Submit Shield — Legal
Last updated: April 18, 2026
This page is the index for Submit Shield's legal, privacy, and compliance documents. Every document linked here is maintained in plain markdown so you can read, diff, and archive it without a login.
Submit Shield is a product of Moise Mickerlin Medina LLC, a Florida limited liability company in good standing (Document No. L18000289509, FEIN 83-3137196), doing business as Submit Shield. All contracts, products, and services under the Submit Shield brand are offered by Moise Mickerlin Medina LLC.
Agreements that govern your use of Submit Shield
| Document | Applies to | Link |
|---|---|---|
| Terms of Service | Every customer using the dashboard, API, or SDK | submitshield.health/terms |
| Privacy Policy | Everyone who visits our websites or uses the Service | submitshield.health/privacy |
| Trial Service Agreement | Customers in the 90-day / 1,000-claim free evaluation | submitshield.health/trial-agreement |
| Business Associate Agreement (BAA) | Customers who enable raw-PHI mode | submitshield.health/baa |
When you create an account you accept the Terms of Service and Privacy Policy. When you start a free trial you additionally accept the Trial Service Agreement. If you enable BAA mode, you and Submit Shield sign the BAA before raw PHI may be transmitted.
Security and compliance posture
HIPAA
Submit Shield operates in one of two modes:
- Default — de-identified mode. PHI is scrubbed on the customer's device before transmission, per 45 C.F.R. §164.514(b)(2) Safe Harbor. In this mode, Submit Shield is not a Business Associate and no BAA is required.
- BAA mode. For customers who need to transmit raw PHI. Requires a signed BAA between the customer and Submit Shield. All PHI transit is logged by our server-side PHI guard and isolated per customer via Postgres Row-Level Security.
Technical safeguards in place
- TLS 1.2+ on all customer-facing endpoints and database connections.
- AES-256 encryption at rest on storage volumes.
- API keys stored hashed (SHA-256).
- Postgres Row-Level Security isolates every customer's data at the database level.
- Browser-side de-identification library (open-source in the
submitshieldSDK). - Server-side PHI guard rejects raw PHI on non-BAA accounts with HTTP 400.
- Per-customer HMAC secret for deterministic, non-reversible member-ID pseudonymization.
Subprocessors
We use a small set of vendors to deliver the Service. Each is disclosed in the Privacy Policy with its role and BAA status:
- Fly.io — application hosting and Postgres database (BAA via Fly.io HIPAA tier)
- Tigris (via Fly.io) — object storage for rule packs
- Vercel — static hosting for the dashboard and marketing site (no PHI transits)
- Cloudflare — DNS and email routing
- SendGrid / Twilio — transactional email (never contains PHI)
We will give at least thirty (30) days' notice before adding a new subprocessor that would process PHI, and we will not do so without an executed BAA.
Reporting a security issue
If you believe you have found a security vulnerability, email security@submitshield.health with:
- A description of the issue
- Steps to reproduce
- Your contact information
We will acknowledge receipt within two (2) business days and work with you on a responsible-disclosure timeline. We do not pursue legal action against good-faith security researchers who follow this process.
Intellectual property
Submit Shield and the shield logo are trademarks of Moise Mickerlin Medina LLC. Portions of the validation engine are published as open source; all other software, rule logic, and documentation are proprietary and used under license per the Terms of Service.
Governing law and disputes
All Submit Shield agreements are governed by the laws of the State of Florida, without regard to conflict-of-laws principles.
Disputes follow a layered procedure set out in full in Section 15 of the Terms of Service:
- Pre-suit notice — thirty (30) days of good-faith negotiation before any filing.
- Mandatory non-binding mediation — JAMS Streamlined Mediation Rules, Palm Beach County, Florida.
- Mandatory binding arbitration — JAMS Streamlined Arbitration Rules, single arbitrator, Palm Beach County, Florida.
- Class action and jury trial waiver.
- One-year shortened statute of limitations.
- Bilateral prevailing-party fee-shifting, capped at $25,000.
- Carve-outs permitting direct court action in Palm Beach County, Florida for injunctive relief, IP infringement, collection of undisputed fees, small-claims matters, enforcement of arbitration awards, emergency security-incident relief, fraud/intentional misuse, acceptable-use violations, and account-suspension actions.
No personal liability
Moise Mickerlin Medina LLC is the sole contracting party under every Submit Shield agreement. The sole recourse for any claim is against the LLC and its assets. Customers waive any claim against any individual — including Moise M. Medina personally — and against any affiliated entity, successor, or parent, under any theory of personal or derivative liability.
Contact
| Purpose | Address |
|---|---|
| General / sales | onboarding@submitshield.health |
| Customer support | support@submitshield.health |
| Privacy requests | privacy@submitshield.health |
| Legal / contracts / BAA | legal@submitshield.health |
| Security disclosures | security@submitshield.health |
Moise Mickerlin Medina LLC — d/b/a Submit Shield
Florida LLC, Document No. L18000289509 · FEIN 83-3137196
Moise M. Medina, Member
submitshield.health