docremark-logo

Legal

Privacy Policy

Effective date: 1 February 2025  ·  Last updated: 19 February 2025

1. Overview

Docremark ("we", "our", "us") operates a cloud-based clinic management platform at docremark.com. This Privacy Policy explains what information we collect when you use our services, how we use and protect it, and the choices you have. By creating an account or using Docremark, you agree to the practices described here.

2. Information We Collect

2.1 Account and Organisation Data

When you sign up we collect your name, email address, and the name and details of your organisation. Administrators may also provide a clinic logo, staff members' email addresses, and role assignments.

2.2 Patient and Clinical Data (PHI)

Docremark stores patient demographics, visit records, conditions, diagnoses, prescriptions, and vitals that your team enters into the platform. This data is Protected Health Information (PHI) and is handled under a least-privilege, org-scoped access model. No PHI is shared with third parties except as described in Section 5.

2.3 Usage and Technical Data

We automatically collect IP address, browser type, device identifiers, pages visited, and timestamps when you interact with Docremark. This data is used for security monitoring, debugging, and product improvement. It is not linked to individual patient records.

2.4 Voice Transcription Data

When a doctor uses the voice-to-notes feature, audio is transcribed and the resulting text is stored as part of the visit record within your organisation. Audio recordings are not retained after transcription is complete.

2.5 Payment Data

Billing and payment card details are processed directly by Creem, our payment processor. Docremark does not store credit card numbers or bank account details. We receive only a masked card summary and subscription status from Creem.

3. How We Use Your Information

  • Providing, maintaining, and improving the Docremark platform and its features.
  • Authenticating users and enforcing role-based access control within organisations.
  • Sending transactional emails such as account verification, password reset, and billing receipts.
  • Detecting and preventing fraud, abuse, and unauthorised access.
  • Responding to support requests and communications directed to us.
  • Complying with applicable laws, regulations, and lawful government requests.

We do not sell your data or use PHI for advertising or marketing profiling.

4. Data Retention

Account data is retained for as long as your organisation subscription is active. If an organisation account is closed, we will delete or anonymise your data within 90 days of closure unless a longer retention period is required by applicable law. Individual users may request deletion of their personal data by contacting us at hello@docremark.com.

5. Data Sharing

We do not sell, rent, or trade your data. We share information only in the following limited circumstances:

  • Creem – our payment processor, to handle subscription billing and invoicing.
  • Infrastructure providers – cloud hosting and database services that operate under data processing agreements with us.
  • Legal obligations – when required by law, court order, or regulatory authority.

6. Security

All data in transit is encrypted using TLS 1.3. Data at rest is encrypted at the storage layer. Access to production systems is restricted to authorised personnel and logged. We enforce role-based access control so that each user and organisation can only access data within their own tenant boundary. We conduct periodic security reviews and promptly address reported vulnerabilities.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; and receive a copy of your data in a portable format. To exercise any of these rights, email hello@docremark.com with the subject line "Privacy Request". We will respond within 30 days.

8. Cookies

Docremark uses strictly necessary session cookies for authentication and preference storage (e.g. colour mode). We do not use third-party advertising cookies or cross-site tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify account administrators by email. Continued use of Docremark after a change takes effect constitutes acceptance of the revised policy.

10. Contact

For privacy-related questions or requests, contact us at hello@docremark.com.

Cookie preferences

We use cookies to keep the app working and, with your consent, to collect anonymous usage data to improve the product.

Essential for core functionality. Cannot be disabled.

Anonymous analytics to improve the product.