Privacy Policy

Lime Health AI, Inc. ("Lime Health AI," "Company," "we," "our," or "us") is committed to protecting the privacy and security of our users and their patients. This Privacy Policy describes how we collect, use, disclose, store, and protect information when you visit our website at getlimeai.com (the "Site"), use our mobile applications (the "App"), or access our platform and related services (collectively, the "Services"). By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Definitions

"Customer" means the healthcare agency, organization, or entity that has entered into a service agreement with Lime Health AI to use the Services.

"Authorized User" means any individual (e.g., clinician, administrator, QA reviewer) who is authorized by a Customer to access and use the Services on behalf of such Customer.

"Protected Health Information" or "PHI" has the meaning set forth in the Health Insurance Portability and Accountability Act of 1996, as amended ("HIPAA"), and its implementing regulations.

"Personal Information" means information that identifies, relates to, describes, or could reasonably be linked with a particular individual.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you create an account, request a demo, contact support, or otherwise interact with us. This may include:

Name, email address, phone number, and job title
Organization name, address, and NPI number
Account credentials and authentication information
Payment and billing information (processed by our third-party payment processor)
Communications you send to us, including support requests

2.2 Audio Recordings and Clinical Data

When an Authorized User activates the recording feature within the App, we collect audio recordings of clinical encounters. Recording is initiated solely by the Authorized User and requires affirmative action each time. We do not passively record, and the App does not listen or record in the background without active user initiation. Audio recordings and any clinical documentation generated therefrom (including OASIS assessments, HOPE assessments, visit notes, ICD-10 codes, and related clinical content) are treated as PHI and handled in accordance with HIPAA, our Business Associate Agreement ("BAA") with the Customer, and this Privacy Policy.

2.3 EMR Access and Credentials

Certain features of the Services require access to the Customer's electronic medical record ("EMR") system. Lime Health AI accesses the Customer's EMR system only when the Customer or its Authorized Users have provided valid credentials and expressly directed and authorized such access. We do not access any EMR system without verified, documented authorization from the Customer. EMR credentials — including any test, integration, sub-user, or service account credentials provided to us by the Customer — are encrypted in transit and at rest and are used solely to perform the Services as directed by the Customer. The Customer is solely responsible for ensuring that its provisioning of credentials to Lime Health AI complies with the Customer's agreement(s) with its EMR vendor and all applicable law.

2.4 Website Usage Data

When you visit the Site, we automatically collect certain information through cookies, web beacons, pixels, and similar technologies, including:

IP address, browser type, device type, and operating system
Pages viewed, links clicked, and time spent on pages
Referring URL and search terms used to find the Site
Approximate geographic location (based on IP address)

We use third-party analytics services (such as Google Analytics) to help us understand how visitors use the Site. These services may collect information sent by your browser as part of a web page request. You may opt out of analytics tracking by adjusting your browser settings or using a browser extension.

2.5 Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Site, remember your preferences, and analyze traffic. You can control cookie preferences through your browser settings. Disabling certain cookies may limit your ability to use some features of the Site. We honor Do Not Track ("DNT") signals where technically feasible.

3. How We Use Your Information

We use the information we collect for the following purposes:

Providing Services: To operate, maintain, and deliver the Services, including generating clinical documentation, performing QA reviews, suggesting ICD-10 codes, and syncing data with your EMR
Account Management: To create and manage your account, authenticate users, and provide technical support
Service Improvement: To analyze usage patterns, diagnose technical issues, and improve the performance, reliability, and accuracy of our Services
Communications: To send you service-related notices, respond to your inquiries, and provide information you request
Compliance: To comply with applicable laws, regulations, and legal processes
Security: To detect, prevent, and respond to fraud, abuse, security incidents, and technical issues

We do not sell Personal Information or PHI. We do not use PHI for marketing, advertising, or any purpose unrelated to the Services provided under our agreement with the Customer.

