Privacy Policy

Last updated: 21 January 2026

This Privacy Policy explains how DocNotes ("we", "our", or "the Service") collects, uses, stores, and protects personal data when clinicians use the DocNotes application.

DocNotes is a private, invite-only clinical documentation workspace intended for use by healthcare professionals in Ireland during a limited MVP / pilot phase.

1. Scope & Role Under GDPR

For the purposes of the General Data Protection Regulation (GDPR):

  • Clinicians are the Data Controllers for any patient data they enter
  • DocNotes acts as a Data Processor, processing data only on documented instructions from the clinician

DocNotes does not act as a healthcare provider, data owner, or clinical decision-maker.

2. Who This Service Is For

This service is intended exclusively for:

  • Licensed or supervised clinicians
  • Clinical professionals testing the product under invitation

It is not intended for:

  • Patients
  • Members of the general public
  • Use as an electronic health record (EHR) system

3. Data We Process

3.1 Clinician Account Data

We process:

  • Name
  • Email address
  • Authentication credentials (hashed)
  • Account metadata (creation date, last login)
  • Audit and security events

3.2 Patient Data (Entered by Clinicians)

Clinicians may enter limited patient-related data, including:

  • Patient name or identifier
  • Date of birth or age
  • Sex
  • Clinical notes and documentation

DocNotes is designed to minimise stored patient identifiers and does not require full demographic datasets.

3.3 AI-Generated Content

AI-generated clinical text:

  • Is produced only at the clinician's request
  • Remains editable by the clinician
  • Is persisted only after explicit clinician approval
  • Is never used to train AI models

4. Purpose of Processing

We process data solely to:

  • Provide the clinical documentation service
  • Enable drafting, review, approval, and export of notes
  • Maintain auditability and system integrity
  • Support security, abuse prevention, and debugging
  • Communicate essential system or support messages

We do not process data for advertising, profiling, or secondary analytics.

5. AI Processing

DocNotes uses a third-party AI provider strictly to:

  • Rewrite clinician-provided rough text into structured clinical documentation

Safeguards include:

  • No automated diagnosis or decision-making
  • Human-in-the-loop approval required
  • No training of AI models on user data
  • Prompt-level protections against instruction injection

AI output is treated as clinical draft content, not authoritative medical advice.

6. Data Storage & Security

We apply appropriate technical and organisational measures to protect data, including:

  • Encryption of data at rest using industry-standard mechanisms (e.g. AES-256)
  • Encryption of data in transit using TLS
  • Access controls and role separation
  • Secure credential handling
  • Immutable audit logging
  • Environment isolation
  • Rate limiting and abuse prevention
  • Regular dependency and security updates

These measures are designed to reduce risk but do not guarantee absolute security.

All infrastructure is hosted within the European Union.

7. Audit Logging

To ensure accountability and traceability:

  • Key actions (logins, approvals, exports, AI usage) are logged
  • Audit logs are append-only
  • Logs are retained for security and compliance purposes

Audit logs are not exposed to other users.

8. Data Retention

  • Clinician account data is retained while the account remains active
  • Clinical data is retained until deleted by the clinician or upon account termination
  • Audit logs are retained for a limited period for security and compliance

9. Data Deletion

Clinicians may:

  • Delete individual patients or documents
  • Delete their entire account

Upon account deletion:

  • All associated clinical and account data is permanently removed
  • Residual backups are removed according to standard operational timelines

This approach follows industry-standard SaaS data deletion practices.

10. Data Exports (Right of Access & Portability)

Clinicians can:

  • Export all their data
  • Export specific datasets (e.g. patients, notes)
  • Receive exports in machine-readable formats (e.g. JSON, CSV, XLSX)

Export actions are logged for audit purposes.

11. Third-Party Services

We use carefully selected third parties, including:

  • Database and hosting providers (EU-based)
  • Email delivery services (for account and support communications)
  • AI services for text rewriting

Each provider is contractually restricted to processing data only as instructed.

12. International Transfers

We aim to avoid international data transfers.

Where a service provider operates outside the EU:

  • Appropriate safeguards are in place
  • Processing complies with GDPR Chapter V requirements

13. User Responsibilities

Clinicians are responsible for:

  • Ensuring lawful basis for patient data entry
  • Avoiding unnecessary identifiers
  • Using exports and copies responsibly
  • Complying with local professional obligations

14. Changes to This Policy

This policy may be updated as the product evolves.

Material changes will be communicated to users before taking effect.

15. Contact

For privacy or data protection inquiries:

Email: contact@docnotes.app
Controller Contact: The clinician using the service
Processor: DocNotes (private MVP)

DocNotes is a clinical support tool, not an EHR or diagnostic system.