Legal
Privacy Policy
MyScribe (“we,” “us,” or “our”) operates the MyScribe platform at myscribe.dev. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. By accessing or using the Service you agree to this Policy.
1. Information We Collect
We collect information from you and about you in the following ways:
- Account information: Name, email address, password (stored as a one-way hash), and profile details you provide during registration.
- Content you create: Transcriptions, notes, knowledge-base entries, skillsets, and any other content you upload or generate on the platform.
- Usage data: Pages visited, features used, session duration, and interaction patterns.
- Device & technical data: IP address, browser type, operating system, and device identifiers collected automatically when you access the service.
- Payment information: Billing details are processed securely by Stripe. We do not store card numbers on our servers.
- Phone number: Collected during checkout or account setup for SMS coaching communications and call routing. Stored in normalised format for identity resolution and TCPA compliance.
- Call data: Inbound and outbound call records, duration, caller ID, dual-channel call recordings, and AI-generated transcripts and summaries for subscriber calls. Recordings are stored per coach tenant and are not shared cross-tenant.
- Wearable & health data: If you connect a wearable device or continuous glucose monitor (CGM), we collect health metrics as described in Section 5.
- Booking data: Appointment type, scheduled time, availability selections, and booking status when you use the scheduling features.
- Lead & prospect data: Phone number, voicemail transcripts, interest signals, urgency score, and behavioral patterns captured when a prospect interacts with a coach’s communication system prior to subscribing.
- Instagram: Your Instagram user ID, username, and public media (photos, videos, captions, and permalinks). We access only the data permitted by the
user_profileanduser_mediascopes. - TikTok: Your TikTok open ID, display name, and public video metadata (title, thumbnail, share URL). We access only the data permitted by the
user.info.basicandvideo.listscopes. - YouTube: Public video metadata from your channel via the YouTube Data API v3 using your Channel ID.
- Other platforms: Public content and metadata as permitted by each platform’s API and your granted permissions.
OAuth access tokens for social platforms are encrypted using AES-256-GCM before storage. We use this data solely to display your content on your MyScribe feed page and never sell or share it with third parties for advertising.
2. How We Use Your Information
- To operate and maintain the MyScribe platform and deliver the services you request.
- To route coaching communications across SMS, voice, and in-app channels.
- To process payments and manage your subscription.
- To send transactional emails (account confirmation, password reset, billing receipts).
- To send SMS coaching messages where you have provided consent.
- To record and transcribe subscriber calls for coaching continuity and knowledge-base development.
- To process wearable health data to provide contextual coaching insights to your enrolled coach.
- To personalise your experience based on your usage and coaching program context.
- To detect, investigate, and prevent fraudulent or abusive activity.
- To comply with legal obligations including TCPA, GDPR, and CCPA requirements.
- To score and manage prospect leads for coach follow-up (prospect data only).
3. SMS Communications
If you provide your phone number during checkout or account setup, you may consent to receive SMS messages from MyScribe and your enrolled coach(es) as part of the coaching service.
Program name: MyScribe Coaching SMS
Message types: Coaching responses, check-in reminders, scheduling notifications, service alerts, and re-engagement messages.
Message frequency: Varies based on your coaching program activity. Typically 1–10 messages per week per enrolled coach.
Message and data rates may apply depending on your mobile carrier plan.
Consent to SMS is obtained via a clearly labelled checkbox at checkout and on coach invite landing pages. The checkbox reads: “I agree to receive SMS messages from my coach via MyScribe. Message & data rates may apply. Reply STOP to opt out.” Checkout cannot be completed without this consent step. The opt-in, phone number, and consent timestamp are recorded in our platform.
Prospects who call a coach’s Twilio line may consent to receive a single follow-up SMS by pressing a key during the IVR menu. This consent is captured with a recording of the consent audio, IP address, and timestamp in our lead_consents table.
- To opt out: Reply STOP to any message at any time. You will receive one confirmation and no further messages will be sent.
- To re-enable: Reply START to the same number.
- For help: Reply HELP or contact [email protected].
Opting out of SMS does not cancel your coaching subscription. You can manage communication preferences at myscribe.dev/account.
4. Call Recording & Voice Transcription
MyScribe records telephone calls between subscribers and their coaches for coaching continuity and knowledge-base development. The following rules apply:
- Disclosure: A compliance message plays at the start of every recorded call: “This call may be recorded and transcribed for coaching purposes.”
- Consent: Continuation of the call after the compliance message constitutes consent to recording. The consent event is stored with a timestamp in our
callstable. - Outbound calls to prospects: Calls from coaches to prospects (non-subscribers) are not recorded.
- Transcription: Recordings are transcribed using Twilio Conversational Intelligence or OpenAI Whisper. Transcripts are split into coach utterances and client utterances. Only coach utterances are eligible to become knowledge-base candidates; client utterances are used for coaching context and profile enrichment only and are never published to the knowledge base.
