Last updated: 4 July 2026. This policy covers the OUI RadDictate Chrome extension, mobile app, and web account pages ("the Service"), operated by OUI Technologies ("we", "us").
OUI RadDictate lets a signed-in clinician dictate radiology reports and have them transcribed by our secure cloud service, then place the text into the web-based radiology/hospital information system (RIS/HIS) they are using. Because clinicians use many different web-based RIS/HIS, the extension can operate on the site the clinician is working in; it does not act on other sites on its own. To place the report where you are typing, the extension reads which text field is focused (including a field inside a frame of the same RIS/HIS page) and writes the dictated report into it — it does not read, collect, or transmit other content from the pages you visit.
We do not sell your data or use it for advertising.
We use Google Cloud as our processor — Vertex AI (Gemini) for transcription, Firestore for storage, Identity Platform for sign-in, and Cloud Run for hosting — under Google's Cloud Data Processing Addendum. Google does not use your prompts or responses to train its models. Data is stored in Google's Singapore region; transcription requests are processed by Google's Vertex AI service.
The Service is intended for de-identified report content. Do not enter directly identifiable patient information (such as names or medical-record numbers) into the cloud path unless your institution's privacy and data-processing requirements permit it. Stored report content — including any report label you attach — is end-to-end encrypted on your device and is not readable by us (see "Information we process" above). Dictated audio is always encrypted in transit (TLS); the transcription service must momentarily process the audio itself to convert speech to text — it is handled transiently for that purpose only and is not retained.
Some data stays on the device you use — it is not sent to us:
Anyone with access to your signed-in device profile could open these local files — use your institution's device security (OS login, disk encryption) accordingly. Uninstalling the extension/app removes its local storage.
All traffic is encrypted in transit (TLS); stored data is encrypted at rest. Each user's reports are isolated to their own account, and access is controlled by verified sign-in.
By default, report history is automatically deleted after 14 days; in the app's settings you can shorten or lengthen this (1–60 days) or turn auto-delete off, in which case history is kept until you or your administrator delete it. Recorded audio is not retained by us after transcription; local backups on your device (above) are under your control in the app. To access, export, or delete your data, contact your administrator or us at the address below.
Questions or requests: arqam@ouitech.net.
We may update this policy; material changes will be reflected by the date above.