Says.io

Data Retention Policy

Information about how we protect your sensitive data

Dear User,

At Says.io, we take the protection of your sensitive personal data extremely seriously. We understand that medical information is among the most private and sensitive data that can be processed. That's why we have implemented a strict data retention policy to minimize any potential risks.

Why do we delete data after 14 days?

We believe that the best way to protect your data is to not keep it longer than absolutely necessary. By automatically deleting your recordings, transcriptions, and AI-generated tasks after 14 days, we ensure that even in the unlikely event of a security breach, the window of vulnerability is minimized.

What data is automatically deleted?

  • Audio recordings of your consultations
  • AI-generated transcriptions of your conversations
  • AI-generated documents and reports
  • All associated metadata and processing files

How does this protect you?

This aggressive data deletion policy provides several layers of protection:

  • Minimizes the risk of data exposure in case of security incidents
  • Reduces the potential impact of any unauthorized access
  • Ensures compliance with data minimization principles under GDPR
  • Demonstrates our commitment to your privacy and security

What happens after 14 days?

After 14 days from the creation date, all your data is permanently and securely deleted from our systems. This includes:

  • Complete removal from our secure servers
  • Deletion of all backup copies
  • Removal from any temporary processing systems
  • Erasure of all associated metadata and logs

Important Notice

This deletion process is automatic and irreversible. Please ensure you have saved any important documents or information before the 14-day period expires. We cannot recover data once it has been deleted.

Recommendation:

Download and save your generated documents to your local system or your healthcare provider's secure system as soon as they are created.

Additional Security Measures

  • Encryption: All data is encrypted both in transit and at rest using industry-standard encryption.
  • Access Control: Only authorized healthcare providers can access your data during the retention period.
  • Audit Logs: All access to your data is logged and monitored for security purposes.
  • HDS Certification: Our infrastructure is HDS-certified, ensuring healthcare-level security standards.

Questions about Data Retention?

If you have any questions about our data retention policy or if you need to request early deletion of your data, please contact our data protection officer.

Says.io Data Protection Officer:

Email: contact@says.io

Address: 15 Rue des Halles 75001 Paris

Last updated: July 2025