Legal
Last Updated: April 13, 2026
Privacy PolicyTerms of ServiceMedical Disclaimer

Privacy Policy

Effective Date: April 13, 2026

Doctilio (“we,” “our,” or “us”) provides a medical dictation application (“App”) that allows healthcare professionals to record voice dictations, transcribe them into text, and manage medical reports. This Privacy Policy explains how we collect, use, store, and protect your information when you use our App.

By using Doctilio, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.

What we collect, in plain terms: Doctilio stores the transcribed text (the report you dictate) so you can access it across your devices. We do not store your audio recordings, we do not collect or process patient data, and we do not use your dictations or any user content to improve our models or services.

1. Information We Collect

1.1 Account Information

When you sign in using Google Sign-In, we receive and store:

  • Name
  • Email address
  • Profile picture

1.2 Profile Information

During onboarding, we may collect additional information you voluntarily provide:

  • Phone number

1.3 Transcription Data

  • Voice recordings: Audio is captured temporarily on your device for real-time transcription. Voice data is processed on-device and is not retained, stored, or transmitted to our servers.
  • Transcribed text: The raw text output generated from your dictations is stored on our cloud servers so you can access your reports across devices. We do not use this text to train or improve our models.
  • No patient data: Doctilio is a documentation aid. We do not collect, process, or maintain patient records, identifiers, or any clinical data tied to a specific patient.

1.4 Usage and Subscription Data

We collect information related to your subscription status and plan type to manage access to App features.

1.5 Device and Technical Data

We may automatically collect limited technical data required for the App to function, including:

  • Device type and operating system version
  • Authentication tokens (stored locally on your device)

1.6 Anonymous Operational Data

We collect a small amount of anonymous, aggregated operational data so the App keeps running reliably. This data is not linked to your identity, never includes the content of your dictations, and is never used to train or improve our AI models. Examples include:

  • Aggregate counts of features used (e.g. how often the desktop widget is opened)
  • Approximate session duration and frequency of use
  • Crash reports and performance metrics
  • Anonymized error logs that help us diagnose bugs

We do not use this data to identify individual users, we do not use it to train or fine-tune any model, and we do not sell or share it with advertisers.

2. How We Use Your Information

  • Authentication: To verify your identity and manage your account via Google Sign-In.
  • Transcription services: To provide on-device speech-to-text transcription and sync your transcribed reports across your devices.
  • AI text formatting: To process your transcribed text through our AI for grammar, punctuation, and clinical formatting. The text is processed for the purpose of returning a formatted report and is not used to train or improve our models.
  • Account management: To manage your subscription, profile, and preferences.
  • Operational reliability: To keep the App running, using only the anonymous, aggregated operational data and crash reports described in section 1.6. We do not use your dictations or any user content for product improvement.

3. How We Store and Protect Your Information

  • On-device storage: Authentication credentials, cached reports, and preferences are stored locally on your device using Android’s SharedPreferences, accessible only to the App.
  • Cloud storage: Transcription data and account information are stored on our secure cloud servers.
  • Encryption in transit: All data transmitted between the App and our servers is encrypted using HTTPS/TLS.
  • Access tokens: We use short-lived access tokens and refresh tokens (valid for 30 days) to secure your sessions. Expired sessions are automatically logged out.

We implement reasonable security measures to protect your data and limit what we collect to what is strictly needed to run the service.

4. Third-Party Services

We use the following third-party services:

  • Google Sign-In (Google Credential Manager): For authentication. Google’s privacy policy applies to data processed by Google.

We do not use third-party analytics, advertising, or tracking services within the App.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Service providers: With trusted service providers who assist in operating our backend infrastructure, subject to confidentiality obligations.
  • Legal requirements: When required by law, regulation, legal process, or governmental request.
  • Safety: To protect the rights, safety, or property of Doctilio, our users, or the public.

6. Data Retention

  • Account data: We retain your account information for as long as your account is active.
  • Transcription data: Your transcriptions are retained on our servers for as long as your account exists, unless you delete them.
  • Local data: Data stored on your device is removed when you log out or uninstall the App.

If you wish to delete your account and all associated data, please contact us at support@doctilio.com.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data and account.
  • Portability: Request a copy of your data in a portable format.
  • Withdraw consent: You can stop using the App at any time and request account deletion.

To exercise any of these rights, contact us at support@doctilio.com.

8. Children’s Privacy

Doctilio is designed for use by healthcare professionals and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information promptly.

9. International Data Transfers

Our servers may be located in different countries. By using the App, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the “Effective Date” at the top of this page. Your continued use of the App after changes are posted constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Doctilio
Email: support@doctilio.com