← SampsonPrivacy Policy

Privacy Policy

Last updated: December 21, 2025

1. Introduction

Sampson Scribe ("Sampson," "we," "us," or "our") is a medical documentation tool designed for healthcare providers. This Privacy Policy explains how we collect, use, store, and protect information when you use our mobile application and web service (collectively, the "Service").

By using Sampson, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Authentication credentials (securely hashed)
  • Account preferences and settings

2.2 Audio Recordings

When you use Sampson to document patient encounters, we collect:

  • Audio recordings of your dictations
  • Transcriptions generated from those recordings
  • Clinical notes generated from transcriptions

Important: Audio recordings are processed for transcription and then permanently deleted from our servers within 24 hours. We do not retain raw audio files long-term.

2.3 Patient Information

The clinical notes you create may contain patient information that you dictate, including:

  • Patient demographics (age, gender)
  • Chief complaints and symptoms
  • Medical history, medications, and allergies
  • Physical examination findings
  • Diagnostic results and clinical assessments

You are responsible for ensuring that any patient information you input complies with applicable healthcare privacy regulations (such as HIPAA in the United States).

2.4 Usage Data

We automatically collect certain technical information:

  • Device type and operating system
  • App version
  • Error logs and crash reports
  • Feature usage patterns (anonymized)

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain the Service
  • Transcribe your audio recordings into text
  • Generate clinical documentation from your dictations
  • Sync your notes across your devices
  • Send you service-related notifications (e.g., "Note ready")
  • Improve and optimize the Service
  • Respond to your support requests
  • Detect and prevent fraud or abuse

4. Data Storage and Security

4.1 Where We Store Data

Your data is stored using the following services:

  • Firebase (Google Cloud) - Authentication and database storage
  • Amazon Web Services (AWS) - Temporary audio file storage and processing

All data is stored in secure, SOC 2 compliant data centers located in the United States.

4.2 Security Measures

We implement industry-standard security measures:

  • Encryption in transit (TLS/SSL) for all data transfers
  • Encryption at rest for stored data
  • Secure authentication with Firebase Auth
  • Access controls limiting data access to authorized personnel
  • Regular security audits and monitoring

4.3 Data Retention

  • Audio recordings: Deleted within 24 hours of processing
  • Clinical notes: Retained until you delete them or close your account
  • Account data: Retained while your account is active
  • Custom instruction history: Retained for up to 10 years for compliance, security, and legal defense purposes (see Terms of Service Section 9)

Account Deletion: If you close your account, we delete your clinical notes and personal profile, but we retain custom instruction audit records (including your email and user ID) for the retention period described above to protect against legal claims and maintain system integrity.

5. Third-Party Services

We use the following third-party services to provide the Service:

Deepgram

Provides speech-to-text transcription. Audio is processed and not retained by Deepgram after transcription is complete.

Deepgram Privacy Policy →

OpenAI

Provides AI-powered note generation. Transcripts are processed via OpenAI's API with data retention disabled.

OpenAI Privacy Policy →

Firebase (Google)

Provides authentication, database, and cloud messaging services.

Firebase Privacy Policy →

Amazon Web Services (AWS)

Provides cloud computing and temporary file storage.

AWS Privacy Policy →

6. Your Rights

You have the right to:

  • Access: Request a copy of your data
  • Correction: Update or correct your information
  • Deletion: Delete your notes or close your account entirely
  • Data Portability: Export your notes in a standard format
  • Withdraw Consent: Stop using the Service at any time

To exercise these rights, contact us at contact@sampsonscribe.ai.

7. Healthcare Provider Responsibilities

Sampson is a documentation tool designed for licensed healthcare providers. As the user, you are responsible for:

  • Ensuring your use of Sampson complies with applicable laws and regulations
  • Reviewing and verifying all generated clinical notes before use
  • Obtaining any required patient consents for recording
  • Maintaining appropriate safeguards for patient information
  • Not relying solely on Sampson for clinical decision-making

Sampson operates as a Business Associate under HIPAA when processing Protected Health Information on behalf of healthcare providers (Covered Entities). We maintain signed Business Associate Agreements (BAAs) with our customers and with all third-party subprocessors that handle PHI. For BAA requests, contact us at admin@sampsonscribe.ai.

8. Children's Privacy

Sampson is intended for use by healthcare professionals and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Sampson Scribe

Email: contact@sampsonscribe.ai

Terms of ServiceSupportBack to App