1. Introduction

This Privacy Policy (“Policy”) explains how BetterClinic Pte Ltd (UEN: 202552709K), a company incorporated in Singapore with its registered office at 160 Robinson Road, #14-04 Singapore Business Federation Center, Singapore 068914 (“BetterClinic”, “we”, “us”, or “our”), collects, uses, discloses, and protects personal data in connection with the BetterClinic platform and related services (collectively, the “Service”).

BetterClinic is an ambient AI medical scribe platform that records, transcribes, and generates clinical documentation from physician-patient consultations. We process personal data on behalf of licensed physicians who use our Service.

This Policy is drafted in compliance with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and the Data Privacy Act of 2012 of the Republic of the Philippines (Republic Act No. 10173, “DPA”), together with their respective implementing rules, regulations, and NPC advisories (including NPC Advisory No. 2024-04 on AI Systems Processing Personal Data).

By accessing or using the Service, you acknowledge that you have read, understood, and agree to this Policy. If you are a physician using BetterClinic, you are responsible for obtaining appropriate consent from your patients before using the Service during consultations, in accordance with the Patient Consent Protocol described in Section 5.

2. Definitions

“Personal Data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which the organisation has or is likely to have access.

“Sensitive Personal Information” (as defined under Philippine law) includes personal information concerning an individual’s health, and any information issued by government agencies peculiar to an individual, including medical records.

“Practitioner” or “Physician” means a licensed medical professional registered with the Professional Regulation Commission (PRC) of the Philippines or equivalent regulatory body who subscribes to and uses the Service.

“Patient” means an individual whose consultation with a Practitioner is recorded and processed through the Service.

“Consultation Data” means transcripts and AI-generated clinical documents produced through the Service, including SOAP notes, medical summaries, prescriptions, medical certificates, differential diagnosis documents, and PhilHealth abstracts with ICD-10 and RVS codes.

“Differentials” means the AI-generated Differential Diagnosis document that organises clinical findings into structured diagnostic reasoning, categorised into three tiers as described in Section 5.5.

“Consent Transcript” means the portion of a session transcript that captures the Practitioner’s delivery of the Patient Consent Notice and the Patient’s verbal acceptance, which serves as the electronic record of Patient consent.

“Data Protection Officer” or “DPO” means the individual appointed by BetterClinic to oversee data protection compliance.

3. Roles and Responsibilities

3.1 BetterClinic as Data Processor

When processing Patient health data during consultation transcription and document generation, BetterClinic acts as a data processor (or “personal information processor” under Philippine law) on behalf of the Practitioner. The Practitioner remains the data controller (or “personal information controller” under Philippine law) and is responsible for:

• Obtaining informed Patient consent before recording consultations, in accordance with Section 5 of this Policy;
• Determining the purposes for which Patient data is processed;
• Reviewing, verifying, and approving all AI-generated clinical documents before use; and
• Complying with applicable medical privacy laws, professional regulations, and ethical standards.

3.2 BetterClinic as Data Controller

When collecting Practitioner account information (registration details, billing, usage analytics), BetterClinic acts as the data controller and processes such data in accordance with this Policy.

4. Personal Data We Collect

4.1 Practitioner Data

• Full name, professional title, and medical license number;
• Contact information (email address, phone number, clinic address);
• Professional credentials and specialisation;
• Account login credentials (email and encrypted password);
• Billing and payment information (processed via Stripe; we do not store full card numbers);
• Usage data and analytics (session counts, feature usage, device information); and
• Communications with our support team.

4.2 Patient Data (Processed on Behalf of Practitioners)

• Patient name, age, sex, and date of birth as provided by the Practitioner;
• Consultation transcripts (audio is not retained after transcription — see Section 5.3);
• Consent Transcript — the opening portion of each session transcript capturing the Patient’s verbal acceptance of the consent notice, which serves as the electronic record of consent;
• AI-generated clinical documents including SOAP notes, medical summaries, prescriptions, medical certificates, Differentials, and PhilHealth abstracts; and
• Any other health information discussed during the consultation.

4.3 Technical Data

• IP address, browser type, operating system, and device identifiers;
• App version and crash reports; and
• Cookies and similar tracking technologies used on betterclinic.ai.

5. How We Process Consultation Data

5.1 Patient Consent Protocol

No consultation recording commences until the Practitioner has followed BetterClinic’s Patient Consent Protocol. The protocol works as follows:

1. Initiation: The Practitioner initiates a recording session in the BetterClinic app.
2. Consent Notice: Before recording begins, the Practitioner reads the Patient Consent Notice to the Patient, informing them that: (i) the consultation will be recorded; (ii) the audio will be transcribed by an AI system; (iii) the transcript will be used to generate clinical documents including notes, prescriptions, medical certificates, and PhilHealth claim abstracts; (iv) the audio recording is deleted immediately after transcription is complete; and (v) clinical documents are accessible only to the Practitioner and will not be sold or disclosed outside the Patient’s clinical care.
3. Patient Choice: The Patient is given an explicit opportunity to accept or decline. There is no default acceptance.
4. If Accepted — Consent Transcript: The session recording begins. The opening of the transcript captures the Practitioner’s delivery of the consent notice and the Patient’s verbal acceptance. This Consent Transcript is the electronic record of the Patient’s consent and is retained as part of the session record.
5. If Declined — No Data Collected: The Practitioner cancels the recording session. No audio is recorded, no transcript is generated, and no Patient data is collected or retained. The Patient’s decline is not logged, as no processing has occurred.

