a minor, we will take prompt steps to delete it.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, by sending you an email notification. We encourage you to review this Privacy Policy periodically.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
My Nurse Passport
Email: support@mynursepassport.com
Website: https://mynursepassport.com
This platform provides general licensing guidance based on stored public information and user-provided documents. It is not legal, regulatory, or credentialing advice. Users must verify final requirements with the official state Board of Nursing or licensing authority.
