1. Our Relationship & Role

Caremate provides AI-driven transcription and clinical note generation for pharmacy professionals. Under Canadian privacy laws (including PIPEDA and provincial health acts):

  • The User (You): Is the Health Information Custodian (or Organization). You own and control all Patient Data (which, together with other data you provide, constitutes 'Customer Data' under our TOS).

  • Caremate: Caremate: Acts as your Electronic Service Provider (Ontario), Information Manager (Alberta/Manitoba/Saskatchewan), or equivalent Service Provider role under applicable provincial law. We process Personal Health Information only as directed by you and solely for the purpose of providing the Service.

2. Consent & User Obligations

You represent and warrant that you have obtained all necessary informed consents from the patient and any third parties present during a consultation (such as family members or caregivers) before using the Service to record or transcribe an interaction.

3. Data Processing & Partners

All partners are governed by Data Processing Agreements (DPAs) to ensure a level of protection consistent with Canadian law. A current list of our sub-processors is available upon request.

  • AI Processing: We use AI Processing Partners for transcription and note generation. We configure these services to minimize data retention; your data is processed in real-time and is not used to train our partners' global models.

  • Analytics: We use Product Analytics Providers to monitor app performance and improve user experience. This data is focused on usage patterns (clicks and flows) and does not include clinical Patient Data.

4. Data Retention & Deletion

  • Temporary Data: Raw audio files and intermediate transcripts are retained for up to thirty (30) days from the date of collection for technical integrity and quality assurance purposes, and are permanently and securely purged at or before that time.

  • Clinical Records: Caremate retains Clinical Records at the organization level for the duration of the Customer’s active subscription. Deactivating an individual User account does not trigger the deletion of Clinical Records. As the Health Information Custodian, the Customer is responsible for meeting statutory retention obligations (e.g., 10 years) via export or a paid archival plan.

  • Account Data: This includes user profiles, settings, and administrative metadata. This data is retained to maintain your account functionality and is subject to a thirty (30) day "Soft Delete" window if a specific User is deleted.

  • Termination: Termination: Upon termination of your subscription, you have ninety (90) days (the "Grace Period") to either export your Clinical Records in a machine-readable format or elect to continue on a Storage-Only plan. Following the Grace Period, if no export has been requested and no Storage-Only plan elected, Clinical Records will be permanently and securely deleted, unless otherwise required by law. As Health Information Custodian, you remain solely responsible for meeting your
    statutory retention obligations.

  • De-Identified and Anonymized Data: De-Identified and Anonymized Data: We may use de-identified or anonymized data to:

    • (i) develop, evaluate, and improve clinical note generation prompts, templates, and output quality;

    • (ii) conduct internal research and analytics; and

    • (iii) generate aggregate, non-identifiable benchmarks and performance metrics.

      This use does not include modifying the weights of any third-party foundational model. In the event Caremate develops or fine-tunes proprietary AI
      models, we will provide 30 days' written notice before applying your de-identified data to such purposes.

5. Infrastructure & Residency

  • Cloud Hosting: We utilize Tier-1 Cloud Infrastructure Providers to host our encrypted databases.

  • Cross-Border Transfers: While we prioritize Canadian data residency for core storage, some components of the Service may involve data transit or temporary processing in the United States. We ensure all such transfers are governed by contractual protections that meet or exceed Canadian legal requirements.

6. Security Standards

We employ privacy-conscious design principles. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Access to our production environment is strictly limited to essential personnel under non-disclosure agreements.

  • Breach Notification. In the event of a confirmed privacy breach affecting your Personal Health Information, Caremate will notify affected Customers without undue delay and provide sufficient detail to enable the Customer, as Health Information Custodian, to meet its own breach reporting obligations under applicable law.

7. Your Privacy Rights

Under PIPEDA and applicable provincial privacy laws, you have the right to:

  • Access: Request a copy of the personal information Caremate holds about you.

  • Correction: Request correction of inaccurate or incomplete information.

  • Withdrawal of Consent: Withdraw consent to our processing of your   personal information, subject to legal or contractual restrictions.

Note: Patient health information held within Clinical Records is controlled by the Health Information Custodian (your organization), not by Caremate. Requests relating to patient records should be directed to your organization.To exercise any of the above rights, contact our Privacy Officer at privacy *_at_* caremate.ai.

8. Changes to this Policy

We will notify users of material changes to this Privacy Policy via email at least 30 days before they take effect. The current version is always available at caremate.ai/legal/privacy. Continued use of the Service after the notice period constitutes acceptance of the updated Policy.

9. Contact

For questions regarding our privacy practices or to exercise your data rights, contact our Privacy Officer at: privacy *_at_* caremate.ai

1. Our Relationship & Role

Caremate provides AI-driven transcription and clinical note generation for pharmacy professionals. Under Canadian privacy laws (including PIPEDA and provincial health acts):

  • The User (You): Is the Health Information Custodian (or Organization). You own and control all Patient Data (which, together with other data you provide, constitutes 'Customer Data' under our TOS).

