Privacy Policy

Privacy Policy for Stenoly

Last updated · Last updated: 10.11.2024
§ 01

Introduction

Welcome to Stenoly! (hereinafter «Stenoly», «we» or «us»). Stenoly uses advanced artificial intelligence (AI) to transcribe speech, enabling doctors and other professional groups to quickly record essential information and save time in their daily work.

We are dedicated to protecting your privacy and processing personal data in a secure and lawful manner. This privacy policy explains how we collect, use, and protect your personal data when you use our services.

§ 02

Data Controller

The responsibility for processing personal data when using Stenoly.no is regulated by the General Data Protection Regulation (GDPR) and the Personal Data Act. Stenoly AS is the data controller for personal data processed through our services.

Stenoly is not the data controller or data processor for any patient health information that is processed in connection with the medical professional's use of Stenoly.no. This responsibility rests with the individual doctor or professional.

Stenoly AS, Hoffsveien 4, 0275 Oslo
support@stenoly.ai
+47 913 00 100
§ 03

What Personal Data We Collect

We collect the following types of personal data:

  • Customer information: Including name, email address, phone number.
  • Audio data: Audio data collected via your microphone or computer.
  • Technical information: IP address, device type, browser, operating system.
  • Communication data: Email correspondence, support inquiries.
§ 04

Purpose of Processing

We process personal data for the following purposes:

  • Provide and improve our services: To deliver and improve Stenoly.
  • Customer service: To respond to inquiries and provide support.
  • Security: To detect and prevent security threats.
  • Legal obligations: To comply with applicable laws and regulations.
§ 05

Legal Basis for Processing

5.1

Legal Grounds

The processing of personal data is based on the following grounds:

  • Contract: Processing is necessary to fulfill a contract with you, cf. GDPR Article 6 (1) (b).
  • Legitimate interest: To improve our services and ensure security, cf. GDPR Article 6 (1) (f).
  • Consent: For specific purposes where we request your consent, cf. GDPR Article 6 (1) (a) and Article 9 (2) (a).
  • Legal obligation: To comply with legal requirements, cf. GDPR Article 6 (1) (c).
§ 06

Sharing of Personal Data

6.1

Third Parties

We do not share your personal data with third parties, unless:

  • To fulfill a contract: When necessary to deliver our services.
  • With your consent: When you have given us permission.
  • Legal requirements: When we are required to share information in accordance with law.
6.2

Subprocessors

We use the following subprocessors:

  • Signicat – secure authentication with BankID and Buypass
  • Amplitude – analysis of service usage
  • Google Analytics – tracking and reporting of traffic
  • Google Workspace – email services
  • Google Tag Manager – management of tracking codes
  • Microsoft Azure – platform for audio transcription and AI
  • Amazon S3 – data storage
  • Fiken – accounting and invoicing
  • Sentry – debugging and error reporting
§ 07

Storage of Personal Data

We store personal data for as long as necessary for the purposes for which they were collected, or to comply with legal obligations. When the data is no longer necessary, it will be deleted or anonymized.

§ 08

Your Rights

8.1

Overview of Rights

You have the right to:

  • Access: To obtain access to your personal data.
  • Rectification: To request correction of inaccurate data.
  • Erasure: To request deletion of your data.
  • Restriction: To request restriction of processing.
  • Data portability: To receive your data in a structured format.
  • Object: To object to processing when based on GDPR Article 6 (1)(f).
  • Consent: You can withdraw consent to processing of personal data that you have given to us.
8.2

Exercising Your Rights

To exercise your rights, contact us at erling@stenoly.ai.

§ 09

Information Security

We have implemented necessary security measures to ensure that your personal data is processed in a secure manner that safeguards the confidentiality, integrity, and availability of the data. The security measures shall also protect the data against unauthorized or unlawful processing, and reduce the risk of loss, accidental alteration, unauthorized disclosure or access.

§ 10

Changes to the Privacy Policy

We may update this privacy policy at any time to reflect changes in our privacy practices. We encourage you to regularly review the policy to stay informed about how we collect, use, and protect your information. Significant changes will be communicated via our services or directly to you.

§ 11

Data Protection Officer

Stenoly is committed to protecting the privacy of our users and has therefore appointed a data protection officer. The data protection officer is responsible for ensuring that all processing of personal data occurs in accordance with applicable privacy legislation, including GDPR.

11.1

Contact Information

Data Protection Officer
Erling Løken Andersen
Legal Director
Contact Details
erling@stenoly.ai
Hoffsveien 4, 0275 Oslo
Stenoly · Privacy Policy