Patient data is only ever processed where the Patient has consented. If a Patient declines, no data collection takes place and no obligation under applicable privacy law is triggered.

5.2 AI Transparency

In accordance with NPC Advisory No. 2024-04, Patients are informed through the consent notice of the nature, purpose, and extent of AI processing of their data, including the use of AI transcription (Groq) and AI document generation (Google Gemini), the outputs produced, and the fact that all AI-generated documents are reviewed and approved by the Practitioner before use.

5.3 Audio Recording and Transcription

Audio is captured on the Practitioner’s device and securely transmitted to our transcription engine (powered by Groq) to convert speech to text.

5.4 No Audio Retention

BetterClinic does not retain audio recordings after transcription is complete. Once the audio has been successfully transcribed, the audio file is permanently deleted from our processing infrastructure. No audio recordings are stored on our servers. The transcript, including the Consent Transcript, is retained as the session record.

5.5 AI Document Generation

Transcripts are processed by AI models (powered by Google Gemini) to generate structured clinical documents. These models operate at deterministic settings (temperature 0) to ensure consistency and accuracy.

5.6 Differential Diagnosis Generation

The Service generates a Differential Diagnosis document (“Differentials”) that organises clinical findings from the consultation into structured diagnostic reasoning. The Differentials document uses a three-tier labelling system:

• Tier 1 — Confirmed by Physician: Diagnoses explicitly confirmed by the Practitioner. These flow into all applicable clinical documents.
• Tier 2 — Physician-Suggested: Conditions the Practitioner raised as possibilities using qualifying language. These appear in Assessment sections with the Practitioner’s qualification preserved, but are not coded as confirmed diagnoses.
• Tier 3 — AI-Derived Working Differential: Conditions identified by the AI from documented clinical findings that the Practitioner did not name. These are architecturally confined to the Differentials tab and are never propagated to the Summary Assessment, SOAP Assessment, PhilHealth Abstract, ICD-10 coding, Prescriptions, or Medical Certificate.

Tier 3 AI-derived differentials are informational reference aids only. They do not constitute clinical decision support, diagnoses, or treatment recommendations. The Practitioner has sole discretion over whether to consider, adopt, or disregard any AI-derived differential.

5.7 Physician Review (Human-in-the-Loop)

All AI-generated documents — including Differentials — are presented to the Practitioner for review, editing, and approval before they are finalised. BetterClinic’s clinical advisory team conducts periodic quality reviews of document outputs. The Practitioner bears ultimate responsibility for the clinical content of all documents.

6. Purposes of Processing

• Service Delivery: To provide the BetterClinic platform, including transcription, document generation, and related features;
• Consent Recording: To retain the Consent Transcript as the electronic record of Patient consent for each session;
• Account Management: To create and manage Practitioner accounts, process subscriptions, and handle billing;
• Service Improvement: To analyse de-identified and aggregated usage data to improve the accuracy and performance of the Service;
• Quality Assurance: To conduct clinical quality reviews of AI-generated outputs with our medical advisory team;
• Communications: To respond to enquiries, provide technical support, and send service-related notifications;
• Marketing: To send promotional communications, subject to your consent and right to opt out;
• Compliance: To comply with applicable laws, regulations, and professional standards, including PhilHealth requirements; and
• Safety and Security: To detect, prevent, and address fraud, security incidents, and technical issues.

7. Legal Basis for Processing

7.1 Under Singapore PDPA

• Consent: We obtain consent for the collection, use, and disclosure of personal data as required under the PDPA;
• Contractual Necessity: Processing necessary for the performance of our contract with you;
• Legitimate Interests: Processing for service improvement and analytics where not overridden by your rights; and
• Legal Obligation: Processing necessary to comply with applicable laws.

7.2 Under Philippine Data Privacy Act

For Philippine-based Practitioners and Patients, processing of sensitive personal information (health data) is permitted under the following criteria of the DPA:

• The Patient has given specific, informed consent prior to collection, as evidenced by the Consent Transcript;
• Processing is necessary for medical treatment, carried out by a medical practitioner; and
• Processing is provided for under existing laws and regulations.

8. Data Sharing and Disclosure

8.1 Sub-Processors and Service Providers

• Groq, Inc. (United States) — Audio transcription. Audio is processed in real-time and deleted immediately after transcription;
• Google LLC (via Google Gemini API) — AI document generation. Data is processed under Google’s data processing terms; inputs and outputs are not used to train Google’s general models;
• Stripe, Inc. (United States) — Payment processing. Stripe handles payment card data directly; BetterClinic does not store full card numbers; and
• Cloud Infrastructure and Analytics Providers — Hosting, storage, and de-identified usage analytics.