4. How We Share Your Information

We may share information in the following limited circumstances:

With the Customer: We share clinical documentation, QA results, and related outputs with the Customer and its Authorized Users as part of the Services
Service Providers: We engage trusted third-party vendors (e.g., cloud hosting, payment processing) who process data on our behalf under contractual obligations of confidentiality and security. Where such vendors handle PHI, we maintain BAAs with them
Legal Requirements: We may disclose information if required by law, regulation, subpoena, court order, or governmental request
Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change
With Your Consent: We may share information with your explicit consent

5. HIPAA Compliance

Lime Health AI acts as a Business Associate under HIPAA with respect to PHI that we create, receive, maintain, or transmit on behalf of our Customers (Covered Entities). We enter into a BAA with each Customer prior to processing PHI. Our obligations regarding PHI include:

Using and disclosing PHI only as permitted by the BAA and applicable law
Implementing administrative, physical, and technical safeguards to protect PHI
Reporting any Security Incident or Breach of Unsecured PHI as required by HIPAA
Ensuring that any subcontractors who access PHI agree to the same restrictions and conditions
Making PHI available for access, amendment, and accounting of disclosures as required

In the event of any conflict between this Privacy Policy and the terms of a BAA, the BAA shall control with respect to PHI.

6. Data Security

We implement and maintain commercially reasonable administrative, technical, and physical safeguards designed to protect your information, including:

AES-256 encryption of data at rest and TLS 1.2+ encryption of data in transit
Role-based access controls and multi-factor authentication
Regular vulnerability assessments and penetration testing
Audit logging of all system access and data transactions
Employee security awareness training
Incident response procedures

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, and you acknowledge and accept this inherent risk.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Services. Upon termination of a Customer agreement, we will retain and/or delete data in accordance with the terms of our agreement with the Customer and applicable law. We may retain de-identified, aggregated data that cannot be used to identify any individual for analytical purposes indefinitely.

8. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your Personal Information, including the right to access, correct, delete, or port your data. To exercise these rights, contact us at privacy@getlimeai.com. We will respond within 30 days (or sooner if required by applicable law).

If you are a patient whose PHI is processed through our Services, please direct your requests to the healthcare agency (our Customer) that is responsible for your care, as they are the Covered Entity under HIPAA.

9. State Privacy Laws

California (CCPA/CPRA): If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act. These include the right to know what Personal Information we collect and how it is used, the right to delete, and the right to opt out of the sale or sharing of Personal Information. We do not sell Personal Information. To exercise your rights, contact us at privacy@getlimeai.com.

Other States: Residents of states with applicable privacy laws (including but not limited to Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and Montana) may have similar rights. Contact us to exercise any rights available to you under applicable law.

10. Children's Privacy

The Site and Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Users

The Services are operated from the United States. If you access the Services from outside the United States, your information may be transferred to and processed in the United States. By using the Services, you consent to such transfer and processing.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will post the updated version on the Site with a revised "Last Updated" date. Material changes will be communicated via email or a prominent notice on the Site. Your continued use of the Services after changes are posted constitutes acceptance of the updated Privacy Policy.

Terms of Service

These Terms of Service ("Terms") constitute a legally binding agreement between you (whether an individual or entity) and Lime Health AI, Inc. ("Lime Health AI," "Company," "we," "our," or "us") governing your access to and use of the Lime Health AI website, mobile applications, platform, and related services (collectively, the "Services"). By accessing or using the Services, you agree to be bound by these Terms. If you do not agree, do not use the Services.

1. Eligibility and Authority

You represent and warrant that: (a) you are at least 18 years of age; (b) you have the legal capacity and authority to enter into these Terms; and (c) if you are using the Services on behalf of an organization, you have the authority to bind that organization to these Terms. The organization (the "Customer") is responsible for all Authorized Users' compliance with these Terms.

2. Account Registration and Security

To access certain features of the Services, you must create an account. You agree to provide accurate, current, and complete information and to update it as necessary. You are solely responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must notify us immediately at support@getlimeai.com of any unauthorized use of your account. Lime Health AI is not liable for any loss or damage arising from your failure to protect your account credentials.

3. Scope of Services

Lime Health AI provides an AI-powered clinical documentation platform for post-acute healthcare organizations. The Services may include, without limitation:

Ambient AI clinical scribe with audio recording capabilities
Automated generation of clinical documentation (visit notes, OASIS, HOPE assessments)
AI-suggested ICD-10 coding
Documentation quality assurance and review
Admissions intake automation
Integration with third-party EMR systems

4. Audio Recording and Consent

The Services include a feature that allows Authorized Users to record audio of clinical encounters. You acknowledge and agree that:

Audio recording is initiated solely by the Authorized User through an affirmative action within the App. Lime Health AI does not passively record or activate recording without user action.
You are solely responsible for obtaining all necessary consents from patients, caregivers, and any other individuals present during a recorded encounter, in compliance with all applicable federal, state, and local laws (including but not limited to two-party consent states).
You are solely responsible for ensuring that your use of the recording feature complies with your organization's policies, HIPAA, and all applicable regulations.
Lime Health AI bears no responsibility or liability for your failure to obtain proper consent or your violation of any recording laws or regulations.

