Privacy Policy

Last updated: April 22, 2026

1. Information We Collect

We collect the following types of information when you use MD Aid, Inc. Practice Assistant ("the Service"):

  • Account information — Name, email address, and authentication data managed through our identity provider (NextAuth)
  • Chat messages — Text conversations between you and the AI assistant
  • Voice recordings — Audio submitted through voice mode for transcription
  • Usage data — How you interact with the Service, including pages visited and features used
  • Device and browser information — Browser type, operating system, and device identifiers

2. How We Use Your Information

We use the information we collect to:

  • Provide AI-powered responses to your questions using your clinic's knowledge materials
  • Maintain conversation history so the assistant can provide contextual responses
  • Improve the quality and accuracy of the Service
  • Analyze usage patterns to enhance the user experience
  • Ensure the security and integrity of the Service

3. Aggregated & De-Identified Data

Notwithstanding anything else in this Privacy Policy, MD Aid, Inc. reserves the right to anonymize or de-identify any data collected from you, including chat logs and usage data, such that it cannot reasonably be used to identify you. We may use, sell, or share this aggregated or de-identified data for any purpose, including without limitation to improve our Services and train machine learning models, without restriction or compensation to you.

4. Third-Party Services & Data Sharing

The Service uses various third-party providers (subprocessors) to deliver its functionality, including but not limited to:

  • NextAuth — Authentication and user management
  • Anthropic & Others — AI-powered response generation
  • Deepgram & Others — Voice transcription
  • Voyage AI & Others — Text embeddings for knowledge retrieval
  • Cloud Providers (e.g., AWS, Vercel) — File storage and application hosting

We may share your data with affiliates, subsidiaries, and future third-party vendors as necessary to provide the Service. Each of these providers maintains appropriate security standards, but their data handling is governed by their own privacy policies.

5. Business Transfers

If MD Aid, Inc. is involved in a merger, acquisition, bankruptcy, reorganization, or sale of assets, your information may be sold or transferred as part of that transaction. This Privacy Policy will apply to your information as transferred to the new entity.

6. Data Storage, Security, and International Transfers

Your data is encrypted in transit using TLS and stored on cloud infrastructure hosted in the United States. By using the Service, you consent to the transfer, processing, and storage of your information in the United States.

We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, or destruction.

7. Data Retention

Chat history is retained for the purpose of providing contextual responses within your conversations and allowing you to review past sessions. Voice recordings are retained for transcription processing and quality improvement. You may request deletion of your data at any time by contacting us.

8. HIPAA Notice

The Service is not currently HIPAA-compliant. Patients should not share sensitive protected health information (PHI) beyond what is necessary for the Service to answer their questions. The Service is designed to provide general information based on clinic policies and medical knowledge, not to handle detailed medical records.

9. Your Rights

You have the right to:

  • Access — Request a copy of the personal data we hold about you
  • Correction — Request correction of inaccurate personal data
  • Deletion — Request deletion of your personal data
  • Data portability — Request your data in a structured, machine-readable format

To exercise any of these rights, please contact us at privacy@md-aid.com.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

11. Cookies and Tracking

The Service uses session cookies for authentication and maintaining your signed-in state. We do not use third-party advertising trackers. Analytics data is collected in aggregate form to improve the Service.

12. Changes to This Policy

We may update this Privacy Policy from time to time without prior notice. Changes will be posted on this page with an updated effective date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.

13. Contact Information

If you have questions about this Privacy Policy or how we handle your data, please contact us at privacy@md-aid.com.