PRIVACY POLICY

Doc-U-Scribe Mobile Application


Saince, Inc. (“Saince,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information of users of the Doc-U-Scribe mobile application (the “App”). This Privacy Policy explains what information we collect through the App, how we use and protect that information, the limited circumstances in which we share it, and the rights and choices available to users.

The Doc-U-Scribe App is a professional tool provided to licensed healthcare providers, transcriptionists, and other authorized personnel of healthcare organizations that have entered into a written agreement with Saince (each, a “Customer”). The App enables authorized users to dictate audio, and to view, edit, and electronically sign transcribed medical documents that are processed and stored on servers operated by or on behalf of the Customer.

By downloading, installing, or using the App, you acknowledge that you have read and understood this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies only to information collected or processed through the Doc-U-Scribe mobile application on iOS and Android devices. It does not apply to:

  • The Doc-U-Scribe web application or any other Saince product, which is governed by a separate privacy notice;
  • Information processed by your employer or the Customer in its capacity as a HIPAA “covered entity” under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); or
  • Third-party websites, services, or applications that may be linked from the App.
Patient information dictated, viewed, edited, or signed through the App is processed by Saince solely on behalf of the Customer pursuant to a Business Associate Agreement (“BAA”) and applicable service agreement. The Customer remains the owner of, and is responsible for, all patient health information, and the Customer’s own privacy practices (including its Notice of Privacy Practices) govern how that information is collected from and disclosed to patients.

2. No In-App Account Registration

The App does not provide a self-registration feature. User accounts are created exclusively by an administrator of the Customer through the Doc-U-Scribe web application. To use the App, you must enter credentials issued to you by your organization. If you do not have valid credentials, please contact your organization’s administrator. Saince does not knowingly accept account registrations from individuals through the App.

3. Information We Collect

We collect only the information necessary to authenticate users, enable the App’s features, secure the service, and meet our legal obligations.

3.1 Information You Provide

Authentication credentials. When you sign in to the App, we receive the username (and, where applicable, password, PIN, or biometric authentication token) you enter so we can verify your identity against credentials previously issued by your organization. Passwords are transmitted over an encrypted channel and are not stored on the device in clear text.

Audio dictations. When you create a dictation, the App captures audio through your device’s microphone. Dictations are stored locally on the device in encrypted form on a temporary basis only, and are uploaded to the dictation server designated by your organization. Once a dictation has been successfully uploaded, the local encrypted copy is removed in accordance with the App’s retention logic and your organization’s configuration.

Edits, annotations, and electronic signatures. When you view, edit, or sign a transcribed document, the changes and signature events are transmitted to the dictation server. The App is not designed to retain a persistent local copy of completed transcribed documents after the session ends.

Support communications. If you contact Saince support directly through the App or otherwise, we may collect your name, contact information, and the contents of your message in order to respond.

3.2 Information Collected Automatically

Device and technical information. We may collect information about the device you use to access the App, such as device model, operating system and version, unique device identifiers (e.g., a non-resettable hardware identifier or app-scoped identifier), App version, language, time zone, mobile network information, and IP address.

Log and diagnostic data. We collect log data including sign-in events, feature usage, error and crash reports, and timestamps, which help us secure and improve the App.

No advertising identifiers, no tracking across other apps. The App does not use third-party advertising networks, does not collect the Apple Advertising Identifier (IDFA) or Android Advertising ID for advertising purposes, and does not track your activity across other companies’ apps or websites.

3.3 Information We Do Not Collect

The App is not designed to collect: contacts, calendars, photos or videos from your camera roll, SMS or call logs, browsing history, financial account information, Social Security numbers, or precise geolocation data. The App does not store completed transcribed documents on the device after a session ends.

4. Device Permissions

Depending on your device and the features you use, the App may request the following permissions. You may grant or revoke these permissions at any time through your device settings, but doing so may prevent certain features from functioning.