5. EMR Integration and Access; Customer-Provided Credentials

Certain features require integration with your EMR system. Lime Health AI does not have an independent commercial, contractual, or licensing relationship with your EMR vendor unless separately disclosed to you in writing. You (the Customer) own the relationship with your EMR vendor, and you acknowledge, represent, warrant, and agree that:

Customer-Directed Access. You are solely responsible for providing valid EMR credentials and for expressly directing and authorizing Lime Health AI to access your EMR system on your behalf. Any access by Lime Health AI is performed at your direction, as your agent, and solely to perform the Services.
Authority to Grant Access. You represent and warrant that you have the full legal right, authority, and all necessary approvals — including under your agreement(s) with your EMR vendor and any applicable end-user license or terms of service — to grant Lime Health AI access to your EMR system and to authorize Lime Health AI to use the credentials you provide. You are solely responsible for obtaining any consent, notice, license, or approval that your EMR vendor requires for third-party access.
Test, Integration, and Sub-User Accounts. If you provision a test user, integration user, sub-account, service account, or any other account or credential set for Lime Health AI's use, you represent and warrant that (i) you have the right to create and assign such account under your EMR vendor agreement, (ii) you have the right to allow Lime Health AI to use that account to access the EMR on your behalf, and (iii) the provisioning and use of such account does not violate your EMR vendor's terms of service, acceptable use policy, or any other agreement between you and your EMR vendor. You bear sole responsibility for any restriction your EMR vendor places on credential sharing, delegated access, automated access, scraping, or third-party integration, and for confirming that your provisioning to Lime Health AI is permitted.
No Reliance on Lime Health AI's Diligence. Lime Health AI is not obligated to investigate, verify, or confirm the scope of your rights under any EMR vendor agreement, and Lime Health AI is entitled to rely on your representations and your direction to access the EMR. Lime Health AI's willingness to use credentials you provide is not an endorsement that such use is permitted under your EMR vendor agreement.
EMR Vendor Claims and Enforcement. If your EMR vendor objects to, restricts, suspends, terminates, or asserts any claim relating to Lime Health AI's access using credentials you provided, that dispute is between you and your EMR vendor. You will (i) notify Lime Health AI promptly, (ii) defend and indemnify Lime Health AI in accordance with Section 14, and (iii) cooperate in good faith to suspend or modify access as needed. Lime Health AI may suspend EMR access at any time, with or without notice, if it reasonably believes continued access creates legal, security, or compliance risk.
Operational Risks. Lime Health AI is not responsible for any data loss, corruption, downtime, account lockout, throttling, or unauthorized access resulting from (i) incorrect, expired, compromised, or shared EMR credentials provided by you, (ii) changes your EMR vendor makes to its system, APIs, or terms, or (iii) actions your EMR vendor takes against the credentials or accounts you provided to us.
Notification of Changes. You will promptly notify Lime Health AI if EMR credentials are changed, revoked, restricted, or compromised, or if your EMR vendor raises any concern about Lime Health AI's access.

6. Customer Responsibilities

As a Customer or Authorized User of the Services, you agree to:

Clinical Review: Review, verify, and approve all AI-generated documentation before submission to any EMR, payor, or regulatory body. The Services are designed as a clinical decision support tool and are not a substitute for professional clinical judgment. You bear full responsibility for the accuracy and completeness of any documentation submitted under your name or your organization's name.
Compliance: Use the Services in compliance with all applicable laws, regulations, and professional standards, including but not limited to HIPAA, state privacy laws, CMS conditions of participation, and professional licensing requirements.
Patient Consent: Obtain and maintain all necessary patient consents and authorizations as required by applicable law.
Credential Security: Safeguard all account credentials, EMR credentials, and API keys. Do not share credentials with unauthorized individuals.
Prohibited Uses: Not use the Services for any unlawful purpose, to transmit malicious code, to interfere with the operation of the Services, or to attempt to gain unauthorized access to any systems or data.

