Privacy Policy
Privacy Policy – Autoset
Learn how Autoset collects, uses, and protects your data. Your privacy matters, and we’re committed to keeping your information secure and transparent.
Privacy Policy
Effective Date: 1/1/2026
We have created this Privacy Policy because we know that you care about how information you provide to us is used and shared. This Privacy Policy relates to the information collection and use practices of our Browser Extensions (the "Extension"), our backend platform and services (collectively, including the "Extension", the "Platform"), and when you otherwise interact with us in any way.
1. Description of Users and Acceptance of Terms
This Privacy Policy applies to healthcare professionals and authorized personnel who install and use the Extension ("Users"), as well as any organization or employer that has deployed the Extension for its staff ("Customers").
By installing and/or using the Extension, each User and Customer is agreeing to the terms of this Privacy Policy. If you do not agree to these terms, please uninstall the Extension and discontinue use.
Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms of Use, as the context requires.
2. The Information We Collect and/or Receive
In the course of operating the Platform, and/or interacting with you, we will collect and/or receive the following types of information. You authorize us to collect and/or receive such information.
2.1 Account Information
In order to access and use the Platform, you may be required to authenticate via your account credentials. In connection with creating or accessing an account, you may be asked to provide your email address, name, and a password (collectively, "Account Information"). We use Account Information to process and manage your account, verify your identity, and maintain session security.
2.2 Health and Patient Data
The Platform is designed to read data from Electronic Health Record ("EHR") systems to which you have lawful, authorized access in the course of your professional duties. In providing its core functionality, the Platform may access, process, and handle patient information, including but not limited to patient names, medical history, diagnoses, symptoms, procedures, and other clinical documentation (collectively, "Patient Data").
Patient Data is accessed solely to facilitate AI-assisted documentation and we do not use Patient Data for any purpose unrelated to providing the Extension's core functionality.
2.3 User Activity and Website Content
In order to identify unfilled documentation fields, track form completion status, and assist with data entry, the Extension collects information about your interactions with EHR web pages. This includes mouse clicks, page structure, text content within EHR forms, and scroll activity (collectively, "User Activity Data" and "Website Content"). This data is used solely to fulfill the Extension's single purpose of AI-assisted clinical documentation.
2.4 Technical and Device Information
When you use the Platform, we may automatically collect certain technical information, including your browser type, operating system, IP address, and usage logs. This information is used solely to diagnose performance issues, maintain service reliability, and improve the Extension.
3. How We Use and Share the Information
We use your information solely to provide, operate, and improve the Platform. Specifically, we use it to:
Process Patient Data through our AI systems for the exclusive purpose of generating clinical documentation;
Monitor, support, analyze, and improve the technical performance of the Platform;
Communicate with you regarding updates, support, and changes to the Platform;
Protect the safety and security of our systems and our users;
Fulfill our legal and regulatory requirements, including compliance with applicable healthcare privacy laws such as HIPAA; and
Comply with applicable law, court orders, or government requests.
We do not sell or transfer user data to third parties. We do not use or transfer user data for any purpose unrelated to the Platform's single purpose of AI-assisted clinical documentation. We do not use or transfer user data to determine creditworthiness or for lending purposes.
We may share your information only with third-party service providers that assist us in operating the Extension and Platform (such as cloud hosting and AI infrastructure providers), and only to the extent necessary for them to perform those services. All such providers are contractually bound by confidentiality and data protection obligations consistent with this Privacy Policy and applicable law.
4. HIPAA Compliance and Healthcare Data
We recognize the sensitive nature of Patient Data and are committed to handling it in accordance with applicable healthcare privacy laws, including the Health Insurance Portability and Accountability Act ("HIPAA"). We maintain a Business Associate Agreement ("BAA") with Customers as required under HIPAA and implement administrative, t echnical, and physical safeguards appropriate to the nature of the data we process.
Users and Customers are responsible for ensuring that their use of the Extension complies with all applicable laws and institutional policies, including obtaining any required patient authorizations and ensuring that Patient Data is accessed only by authorized personnel.
5. How We Protect the Information
We take commercially reasonable security measures to protect your information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit, access controls, and regular security assessments.
However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, and we do not accept liability for unintentional disclosure of information resulting from events beyond our reasonable control.
6. Data Retention
We retain Account Information and technical logs only for as long as necessary to provide the Platform's services or as required by applicable law. Patient Data processed through our AI systems is not persistently stored on our servers after the completion of the relevant documentation request, except where explicitly required by the User or Customer as part of the service configuration.
7. Third-Party Services
The Platform relies on third-party service providers for backend infrastructure, AI processing, and cloud storage. These providers are contractually required to process your information only in accordance with our instructions and applicable data protection requirements. We are not responsible for the data practices of third-party EHR systems with which you use the Extension.
8. Minors
The Platform is intended solely for use by licensed healthcare professionals and authorized personnel aged 18 years or older. It is not directed at individuals under the age of 18, and we do not knowingly collect personal information from minors. If you believe a minor has provided information through the Extension, please contact us and we will endeavor to delete that information promptly.
9. Important Notice to Non-U.S. Residents
Our servers and infrastructure are operated in the United States. If you are located outside the United States, please be aware that information you provide to us may be transferred to, processed, and maintained on servers located in the United States, where privacy laws may differ from those in your jurisdiction. By using the Platform, you consent to this transfer and processing in accordance with this Privacy Policy.
10. Your Rights and Choices
Depending on your jurisdiction, you may have the right to access, correct, or delete personal information we hold about you. To exercise any of these rights, please contact us using the information provided in Section 12 below. We will use commercially reasonable efforts to respond to all such requests in a timely manner.
You may uninstall the Extension at any time to cease all data collection by the Platform. To request deletion of your Account Information or other data we hold about you, please contact us directly.
11. Changes to This Privacy Policy
This Privacy Policy is effective as of the date stated above. We may update this Privacy Policy from time to time. Any material changes will be communicated through the Extension or via email to registered users. Continued use of the Platform after such changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy regularly.
12. Contact Us
If you have any questions about this Privacy Policy, wish to exercise your data rights, or need to report a privacy concern, please contact us at:
Email: dev@autoset.dev
Mailing Address:
Autoset,
8 The Green,
Dover, Delaware, 19901
United States