  • Microphone — required to capture audio dictations.
  • Storage — used to temporarily store encrypted dictation files on the device pending upload.
  • Network / internet access — required to authenticate, upload dictations, and synchronize transcribed documents.
  • Notifications — used (where supported) to alert you to documents awaiting review or signature.
  • Biometric authentication (Face ID, Touch ID, fingerprint) — where you choose to enable it, used to unlock the App. Biometric data never leaves your device and is not accessed or stored by Saince.

5. How We Use Information

We use the information described above for the following purposes:

  • To authenticate users and provide access to the App’s features;
  • To enable dictation capture, secure transmission to the dictation server, and review, editing, and electronic signing of transcribed documents;
  • To secure the App and the underlying services, including detecting and preventing unauthorized access, fraud, abuse, and security incidents;
  • To diagnose and resolve technical problems, monitor performance, and improve the App;
  • To provide customer and technical support;
  • To comply with applicable laws, regulations, court orders, and lawful requests from public authorities; and
  • To enforce our agreements and protect the rights, property, or safety of Saince, our Customers, our users, or others.
We do not sell personal information. We do not use personal information for cross-context behavioral advertising. We do not use audio dictations, transcribed documents, or protected health information to train artificial intelligence models for any purpose unrelated to providing the contracted services to the applicable Customer.

6. HIPAA and Protected Health Information

Audio dictations and transcribed documents handled through the App may contain Protected Health Information (“PHI”) as defined under HIPAA. With respect to such PHI, Saince acts as a “Business Associate” of the Customer (which is the “Covered Entity” or, in some cases, another Business Associate). Saince’s use and disclosure of PHI is governed by the BAA in place with the Customer and by the HIPAA Privacy, Security, and Breach Notification Rules (45 C.F.R. Parts 160 and 164).

In the event of a breach of unsecured PHI, Saince will notify the affected Customer in accordance with the BAA and applicable law. Patients seeking to exercise rights with respect to their PHI (such as rights of access, amendment, accounting of disclosures, or restriction) should contact the Customer that is the source of their care; Saince is not authorized to respond to such requests directly.

7. Data Storage and Retention

On the device. Dictation audio is stored locally on the device only in encrypted form and only for as long as needed to complete a reliable upload to the dictation server. After successful upload, the local encrypted file is removed in accordance with the App’s configuration. Completed transcribed documents are not retained on the device after the session ends, although limited cached metadata may remain to support performance and offline indicators.

On Saince or Customer servers. Audio, transcribed documents, and related metadata transmitted from the App are retained on the dictation servers in accordance with the Customer’s configuration and the applicable service agreement and BAA.

Log and diagnostic data. Operational logs are retained for a limited period consistent with our security, audit, and legal requirements, and then deleted or de-identified.

8. Security

Saince maintains administrative, technical, and physical safeguards designed to protect information processed through the App, including:

  • Encryption of dictation files stored on the device using industry-standard cryptographic algorithms;
  • Encryption of data in transit between the App and Saince/Customer servers using Transport Layer Security (TLS);
  • Authentication controls, including support for strong passwords and, where enabled, biometric or multi-factor authentication;
  • Role-based access controls and audit logging on the server side; and
  • Regular security reviews, vulnerability management, and incident response procedures consistent with the HIPAA Security Rule.
No method of electronic storage or transmission is completely secure. You are responsible for safeguarding the device on which the App is installed, keeping your credentials confidential, enabling a device passcode or biometric lock, and promptly reporting any suspected unauthorized access to your organization’s administrator and to Saince.

9. How We Share Information

We share information only as described below. We do not sell personal information or PHI.

