Privacy Policy

who are we? we are autoscriber b v (autoscriber) our address is high tech campus 6a, 5656 ae eindhoven we are registered with the chamber of commerce (kamer van koophandel) under number 83055150 what do we do? we offer you access to our ai application that turns the conversation between a physician and a patient into a structured summary our application also offers the ability to search, filter, and replay the transcript of your conversation, as well as dictate notes outside of the consultation we call our application the autoscriber app what are you reading? this policy explains which data we collect, how we use, store, and protect it, and which privacy rights you can invoke (the privacy policy) we may modify this privacy policy, but if we substantially modify it, we shall place a notification in our app additionally, we will notify registered users via email if you are not a registered user, we advise you to consult the website, app, and this privacy policy regularly questions? if you have any questions regarding this privacy policy, do not hesitate to contact us by sending an email to support\@autoscriber com mailto\ support\@autoscriber com this privacy policy was last modified on september 4, 2023 1\ applicability this privacy policy applies to autoscriber app, our websites ( www autoscriber com http //www autoscriber com and app autoscriber com), and any other services or products we provide (the services) autoscriber app is accessible through our website under separate software as a service agreements (saas) specifically, the privacy policy applies to you as one of the following direct or indirect users organisations using autoscriber app, the website, or our services (medical organisation) examples include hospitals and gp practices individuals using autoscriber app, the website, or our services on behalf of the medical organisation (physician) examples include doctors, surgeons, nurses, and medical interns the patient and, optionally, their companions (patient) 2\ autoscriber’s role since autoscriber is not a participant in the conversation between the physician and their patients, we have no full insight into all information exchanged during these conversations therefore, we recommend patients always contact the relevant physician or hospital for specific requests regarding medical consultations please note that we might sometimes refer your request to the medical organisation ‍3 data processing we process personal data on the following grounds under the general data protection regulation (gdpr) consent execution of an agreement (including saas) legal obligation legitimate interest of autoscriber overview of data processing account creation (ground 2) to create an account, the medical organisation and/or physician must provide contact information (name, phone number, location, job title, email address) username password get in touch (ground 4) when you fill in the digital contact form, you must enter your name, email address, phone number, and request description this data is only processed to provide you with the requested information payment (ground 2) for the payment of the fees relating to the use of autoscriber app, the medical organisation must provide its payment details payment method and financial data, such as credit card and/or bank account information ip address (ground 4) upon each visit to the website your (fixed or temporary) ip address is detected we process these data for technical and functional management in order to ensure our website is easy to use job application (ground 1 or 4) if you apply for a job, we may process your name, address, age or date of birth, gender, email address, phone number, and résumé to handle your application communication (ground 2) we may use the contact information of the medical organisation or physician to send information messages necessary for the use of autoscriber app, excluding marketing communications performance of saas (ground 2) we may process the following (special) categories of personal data to comply with our obligations regarding the provision of saas recordings of conversations between physicians and patients (the recordings ) personal data entered by physicians in relation to the patient ( other data ) these recordings and other data contain (sensitive) personal data, such as date of birth, address, contact information, complaints, diagnoses, medication use, allergies, height, weight, medical history, blood group the medical organisation is at all times responsible for the recordings and other data that is processed using autoscriber app the medical organisation determines what data is stored and/or processed in the log files; what grounds apply to the processing; and how long the data is kept product improvement (ground 1) autoscriber may store the recordings and other data to improve autoscriber’s technologies in the future for this purpose autoscriber needs the explicit consent of the medical practitioner, the patient and their companions if the medical practitioner or the patient(s) or, if applicable, a companion do not give their consent for the processing of the recordings and other data by autoscriber to improve autoscriber’s technologies, autoscriber will not store the recordings and other data for this purpose data aggregation (ground 4) in order to minimise the processing of personal data, we may aggregate or encrypt personal data to create anonymous data that cannot subsequently be traced back to a natural person legal compliance (ground 3) in order to comply with applicable law, autoscriber may be required to process personal data for purposes other than those set out in this privacy policy, for example for law enforcement and in case of a court order fraud detection (ground 3 or 4) we process personal data for fraud detection and to prevent fraud and abuse if autoscriber has a reasonable suspicion of, or determines that there has been, any fraud, scam or criminal activity attributable to you, personal data will be processed in order to prevent you from using autoscriber app or the website in the future customer service (ground 1 or 4) we may collect and share personal data to provide (international) customer service for the medical organisation and physician for example, we may