top of page

Privacy Policy

Privacy Policy

Link to Current Privacy Policy: https://www.jotpsych.com/privacy-policy

Version last updated on December 19th, 2025

 

This Privacy Policy describes the policies and procedures of SmartScribe Corp (doing business as JotPsych) on the collection, use, and disclosure of Client information when you use the products or services we offer (“Services”). It also explains your privacy rights and how the law protects you.

 

Please read this Privacy Policy carefully to understand our practices regarding your data and how we will treat it.

 

We use Client data to provide and improve the Services. By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.

 

INTERPRETATION AND DEFINITIONS

 

Interpretation: The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

 

Definitions:

Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.

Client (referred to as “you”, “your”, or “Client”) means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Company (referred to as either “the Company”, “we”, “us”, “SmartScribe”, or “our” in this Agreement) refers to SmartScribe Corp, Delaware, USA.

Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.

Device means any device that can access the Services such as a computer, a cell phone or a digital tablet.

Personal Data is any information that relates to an identified or identifiable individual.

Services refers to websites, applications, and web extension owned and operated by SmartScribe.

Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

User Account means a unique account created for you to access our Services or parts of our Services.

 

COLLECTING AND USING YOUR PERSONAL DATA

 

Types of Data Collected

 

Personal User Data: While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to: email address, first name and last name, phone number, usage data.

 

Usage Data: Usage Data is collected automatically when using the Services. Usage Data may include information such as your device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

 

When you access the Services by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

 

We may also collect information that your browser sends whenever you visit our Services or when you access our Services by or through a mobile device.

 

TRACKING TECHNOLOGIES AND COOKIES

 

We use Cookies and similar tracking technologies to track the activity on our Services and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services.

 

The technologies we use may include:

 

Cookies or Browser Cookies. A cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. Unless you have adjusted your browser setting so that it will refuse Cookies, our Service may use Cookies.

 

Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics.

 

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.

 

We use both Session and Persistent Cookies for the following purposes:

 

Necessary / Essential Cookies (Session Cookies) — Administered by SmartScribe. These Cookies are essential to provide you SmartScribe Services and to enable you to use some of its features.

 

Cookies Policy / Notice Acceptance Cookies (Persistent Cookies) — Administered by SmartScribe. These Cookies identify if users have accepted the use of cookies on the Services.

 

Functionality Cookies (Persistent Cookies) — Administered by SmartScribe. These Cookies allow us to remember choices you make when you use the Services, such as remembering your login details or language preference.

 

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

 

USE OF YOUR PERSONAL DATA

 

We do not sell personal data and we do not share it with third parties for their own marketing or cross-context behavioral advertising. For mobile messaging specifically, we do not share or sell mobile numbers, consent data, or message content for marketing or promotional purposes.

 

The Company may use Personal Data for the following purposes: to provide and maintain our Services; to manage your User Account; for the performance of a contract; to contact you by email, telephone, SMS, or push notifications; to provide you with news or offers unless you have opted out; to manage your requests; for business transfers; and for other analytical or marketing improvement purposes.

 

We may share your personal information with service providers, affiliates acting as processors, or as part of a business transfer, always in accordance with this Privacy Policy.

 

No mobile information collected for SMS messaging will be shared or sold to third parties, business partners, or affiliates for marketing or promotional purposes.

 

RETENTION OF YOUR PERSONAL DATA

 

The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, to comply with legal obligations, resolve disputes, or enforce agreements. Usage Data may be retained for shorter periods unless required for security or functionality improvements.

 

TRANSFER OF YOUR PERSONAL DATA

 

Your information may be transferred to computers outside of your jurisdiction. By submitting your information, you consent to this transfer. SmartScribe will ensure appropriate safeguards and secure handling consistent with this Privacy Policy.

 

DELETE YOUR PERSONAL DATA

 

You may request deletion or modification of your personal data by accessing your account settings or contacting us directly. Certain data may be retained when required by law or legitimate purpose.

 

DISCLOSURE OF YOUR PERSONAL DATA

 

Your data may be disclosed in the following cases: business transactions (e.g., mergers or acquisitions), legal obligations, or protection of Company rights and public safety.

 

SECURITY OF YOUR PERSONAL DATA

 

We use commercially acceptable means to protect your data but cannot guarantee absolute security.

 

LINKS TO OTHER WEBSITES

 

Our Services may contain links to other websites not operated by us. We have no control over and assume no responsibility for their content or privacy practices.

 

MOBILE MESSAGING (SMS/MMS/RCS) DATA

 

If you opt in to receive messages from JotPsych, we collect your phone number, consent status, preferences, and logs to operate the program. Messages may include onboarding, reminders, support, or promotional content if you consent.

 

Carriers and providers (e.g., Twilio) process messages as our service providers and are prohibited from using your data for their own purposes.

 

Opt-out at any time by texting STOP; a confirmation message will be sent. Message frequency varies. Message and data rates may apply.

 

We retain opt-in/opt-out records for at least six months after opt-out and do not sell or share numbers or message content for marketing.

 

CHANGES TO THIS PRIVACY POLICY

 

We may update this Privacy Policy from time to time. We will notify you of changes by posting the new version on this page and updating the “Last updated” date.

