Privacy Policy

1. Data We Collect's

1.1 Audio and Health-Related Data

  • ClinixSummary processes voice recordings of clinical encounters dictated by healthcare professionals. These audio recordings may contain health-related information, including but not limited to patient symptoms, diagnoses, medical history, examination findings, treatment plans, and medication details ("Health Data").
  • How we handle Health Data:
    Audio is captured in real time on the User's device and transmitted via encrypted connection to our processing servers for transcription and clinical summarisation.
  • Health Data is processed transiently — it is not stored beyond the short processing window required to generate the clinical summary (a maximum of 48 hours).
  • Once the structured clinical summary has been generated and delivered to the User's designated output (email or local device storage), all audio and intermediate transcription data is permanently deleted from our systems.
  • We do not use Health Data for advertising, marketing, or profiling purposes.
  • We do not sell Health Data to any third party.

1.2 User Data

  • Account Details: Name, email address, professional credentials, medical specialty, and payment information (where applicable) necessary to create and maintain an account.
  • Usage Data: Access logs, IP addresses, device identifiers, operating system version, app version, and other technical metadata collected for security monitoring, service improvement, and audit purposes.

2. Legal Bases for Processing

We rely on the following legal bases to process personal data:

  • Consent: Where required, Users must obtain explicit patient consent for the limited processing of PHI.
  • Legitimate Interests: We process personal data to provide, secure, and improve the transcription services.
  • Legal Obligations: Compliance with regulatory requirements, including data retention laws and professional guidelines.

3. How We Use the Data

We use the collected data exclusively for the following purposes:

  1. Provide Transcription and Summarisation services 
    • Process audio recordings containing Health Data to generate structured, specialty-specific clinical summaries.
    • Deliver completed summaries to the User's designated secure email address or local device storage.
    • Permanently delete audio recordings and intermediate processing data after delivery, or within a maximum of 48 hours.
  2. Improve the App
    • Enhance AI transcription accuracy and clinical summarisation quality using anonymised and aggregated data only. 
    • Conduct performance analytics to optimise the service (no identifiable Health Data is used for this purpose).
  3. Maintain Security and Compliance
    • Implement technical safeguards to protect Health Data during transmission and processing.
    • Fulfil audit obligations and respond to regulatory requirements.
  4. Communicate with Users
    • Notify Users of service updates, policy changes, or security alerts.

4. Data Sharing

We share data only under the following circumstances:

  • User-Designated Recipients: Transcribed data is sent to the email addresses or systems designated by the User.
  • Service Providers: We engage reputable third parties for hosting, security, or other support services under strict data protection agreements.
  • Legal Authorities: If required by law, court order, or to protect the rights, property, or safety of our organization, Users, or the public.

5. Individual (Patient) Rights

Depending on the jurisdiction, individuals (patients) may have the right to:

  • Access: Request a copy of their personal data.
  • Correction: Request correction of inaccuracies in their personal data.
  • Deletion: Request deletion of their personal data when legally permissible (subject to professional record-keeping obligations).
  • Restriction: Restrict the processing of their personal data.
  • Data Portability: Obtain a copy of their personal data in a structured, machine-readable format.

Important: Patients should exercise these rights through the healthcare provider (User) who serves as the Data Controller for their personal data. We will assist Users in fulfilling these requests as required by law.

6. Data Retention

  • Transcribed Data: Retained only temporarily (up to 48 hours) to facilitate processing and secure transmission, after which it is deleted or anonymized unless otherwise required by law or instructed by the User.
  • User Account Data: Maintained as long as the account remains active, and thereafter for as long as necessary to comply with legal, regulatory, or contractual obligations, or for legitimate business purposes.

7. Cross-Border Data Transfers

As outlined in the Terms, personal data may be transferred to jurisdictions that do not have the same data protection laws as your home country. We ensure that appropriate safeguards (such as SCCs) or other lawful mechanisms are in place to protect personal data during such transfers, to the extent that data is briefly handled by our systems.

8. Security Measures

We employ reasonable administrative, technical, and physical safeguards to secure data while it is in our limited possession, including:

  • Encryption (in transit and at rest),
  • Secure authentication and access controls,
  • Regular security assessments, audits, and compliance checks,
  • Staff training and awareness programs.

9. Children’s Privacy

The App is not intended for the collection of data related to minors, except as part of legitimate patient encounters under the supervision of a licensed healthcare professional. Users are solely responsible for obtaining necessary consents and ensuring compliance with laws governing minors’ data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We will provide notice of significant changes through the App, our website, or via email.

11. Contact Information

For any questions, concerns, or requests related to this Agreement, including both the Terms and Conditions and Privacy Policy, please contact us at:

  • Email: hello@clinixsummary.ai
  • Mailing Address:
    Gacrux Advanced Technologies in Medicine Ltd (Gatmedi)
    71-75 Shelton Street, London, WC2H 9JQ, United Kingdom

Acknowledgment

By using ClinixSummary, you acknowledge that you have read, understood, and agree to be bound by this combined Terms & Conditions and Privacy Policy. Your continued use of the App constitutes your acceptance of any future updates or modifications to this Agreement.

ClinixSummary Cookie Consent