Ambient.
BETA
powered by Scanbo AI
Legal

Privacy Policy

What we collect, what we do not, and exactly how your data is handled.

Contents
Last updated: March 1, 2026 - Version 1.0
1. Overview
Ambient processes audio locally on your device. Raw audio is never uploaded to Scanbo servers. We do not collect, store, or process patient health information (PHI) beyond what is necessary to generate the note within your active session.
2. What We Collect
Account Information
  • Name, email address, professional designation
  • Specialty and practice setting (optional, used to personalise note templates)
  • Country of practice (for compliance and data residency)
Usage Data
  • Session timestamps and encounter duration (no audio content)
  • Note edits and approval actions (to improve AI accuracy)
  • Device type, browser version, and general region (not precise location)
3. What We Don't
  • No raw audio recordings and audio is transcribed on-device and deleted immediately
  • No patient names, dates of birth, MRN numbers, or patient identifiers
  • No diagnoses, prescriptions, or clinical decisions
  • No biometric or genomic data of any kind
  • No insurance information or billing data
  • No precise geolocation data
Uploading or entering patient-identifiable information into Ambient beyond what is captured passively is prohibited.
4. How We Use Data
  • Authenticate your account and maintain your clinician profile
  • Generate and store your clinical notes within your account
  • Improve AI transcription and note-generation accuracy (anonymised signals only)
  • Send transactional emails (account verification, security notices)
  • Detect and prevent fraud and unauthorised access
We do not use your data for advertising and we do not sell your data.
5. Data Sharing
We do not sell, rent, or trade your personal information. Data is shared only with cloud infrastructure providers under strict data processing agreements, legal authorities when required by law, and successors in a merger under equivalent privacy protections.
6. Data Retention
Account data is retained while your account is active and for a limited period after deletion to support security and audit obligations. You can request deletion by emailing [email protected].
7. Your Rights
  • Access a copy of your personal data
  • Request correction of inaccurate data
  • Request deletion, subject to legal obligations
  • Withdraw consent where processing relies on consent
8. HIPAA
Ambient is designed with HIPAA-aligned safeguards for healthcare workflows. Enterprise accounts can request a Business Associate Agreement (BAA) where applicable.
9. GDPR
For users in applicable regions, Ambient supports GDPR principles including data minimisation, purpose limitation, and rights to access or erasure.
10. Cookies
We use essential cookies for authentication and session security, and optional analytics cookies to improve product performance. You can manage cookie preferences in your browser settings.