7. AI-Generated Content Disclaimer

THE SERVICES USE ARTIFICIAL INTELLIGENCE TO GENERATE CLINICAL DOCUMENTATION, CODING SUGGESTIONS, AND QA ANALYSIS. YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT:

AI-generated outputs are suggestions and drafts only. They are not final clinical documentation and are not intended to replace professional clinical judgment.
The Authorized User (clinician, coder, or QA reviewer) is solely responsible for reviewing, editing, and approving all AI-generated content before it is used, submitted, or relied upon for any purpose, including patient care, billing, or regulatory compliance.
Lime Health AI does not guarantee the accuracy, completeness, or clinical appropriateness of any AI-generated content.
Lime Health AI is not a healthcare provider, does not practice medicine, and does not provide medical advice. The Services do not create a provider-patient relationship.
You assume all risk associated with your reliance on or use of AI-generated content without independent review and verification.

8. Intellectual Property

All intellectual property rights in the Services, including but not limited to software, algorithms, models, interfaces, documentation, trademarks, and trade secrets, are owned exclusively by Lime Health AI or our licensors. These Terms grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Services during your subscription term solely for your internal business purposes. You may not copy, modify, distribute, sell, lease, reverse engineer, decompile, or create derivative works of the Services or any component thereof.

Clinical documentation generated through the Services using your clinical data belongs to you (the Customer). However, we retain all rights to the underlying AI models, algorithms, and technology used to generate such documentation.

9. Confidentiality

Each party agrees to maintain the confidentiality of the other party's Confidential Information and not to disclose it to any third party except as necessary to perform obligations under these Terms or as required by law. Confidential Information includes, but is not limited to, business strategies, pricing, technology, customer data, and any information marked as confidential.

10. Fees and Payment

Fees for the Services are set forth in the applicable order form or service agreement between you and Lime Health AI. All fees are non-refundable except as expressly stated in your service agreement. We reserve the right to change pricing upon 30 days' written notice. Failure to pay any amounts when due may result in suspension or termination of your access to the Services.

11. Term and Termination

These Terms are effective upon your first use of the Services and remain in effect until terminated. Either party may terminate for material breach if the breaching party fails to cure within 30 days of written notice. We may immediately suspend or terminate your access if we reasonably believe your use violates these Terms, applicable law, or poses a security risk. Upon termination, your right to use the Services ceases immediately. Sections 7, 8, 12, 13, 14, 15, and 17 survive termination.

12. Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE. LIME HEALTH AI EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

WITHOUT LIMITING THE FOREGOING, LIME HEALTH AI DOES NOT WARRANT THAT: (A) THE SERVICES WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS; (B) THE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE; (C) ANY AI-GENERATED CONTENT WILL BE ACCURATE, COMPLETE, OR CLINICALLY APPROPRIATE; (D) THE SERVICES WILL BE COMPATIBLE WITH ANY THIRD-PARTY EMR SYSTEM OR SOFTWARE; OR (E) ANY DEFECTS WILL BE CORRECTED.

13. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

(A) IN NO EVENT SHALL LIME HEALTH AI, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, OR ASSIGNS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, REVENUE, GOODWILL, DATA, BUSINESS OPPORTUNITIES, OR USE, REGARDLESS OF THE CAUSE OF ACTION OR THE THEORY OF LIABILITY (WHETHER IN CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE), EVEN IF LIME HEALTH AI HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

(B) IN NO EVENT SHALL LIME HEALTH AI'S TOTAL AGGREGATE LIABILITY FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICES EXCEED THE GREATER OF (I) THE AMOUNTS PAID BY YOU TO LIME HEALTH AI IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR (II) ONE HUNDRED DOLLARS ($100).

