Privacy Policy
Clinic Frame

Provided by Light-it Inc.

This Privacy Policy describes how Light-it Inc. (“Light-it,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information collected through the ClinicFrame website, registration flows, login flows, app download flows, forms, cookies, analytics tools, marketing communications, and support channels.
This Privacy Policy applies to information collected through clinicframe.com and related webpages, contact forms, registration flows, trial flows, login pages, app download flows, marketing communications, newsletters, and website support channels.
Customer Content submitted within the ClinicFrame platform, including prompts, clinical notes, audio recordings, transcripts, outputs, and Protected Health Information (“PHI”), is governed by our Terms of Service and, where applicable, a Business Associate Agreement (“BAA”).

Who We Are

ClinicFrame is a clinical intelligence platform provided by Light-it Inc. ClinicFrame includes AI-powered tools for healthcare documentation, pre-visit preparation, real-time transcription, and post-visit workflows, including ClinicScribe, an AI ambient medical scribe that listens to patient-physician encounters and generates structured clinical notes automatically.
For privacy questions or requests, you may contact us at: legal@lightit.io

Information We Collect

We collect personal information when you interact with our website, submit a form, create an account, start a trial, log in, download or access the ClinicFrame app, contact us, subscribe to communications, or interact with our marketing and support tools.

Information You Provide Directly

We may collect information that you provide directly to us, including:
- Name;
- Email address;
- Company, clinic, or organization name;
- Role or job title;
- Registration information;
- Information submitted through website contact forms;
- Information submitted through support or chat channels;
- Newsletter or marketing preferences;
- Billing and payment information, such as name and email address associated with a payment transaction; and
- Any other information you choose to provide.
Information submitted through website contact forms may be sent by email to the ClinicFrame team and may be used to send newsletters, product updates, and marketing communications.

2.2 Registration, Trial, Login, and App Access Information
When you register for ClinicFrame, start a trial, log in, or access the app, we may collect information such as:
name;
- Email address;
- Organization or clinic information;
- Account or user identifiers;
- Registration date;
- Login information;
- Authentication method;
- Plan or subscription interest; and
- Related account information.

The website and app allow users to sign up or log in using:
- Email and password;
- Google Sign-In;
- Apple Sign-In; and
- SSO, where available.
We may use information collected through new user registrations to build and maintain our user database and to send newsletters, product updates, and email marketing campaigns.

2.3 Clinical Content and Patient Encounter Data
When Authorized Users use ClinicFrame's clinical documentation features, the platform may process audio recordings, transcriptions, clinical notes, and other Customer Content, which may include PHI. This information is governed by our Terms of Service and, where applicable, a BAA, and is not used for marketing, advertising, or AI model training purposes.

2.4 Website, Device, and Usage Information
When you visit our website or interact with our online services, we and our service providers may automatically collect information such as:
- IP address;
- Browser type;
- Device information;
- Operating system;
- Referring URLs;
- Pages viewed;
- Links clicked;
- Interactions with the website;
- Timestamps;
- Cookie identifiers;
- Pixel identifiers;
- Approximate location derived from IP address;
- Other technical or usage information.

2.5 Communications and Support Information
If you contact us or use our chat or support features, we may collect:
- Contact information;
- Content of your message;
- Support request details;
- Chat history;
- Troubleshooting information; and
- Attachments or screenshots you choose to provide.

We use Intercom to provide website chat and support functionality.

Cookies, Pixels, Analytics, and Similar Technologies

We and our service providers use cookies, pixels, tags, scripts, and similar technologies to operate the website, understand website usage, improve performance, provide support, prevent abuse, measure marketing performance, and conduct advertising and marketing activities.

Our website uses the following tools:
- Google Analytics;
- Google Tag Manager;
- HubSpot;
- Meta Pixel;
- reCAPTCHA; and
- Intercom

These tools may collect information such as IP address, browser type, device information, pages visited, links clicked, cookie IDs, pixel IDs, interaction data, and other online identifiers.

We use:
- Google Analytics and Google Tag Manager for analytics, measurement, and website performance.
- HubSpot for email marketing, newsletters, and marketing campaigns.
- Meta Pixel to measure, optimize, and run advertising campaigns on Meta platforms, including Facebook and Instagram.
- reCAPTCHA to help protect the website from spam, abuse, and automated activity.
- Intercom to provide website chat and support functionality.

These advertising and analytics tools are used exclusively on our public website and marketing pages. They are not used within the ClinicFrame platform and do not access, process, or receive Customer Content, including clinical notes, audio recordings, transcripts, or PHI.
We do not use Customer Content submitted within the ClinicFrame platform, including audio recordings, transcripts, clinical notes, or PHI, to train, develop, or improve any AI model, whether our own or any third party’s. All integrations with AI providers and speech-to-text providers are configured under terms that expressly exclude the use of Customer Content for model training. We do not sell personal information collected through our website or services to third parties.
You may be able to control cookies through your browser settings. Disabling cookies may affect the functionality of the website or certain features.

How We Use Personal Information

We may use personal information for the following purposes:
- To operate, maintain, and improve the website and platform
- To process registrations, trial requests, login requests, and account-related requests
- To provide access to the app and related download flows
- To respond to inquiries submitted through the website
- To provide support and respond to chat messages
- To send newsletters, product updates, and marketing communications;to manage email marketing campaigns
- To analyze website traffic and usage;to measure the performance of our website and campaigns
- To run, measure, and optimize advertising campaigns, including campaigns on Meta platforms
- To create aggregated or de-identified information for analytics, reporting, website improvement, marketing measurement, and business purposes
- To protect against spam, abuse, fraud, and security risks;to comply with legal obligations
- To enforce our agreements and policies
- To protect our rights, users, customers, and services.

