Privacy Policy

OraCore AI, LLC (“OraCore AI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you access our website and use our software platform (the “Services”).

By using the Services, you consent to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account, subscribe, or communicate with us, we may collect:

• Name
• Email address
• Business/practice name
• Account credentials (e.g., password or authentication tokens)
• Information you submit through the Services (including text inputs)
• Communications you send to us

1.2 Audio Recordings & Transcripts

The Services may record audio and generate transcripts, summaries, or other outputs. Audio content and derived outputs may include personal information and, when used by healthcare or dental practices, may include PHI.

1.3 Payment Information

Payment details (such as credit card information) are processed by third-party payment processors. OraCore AI does not store full credit card numbers on its servers.

1.4 Usage & Device Data

When you use the Services, we may collect technical and usage information such as:

• IP address
• Device and browser type
• Operating system
• Log and diagnostic data
• Pages or features accessed
• Date/time of access and actions taken

2. How We Use Information

We use information we collect to:

• Provide, operate, and maintain the Services
• Process subscriptions and payments
• Provide customer support and respond to inquiries
• Improve and enhance functionality, performance, and user experience
• Monitor usage trends and troubleshoot issues
• Detect, prevent, and address fraud, misuse, or security incidents
• Enforce our Terms of Service and comply with legal obligations

We do not sell personal information. Where we act as a Business Associate under HIPAA, we use and disclose PHI only as permitted by the applicable Business Associate Agreement (BAA) and HIPAA regulations.

3. How We Share Information

3.1 Service Providers

We may share information with vendors and service providers who help us operate the Services (e.g., cloud hosting, payment processing, analytics, security, customer support tooling). These providers are authorized to use information only as necessary to provide services to us and are contractually required to protect it.

3.2 Legal Requirements

We may disclose information if required by law, subpoena, or court order, or if necessary to protect our rights, prevent fraud, or ensure security.

3.3 Business Transfers

If OraCore AI is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction.

4. HIPAA & Protected Health Information (PHI)

OraCore AI may collect, process, store, and transmit Protected Health Information (“PHI”) as defined under HIPAA when such information is provided by healthcare or dental practices using the Services. PHI may be collected through audio recordings, transcripts, summaries, and information manually entered by users (including patient names or identifiers).

Where OraCore AI processes PHI on behalf of a covered entity, such processing is governed exclusively by a separate Business Associate Agreement (“BAA”). The BAA controls in the event of any conflict between this Privacy Policy and HIPAA obligations. OraCore AI uses and discloses PHI solely for purposes permitted under the applicable BAA and HIPAA regulations.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to maintain sessions, authenticate users, improve performance, analyze usage, and enhance security. You can control cookies through your browser settings. Disabling cookies may impact certain features.

6. Data Retention

We retain personal information as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Where PHI is involved and a BAA applies, retention and return/destruction obligations are governed by the BAA.

7. Data Security

We maintain commercially reasonable administrative, technical, and physical safeguards designed to protect information. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Your Privacy Rights

Depending on applicable U.S. state laws (including the Colorado Privacy Act), you may have the right to request access, correction, deletion, or other actions regarding personal information we hold about you. To exercise rights, contact us at legal@oracoreai.com. We may verify your identity before responding.

If you are a covered entity and PHI is governed by a BAA, certain requests may need to be handled through your organization’s HIPAA processes.

9. Children’s Privacy

The Services are not intended for individuals under 18. We do not knowingly collect personal information from children.

10. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for third-party privacy practices.

11. International Users

The Services are operated in the United States and intended for U.S.-based users. If you access the Services from outside the U.S., you consent to the transfer and processing of information in the United States.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the revised version with an updated “Last Updated” date. Continued use of the Services after changes constitutes acceptance of the updated policy.

13. Contact Information

OraCore AI, LLC
1500 N Grant St Suite R
Denver, CO 80203
United States
Email: legal@oracoreai.com