(C) LIME HEALTH AI SHALL HAVE NO LIABILITY WHATSOEVER FOR: (I) CLINICAL DECISIONS MADE BY YOU OR YOUR AUTHORIZED USERS; (II) THE ACCURACY OR COMPLETENESS OF DOCUMENTATION THAT HAS BEEN REVIEWED AND APPROVED BY AN AUTHORIZED USER; (III) YOUR FAILURE TO OBTAIN REQUIRED PATIENT CONSENTS; (IV) YOUR VIOLATION OF ANY RECORDING, PRIVACY, OR DATA PROTECTION LAW; (V) UNAUTHORIZED ACCESS TO YOUR ACCOUNT OR EMR SYSTEM RESULTING FROM YOUR FAILURE TO SAFEGUARD CREDENTIALS; (VI) ANY CLAIM, LOSS, OR DAMAGE ARISING FROM YOUR RELIANCE ON AI-GENERATED CONTENT WITHOUT INDEPENDENT REVIEW; (VII) ANY THIRD-PARTY EMR SYSTEM DOWNTIME, ERRORS, OR DATA LOSS; OR (VIII) ANY CLAIM ASSERTED BY YOUR EMR VENDOR (OR ANY OTHER THIRD-PARTY SOFTWARE VENDOR) ARISING OUT OF OR RELATING TO CREDENTIALS, TEST USERS, OR ACCOUNTS YOU PROVISIONED TO LIME HEALTH AI, OR LIME HEALTH AI'S ACCESS TO SUCH VENDOR'S SYSTEM AT YOUR DIRECTION.

14. Indemnification

You agree to indemnify, defend, and hold harmless Lime Health AI, its officers, directors, employees, agents, affiliates, successors, and assigns from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or relating to:

Your use of the Services or any Authorized User's use of the Services
Your violation of these Terms or any applicable law or regulation
Your failure to obtain required patient consents or authorizations
Your violation of any recording, wiretapping, or surveillance law
Clinical decisions made using or relying on the Services
Documentation submitted to any EMR, payor, or regulatory body after review and approval by an Authorized User
Unauthorized access resulting from your failure to secure account or EMR credentials
Any claim, demand, investigation, enforcement action, or proceeding brought by your EMR vendor (or any other third-party software vendor whose system you direct Lime Health AI to access) arising out of or relating to (i) your provisioning of credentials, test users, integration users, sub-accounts, or service accounts to Lime Health AI, (ii) Lime Health AI's access to or use of any such system using credentials you provided, (iii) any alleged breach of your agreement with such vendor (including any acceptable use policy, end-user license, API terms, or restriction on third-party, delegated, automated, or shared access), or (iv) any alleged violation of such vendor's intellectual property, trade secret, or contractual rights resulting from your authorization of Lime Health AI's access
Any allegation that your use of the Services infringes or violates a third party's rights

15. Dispute Resolution and Arbitration

PLEASE READ THIS SECTION CAREFULLY. IT AFFECTS YOUR LEGAL RIGHTS, INCLUDING YOUR RIGHT TO FILE A LAWSUIT IN COURT.

Any dispute, claim, or controversy arising out of or relating to these Terms or the Services shall be resolved through binding arbitration administered by the American Arbitration Association ("AAA") under its Commercial Arbitration Rules. Arbitration shall take place in the State of Delaware (or remotely at the arbitrator's discretion). The arbitrator's decision shall be final and binding and may be entered as a judgment in any court of competent jurisdiction.

CLASS ACTION WAIVER: You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action. You waive any right to participate in a class action lawsuit or class-wide arbitration against Lime Health AI.

Notwithstanding the above, either party may seek injunctive or equitable relief in any court of competent jurisdiction to protect its intellectual property rights or Confidential Information.

16. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law provisions.

17. General Provisions

Entire Agreement: These Terms, together with any applicable service agreement and BAA, constitute the entire agreement between you and Lime Health AI regarding the Services and supersede all prior agreements and understandings.

Severability: If any provision of these Terms is held invalid or unenforceable, the remaining provisions shall continue in full force and effect.

Waiver: No waiver of any provision shall be deemed a further or continuing waiver of such provision or any other provision.

Assignment: You may not assign these Terms without our prior written consent. We may assign these Terms without restriction.

Force Majeure: Lime Health AI shall not be liable for any failure or delay in performing its obligations due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, pandemic, war, terrorism, government actions, power failures, internet disruptions, or third-party service outages.

Notices: Notices to Lime Health AI should be sent to legal@getlimeai.com. We may send notices to you via email or by posting on the Site.

18. Contact Information

If you have any questions about these Terms or the Privacy Policy, please contact us:

Lime Health AI, Inc.
Email: legal@getlimeai.com
Privacy Inquiries: privacy@getlimeai.com
Support: support@getlimeai.com

Privacy Policy & Terms of Service