Trust for patients

Your privacy & data security

Your doctor uses Nixi AI to help create accurate and efficient medical notes. This page provides detailed information about how this service works and, most importantly, how your personal data is protected every step of the way.
Your trust is our highest priority. We are committed to the strictest standards of data protection in compliance with the EU General Data Protection Regulation (GDPR) and German national laws.

Essentials
What is Nixi AI?

Nixi AI is a secure software tool that acts as a smart assistant for your doctor. It transcribes the conversation during your consultation and uses this text to create a structured, draft medical note. This allows your doctor to focus more on you and less on taking notes, while ensuring the documentation of your visit is thorough and accurate.

Does a human listen to my conversation?

No, not in normal operation. The audio is processed automatically. Nixi AI staff do not access or listen to consultation audio or transcripts.

Is the audio stored?

No. Audio is handled as an encrypted stream for transcription and is deleted immediately after transcription is completed. Nixi AI does not store audio recordings.

Where is my data?

Your medical content is encrypted. It is stored in Germany (Frankfurt) and processed within the European Unionusing contractually bound service providers.

Does this affect my treatment?

No. Nixi AI helps document the visit, but your doctor makes all medical decisions.

Your Data Step-by-Step
Exactly what happens to the data?
  1. Audio Capture: During your consultation, an encrypted audio stream of the conversation is captured.
  2. Transcription: The stream is processed within the EU to create a text transcript.
  3. Immediate Audio Deletion: The audio is processed in real time and deleted immediately after transcription is completed. Nixi AI does not store audio recordings.
  4. Note Generation: The transcript is used to generate a structured draft note for the clinician.
  5. Doctor's Control: Your doctor is in full control: they review, edit, and approve the final medical note.
  6. Final Deletion: Transcripts and drafts are retained for up to 30 days (often less, depending on the clinic’s settings) and can be deleted earlier by the clinic at any time. Deletion applies to production systems. Encrypted backups are overwritten on a rolling basis for up to 30 days.
How is my data secured?

We take security extremely seriously. We implement state-of-the-art technical and organizational measures to protect your data, including:

  • EU-based processing & German storage for medical content: Medical content is processed within the EU and stored in Germany (Frankfurt).
  • Encryption: Data is encrypted in transit (TLS) and at rest.
  • Access controls: Access is restricted to authorized systems; staff access is not routine and is strictly limited, logged, and protected by security controls.
  • Testing & monitoring: We run regular security assessments and continuously monitor for vulnerabilities.
Your Consent (The "Why")
We ask for your signature for two reasons:
  • Data Protection Law (GDPR): Your consent allows your clinic and Nixi AI to legally process data.  
  • Professional Secrecy Law (§ 203 German Criminal Code): To allow your clinician to use a technical assistant for documentation in a legally compliant way.
What happens if I don't give my consent?

Your consent is completely voluntary. If you choose not to consent, the Nixi AI service will not be used. This will have no negative impact on the quality of your medical care. Your doctor will simply document the consultation manually as they have done in the past.

Helping Nixi Learn (Optional)
Will my data be used for product improvement?

By default, your data is used only to create the documentation for your visit.
If your clinic enables this option and you provide separate consent, we may use a de-identified version of the transcript to improve accuracy and quality.

“De-identified” means direct identifiers are removed and technical safeguards are applied to reduce re-identification risk.

This is optional and has no impact on your care.

Your Rights & Contact
Your Data Protection Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right to be Informed: The right to receive clear and transparent information about how your data is processed.
  • Right of Access: The right to request a copy of the personal data held about you.
  • Right to Rectification: The right to have inaccurate personal data corrected.
  • Right to Erasure (Right to be Forgotten): The right to have your personal data deleted in certain circumstances.
  • Right to Restrict Processing: The right to limit the processing of your personal data.
  • Right to Data Portability: The right to receive your data in a structured, machine-readable format.
  • Right to Object: The right to object to the processing of your data.
  • You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

To exercise any of these rights, please contact your healthcare provider.

How can I exercise my rights (e.g., request to see or delete my data)?

As your doctor's practice is the Data Controller, you should direct any requests to exercise your data protection rights to them. Nixi AI provides the necessary tools to assist your doctor's practice in fulfilling your request promptly.

Contact for Data Protection Matters

If you have any further questions about how Nixi AI protects your data, you can contact us:
Privacy@NixiAI.ai