Privacy Policy

Effective date: April 7, 2026

OR Scheduler (“we”, “our”, or “us”) respects your privacy. This policy describes how we collect, use, and protect your information — including any data obtained through Google services — when you use our surgical scheduling platform.

1. Information We Collect

We collect personal information you provide directly, such as your name, email address, role (surgeon/admin), and hospital credentials. If you choose to sign in with Google, we also receive your Google account name, email address, and profile picture. We collect usage data (logs, access times) to improve performance and security.

2. How We Use Your Information

To authenticate users (including Google Sign-In), manage surgical case schedules, send notifications (if enabled), and maintain audit trails for operating room compliance. We never sell your data to third parties.

6. Google User Data – Retention & Deletion (Compliance)

Google-specific information: When you sign in to OR Scheduler using Google OAuth, we access and store your Google-provided:

  • Full name (as registered with Google)
  • Email address (primary Google email)
  • Profile picture URL (optional, if available)

Retention period for Google user data: We retain your Google-sourced personal data for as long as your OR Scheduler account remains active or as required to fulfill healthcare compliance / legal obligations. If you stop using the platform but do not request deletion, we will keep your Google user data for a maximum of 24 months after your last login, after which it will be automatically anonymized or deleted.

How to delete your Google user data: You have full control. You can request deletion of all Google-related data (name, email, picture) in any of the following ways:

  • Via the app: Go to your Account Settings → “Delete my account” → Confirm deletion. This removes all Google user data immediately (within 48 hours).
  • Contact your OR administrator: Request data deletion directly; your admin will process the request within 7 business days.
  • Email privacy request: Send a deletion request to privacy@theatre-scheduler.com from your registered Google email address.

Important note: Deleting your Google user data does not automatically revoke our access to future Google Sign-In. To fully disconnect, you can also revoke OR Scheduler’s access from your Google account dashboard: Google Account → Third-party apps. Once you delete your account with us, we will not retain any Google user data except as required by law (e.g., audit logs without personal identifiers).

3. Data Sharing & General Retention

Only authorized hospital personnel can access case-related data. We retain your information (including Google user data) as long as your account is active or as required by healthcare regulations. Non-Google personal data (e.g., hospital credentials) is retained similarly. You may request general account deletion by contacting your OR administrator or using in-app settings.

4. Security

We use encryption (HTTPS), hashed passwords, role-based access controls, and secure OAuth tokens for Google Sign-In. However, no internet transmission is 100% secure – you use the platform at your own risk.

5. Your Rights (Including Google Data)

You can access, correct, or delete your personal data via your profile page or by emailing privacy@theatre-scheduler.com. For Google-specific data, refer to section 6 above. We respond to all privacy requests within 14 days.

7. Changes to This Policy

We may update this policy. Material changes will be notified via email or in-app notice. Continued use after changes means acceptance.

OR Scheduler – Operating Room Management System. This privacy policy complies with Google API Services User Data Policy, including limited use and retention/disclosure requirements.

Back to Login