Privacy Policy

1. Description of Users and Acceptance of Terms

This Privacy Policy applies to visitors to the Website, who view only publicly-available content ("Visitors"), customers who have signed up to access and use the Platform (the "Customers"), and Customer's employees and contractors authorized by Customer to access and use the Platform ("Authorized Users").

By visiting our Website, Visitors are agreeing to the terms of this Privacy Policy and the accompanying Website Terms of Use.

By accessing and/or using the Platform, each Customer and Authorized User is agreeing to the terms of this Privacy Policy and the accompanying Platform Terms of Use.

Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Website Terms of Use or the Platform Terms of Use, as the context requires.

2. The Information We Collect and/or Receive

In the course of operating the Website and the Platform, and/or interacting with you, we will collect (and/or receive) the following types of information. You authorize us to collect and/or receive such information.

2.1 Contact Information

When you contact us through the Website, email or by mail, when you call us, when you subscribe to receive more information about our products and services, you will be asked to provide certain information, including but not limited to, your name, email address, phone number, company name, job title, and any other information you are contacting us about (collectively, the "Contact Information"). The Contact Information is used to provide the requested service or information and to contact you for purposes of direct marketing of our current and future services.

2.2 Account Information

In order to access and use our Platform, you will have to create an account on our Platform. In connection with creating an account on our Platform, you will be asked to provide your email address and create a password (collectively, "Account Information"). We use the Account Information to process the creation of your account, including to verify your identity, and to manage your account.

2.3 Billing Information

If you choose to pay the applicable fees by credit card, you will be required to provide certain additional information which may include a credit card number, expiration date, billing zip code, activation code, bank information, and similar information ("Billing Information"). Such Billing Information will be collected and processed by our third-party payment processor pursuant to the terms and conditions of their privacy policies and terms of use. Podscribe does not directly obtain, store or process any Billing Information.

2.4 Your Data

In using the Platform, you will provide us Your Data. We will use Your Data (other than any personal information contained therein) in accordance with our Platform Terms of Use. Any personal information contained in Your Data will be used in accordance with this Privacy Policy.

2.5 Information Collected Through "Live Chat"

We partner with a third-party vendor to provide you with the "Live Chat" feature on our Website to better assist you. When you utilize the "Live Chat" feature on the Website to reach out to us with questions about our business, Website, Platform, pricing, products, services or anything else, please only provide necessary information. All information you provide through the "Live Chat" feature will be used to assist you and answer your questions; provided, however, for recordkeeping, training and quality assurance purposes, we or our third-party vendor may record and maintain a transcript of any communication in the Live Chat.

2.6 Information Obtained Automatically from Your Online Activity

When you access or use the Website and the Platform, we use browser cookies, pixels, web beacons, and similar technologies (collectively, "Tracking Technologies") to automatically collect or receive certain standard technical information and other data. This other data may include: traffic data; usage data; location data; device information; logs and other communications data sent to us by your computer, mobile device, tablet, or any other device over time on our Website and Platform; and your online activity across third party websites, apps, and devices.

The Tracking Technologies used on the Website and the Platform include the following, among others:

• Cookies: Cookies are small packets of data that a website stores on your computer's hard drive so that your computer will "remember" information about your visit.
• Local Storage Technologies: We may use local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser.
• Web Beacons: We use Web beacons, also known as pixel tags or clear GIFs, to demonstrate that a webpage or email address was accessed or opened, or that certain content was viewed or clicked.
• Third Party Sites: When access to the Website and/or the Platform is made available to you through third-party sites, please be aware that these other sites maintain their own policies regarding Tracking Technologies and the collection and use of information.
• Session-Replay Technologies: We use session-replay technologies provided by third parties, to record your interactions with our Website and Platform.

2.7 Information Obtained from Third-Party Analytics Services

We may use one or more third-party analytics services (such as Google Analytics) to evaluate your use of the Website and the Platform, compile reports on activity, and analyze performance metrics.

2.8 Information Collected by or Through Third-Party Advertising Companies

We may share information about you with third parties that we have selected and approved for ad distribution and ad optimization. You may choose to opt-out of this type of tracking and sharing of information at any time by visiting www.aboutads.info/choices.

2A. AI Processing of Your Data

When you use the Platform to generate clinical notes, perform compliance audits, analyze documents, or use any other AI-assisted feature, your audio recordings, transcripts, clinical notes, uploaded documents, and any additional context you provide ("Clinical Input Data") are transmitted to HIPAA-compliant Azure OpenAI and Azure Speech Services for processing. These services operate under signed Business Associate Agreements (BAAs) with Podscribe.

With respect to AI processing of your Clinical Input Data:

• Your Clinical Input Data is not used to train, improve, or fine-tune any AI models.
• No patient data is retained by AI services after processing is complete.
• All AI processing occurs on US-based Azure data centers.
• Audio recordings are transmitted to our backend server for transcription and are not stored permanently unless you save the resulting transcript.
• All AI-generated output, including clinical notes, billing code suggestions, compliance analyses, and document analyses, is produced by artificial intelligence and may contain errors or inaccuracies. You are solely responsible for reviewing and verifying all AI-generated output before use. See Section 1 of our Terms of Use for important disclaimers regarding AI-generated content.

