Privacy Policy
Last updated: May 25, 2026
Scrubulate (“we,” “our,” “us”) is committed to protecting the privacy of the healthcare professionals who use our platform. This Privacy Policy describes how we collect, use, and safeguard your information.
Information we collect
We collect your email address when you sign in, and optionally your name, role, and years of experience when you complete onboarding. We store records of the cases (OR prep briefs) you generate, including the redacted procedure description and any surgeon or facility tags you add.
We do not store raw patient consent text. Consent text is automatically stripped of patient identifiers (names, MRNs, dates of birth, and other protected health information) before any processing or storage.
How we use your information
We use your information to provide the Scrubulate service, process payments, send transactional emails (sign-in links, receipts), and improve the product. We do not sell your information to third parties.
HIPAA and PHI
Scrubulate is designed for use with de-identified procedure descriptions. We operate under a Business Associate Agreement (BAA) with Anthropic, our AI provider. Our automatic PHI redaction layer removes patient identifiers before any text is sent to AI systems. You should not intentionally submit patient-identifiable information.
Data retention
We retain your account data for as long as your account is active. You may delete individual cases from your case history at any time. To close your account and delete all associated data, contact us.
Third-party services
We use Anthropic (AI processing), Stripe (payments), and Resend (email). Each operates under its own privacy policy and our data processing agreements.
Contact
Questions about this policy? Email us at privacy@scrubulate.com. Full contact information coming soon.
This policy will be updated with complete legal language before the product launches publicly. Content subject to attorney review.