  • Caremate: Caremate: Acts as your Electronic Service Provider (Ontario), Information Manager (Alberta/Manitoba/Saskatchewan), or equivalent Service Provider role under applicable provincial law. We process Personal Health Information only as directed by you and solely for the purpose of providing the Service.

2. Consent & User Obligations

You represent and warrant that you have obtained all necessary informed consents from the patient and any third parties present during a consultation (such as family members or caregivers) before using the Service to record or transcribe an interaction.

3. Data Processing & Partners

All partners are governed by Data Processing Agreements (DPAs) to ensure a level of protection consistent with Canadian law. A current list of our sub-processors is available upon request.

  • AI Processing: We use AI Processing Partners for transcription and note generation. We configure these services to minimize data retention; your data is processed in real-time and is not used to train our partners' global models.

  • Analytics: We use Product Analytics Providers to monitor app performance and improve user experience. This data is focused on usage patterns (clicks and flows) and does not include clinical Patient Data.

4. Data Retention & Deletion

  • Temporary Data: Raw audio files and intermediate transcripts are retained for up to thirty (30) days from the date of collection for technical integrity and quality assurance purposes, and are permanently and securely purged at or before that time.

  • Clinical Records: Caremate retains Clinical Records at the organization level for the duration of the Customer’s active subscription. Deactivating an individual User account does not trigger the deletion of Clinical Records. As the Health Information Custodian, the Customer is responsible for meeting statutory retention obligations (e.g., 10 years) via export or a paid archival plan.

  • Account Data: This includes user profiles, settings, and administrative metadata. This data is retained to maintain your account functionality and is subject to a thirty (30) day "Soft Delete" window if a specific User is deleted.

  • Termination: Termination: Upon termination of your subscription, you have ninety (90) days (the "Grace Period") to either export your Clinical Records in a machine-readable format or elect to continue on a Storage-Only plan. Following the Grace Period, if no export has been requested and no Storage-Only plan elected, Clinical Records will be permanently and securely deleted, unless otherwise required by law. As Health Information Custodian, you remain solely responsible for meeting your
    statutory retention obligations.

  • De-Identified and Anonymized Data: De-Identified and Anonymized Data: We may use de-identified or anonymized data to:

    • (i) develop, evaluate, and improve clinical note generation prompts, templates, and output quality;

    • (ii) conduct internal research and analytics; and

    • (iii) generate aggregate, non-identifiable benchmarks and performance metrics.

      This use does not include modifying the weights of any third-party foundational model. In the event Caremate develops or fine-tunes proprietary AI
      models, we will provide 30 days' written notice before applying your de-identified data to such purposes.

5. Infrastructure & Residency

  • Cloud Hosting: We utilize Tier-1 Cloud Infrastructure Providers to host our encrypted databases.

  • Cross-Border Transfers: While we prioritize Canadian data residency for core storage, some components of the Service may involve data transit or temporary processing in the United States. We ensure all such transfers are governed by contractual protections that meet or exceed Canadian legal requirements.

6. Security Standards

We employ privacy-conscious design principles. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Access to our production environment is strictly limited to essential personnel under non-disclosure agreements.

  • Breach Notification. In the event of a confirmed privacy breach affecting your Personal Health Information, Caremate will notify affected Customers without undue delay and provide sufficient detail to enable the Customer, as Health Information Custodian, to meet its own breach reporting obligations under applicable law.

7. Your Privacy Rights

Under PIPEDA and applicable provincial privacy laws, you have the right to:

  • Access: Request a copy of the personal information Caremate holds about you.

  • Correction: Request correction of inaccurate or incomplete information.

  • Withdrawal of Consent: Withdraw consent to our processing of your   personal information, subject to legal or contractual restrictions.

Note: Patient health information held within Clinical Records is controlled by the Health Information Custodian (your organization), not by Caremate. Requests relating to patient records should be directed to your organization.To exercise any of the above rights, contact our Privacy Officer at privacy *_at_* caremate.ai.

8. Changes to this Policy

We will notify users of material changes to this Privacy Policy via email at least 30 days before they take effect. The current version is always available at caremate.ai/legal/privacy. Continued use of the Service after the notice period constitutes acceptance of the updated Policy.

9. Contact

For questions regarding our privacy practices or to exercise your data rights, contact our Privacy Officer at: privacy *_at_* caremate.ai

See what your intervention data looks like.

Caremate is working with hospital pharmacists across Canada. If your department is sitting on undocumented interventions, let's talk.

Talk to our Founder

Contact

Terms

Privacy

© 2026 Caremate Health Inc. All rights reserved.

Proudly Canadian

See what your intervention data looks like.

Caremate is working with hospital pharmacists across Canada. If your department is sitting on undocumented interventions, let's talk.

Talk to our Founder

Contact

Terms

Privacy

© 2026 Caremate Health Inc. All rights reserved.

Proudly Canadian

See what your intervention data looks like.

Caremate is working with hospital pharmacists across Canada. If your department is sitting on undocumented interventions, let's talk.

Talk to our Founder

Contact

Terms

Privacy

© 2026 Caremate Health Inc. All rights reserved.

Proudly Canadian