Privacy Policy
Note: The text below is a documentation-friendly presentation of MedFeed's Privacy Policy. It is intended to explain the policy clearly for users and administrators — it is not legal advice. For the official policy or legal questions, refer to the original site or consult legal counsel.
1. Overview
This page summarizes what MedFeed collects, how that data is used, who has access, retention rules, and the primary contact points for privacy and security questions. Use this page to understand your responsibilities as a Customer and how MedFeed handles data.
2. Data collection
MedFeed collects three broad categories of data:
- Customer Data — account information, billing details, and system configuration related to your organization.
- End-User Data — data provided by the Customer about end users, such as patient feedback, clinical notes, and operational observations.
- Usage Data — platform usage metrics (for example: voice minutes processed), which are used for optimization and product research.
3. How data is used
MedFeed uses collected data for the following primary purposes:
- Service delivery: powering core Platform features such as transcription, analytics, dashboards, and task routing.
- Compliance: supporting lawful obligations and regulatory compliance work under applicable frameworks (e.g., DPDP Act, GDPR, HIPAA).
- Research & improvement: anonymized/aggregated usage data may be used for product research, analytics, publications, or conference materials to improve the Platform.
4. Data security & infrastructure
- MedFeed processes data using third-party infrastructure providers (examples called out include AWS, Azure, MongoDB, Cloudflare). These providers may maintain certifications such as ISO 27001.
- The Customer is responsible for securing its own systems and access credentials (for example: account management, local network controls, and device security).
5. Data sharing & subprocessors
MedFeed does not share Customer or End-User Data with unrelated third parties except in limited circumstances:
- When required by law or regulatory authorities.
- With subprocessors (for example, cloud or hosting providers) that act under contract and strict data-protection terms.
All subprocessors are expected to process data only under the directions of the Company and in accordance with applicable data-protection requirements.
6. Customer obligations
As a Customer using MedFeed you are required to:
- Obtain and maintain any required consents from end users (for example, patient consents) for processing and sharing data under applicable laws and regulations, and provide copies upon the Company's request.
- Report breaches: notify the Company of any data breach involving Platform data within 24 hours of becoming aware, so the Company can take appropriate remediation steps.
7. Data retention
- Customer and End-User Data is retained for the duration of your subscription and for up to 30 days after termination, unless applicable law requires otherwise.
- Anonymized or aggregated data derived from processing may be retained indefinitely for research and analytics purposes (see platform policy references).
8. Contact points
For privacy, security, or account questions, contact MedFeed via the following addresses:
- Sales & Pricing:
sales@medfeed.ai - Billing & Cancellations:
billing@medfeed.ai - Data Protection Officer (DPO):
dpo@medfeed.ai - Security Incidents:
security@medfeed.ai
9. Related documents & next steps
Refer to these related policies for full operational and legal detail:
- Terms & Conditions
- Digital Delivery Policy
- Cancellation & Refund Policy
(Links to the canonical site documents should be provided here in your docs site for the official text.)
Last updated: 2025 — For the authoritative policy, always refer to the original MedFeed privacy page.