  • With your organization (the Customer). Dictations, transcribed documents, authentication events, and related activity logs are made available to the Customer that issued your account, consistent with the services Saince provides to that Customer.
  • With service providers. We engage vetted third-party service providers (for example, hosting, telecommunications, security monitoring, crash analytics, and customer support tools) to perform functions on our behalf. These providers are contractually obligated to protect information consistent with this Policy and, where they handle PHI, to comply with the HIPAA Security Rule under a Business Associate Subcontractor Agreement.
  • For legal and safety reasons. We may disclose information if required by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Saince, our Customers, our users, or the public, or to investigate fraud or security incidents.
  • In a corporate transaction. If Saince is involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to confidentiality obligations and applicable law.

10. Third-Party Platforms and Stores

The App is distributed through the Apple App Store and the Google Play Store. Those platforms may collect information about your download and use of the App in accordance with their own privacy policies. Saince does not control, and is not responsible for, the privacy practices of Apple, Google, or any third party.

11. Children

The App is intended exclusively for use by licensed healthcare professionals and other authorized personnel of our Customers, and is not directed to children. Saince does not knowingly collect personal information from children under the age of 16 through the App. If you believe a child has provided personal information to us through the App, please contact us so we can take appropriate action.

12. International Users

The App is operated from the United States and is intended for users located in jurisdictions where Saince and its Customers operate. If you access the App from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, which may have data protection laws different from those of your country.

13. Your Rights Under U.S. State Privacy Laws

Depending on the state in which you reside (including California, Virginia, Colorado, Connecticut, Utah, Texas, and other states with comprehensive privacy laws), you may have certain rights with respect to personal information that Saince processes about you as an individual user of the App, including the rights to:

  • Confirm whether we process your personal information and request access to it;
  • Request correction of inaccurate personal information;
  • Request deletion of personal information, subject to applicable exceptions;
  • Opt out of the sale or sharing of personal information (Saince does not sell or share personal information for cross-context behavioral advertising); and
  • Be free from unlawful discrimination for exercising these rights.
These rights generally do not apply to PHI governed by HIPAA, to information processed by Saince on behalf of a Customer (for which the Customer is the responsible party), or to information processed by Saince in connection with your employment relationship with the Customer. To exercise a right that applies to information Saince controls, please contact us using the information in Section 17. We may need to verify your identity before responding. You may also designate an authorized agent to make a request on your behalf, subject to verification.

14. Account and Data Deletion

Because user accounts are created and managed by the Customer’s administrator, account deactivation and deletion are generally initiated through your organization. To request deactivation of your account or deletion of associated personal information held by Saince:

  • Contact your organization’s Doc-U-Scribe administrator, who can disable or remove your account through the Doc-U-Scribe web application; or
  • Submit a request directly to Saince at raghu.vir@saince.com. We will route the request appropriately, verify it, and respond within the period required by applicable law. PHI and records retained pursuant to a Customer’s instructions or required to be retained by law will be handled in accordance with the applicable BAA, service agreement, and legal requirements.
You can also uninstall the App at any time through your device. Uninstalling the App will remove any locally cached data on the device but will not, by itself, delete records held on Saince or Customer servers.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the App, our practices, or applicable law. When we make material changes, we will update the “Last Updated” date above and, where appropriate, provide additional notice through the App, the Doc-U-Scribe web application, or other reasonable means. Your continued use of the App after the effective date of an updated Policy constitutes your acknowledgment of the changes.

16. No Warranty; Limitation of Liability

This Privacy Policy describes Saince’s privacy practices and does not create any contractual or legal rights beyond those required by applicable law. The App and the related services are provided pursuant to the agreement between Saince and the applicable Customer, and to the App’s end-user license agreement and terms of use, which contain warranty disclaimers and limitations of liability. Nothing in this Policy is intended to expand any of Saince’s warranties or liabilities beyond what is set forth in those agreements.

17. How to Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:

Saince, Inc.
Attn: Privacy Officer
5490 McGinnis Village Place, Suite 116
Alpharetta GA 30005
United States
Email: raghu.vir@saince.com
Phone: 877 472 4623
Website: www.doc-u-scribe.com

For HIPAA-related inquiries, please contact the Customer (the healthcare provider or organization through which you received the App or care).

Saince, Inc.