Privacy Policy
Last Updated: December 18, 2024
MEDICAL DISCLAIMER: Dr. Copilot is an administrative and productivity tool for healthcare
professionals. It is not a medical device and does not provide medical advice, diagnosis, or
treatment. Users are responsible for verifying all AI-generated content and maintaining their own professional
judgment.
Dr. Copilot ("we," "our," or "us") respects your privacy and is committed to protecting the sensitive data you
entrust to us. This Privacy Policy explains how we collect, use, and safeguard information when you use our
desktop and mobile application.
1. Information We Collect
A. Account & Profile Information
When you register, we collect:
- Identity Data: Name, Email address, and Clinic Name.
- Authentication Data: Google Account identifiers (via Firebase Auth) to verify your
identity.
B. Clinical & Operational Data
To provide our core services, you may input:
- Patient Records: Names, demographics, and clinical notes.
- Reports & Evaluations: Assessment data and generated reports.
- Calendar Events: Appointment schedules and team availability.
C. AI Interactions
When you use the "Copilot" or AI generation features:
- Input Data: Text prompts and data you submit for processing.
- Generated Content: Suggestions, summaries, and reports created by the AI.
2. How We Use Your Information
- Service Provision: To create reports, manage appointments, and facilitate team
collaboration.
- AI Processing: We transmit pseudonymized input data to our AI providers (Google Gemini)
solely to generate the requested content. This data is not used to train public AI models.
- Payments: To process subscriptions via our payment partners (Paddle/Stripe). We do not
store your credit card information directly.
- Communication: To send important account updates or security alerts.
3. AI & Third-Party Processors
We use trusted third-party services to power our application. Your data is handled in accordance with their
strict privacy standards:
- Google Firebase: For secure cloud storage, authentication, and database services.
(US-based, GDPR compliant).
- Google Gemini (Vertex AI): For generative AI features. Data sent to the API is transient
and not used for model training.
- Paddle: For secure payment processing and subscription management.
4. Data Security & Retention
- Encryption: Data is encrypted in transit (TLS/SSL) and at rest within our database.
- Access Control: We implement strict access controls. Only you and your authorized team
members can access your clinic's data.
- Retention: We retain your data only as long as your account is active. You can request full
data deletion at any time via the app settings.
5. User Content & Team Chat
Dr. Copilot includes team collaboration features. Messages and files shared in Team Chat are visible only to
authorized members of your specific Clinic Team. We do not monitor private team conversations unless required by
law.
6. Your Rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Request deletion of your account and all associated data ("Right to be Forgotten").
- Export your data in a machine-readable format.
7. Children's Privacy
Our service is intended for use by healthcare professionals. We do not knowingly collect personal information
from children under 13 directly. Patient data covering minors must be entered only by authorized professionals
in compliance with valid consent and local regulations.
8. Changes to This Policy
We may update this policy to reflect changes in our service. We will notify you of significant changes via the
app or email.