HeyDr

Privacy Policy

Last Updated: June 2026

1. Introduction

Welcome to HeyDr ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of the information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI Agent services and website (the "Service").

2. Information We Collect

A. Information You Provide to Us: When you register for an account, we may collect business information such as your name, clinic name, email address, phone number, and payment information.

B. Patient Information (PHI): In processing calls and managing appointments on your behalf, we may process Protected Health Information (PHI) provided by the callers. In these instances, we act as a Business Associate under HIPAA frameworks, governed by our Business Associate Agreement (BAA).

C. Automatically Collected Information: We may collect data relating to your usage of our Service, call durations, and technical analytics to improve system performance.

3. How We Use Your Information

  • To provide, operate, and maintain the AI agent and automated booking services.
  • To process and route calls, SMS messages, and calendar data seamlessly.
  • To process your transactions and send related information (e.g., invoices).
  • To monitor and analyze usage patterns and improve the reliability, safety, and performance of the Service.
  • To communicate with you regarding updates, security alerts, and support.

4. Google Workspace API Data & Limited Use

If you connect Google services to HeyDr, we may receive Google Workspace API data, such as Google Calendar data needed to check availability, create or update appointments, and manage scheduling workflows, and Gmail send-only data needed to send clinic-approved email replies.

The use and transfer of raw or derived user data received from Google Workspace APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

HeyDr does not use Google Workspace API data to develop, improve, or train generalized AI or machine learning models. We use Google Workspace API data only to provide and improve user-facing HeyDr features that you request, maintain security, troubleshoot issues, and comply with applicable law.

A standalone copy of this disclosure is also available at heydr.co/google-limited-use.

5. Third-Party Service Providers

We may share your data with trusted third-party vendors who assist us in operating our Service (such as Stripe for billing, Google/Firebase for authentication and hosting, Telnyx for telephony, and ElevenLabs for voice synthesis). These providers are contractually obligated to protect your data and are not authorized to use or disclose PHI except as strictly necessary to perform their services for us.

6. Data Security & HIPAA Compliance

We implement industry-standard administrative, physical, and technical safeguards designed to protect your data and PHI from unauthorized access, loss, or misuse. However, no data transmission over the Internet or electronic storage system is 100% secure.

7. Your Rights & Choices

Depending on your jurisdiction, you may have the right to request access to, correction of, or deletion of your personal data. You may update your account settings at any time or contact us directly to exercise these rights.

8. Contact Us

If you have questions or comments about this Privacy Policy or our privacy practices, please contact us at:

Email: gal@heydr.co