LOGIN
Try For Free

Privacy Policy

Last Updated: November 1, 2025

This Privacy Policy explains how VOCALLI.AI, a product of DigiMedix Technology Solutions Inc. (“the Company”, “we”, “our”, or “us”), collects, uses, stores, and protects information when you use our AI-powered medical scribe software-as-a-service (“the Platform”).

We are committed to maintaining the highest standards of security and confidentiality in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA)provincial healthcare privacy laws (including PHIPA, HIA, and others), and the Health Insurance Portability and Accountability Act (HIPAA) where applicable.

 

  1. Scope

This Privacy Policy applies to:

  • All users of the www.VOCALLI.ai SaaS application and its associated websites;
  • Data processed through our secure cloud infrastructure and integrated third-party providers;
  • All services provided by DigiMedix Technology Solutions Inc.

By accessing or using our Platform, you acknowledge and agree to the terms of this Privacy Policy.

 

  1. Responsibility for Patient Consent

The Platform is intended for licensed healthcare professionals and organizations.
It is the user’s sole responsibility to obtain all necessary patient consents and authorizations required under applicable privacy and healthcare laws before submitting any patient data or protected health information (“PHI”) to the Platform.

The Company is not responsible for verifying or maintaining patient consent records and assumes no liability for user or client non-compliance.

 

  1. Information We Collect

We collect only the information necessary to provide, maintain, and improve our services.

  1. Account and Identity Information
  • Name, email address, professional details, organization name, and contact preferences.
  • Login credentials and multi-factor authentication (MFA) data.
  1. Usage and Technical Data
  • Device identifiers, browser type, IP address, and usage logs for system performance, troubleshooting, and analytics.
  1. Transcription and PHI Data
  • Audio files, transcripts, notes, and related content submitted for AI processing.
  • Such data is processed and stored securely according to the user’s selected jurisdiction (Canada or USA).

 

  1. Where We Store Personal Information

At the point of registration, a user is asked to select their country.

  • If the user chooses Canada as their country, all clinical and transcription data will be stored in Canadian data centres, and AI processing will occur within Canada through HIPAA- and PIPEDA-compliant service providers.
  • If the user chooses any country other than Canada, data will be stored in the United States, and AI processing will occur within the U.S. through HIPAA-compliant providers.

Certain Account Information (e.g., practitioner name, email address, and encrypted payment details) for all users may be stored or processed in the United States by our secure third-party service providers, such as payment processors or communication tools.

While information is stored or processed outside of Canada, it becomes subject to the laws of that jurisdiction, which may allow governmental authorities access to such data in accordance with local regulations.

For more information about our data storage practices or service providers, you may contact our Privacy Officer at privacyofficer@digimedix.net

 

  1. Use of Information

We use collected information solely for:

  • Delivering and improving our AI transcription and scribe services;
  • Providing user support, training, and technical assistance;
  • Ensuring system integrity, compliance, and fraud prevention;
  • Fulfilling our contractual and legal obligations.

We do not sell or trade personal or health data.

 

  1. Security Measures

We maintain administrative, physical, and technical safeguards designed to protect all personal and health information, including:

  • Encryption of data at rest and in transit;
  • Multi-Factor Authentication (MFA) for user accounts;
  • Strict access control and audit logging;
  • Routine vulnerability testing and data integrity monitoring.

Although we follow industry best practices, no system is completely immune to risk. Users acknowledge and accept inherent risks associated with internet-based services.

 

  1. Third-Party Service Providers

We work with select third-party technology partners who support AI processing, hosting, and secure transmission of data.
All such partners are required to maintain HIPAA-compliant Business Associate Agreements (BAAs) or equivalent privacy contracts.

The Company is not responsible for any security incidents, data loss, or breaches that occur:

  • Within third-party systems;
  • Due to user misconfiguration or negligence; or
  • As a result of network or technology failures outside our control.

 

  1. Data Retention and Deletion
  • Transcribed and uploaded data are retained only as long as necessary to deliver services or as required by law.
  • Clients may request deletion of data through written notice to our Privacy Officer.
  • Backup and archival data are securely purged per our retention policy.

 

  1. Limitation of Liability

To the maximum extent permitted by law, DigiMedix Technology Solutions Inc. shall not be liable for any damages, loss of data, or breaches resulting from third-party services, user actions, or external events beyond our reasonable control.
Use of the Platform constitutes acceptance of these limitations.

 

  1. Updates to This Policy

We may update this Privacy Policy periodically to reflect legal, technical, or operational changes. Updates will be posted with a revised “Last Updated” date. Continued use of the Platform constitutes acceptance of the updated policy.

 

  1. Contact Information

For privacy questions, access requests, or data management inquiries, please contact:

Email: privacyofficer@digimedix.net
Phone: 800-756-1525