Omi Scribe for Mac — Privacy Policy

Version: 1.2

Effective: 16 February 2026

Controller / Provider: Omi Health B.V., Eindhoven, Netherlands

Contact: [email protected]

This Privacy Policy applies to Omi Scribe for Mac (the “App”), the on‑device clinical documentation application. It does not apply to Omi Scribe Cloud (Managed), which has a separate privacy notice at /legal/cloud-privacy.

The short version

Your data never leaves your Mac.

Omi Scribe for Mac runs entirely on your device. Audio capture, transcription, and clinical note generation happen locally. By default, we do not receive, transmit, store, or have access to your audio, transcripts, or clinical notes.

1) What we collect

1.1 App content (audio, transcripts, notes)

Processed entirely on your device. Omi Health B.V. does not receive, transmit, or store your content.

1.2 Diagnostics (optional, opt‑in)

If you enable diagnostics, we may receive technical crash logs and performance metrics only (e.g., crash traces, app version, device and OS version).

No audio, transcripts, notes, or clinical/patient content are included.

You can disable diagnostics at any time in the App’s settings and/or Apple’s system settings.

1.3 App Store purchases and account data

If you obtained the App via the Mac App Store, Apple processes purchases and Apple ID/account data under Apple’s terms and privacy policy. We do not receive your Apple ID or full payment details.

1.4 Model downloads (Apple data transmission)

The App may download model files (for example, speech or language models) to your device on first launch or during updates using Apple system frameworks (e.g., BackgroundAssets). These downloads are served by Apple’s infrastructure. Apple may log these requests under its own privacy policy.

No patient data, transcripts, or clinical notes are transmitted to Omi Health B.V. as part of model downloads.

1.5 Update checks

The App may check for updates. This may involve a request that transmits your App version and macOS version. No audio, transcripts, or clinical content are included.

1.6 Licence activation (only for direct distribution — if applicable)

If you purchased the App outside the Mac App Store (e.g., direct download) and we provide licence activation, we may process:

• email address (provided during purchase),
• licence key, and
• a hashed, non‑reversible device identifier used solely for activation and licence enforcement.

If you obtained the App from the Mac App Store, we do not perform licence activation and do not collect activation data.

2) Why we process this information

We process any optional diagnostics and/or activation data only to:

• provide, maintain, and secure the App,
• detect and fix crashes and performance issues,
• validate licences (if applicable), and
• respond to support requests you initiate.

Legal bases (EEA/UK):

• diagnostics and security: our legitimate interests (GDPR Art. 6(1)(f)) and/or legal obligations where applicable,
• licence activation (if applicable): performance of a contract (GDPR Art. 6(1)(b)).

3) Sharing

We do not sell or trade data.

If diagnostics are enabled or licence activation is used, we may use vetted service providers solely for error reporting, licence operations, or technical support, bound by data‑processing and confidentiality obligations.

4) Security

Security is designed around a simple principle: keep clinical content on‑device.

• On‑device processing: audio capture, transcription, extraction, and note drafting run locally.
• Local encryption (at rest): session data and audio files are encrypted at rest using authenticated encryption (AES‑256‑GCM), with keys stored in the macOS Keychain (device‑bound).
• Temporary playback handling: during playback, temporary decryption occurs in a secure temporary directory and temporary files are deleted after playback stops.
• App lock (optional): where supported, you can enable biometric authentication (Touch ID / Face ID) and configure an auto‑lock interval. Biometric authentication is handled by Apple’s Secure Enclave; we do not receive or store biometric data.
• Sandboxing: the App runs in a sandboxed macOS environment with standard platform protections.

You are responsible for device‑level security (e.g., macOS updates, device passcode, and optional FileVault).

5) Retention and deletion

All session data (audio, transcripts, notes) is stored locally until:

• you delete it, or
• it is removed by your configured retention setting (where available).

Because we do not store your session content, we cannot delete it for you.

6) Exports and your responsibility

If you copy, export, or share notes, transcripts, or audio (e.g., clipboard, file export, screen sharing), you assume responsibility for protecting that data outside the App.

We cannot control or secure data once it leaves the App.

7) HIPAA (United States)

The App processes content locally on your device. Omi Health B.V. does not create, receive, maintain, or transmit PHI on your behalf via the App’s core functionality. No Business Associate Agreement (BAA) is provided for the on‑device App.

If you are a HIPAA Covered Entity, you remain responsible for using the App in compliance with HIPAA and for securing any exported content.

For BAA inquiries related to cloud features (if applicable): [email protected]

8) Your rights

Because we do not receive or store your audio, transcripts, or notes, most requests related to that content must be handled by you on your device.

If you have provided us with personal data for licence activation (if applicable) or support, you may request access, correction, or deletion by contacting [email protected].

Regional information

• EEA/UK (GDPR): You may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or your local supervisory authority.
• California (CCPA/CPRA): We do not sell or share personal information for cross‑context behavioural advertising.
• Australia: You may contact the OAIC for complaints.

9) Children

The App is not intended for children under 16 and is designed for use by healthcare professionals.

10) Changes

We may update this Privacy Policy from time to time. The latest version will be available at /legal/mac-privacy and within the App. Material changes will be communicated through an App update.

11) App Store privacy disclosure

On the Mac App Store product page, we disclose privacy details under Apple’s required categories. Where no data is collected, the listing will state “Data Not Collected.”

12) Contact

Omi Health B.V., Eindhoven, Netherlands

[email protected] • [email protected]