 

CONTACT US

 

If you have any questions about this Privacy Policy, you can contact us by email at info@smartscribe.health.

================================================================================
JOTPSYCH NOTE SHUTTLE CHROME EXTENSION - PRIVACY POLICY
================================================================================

Effective Date: December 19, 2024

Summary: JotPsych Note Shuttle is a Chrome extension that helps healthcare providers transfer medical notes from JotPsych to their Electronic Health Record (EHR) systems. We collect only the data necessary to provide this service and do not sell your information.


1. INTRODUCTION

This Privacy Policy describes how JotPsych ("we," "us," or "our") collects, uses, and protects information when you use the JotPsych Note Shuttle Chrome extension (the "Extension"). This policy supplements the JotPsych Privacy Policy (https://www.jotpsych.com/privacy-policy), which governs your use of the JotPsych web application.

By installing and using this Extension, you agree to the collection and use of information in accordance with this policy.


2. INFORMATION WE COLLECT

2.1 Information You Provide

• Authentication credentials - To verify your identity and authorize access to your JotPsych account (stored in local browser storage as tokens only)

• User profile (email, name) - To display your account information and personalize the experience (stored in local browser storage)


2.2 Information Collected Automatically

• Current page URL - To identify which EHR system you are using and maintain integration state (stored in local browser memory, not persisted)

• EHR page structure (DOM) - To identify form fields where medical notes can be inserted (temporarily in memory; sent to JotPsych API for field mapping)

• Form field metadata - To create mappings between JotPsych note sections and EHR fields (stored in local browser storage)

IMPORTANT: The Extension reads page content from websites you visit only when you explicitly click the "Scrape" or "Scrape & Map" buttons. It does not passively monitor your browsing activity.


2.3 Medical Information

When you use the Extension to transfer notes to your EHR:

• Medical note content is retrieved from your JotPsych account via secure API calls
• Note content passes through the Extension to be inserted into your EHR
• The Extension does not store medical note content persistently
• All data transmission uses HTTPS encryption


3. HOW WE USE YOUR INFORMATION

We use the collected information to:

• Provide the Service: Authenticate you, retrieve your notes, and facilitate transfer to your EHR
• Improve the Extension: Understand how the Extension is used to improve functionality
• Maintain Security: Detect and prevent unauthorized access or misuse

We do NOT use your information to:

• Sell to third parties
• Display advertisements
• Build marketing profiles
• Track your browsing activity beyond what is necessary for the service


4. INFORMATION SHARING

We share information only with:

• Auth0 (authentication provider) - Email, authentication tokens for secure user authentication

• JotPsych API servers - Authentication tokens, EHR page structure, note requests for core service functionality

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.


5. DATA STORAGE AND SECURITY

5.1 Local Storage

The Extension stores the following data locally on your device:

• Authentication tokens (encrypted by Chrome's storage API)
• User profile information (email, name)
• EHR template mappings (to remember field mappings for future use)


5.2 Security Measures

• All API communications use HTTPS/TLS encryption
• Authentication tokens expire and are automatically refreshed
• No sensitive data is stored in plain text
• The Extension follows Chrome's security best practices (Manifest V3)


6. HIPAA COMPLIANCE

SmartScribe is committed to protecting the privacy and security of Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA).

The Extension is designed as a tool to assist healthcare providers in their workflow. When used as part of the JotPsych service:

• PHI is processed in accordance with our Business Associate Agreement (BAA)
• Data transmission is encrypted end-to-end
• Access to PHI is limited to authenticated, authorized users
• We maintain audit logs as required by HIPAA

For questions about HIPAA compliance or to request a BAA, please contact us at contact@jotpsych.com.


7. YOUR RIGHTS AND CHOICES

7.1 Access and Deletion

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Delete: Request deletion of your personal data
• Correct: Request correction of inaccurate personal data
• Portability: Request your data in a machine-readable format

To exercise these rights, contact us at contact@jotpsych.com.


7.2 Uninstalling the Extension

You can uninstall the Extension at any time through Chrome's extension management page. Uninstalling will:

• Remove all locally stored data (tokens, mappings, preferences)
• Revoke the Extension's access to your browser
• Not affect your JotPsych account or data stored on our servers


7.3 Clearing Local Data

To clear the Extension's local data without uninstalling:

1. Right-click the Extension icon
2. Select "Options" or "Manage Extension"
3. Click "Clear Data" or use Chrome's "Clear browsing data" feature


8. CHILDREN'S PRIVACY

The Extension is intended for use by healthcare professionals and is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13.


9. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Effective Date" at the top
• For material changes, providing notice through the Extension or via email

Your continued use of the Extension after changes become effective constitutes acceptance of the revised policy.


10. CONTACT US

JotPsych

For privacy-related questions or concerns:
Email: contact@jotpsych.com

For general support:
Email: support@jotpsych.com
Website: www.jotpsych.com


11. CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect and how it is used
• The right to delete personal information
• The right to opt-out of the sale of personal information (we do not sell your data)
• The right to non-discrimination for exercising your privacy rights


================================================================================

© 2025 JotPsych. All rights reserved.

Main Privacy Policy: https://www.jotpsych.com/privacy-policy

bottom of page