Marketing Communications

We may use personal information collected through registrations, contact forms, and website interactions to send newsletters, product updates, promotional emails, and other marketing communications. You may opt out of marketing emails at any time by using the unsubscribe link included in those emails or by contacting us at legal@lightit.io.
Even if you opt out of marketing communications, we may still send non-marketing communications, such as transactional, administrative, security, legal, or service-related messages.
Marketing communications are based on account-level or website interaction information, such as name, email address, organization, registration information, and product interest. We do not use PHI or Customer Content submitted within the ClinicFrame platform to create, target, or personalize marketing emails.

How We Disclose Personal Information

We may disclose personal information to the following categories of recipients:

6.1 Service Providers
We may disclose information to vendors and service providers that help us operate our website, manage registrations, support login and authentication, provide support, run analytics, send email campaigns, protect against abuse, and support our business operations.These providers may include tools such as Google Analytics, Google Tag Manager, HubSpot, Meta Pixel, reCAPTCHA, Intercom, and authentication providers such as Google Sign-In and Apple Sign-In where used.Payment processing is handled by Stripe, Inc. Payment card data is transmitted directly to Stripe and is not stored by Light-it. Stripe’s processing of payment information is governed by Stripe’s own privacy policy, available at stripe.com/privacy.Speech-to-text processing and AI model generation of clinical notes are performed by third-party providers operating under BAAs with Light-it. These providers process Customer Content, including PHI, solely to provide the service and are prohibited from using such content for their own purposes, including model training.We do not sell personal information to third parties.

6.2 Marketing and Advertising Partners
We may disclose website activity, online identifiers, cookie information, pixel information, and similar data to analytics, marketing, and advertising partners.This includes disclosures to Meta through Meta Pixel for purposes of measuring, optimizing, and running advertising campaigns on Meta platforms, including Facebook and Instagram.Depending on your location and applicable law, certain disclosures may be considered targeted advertising or similar regulated advertising activity.These advertising and analytics disclosures apply only to information collected through our public website and marketing pages. Customer Content submitted within the ClinicFrame platform — including audio recordings, transcripts, clinical notes, outputs, and PHI — is not disclosed to Meta, advertising networks, or any marketing or analytics partner for advertising or marketing purposes.

6.3 Aggregate or De-Identified Information
We may use aggregated or de-identified information for analytics, reporting, website improvement, marketing measurement, and business purposes, provided such information cannot reasonably be used to identify you.This Privacy Policy does not restrict our use or disclosure of aggregated or de-identified information that cannot reasonably be used to identify an individual.
6.4 Legal and Compliance
We may disclose information where we believe disclosure is necessary or appropriate to:comply with applicable law;respond to legal process;cooperate with regulators or law enforcement;enforce our agreements and policies;protect our rights, privacy, safety, or property;protect users, customers, or others; orinvestigate or prevent fraud, abuse, security incidents, or unlawful activity.

6.5 Business Transfers
We may disclose or transfer information in connection with an actual or potential merger, acquisition, financing, restructuring, sale of assets, bankruptcy, or similar corporate transaction.

Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to operate the website, manage registrations, support login and authentication, send marketing communications, provide support, comply with legal obligations, resolve disputes, enforce agreements, and maintain security.

Retention periods may vary depending on the type of information, the purpose for which it was collected, legal requirements, and our business needs.

We may retain registration, marketing, support, and website analytics information for as long as necessary to maintain our relationship with you, comply with applicable law, or support legitimate business purposes. Marketing and registration data is generally retained for no longer than necessary to support our commercial relationship with you or as required by applicable law. If you unsubscribe from marketing communications or request deletion of your information, we will process your request in accordance with applicable law and our legal obligations.

Retention of Customer Content, including audio recordings, transcripts, and clinical notes processed within the ClinicFrame platform, is governed by our Terms of Service and any applicable BAA.

Your Choices and Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information, which may include the right to access, correct, delete, or request a copy of your personal information, or to object to or opt out of certain uses of your personal information.

You may opt out of marketing emails at any time by using the unsubscribe link included in those emails or by contacting us at legal@lightit.io.

To exercise any privacy rights available to you under applicable law, contact us at legal@lightit.io. We may need to verify your identity before processing your request.

Some requests may be subject to limitations under applicable law, security requirements, or our legal obligations.

Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect personal information. The ClinicFrame platform is built on HIPAA-compliant infrastructure, including end-to-end encryption and audit trails for accounts that include a BAA.

However, no website, system, network, or method of transmission or storage is completely secure. We cannot guarantee absolute security.

International Processing

We may process and store personal information in the United States and other countries where we or our service providers operate.

If you access the website from outside the United States, your information may be processed in countries that may have privacy laws different from those in your jurisdiction.

Children’s Privacy

Our website and services are not directed to children or minors, and we do not knowingly collect personal information from children.

If we learn that we have collected personal information from a child in violation of applicable law, we will take appropriate steps to delete such information.

Notice at Collection

At or before the point of collection, we may provide additional notices describing the categories of personal information collected, the purposes for collection, and applicable rights.

This Privacy Policy is intended to serve as a general notice of our website, registration, login, app download, support, and marketing privacy practices. Additional notices may be provided in registration flows, trial flows, or website forms.

Third-Party Websites and Services

Our website may include links to third-party websites, applications, app download pages, login providers, or services.

We are not responsible for the privacy practices of third parties. Your use of third-party services may be governed by their own terms and privacy policies.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date above.

If we make material changes, we may provide notice through the website, by email, or by other appropriate means.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:Light-it Inc.

Email: legal@lightit.io

Are you interested in Clinic scribe?

Menu
HomePrivacy Policy Scribe
©ClinicFrame by Light-it