We use the collected information to:

• Provide, maintain, and improve the Service
• Process transactions and manage your account
• Provide AI-powered features for SOP creation and assistance
• Send service-related communications and updates
• Ensure security and prevent fraud
• Comply with legal obligations and healthcare regulations
• Analyze usage patterns to improve user experience

We do not sell your personal information. We may share information in the following circumstances:

• With your consent: When you explicitly authorize us to share information
• Service providers: With trusted third parties who assist in operating the Service
• Legal requirements: When required by law or to protect rights and safety
• Business transfers: In connection with mergers, acquisitions, or asset sales
• Within your organization: With other users in your organization as configured by administrators

SOPdesk is designed for healthcare organizations and we understand the sensitivity of the information you manage. We implement robust security measures to protect your data:

• Data encryption in transit and at rest
• Role-based access controls and user authentication
• Comprehensive audit logging and monitoring
• Regular security assessments and updates
• Secure backup and disaster recovery procedures

Important — Not Intended for PHI: SOPdesk is a documentation, training, and compliance management platform. It is not intended for, and must not be used to store or transmit, Protected Health Information (PHI) such as patient names, medical record numbers, or other individually identifiable patient health data. SOPdesk does not act as a HIPAA Business Associate and is not represented as "HIPAA compliant." Users are responsible for ensuring their SOPs and documentation do not contain PHI or other sensitive patient data.

We implement comprehensive security measures to protect your information:

• End-to-end encryption for data transmission
• AES-256 encryption for data storage
• Multi-factor authentication options
• Regular security audits and penetration testing
• Secure cloud infrastructure with AWS

Our Service includes AI features to assist with SOP creation and management. When you use these features:

• Your content may be processed by AI systems to provide suggestions and improvements
• We do not use your content to train AI models for other customers
• AI processing is performed securely and in compliance with privacy regulations
• You maintain control over your content and can opt out of AI features

Retention: We retain your information for as long as your account is active or as needed to provide the Service. Some information may be retained longer for legal compliance.

Deletion: When you delete your account, we will delete your personal information and content within 30 days, except where retention is required by law.

Backup Data: Deleted data may remain in backup systems for up to 90 days before permanent deletion.

You have the following rights regarding your information:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Export your data in a standard format
• Restriction: Limit how we process your information
• Objection: Object to certain processing activities

To exercise these rights, contact us at [email protected].

We use cookies and similar technologies to provide functionality, remember preferences, and analyze usage. You can control cookie settings through your browser, though some features may not work properly if disabled.

See our Cookie Policy for detailed information about our use of cookies.