1. Scope and our role
These terms describe our privacy practices for TheraScope. Depending on the use case, we may act as a service provider, processor, or business associate. Customers generally remain responsible for their own client notices, consents, records, and legal obligations.
2. Information we collect
- Account, authentication, profile, and security configuration data, including identifiers and role settings.
- Practice and workflow records, such as patient/client records, appointments, notes, templates, documents, billing records, payments, reports, groups, messages, and calendar data.
- Audio, transcripts, prompts, outputs, and AI workflow content when transcription, dictation, summarization, template population, or similar tools are used.
- Technical, security, and usage data, including device metadata, browser information, IP data, logs, audit signals, and diagnostics.
- TheraScope does not intentionally retain complete payment card numbers.
- Communications data, such as support requests, contact form messages, email delivery events, and notices from SMS, WhatsApp, or other channels.
3. How we use information
- To provide, operate, secure, improve, and support TheraScope.
- To authenticate users, manage accounts, process subscriptions, and maintain customer support workflows.
- To perform requested workflows such as scheduling, documentation, transcription, AI drafting, template population, messaging, billing, and reporting.
- To protect the service from abuse, investigate incidents, and maintain operational reliability.
- To communicate product, security, billing, and support information.
- To satisfy legal, compliance, audit, and lawful-request obligations and preserve legal holds where required.
- To produce aggregate or de-identified insights where permitted by law and contract.
4. Patient, client, and protected health information
Users may enter information about patients, clients, families, diagnoses, treatment, scheduling, billing, insurance, documents, communications, and care history. Where applicable, treatment data is processed in alignment with customer-specified instructions and any governing Business Associate or data-protection terms.
5. How information is shared
We do not sell personal information or use records for targeted advertising. We share information only as needed with vendors that support TheraScope operations, including hosting, storage, authentication, messaging, transcription, AI processing, payment processing, monitoring, analytics, security, and support providers. We also share when required by law, legal process, contract, business transaction, or authorized direction.
6. AI, transcription, and automation providers
When you use AI, transcription, or automation features, related inputs and outputs may be processed by third-party infrastructure to complete the task. We aim to limit processing to information reasonably necessary for the requested workflow and provide configuration controls where available.
7. How information is protected
TheraScope implements safeguards including encrypted transport, encryption for sensitive data elements, encrypted storage, access controls, role-based permissions, audit logging, monitoring, and backup controls. No technology can eliminate all risk, and no security system is infallible.
8. Data retention
TheraScope retains information as needed to operate the service and meet legal, audit, security, dispute, backup, and records-retention requirements. Retention may vary by data category, workspace configuration, legal hold status, and applicable law.
9. User choices, access, and deletion
Where available, you may access, correct, export, delete, or restrict certain data through TheraScope settings or by contacting support. Some requests may be limited by legal, security, professional records, backup, audit, legal-hold, or operational requirements.
10. Patient and client privacy requests
TheraScope primarily serves authorized professionals and practices rather than direct patients or clients. If a patient or client requests access, correction, deletion, or restrictions, please use the customer or care team process that governs that record and applicable law.
11. Cookies and local storage
TheraScope may use cookies, local storage, and related technologies for authentication, security, preferences, session management, and product performance.
12. Communications and opt-out choices
We send account, security, billing, support, and product notices as needed. When TheraScope message tools are used, users are responsible for honoring consent and opt-out obligations and any applicable communication-law requirements.
13. Children's privacy
TheraScope is not intended for direct use by children. Authorized professional users may enter information about minors only when they have lawful authority to do so under applicable law and records governance rules.
14. Changes to this policy
We may update this Privacy Policy from time to time. The current date is reflected at the top of this page, and we may provide extra notice for material updates.
15. Contact
Questions or privacy requests can be sent to [email protected].
This page is provided as a practical product policy draft and should be reviewed by qualified counsel before being relied on as legal advice.