collect (telephone) requests received by the autoscriber service centre and the related responses, together with the other contact details this way we can better respond to enquiries marketing (ground 1 or 4) we may use the contact information of the medical organisation and/or physician for marketing communications (such as newsletters), to the extent permitted by law we will always provide you with the option to unsubscribe from our newsletter and will never provide our subscribers file to third parties, unless with your explicit consent 4\ data storage autoscriber retains personal data only as long as necessary for the purposes mentioned in privacy policy /#3 data processing above or as permitted by law specific retention periods include account data the data of medical organisations or physicians required to create an account will be retained for as long as you use the autoscriber app after unsubscribing or deleting your account, we maintain your account data for a period up to 2 years, in case you want to reactivate your account application data if autoscriber does not hire you, your information will be deleted within 4 (four) weeks after your application unless otherwise agreed between you and autoscriber in writing consent based data for purposes based on your consent, data processing ends when you decide to withdraw such consent aggregated data in case data is anonymised by autoscriber, we may retain this data for statistical and analytical purposes recordings and other data if the medical practitioner and the patient gave autoscriber consent for the storage of recordings and other data with the purpose to improve the autoscriber technologies, autoscriber will retain such recordings and other data for a maximum period of 5 (five) years, unless the medical practitioner and or the patients withdraw their consent earlier if you are a patient, please note that autoscriber doesn’t have any control about the retention of personal data by the medical organisation and the physician in your electronic patient file or any other form of data retention 5\ data protection we do our utmost to protect your personal data, by taking technical and organisational security measures to protect your data against manipulation, loss, destruction and access by unauthorised persons these security measures are constantly improved in line with technological developments access to the personal data is strictly limited to employees and third party service providers on a ‘need to know’ basis, who have passed a police clearance check (vog); encryption of personal data in the cloud using customer managed keys; secure network connections with secure socket layer (ssl), or a comparable technology; access to the personal data is secured with a two factor authentication (2fa); conclusion of non disclosure agreements (nda’s) 6\ data sharing autoscriber may share personal data with service providers (ground 2 or 4) autoscriber may share personal data with the following categories of service providers, who contribute to autoscriber app hosting, data analysis and storage, payment processing, information technology and related infrastructure, customer service, product design, product diagnostics, email delivery, credit card processing, auditing, and marketing autoscriber only shares personal data with service providers that provide sufficient safeguards to protect personal data competent authorities (ground 4) autoscriber discloses personal data to law enforcement authorities and other public authorities to the extent required by law or strictly necessary for the prevention, detection or prosecution of criminal offences and fraud transfer of business (ground 4) we may transfer personal data to third parties in the event that autoscriber is subject to a merger, acquisition, reorganisation, sale of business units or bankruptcy in this case autoscriber will ask for your prior consent, if this is required under applicable law if the above organisations are regarded as processors under the gdpr, autoscriber will enter into a data processing agreement with them processing of personal data will only take place on autoscriber’s instruction and under autoscriber’s responsibility international transfer autoscriber’s services are managed and operated from the netherlands we process personal data within the european economic area ( eea ) to the extent possible, and will only process personal data outside the eea if we can invoke the safeguards legally required by the gdpr for the transfer of personal data (such as the conclusion of an eu model contract) the employees of autoscriber working from south africa may internally access the european cloud environment, containing personal data the employees are provided with access based on the need to know principle, and the personal data shall at all times remain within autoscriber’s european cloud environment providing employees access to personal data is necessary for autoscriber to conclude agreements with third parties in your interest, as permitted by the gdpr 7\ privacy rights under the gdpr, you have the right to request access to your personal data; request us to correct, limit or delete your personal data; request a copy of your personal data we can provide this copy to third parties at your request; object to the processing of your personal data by contacting us; file a complaint directly with the dutch data protection authority ( autoriteit persoonsgegevens ) about the way we process personal data; revoke your consent to the processing of your personal data; 8\ cookies a cookie is a small text file that can be sent via the server of a website to the browser the browser saves this file to your computer your computer is tagged with a unique number, which enables our site to recognize that computer in the future we use cookies to improve the user experience on our website moreover, cookies ensure that our website and app work faster, that you can visit our website and app safely and that we can track and solve errors on our website and app you can always delete or disable cookies yourself via the browser settings no more cookies will be stored when you visit our website or app however, please note that without cookies, our website and app may not function as well as it should