top of page

Privacy Policy

Last Updated: October 1, 2024

1. Introduction

Welcome to NoteDx (“we,” “us,” “our”). NoteDx is a product of Technologies Médicales JLA, ShiftPal Inc. (“Company”). We are committed to safeguarding your privacy and ensuring that your personal information is protected. This Privacy Policy explains how we collect, use, disclose, and protect your information when you access and use our application hosted at notedx.web.app (“App”). By using our App, you agree to the practices outlined in this Privacy Policy.

​

2. Information We Do Not Collect

At NoteDx, we prioritize your privacy. We do not collect, track, or store unnecessary personal data. Specifically:

  • No Tracking: We do not use cookies, web beacons, or any tracking technologies to monitor user behavior.

  • Minimal Data Collection: The only information we collect is limited to what is necessary for you to use our App and process payments.

  • No Personal Health Information (PHI): NoteDx does not store or retain any PHI beyond the temporary processing needed to provide our transcription and note-generation services. Data is automatically deleted after processing.

  • ​

3. Payment Processing

We use Stripe, a secure third-party payment processor, to handle all financial transactions. By using our App and making payments, you agree to Stripe’s Privacy Policy. Stripe handles your payment information directly; we do not store your credit card details on our servers.

​

4. Data Collection and Processing

While we do not collect unnecessary information, the following types of data may be processed to provide our services:

  • Account Information: Basic account information (e.g., email address, username) is stored to enable you to log in and manage your subscription.

  • Transcriptions: Transcriptions are temporarily processed to generate medical notes but are deleted immediately after use.

​

5. Data Security and Retention

We implement industry-standard security practices to ensure the confidentiality and integrity of your data. These include:

  • Encryption: All data transmitted between your device and our servers is encrypted using SSL/TLS protocols.

  • Data Deletion: Transcriptions and related data are automatically deleted after the medical note is generated. We do not store audio recordings or transcriptions long-term.

  • No Long-Term Retention: We do not store or retain PHI or PII beyond temporary processing, and any data collected is stored in secure Canadian-based servers.

​

6. HIPAA and Canadian Compliance

We are committed to complying with Canadian privacy laws, including PIPEDA and Quebec’s Bill 64, as well as the Health Insurance Portability and Accountability Act (HIPAA) for U.S. users.
For U.S. users: Although NoteDx is not HIPAA-compliant for direct handling of PHI, we implement strong safeguards to protect the data processed by the App. Users are responsible for ensuring that no PII or PHI is included in dictation or conversation modes, especially for regions requiring HIPAA compliance.

​

7. Third-Party Services

In order to provide our services, we use trusted third-party providers. These services are governed by their own privacy policies:

  • Stripe: For payment processing, we use Stripe, whose practices are outlined in their own Privacy Policy.

  • We use self hosted models for transcription services. This way, we ensures compliance with PIPEDA, Bill 64, and other applicable regulations. Transcriptions are processed and deleted immediately after use.

  • Generative AI models are hosted on Microsoft Azure in Canada to comply to PIPEDA and Bill 64.

​

8. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on this page, and the “Last Updated” date will reflect the new changes. We encourage you to review this page periodically to stay informed about how we protect your data.

​

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, such as the right to:

  • Access and request a copy of your data.

  • Request correction or deletion of your personal data.

  • Object to or restrict the processing of your data.

To exercise these rights, please contact us at the email below.

​

10. Contact Us

If you have any questions or concerns regarding this Privacy Policy or your personal information, please contact us at:

NoteDx
Technologies Médicales JLA, Shiftpal Inc.
Montréal, QC


© All rights reserved Technologies Médicales JLA, Shiftpal Inc., 2024

bottom of page