Privacy Policy

Effective date: 9/27/2025

This Privacy Policy describes how we handle information in the OVScribe iOS app and related services. We design OVScribe to minimize data collection, provide transparency and control, and secure information consistent with healthcare privacy expectations.

Data we collect

• Account information: your email and display name from sign in. We also use your Firebase user ID to operate your account.
• Authentication and integrity: Firebase ID tokens and App Check tokens to verify requests from your device.
• Microphone audio: when you start a session we capture audio from the microphone for real time transcription. Audio is streamed to our secure backend to return transcripts.
• User content: transcripts and notes generated by you. These are stored on device by default using encryption and iOS protected storage.
• Optional cloud backup: if you turn it on, we upload an encrypted backup blob to our cloud storage. We never upload unencrypted patient records.
• Diagnostics: basic logs and performance data without transcript content to keep the app reliable and secure.

What we do not collect

• No third party advertising data, and we do not sell data.
• No contact list, photos, or location by default.
• No Apple Health/HealthKit data. The app does not integrate HealthKit at this time.

How processing works

• Real time transcription: the app opens a secure, authenticated WebSocket connection to our streaming service. Audio frames are sent over TLS and authenticated with a short lived token. The service returns interim and final transcripts. We use Google Cloud Speech‑to‑Text and/or Google Cloud Vertex AI covered services under a Google Cloud BAA for medical transcription features.
• Note generation: when you request a summary, the app calls our server to generate a structured medical note from your transcript using Google Cloud Vertex AI covered services. We do not use PHI to train models.

On device storage and security

• Local encryption: We encrypt patient records on device with AES‑256‑GCM. Keys are derived using your user identifier and a server‑managed secret delivered to your authenticated device and stored in Keychain. We do not represent this as end‑to‑end encryption.
• Protected files: We use iOS Complete File Protection so data is inaccessible while the device is locked. We also mark files to be excluded from iCloud backup.

Cloud backup (optional)

• Client‑side encryption: We upload only an encrypted blob and minimal metadata (upload time, device model, app version, record count). We do not upload plain text transcripts.
• Control: you can create a backup, restore it to your device, or delete it. Deleting the backup removes the encrypted blob and its metadata from our storage.
• Infrastructure: Backups are stored on Google Cloud under a Business Associate Agreement (BAA) for HIPAA‑aligned processing of covered services.

Retention

• On device data remains until you delete it or uninstall the app.
• Cloud backups remain until you delete them. We may retain minimal audit logs for security and compliance when required.

Your choices

• Use OVScribe without cloud backup.
• Back up, restore, or delete your cloud backup at any time.
• Request account deletion by contacting us; we will remove your account and any associated cloud backups.

Permissions

• Microphone: required to capture audio for transcription. You can disable it in iOS Settings.
• Notifications: optional. If enabled, we use them for reminders and status only.
• Camera: optional if you choose to scan documents. Content you capture stays on your device unless you include it in your encrypted backup.

App Store privacy categories

We disclose the following on our App Store product page:

• Data linked to you: Contact Info (email, display name), Identifiers (user ID), User Content (audio/transcripts you submit for processing), Diagnostics (stability/usage). Used for app functionality, account management, and security.
• Not used for tracking: We do not track you across apps or websites and we do not serve third party ads.

AI and model usage

• We use Google Cloud Speech‑to‑Text and Google Cloud Vertex AI covered services under a Google Cloud BAA where applicable.
• We do not use PHI to train foundation models. Processing is limited to providing the requested transcription or summary.

Your rights under HIPAA

If you are a healthcare provider using OVScribe for patient care, you have the following rights regarding Protected Health Information (PHI):

• Right to Access: You may request access to PHI processed through the service.
• Right to Amendment: You may request corrections to inaccurate PHI.
• Right to Accounting: You may request an accounting of disclosures of PHI.
• Right to Restrict: You may request restrictions on certain uses and disclosures.
• Right to Confidential Communications: You may request communications by alternative means.
• Right to Complain: You may file a complaint with us or with the Secretary of Health and Human Services if you believe your privacy rights have been violated.

Minimum necessary standard

We access and use only the minimum amount of PHI necessary to provide the requested services. Our systems are designed to limit access to PHI based on role and function.

Audit controls

We maintain comprehensive audit logs of all access to and processing of PHI. These logs track who accessed what information, when, and for what purpose. Audit logs are retained for at least 6 years as required by HIPAA.

Data sharing and disclosures

We do not sell, rent, or share PHI with third parties except:

• As required by law or court order
• To prevent a serious threat to health or safety
• As authorized by you in writing
• To our subcontractors who have signed Business Associate Agreements
• For healthcare operations as permitted under HIPAA

Breach notification

In the event of a breach of unsecured PHI:

• We will notify affected users without unreasonable delay and no later than 60 days after discovery
• The notification will include: what happened, types of information involved, steps you should take, what we are doing to investigate and mitigate, and contact information for questions
• For breaches affecting 500+ individuals, we will also notify the Department of Health and Human Services and prominent media outlets as required
• We maintain a breach log for all incidents regardless of size

International and data location

Services run in Google Cloud regions appropriate for HIPAA‑aligned processing. Data may be processed in the United States. We rely on Google’s compliance program and our BAA for covered services.

Changes

We may update this policy. We will change the effective date above and post changes on this site.

Contact

Questions or privacy requests: reid@twintipsolutions.com

This policy is for informational purposes and does not constitute legal advice.