Privacy Policy

Last Updated: April 18, 2026

At Medical AI (a product of Pipexe OÜ), we believe your medical history is the most sensitive data you own. Our architecture is built on the principle of Privacy by Design, ensuring that your information remains under your exclusive control.

1. The "Zero-Knowledge" Framework

Medical AI operates as a "Zero-Knowledge" service. This means Pipexe OÜ does not collect, store, or have the technical means to access your recordings, transcriptions, medical images, or AI-generated summaries.

  • No Server Storage: Your data is never uploaded to our servers.
  • No Human Access: Because the data never touches our infrastructure, no Pipexe OÜ employee, engineer, or third party can view your records.

2. Local AI & Processing

To provide the highest level of security, Medical AI utilizes On-Device Artificial Intelligence.

  • Audio & OCR Processing: Transcription of consultations and text recognition from medical documents (OCR) are performed locally using your device’s hardware.
  • Summarization: AI-driven insights and highlights are generated on-device. Your sensitive health information is not transmitted to external AI cloud providers for processing.

3. Data Storage & Backups

You are the sole manager of your data ecosystem.

  • Primary Storage: All files are stored in your device’s secure local sandbox.
  • Cloud Backups: If you enable backups (e.g., via Apple iCloud), your data is transferred directly from your device to your personal encrypted cloud account. Pipexe OÜ does not manage, see, or have the keys to these backups.

4. No Tracking & No Data Monetization

  • No Data Harvesting: We do not use third-party analytics that track your specific medical inputs.
  • No Model Training: We never use your personal medical data to train or "fine-tune" our AI models.
  • No Third-Party Sales: We do not—and will never—sell, rent, or trade your data to insurance companies, pharmaceutical firms, or advertisers.

5. Essential Technical Data

To maintain the Application and provide support, we may collect minimal, non-identifiable technical metadata (such as device model, OS version, or crash logs). This data contains no medical information and is used solely to improve Application stability.

6. User Responsibilities (Critical)

As Medical AI is a local-first tool, you are responsible for the physical security of your device. We recommend:

  • Using strong biometrics (FaceID/TouchID) or passcodes.
  • Ensuring your personal cloud backups are secured with two-factor authentication (2FA).
  • Data Recovery: You recognize that if you lose your device and have not enabled personal backups, Pipexe OÜ cannot recover your data.

7. Governing Law & Compliance

This policy is designed to comply with the high standards of the General Data Protection Regulation (GDPR). As the data never leaves your device to reach our servers, you remain the "Data Controller" of your information.

8. Contact Us

For questions regarding our security architecture, please contact our Data Privacy officer at: support@pipexe.com

Entity: Pipexe OÜ, Tallinn, Estonia