DyZen Med Privacy Policy

1. Overview

This Privacy Policy explains how DyZen Med collects, uses, and handles information when you use our services (the “Service”).

DyZen Med is an AI-assisted medical record intelligence platform that processes data at the direction of users to generate structured outputs for review.

We are committed to handling data responsibly, minimizing unnecessary retention, and maintaining appropriate safeguards based on the nature of the information processed.

2. Information We Collect

We collect information in the following categories:

Account information

• Name
• Email address
• Organization name (if applicable)
• Role or account type
• Authentication data (including MFA where enabled)

Uploaded content

• Medical records and related documents you choose to upload
• Associated metadata (file names, timestamps, processing details)

Usage and system data

• Job activity (e.g., uploads, processing status, output generation)
• Timestamps and operational logs
• Basic device and session information used for security and performance

3. How We Use Information

We use information solely to operate and support the Service, including to:

• Process and organize uploaded records as directed by users
• Generate structured outputs for review
• Maintain system security, integrity, and performance
• Provide account functionality and usage visibility

DyZen Med does not use customer data to train public or shared AI models.

Protected health information is processed only at the direction of the customer organization and its authorized users. Where a Business Associate Agreement (BAA) is in effect, it supplements this Policy for the obligations it describes. This Policy is not a certification of full HIPAA compliance.

4. User Responsibility for Data

DyZen Med processes data only at the direction of users.

You are responsible for:

• Ensuring you have the legal right to upload and process records
• Obtaining any required consents or authorizations
• Using the Service in compliance with applicable laws and regulations

DyZen Med does not independently verify the legal status of uploaded data.

5. Medical Records and Sensitive Information

The Service may process medical records and other sensitive information.

DyZen Med:

• Does not provide medical advice, diagnosis, or treatment recommendations
• Does not interpret or validate clinical meaning
• Does not replace professional judgment

All outputs must be reviewed and evaluated by the user before use.

6. Subprocessors and Infrastructure

DyZen Med uses third-party service providers to operate the Service. These may include:

• Cloud infrastructure providers (e.g., AWS)
• Document processing and storage systems
• AI-assisted processing services

These providers are used solely to support the functionality of the Service and are bound by appropriate confidentiality and data protection obligations.

7. Security Practices

We implement administrative, technical, and organizational safeguards appropriate to the nature of the data processed, including:

• Encryption in transit (TLS)
• Access controls and authentication safeguards
• Logging of key system and administrative events

No system can guarantee absolute security, and users should exercise appropriate caution when handling sensitive information.

8. Data Retention and Deletion

DyZen Med retains data only as long as necessary to provide the Service and support operational requirements.

For more detailed information, see our Data Retention & Deletion Policy:

/data-retention.html

Users may request deletion of data through in-app support tools or by contacting DyZen Med directly.

9. Cookies and Similar Technologies

DyZen Med may use minimal cookies or similar technologies necessary for:

• Session management
• Authentication
• Basic site functionality

We do not use cookies for advertising or cross-site tracking.

10. User Rights and Requests

You may request:

• Access to your account data
• Correction of inaccurate information
• Deletion of your data, subject to operational or legal constraints

Requests can be submitted through available support channels.

11. Changes to This Policy

DyZen Med may update this Privacy Policy from time to time.

Material changes will be communicated where appropriate. Continued use of the Service constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions:

info@dyzenmed.com

13. SMS / Text Messaging Communications

DyZen Med may send SMS messages for account authentication and security purposes, including multi-factor authentication (MFA).

By providing your phone number and consenting during onboarding, you agree to receive these messages.

• Message frequency varies
• Message and data rates may apply
• Reply STOP to opt out or HELP for assistance

DyZen Med does not send marketing or promotional text messages and does not sell or share phone numbers for marketing purposes.