- Storage: Recordings and transcripts are stored per coach tenant. They are not shared with other tenants or used cross-tenant.
- Coach responsibility: Coaches are responsible for compliance with applicable local, state, and national call recording laws in their jurisdiction.
5. Wearable & Health Data
Special Category Data Notice: Continuous glucose monitor (CGM) data and certain other health metrics may constitute Special Category personal data under GDPR Article 9. We apply explicit consent and heightened protections to all wearable health data.
If you choose to connect a wearable device or health platform, we collect the health metrics you explicitly authorise. Supported providers include Apple HealthKit, Fitbit, Oura Ring, Garmin Connect, Whoop, Dexcom G6/G7, Libre 3 (Abbott), and Withings.
Data types collected may include: steps, heart rate variability (HRV), sleep score and stages, resting heart rate, readiness score, recovery percentage, strain score, SpO2, active energy, body weight, body fat percentage, and glucose readings (real-time mg/dL, time-in-range, mean glucose, glucose variability, fasting glucose, and estimated HbA1c).
Consent model: Wearable connections are always client-initiated. Your coach cannot initiate a connection or access your data without your explicit action. At connection time, you provide explicit, versioned, scope-documented consent recorded in our wearable_consents table, which captures the exact categories consented to, a hash of the consent text shown, timestamp, IP address, and user agent. You control which data categories are shared with your coach at all times.
Data retention:
- Most wearable metrics are retained for the life of the coaching relationship plus a 90-day post-subscription grace period, after which they are permanently purged.
- CGM real-time readings are stored at full resolution for 30 days, then automatically summarised to daily aggregates which are retained for the relationship lifetime.
- Upon disconnecting a device, a 90-day grace period applies before purge. If you request immediate deletion of all your data, purge occurs within 30 days.
Coach access: Your coach sees trend summaries and clinical pattern views by default. Individual raw readings are one level deeper but are never the primary display surface. Your coach cannot see any wearable data category you have not explicitly enabled.
Data portability: You may request a CSV export of your wearable data at any time by contacting [email protected] (GDPR Article 20).
EU users — CGM features: A Data Protection Impact Assessment (DPIA) is required before the CGM feature is made available in the European Union. EU users will be notified separately when CGM integration becomes available in their region.
6. AI Processing
MyScribe uses artificial intelligence to power several platform features. The following describes what data is processed by AI and for what purpose:
- Response routing: Client questions are matched against coach-authored knowledge-base entries using AI similarity search. New questions that cannot be matched are escalated directly to the coach — AI does not generate client-facing responses independently.
- Call transcription & summarisation: Call recordings are sent to Twilio Conversational Intelligence or OpenAI Whisper for transcription, then processed by OpenAI GPT for summaries and knowledge-base candidate extraction. Only coach utterances are eligible for KB candidates.
- Brain Dump processing: Coach voice recordings and text inputs submitted via Brain Dump are transcribed by Whisper and processed by OpenAI GPT for knowledge extraction. Coach approval is always required before any extracted content enters the knowledge base.
- Document & content intelligence: Documents, email threads, and media transcripts uploaded by coaches are processed by OpenAI GPT to extract knowledge-base candidates. Raw uploads are not stored as KB entries.
- AgentEngine context: Wearable health summaries, tool submission data, and coaching history may be included in AI context windows to enable contextually relevant coaching responses.
- Check-in generation: Automated client check-in messages are generated from coach-configured templates processed by OpenAI GPT.
OpenAI operates under a Data Processing Agreement. Per OpenAI’s API terms, data submitted via the API is not used to train OpenAI models. We do not share client data with AI providers beyond what is necessary to deliver the specific feature being used.
7. Lead Capture & Prospect Data
When a prospect calls a coach’s Twilio number or submits a form on a coach’s public page, we capture a lead record that may include:
- Phone number (normalised for identity resolution)
- Caller ID and call timestamp
- Voicemail recording and AI-generated transcript summary
- Extracted first name, health concern or interest, urgency score (0–10), and preferred callback time
- Interest tags and behavioral patterns
- SMS opt-in status and consent record (where IVR consent was given)
- Behavioral DNC flags (five or more cold hangups auto-flags the number as do-not-contact)
Lead data is scoped to the coach tenant whose number or page was contacted and is not shared with other coaches. Prospects may request deletion of their lead record by contacting [email protected]. Lead records are retained for 24 months from last activity unless a deletion request is received.
8. Agency & Consultant Data Access
MyScribe supports agency accounts where an agency operator manages a team of coaches or consultants. Within an agency:
- Agency supervisors may access knowledge-base candidates and escalation queues submitted by their consultants for quality review and governance.
- Client data remains scoped to the individual coaching relationship (client ↔ consultant). Agency supervisors do not have access to private client coaching threads or personal health data without explicit client consent.