8.2 Cross-Border Transfers

In the course of providing the Service, personal data may be processed in jurisdictions outside of Singapore and the Philippines, including the United States. We ensure all cross-border transfers comply with the Singapore PDPA transfer limitation obligations and the Philippine DPA. For transfers involving Philippine data subjects, we adopt the model contractual clauses issued under NPC Advisory No. 2024-01 as the safeguard for data transferred to sub-processors in foreign jurisdictions.

8.3 Legal and Regulatory Disclosure

We may disclose personal data where required or authorised by law, including to comply with a court order, subpoena, or governmental request.

8.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the successor entity, subject to applicable data protection laws.

8.5 No Sale of Data

BetterClinic does not sell personal data, including health data, to any third party for any purpose.

9. Data Retention

• Audio Recordings: Deleted immediately after successful transcription. No audio is retained on our servers;
• Consent Transcript: Retained as part of the session record for the duration of the Practitioner’s account, as evidence of Patient consent;
• Transcripts and Clinical Documents: Retained for as long as the Practitioner’s account is active, or as required by applicable medical records retention laws;
• Practitioner Account Data: Retained for the duration of the subscription and for a reasonable period thereafter for legal, tax, and audit purposes;
• Billing Records: Retained as required by applicable tax and financial regulations; and
• De-identified and Aggregated Data: May be retained indefinitely for analytics and service improvement, provided it cannot be used to re-identify any individual.

Upon termination of a Practitioner’s account, we will delete or anonymise personal data within ninety (90) days, except where retention is required by law.

10. Data Security

• Encryption of data in transit (TLS 1.2 or higher) and at rest;
• Access controls and role-based authentication mechanisms;
• Regular security assessments and vulnerability testing;
• Privacy-by-design and privacy-by-default principles integrated into system development, in accordance with NPC Advisory No. 2025-02;
• Privacy Impact Assessments (PIAs) conducted for new data processing systems and material changes to existing systems; and
• Employee training on data protection and incident response procedures.

11. Data Breach Notification

• We will notify the Personal Data Protection Commission of Singapore (PDPC) within three (3) calendar days of assessing that a breach is notifiable;
• We will notify the National Privacy Commission (NPC) of the Philippines within seventy-two (72) hours of becoming aware of a breach involving data of Philippine data subjects; and
• We will notify affected individuals as soon as practicable and take reasonable steps to contain the breach.

12. Your Rights

12.1 Under Singapore PDPA

• Access: Request access to your personal data held by us;
• Correction: Request correction of inaccurate or incomplete personal data;
• Withdrawal of Consent: Withdraw consent, subject to legal and contractual restrictions; and
• Data Portability: Request a copy of your data in a commonly used, machine-readable format.

12.2 Under Philippine Data Privacy Act

Philippine data subjects additionally have the right to:

• Information: Be informed of the processing of their personal data, including by AI systems (NPC Advisory No. 2024-04);
• Object: Object to the processing of their personal data, including the right to object to automated processing that produces legal effects or significantly affects them;
• Erasure or Blocking: Request the suspension, withdrawal, blocking, removal, or destruction of their personal data;
• Rectification: Dispute the inaccuracy or error in personal data and have it corrected;
• Data Portability: Obtain a copy of their data in a structured, commonly used format; and
• Damages: Claim compensation for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorised use of personal data.

12.3 Patient Rights

Patients should direct data subject requests (access, correction, deletion, or objection to automated processing) to their treating Practitioner in the first instance. BetterClinic will cooperate with Practitioners to fulfil valid requests.

13. NPC Registration

BetterClinic, as a personal information processor handling sensitive health data of Philippine data subjects, registers its Data Processing System and Data Protection Officer with the National Privacy Commission (NPC) of the Philippines in accordance with NPC Circular No. 2022-04. Our NPC registration details are available on request.

14. Cookies and Tracking Technologies

Our website (betterclinic.ai) uses cookies and similar technologies to improve functionality and analyse usage. You can control cookie preferences through your browser settings.

15. Children’s Data

The Service is designed for use by licensed medical professionals. Patient data relating to minors is processed solely on behalf of the treating Practitioner and subject to applicable medical privacy laws and parental consent requirements.

16. Data Protection Officer

BetterClinic has appointed a Data Protection Officer in accordance with the Singapore PDPA and NPC Circular No. 2022-04. For any enquiries, requests, or complaints:

Data Protection Officer, BetterClinic Pte Ltd

Email: dpo@betterclinic.ai

17. Complaints

• Singapore: Personal Data Protection Commission (PDPC) — www.pdpc.gov.sg
• Philippines: National Privacy Commission (NPC) — www.privacy.gov.ph

18. Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated via email or through the Service with at least thirty (30) days’ prior notice.

19. Governing Law

This Policy is governed by the laws of the Republic of Singapore. For Philippine data subjects, the rights and protections under the Data Privacy Act of 2012 and its implementing rules additionally apply.

20. Contact Us

BetterClinic Pte Ltd

DPO: dpo@betterclinic.ai

Website: https://betterclinic.ai