Overview

This Privacy Policy explains how MARCUS handles information submitted by clinical users and institutional administrators.

Because MARCUS is deployed inside protected health information (PHI) environments, no model training or data sharing occurs outside the tenant boundary.

Information We Process

User account details such as name, institutional email, role, and organization metadata are required to provision access.

Conversation content transmitted through MARCUS stays confined to your tenant. Audit logs record high-level metadata (timestamps, participants, models) but omit PHI payloads.

How Information Is Used

We use the details above to authenticate clinicians, enforce policy controls, and surface relevant onboarding guidance.

Tenant administrators can export audit trails for compliance reviews; MARCUS personnel cannot read transcript content unless your institution explicitly grants support access.

Protected Health Information

PHI stays inside your hospital-controlled infrastructure. MARCUS never trains global models on tenant transcripts, and retention honors your BAA preferences (typically 30–90 days).

If your organization enables zero-retention, MARCUS only stores transient prompts long enough to answer the active request.

Contact

Security questionnaires or data-processing addenda can be requested from the compliance team at privacy@marcus.surgic.ai.

For urgent privacy notifications, page the on-call compliance lead through your customer success contact.