- Consultant access is role-based and configurable by the agency administrator.
- Cross-tenant data access is strictly prohibited. An agency consultant cannot access another agency’s or another tenant’s client data.
9. Information Sharing
We do not sell your personal information. We may share data with:
- Stripe: Payment processing. Stripe receives billing details and subscription data necessary to process transactions.
- OpenAI: AI features including response routing, transcription processing, knowledge extraction, and content generation. Data shared is limited to what is necessary for each feature and is not used to train OpenAI models per their API terms.
- Twilio: SMS delivery, voice call routing, call recording, IVR processing, and Conversational Intelligence transcription.
- Wearable API providers: OAuth tokens are exchanged with Fitbit, Oura, Garmin, Whoop, Dexcom, Libre (Abbott), and Withings solely to retrieve health data you have authorised. These providers operate under their own privacy policies.
- Hosting & infrastructure: Namecheap (server hosting) and Cloudflare (CDN, SSL, DNS) receive technical data necessary to operate the platform.
- Your enrolled coach: Client data, coaching thread content, tool submissions, progress data, and (where consented) wearable health metrics are shared with your enrolled coach within the platform.
- Legal compliance: When required by law, court order, or to protect the rights and safety of MyScribe or its users.
- Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate confidentiality protections.
10. Data Retention
We retain different categories of data for different periods based on operational and legal requirements:
| Data Type | Retention Period |
|---|---|
| Account data | Life of account. Deletion requests processed within 30 days. |
| Coaching thread messages | Life of coaching relationship + 90 days post-subscription. |
| Wearable health data (general) | Life of coaching relationship + 90-day post-subscription grace period. |
| CGM real-time glucose readings | 30 days at full resolution, then daily summaries retained for relationship lifetime. |
| Call recordings & transcripts | Stored per coach tenant until deletion request. Subject to legal hold where applicable. |
| Lead & prospect data | 24 months from last activity, or upon deletion request. |
| Payment records | 7 years (legal and tax compliance). |
| IVR consent records (TCPA) | 4 years (TCPA statute of limitations). |
| Wearable consent records | Life of account plus 5 years (legal audit trail). |
| Audit logs | 12 months. |
| Social platform OAuth tokens | Retained while connected. Deleted upon disconnection or account deletion. |
11. Security
We implement industry-standard security measures including TLS encryption in transit, AES-256-GCM encryption for sensitive stored values (OAuth tokens, API credentials), bcrypt password hashing, and role-based access controls. Twilio webhook requests are validated via X-Twilio-Signature header before processing. Significant platform actions are logged to an audit log table. Wearable consent records capture IP address and user agent for legal audit purposes.
12. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access (GDPR Art. 15 / CCPA): Request a copy of the personal data we hold about you.
- Rectification (GDPR Art. 16): Request correction of inaccurate personal data.
- Erasure (GDPR Art. 17 / CCPA): Request deletion of your personal data. Wearable data disconnection initiates a 90-day grace period; explicit deletion requests are processed within 30 days. Payment records are subject to legal retention requirements.
- Restriction (GDPR Art. 18): Request that we restrict processing of your data in certain circumstances.
- Portability (GDPR Art. 20): Request a structured, machine-readable export of your personal data. Wearable data is available as CSV export on request.
- Objection (GDPR Art. 21): Object to processing based on legitimate interests.
- Withdrawal of wearable consent: Disconnect any wearable device at any time from your account settings. Disconnection stops future data collection immediately.
- SMS opt-out: Reply STOP to any SMS message at any time.
- CCPA — California residents: You have the right to know, delete, and opt out of the sale of personal information. We do not sell personal information. Submit requests to [email protected].
To exercise any of the above rights, contact us at [email protected]. We will respond within 30 days.
13. Cookies
We use session cookies to keep you logged in and preference cookies to remember your settings. We do not use third-party advertising cookies.
14. Children’s Privacy
MyScribe is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at [email protected] and we will delete it promptly.
15. Health & Medical Disclaimer
MyScribe is a coaching platform, not a medical device. Nothing on the platform constitutes medical advice, diagnosis, or treatment. Wearable health data, including glucose readings from continuous glucose monitors, is provided for coaching context only and should not be used to make clinical or medical decisions.
MyScribe does not operate as Software as a Medical Device (SaMD) under FDA guidelines. The platform is a coaching intelligence layer connecting existing data to existing coaching relationships. Coaches using MyScribe are responsible for operating within the scope of their own qualifications and applicable professional regulations.
CGM threshold alerts delivered through the platform are informational signals for coaching awareness only and are not a substitute for the CGM device’s own alert system or emergency medical care. If you experience a medical emergency, call emergency services immediately.
16. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a prominent notice on the platform. The “Last updated” date at the top of this page reflects the most recent revision.
17. Contact
Privacy questions or rights requests: [email protected]
General support: [email protected]