Legal
Privacy Policy
Last updated: April 2026
Tessoly is built for clinicians, and we treat the trust you place in us — and the data you bring with you — with the same care you'd expect from any tool inside your clinical workflow. This policy describes exactly what we collect, why, and what we will never do with it.
What we collect
- Email address — used to create your account and sign you in.
- Account credentials — securely managed through our authentication provider.
- Clinical note text — processed in real time to generate documentation and billing feedback. Note text is never stored permanently on our servers.
How we use it
We use the information you provide solely to deliver the Tessoly service: analyzing your visit notes and returning documentation, billing code, and ICD-10 feedback. Account information is used to authenticate you, manage your subscription, and communicate service-related updates.
What we don't do
- We do not sell your data — to anyone, ever.
- We do not share your data with third parties for marketing or advertising.
- We do not store note text after analysis. Notes are processed in memory and discarded.
- We do not use your notes to train AI models, ours or anyone else's.
Data security
- All traffic is encrypted in transit using TLS.
- We use Supabase for authentication only — it does not store note text.
- No protected health information (PHI) is stored on our systems.
- Access to operational systems is limited to authorized personnel.
Contact
Questions about this policy or how we handle your data? Reach us at hello@tessoly.com.