2B. De-Identification of Protected Health Information

Before transmitting Clinical Input Data to AI services for processing, PodScribe automatically de-identifies your data using our proprietary enterprise-grade de-identification engine. This process replaces Protected Health Information (PHI) with non-identifying tokens so that the AI model never receives or processes real patient identifiers.

The following 11 categories of PHI are automatically detected and replaced before AI processing:

• Patient names (first, last, and full names)
• Dates of birth (replaced with calculated patient age to preserve clinical relevance)
• Social Security numbers
• Phone numbers
• Email addresses
• Street addresses (including city, state, and ZIP code)
• Insurance member and subscriber IDs
• Claim numbers
• Group numbers
• Medical record numbers (MRN)
• Account numbers

After the AI completes processing, original patient identifiers are restored only in the final output delivered to the provider. This de-identification process runs automatically on every AI-powered request across all features of the Platform, including clinical note generation, compliance auditing, billing analysis, document analysis, and EHR mapping. No provider action is required to enable or configure this protection.

For more information about our PHI protection technology, visit our Data Protection page.

3. How We Use and Share the Information

We may use and share your personal information as set forth below:

• To provide the Website and the Platform;
• To solicit your feedback, inform you about our products and services and those of our third-party marketing partners;
• To monitor, support, analyze, and improve the Website and the Platform;
• To communicate with you regarding the Website and the Platform;
• To fulfill your requests for information regarding new or improved products and services;
• To engage in marketing, advertising, and tracking activities;
• To engage research, project planning, troubleshooting problems, and detecting and protecting against error, fraud, or other criminal activity;
• To protect the safety and security of our Website and Platform, businesses and customers;
• To third-party contractors and service providers that provide services to us;
• To create and disclose aggregated, anonymous, user statistics;
• To share some or all of your information with our parent company, subsidiaries, affiliates;
• To fulfill our legal and regulatory requirements;
• To comply with applicable law;
• To assess or complete a corporate sale, merger, reorganization, sale of assets, dissolution, or similar corporate event;
• To audit our internal processes for compliance;
• To prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity;
• To generate, store, and deliver AI-assisted clinical documentation, compliance analyses, and billing analyses requested by you through the Platform; and
• Otherwise, with your consent.

We will take reasonable measures to require that any party receiving any of your personal information from us undertakes to: (i) retain and use such information only for the purposes set out in this Privacy Policy; (ii) not disclose your personal information except with your consent; and (iii) generally protect the privacy of your personal information.

4. Accessing and Modifying Information and Communication Preferences

Update Information

If the personal information we have for you changes, you may correct, update, or delete it by contacting us as set forth in Section 13 of this Privacy Policy. You may correct, update, or delete some of your personal information directly in your account on the Platform.

Marketing Communications

You may manage your receipt of marketing and non-transactional communications by clicking on the "unsubscribe" link located on the bottom of any of our marketing emails. Please note that you cannot opt out of receiving transactional e-mails.

Cookie Management

Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. For more information about cookies, visit www.allaboutcookies.org.

5. How We Protect the Information

We take commercially reasonable security measures to ensure that your information is treated securely and is protected from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

We are compliant with HIPAA, as determined by a HIPAA Compliance Audit and SOC1 Policy. We have policies in place to ensure compliance with various state and federal laws governing the use of consumer information.

6. External Sites

The Website and Platform may contain links to external third-party websites ("External Sites"). Podscribe has no control over the privacy practices or the content of these External Sites. You should check the applicable third-party privacy policy and terms of use when visiting any External Sites.

7. Children

Any personal information collected from children under the age of 18 through the Platform is gathered with the knowing consent of such child's parents/guardians.

We do not knowingly collect personal information from children under the age of 18 through the Website. If you are under 18, please do not give us any personal information.

8. Important Notice to Non-U.S. Residents

The Website, the Platform and their servers are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction.

9. Do Not Track

At this time, we do not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser "Do Not Track" settings and/or signals.

10. Notice to California Residents

Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. If you wish to submit a request, please contact us via email at support@podiatry-scribe.com.

11. Notice to Nevada Residents

If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal information to third parties. You can exercise this right by contacting support@podiatry-scribe.com with the subject line "Nevada Do Not Sell Request." Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A.

12. Changes to This Privacy Policy

This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time with or without notice to you. By visiting the Website, and/or accessing and/or using the Platform after we make any such changes, you are deemed to have accepted such changes. Please refer back to this Privacy Policy on a regular basis.

13. Contact Us

If you have any questions about this Privacy Policy or to report a privacy issue, please contact us:

Email: support@podiatry-scribe.com