← Back to Home

Privacy Policy

Last updated: March 8, 2026

1. Information We Collect

Account Information: Name, email address, and password when you create an account.

Profile Information: Assignment details, hospital location, shift schedule, housing preferences, and lifestyle preferences you provide.

Verification Data: Date of birth, Social Security Number (processed by Checkr, not stored by CoStint), healthcare license number, and license photos.

Payment Information: Payment details are processed by Stripe. We store plan status and payment history but never your card number.

Usage Data: IP address, browser type, pages visited, and interaction patterns for analytics and security purposes.

2. How We Use Your Information

  • To match you with compatible roommates based on your preferences
  • To verify your identity and professional credentials
  • To process payments and manage stint access
  • To facilitate messaging and roommate agreements
  • To send transactional emails (match notifications, verification updates)
  • To improve the Platform and fix bugs
  • To prevent fraud and enforce our Terms of Service

3. Information Sharing

We share your information only in these circumstances:

  • With matched users: Your profile (name, assignment details, preferences) is visible to authenticated users you match with
  • With service providers: Checkr (background checks), NURSYS and applicable licensing boards (license verification), Stripe (payments), DocuSign (agreements), Firebase (infrastructure), Resend (email)
  • Legal requirements: When required by law, subpoena, or legal process

We never sell your personal information to third parties.

4. Data Security

We implement industry-standard security measures including encryption in transit (TLS), httpOnly session cookies, rate limiting, input validation, and Content Security Policy headers. Background check data is processed by Checkr under their security protocols — we store only the check status, not the underlying report data.

5. Data Retention

We retain your account data as long as your account is active. Background check results are retained for the duration required by applicable law. You may request deletion of your account and associated data by contacting support.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Export your data in a portable format

California residents have additional rights under the CCPA. Contact us to exercise any of these rights.

7. Cookies

We use a single httpOnly session cookie ("__session") for authentication. We do not use tracking cookies or third-party advertising cookies.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notice. Continued use after changes constitutes acceptance.

9. Contact

Privacy questions or data requests? Contact us at privacy@costint.com.