Privacy Policy

Last Updated: March 2026

Introduction

This Privacy Policy describes how Contour Software Inc. (“Contour,” “we,” “us,” or “our”) collects, uses, and protects information in connection with our website at trycontour.com (the “Website”) and our cloud-based voice AI platform (the “Service”).

Contour provides a voice AI platform that automates high-volume operational voice communication for healthcare organizations. In the course of delivering the Service, we may process protected health information (“PHI”) on behalf of our customers.

Information We Collect

Information from Website Visitors

When you visit our Website, we may collect:

  • Usage data such as pages visited, time spent on pages, referring URLs, and browser type, collected through analytics tools
  • Information you voluntarily provide by contacting us, such as your name and email address

Information from Customers and the Service

When our customers use the Service, we may process the following categories of data on their behalf:

  • Patient and facility contact information provided by the customer
  • Clinical data provided by the customer for use in operational calls, such as study information and radiology impressions
  • Call recordings and transcripts generated through the Service
  • Structured call outcome data, including call status, disposition, and caregiver information collected during calls
  • Account and user information for customer personnel who access the Service

How We Use Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain the Service as directed by our customers
  • To execute operational voice calls on behalf of our customers
  • To generate call recordings, transcripts, and structured outcome data for customer use
  • To monitor and improve the performance and reliability of the Service
  • To analyze Website usage and improve our Website
  • To respond to inquiries and provide support
  • To comply with legal obligations

Protected Health Information

We process PHI solely as a Business Associate on behalf of our customers under the terms of a Business Associate Agreement (“BAA”) executed with each applicable customer. We do not use or disclose PHI for any purpose other than as permitted by the BAA and applicable law, including the Health Insurance Portability and Accountability Act (“HIPAA”).

Data Retention

We retain customer data, including call recordings and transcripts, for the duration of the customer relationship. Upon termination of the applicable agreement, customer data is deleted in accordance with the terms of that agreement and our BAA obligations.

Website analytics data is retained in accordance with our analytics provider's standard retention settings.

Data Security

We implement administrative, technical, and physical safeguards designed to protect the information we process. These include encryption at rest and in transit, role-based access control, multi-factor authentication, and audit logging. Our security practices are aligned with SOC 2 Trust Service Criteria.

For additional detail on our security practices, customers and prospective customers may contact us at the address below.

Subprocessors

We use a limited number of third-party service providers (“subprocessors”) to help deliver the Service. All subprocessors that process PHI have executed Business Associate Agreements with Contour. A current list of subprocessors is available upon request.

Cookies and Analytics

Our Website uses PostHog, a product analytics tool, to collect anonymized usage data about how visitors interact with our Website. This data helps us understand traffic patterns and improve the Website. We do not use this data to identify individual visitors or serve advertising.

We do not sell or share Website visitor data with third parties for advertising purposes.

Your Rights Under California Law (CCPA)

If you are a California resident, you may have certain rights under the California Consumer Privacy Act (“CCPA”), including the right to know what personal information we collect, the right to request deletion of your personal information, and the right to opt out of the sale of personal information.

We do not sell personal information.

To exercise any of these rights, please contact us at the address below. We will respond to verifiable requests within 45 days.

Note: The CCPA does not apply to PHI that is subject to HIPAA. PHI processed through the Service is governed by our BAA with the applicable customer.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page. We encourage you to review this page periodically.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Contour Software Inc.
[email protected]