Privacy Policy

Last Updated: DD-MMM-2026 - WIP

This Privacy Policy describes how Kepler Data Science Pte. Ltd. (“Company,” “we,” “us,” or “our”) collects, uses, processes, and protects information in connection with RxMux (“RxMux,” “Service,” “Software,” or “Application”).

RxMux is an AI-assisted application intended exclusively for licensed medical professionals. By accessing or using RxMux, you acknowledge and agree to the practices described in this Privacy Policy.

1. Scope and Applicability

This Privacy Policy applies to information processed through:

• The RxMux application

• RxMux websites and related services

This Privacy Policy does not apply to:

• Third-party services linked from RxMux

• Data processed outside the RxMux platform at the direction of users

2. Intended Users

RxMux is a restricted professional application.

• RxMux is not intended for patients or the general public

• Users must be licensed healthcare professionals acting within their legal scope of practice

3. Information We Process

RxMux may process the following categories of information:

a. Account & Authentication Information

• Name, email address, phone numbers, professional credentials

• Organization or institutional affiliation

• Login and access metadata

b. User-Provided Content

• Clinical notes, documents, medical records, summaries, and annotations

• Metadata associated with uploaded or entered content

• Longitudinal tracking data created by users

All such content is provided at the sole discretion and responsibility of the user.

c. Protected Health Information (PHI)

RxMux may process PHI only if and when users upload or enter such data. The Company does not independently collect PHI.

d. Usage & Technical Data

• Device and browser information

• Log files, timestamps, audit records

• Interaction data for system integrity, security, and performance

4. Role of the Company

Kepler Data Science Pte. Ltd. acts as a technology service provider.

• The Company is not a healthcare provider

• The Company does not provide medical care

• The Company does not determine how PHI is used

Users and their organizations determine:

• What data is entered

• Whether data includes PHI

• The legal basis for processing such data

5. HIPAA & PHI Handling

RxMux is designed to support HIPAA-compliant workflows.

• The Company maintains Business Associate Agreements (BAAs) with certain third-party sub-processors involved in data processing, as disclosed on the Sub-Processors page

• Sub-processors are contractually obligated to protect PHI in accordance with applicable agreements

Notwithstanding the above:

• Users are solely responsible for ensuring lawful handling, disclosure, and use of PHI

• Users must comply with HIPAA, local privacy laws, institutional policies, and professional obligations

• RxMux does not determine whether PHI may be lawfully uploaded in any given context

6. AI Processing & Generated Content

RxMux uses artificial intelligence to assist with:

• Summarization

• Organization

• Longitudinal presentation of user-provided information

AI-generated content:

• Is probabilistic and informational

• May be incomplete, inaccurate, or outdated

• Does not constitute medical advice, diagnosis, or treatment

Users must independently review and validate all outputs.

7. How We Use Information

We use information solely to:

• Provide and operate the Service

• Maintain system security and integrity

• Enable AI-assisted features requested by users

• Comply with legal and contractual obligations

• Improve system performance and reliability

We do not sell personal data.

8. Data Sharing & Sub-Processors

We may share information with:

• Authorized sub-processors necessary to operate RxMux

• Service providers performing infrastructure, security, or support functions

All sub-processors are bound by contractual confidentiality and data protection obligations.

9. Data Retention

Information is retained only:

• For as long as necessary to provide the Service

• As required by law, contractual obligations, or legitimate business purposes

• In accordance with user or organizational instructions where applicable

10. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, or misuse.

However, no system can be guaranteed to be completely secure.

11. Data Residency

RxMux data residency (at rest) is currently available in the following regions. Users can select their data residency region at the time of registration. This cannot be changed later. We may add more regions later.

• USA

• Europe (EEA + Switzerland)

• India

12. International Data Transfers

RxMux is operated by a Singapore-based entity.

Users are responsible for ensuring that cross-border data transfers comply with applicable laws, including HIPAA, GDPR (if applicable), and local data protection regulations.

13. User Responsibilities

Users are responsible for:

• Accuracy and legality of data submitted

• Obtaining required patient consents

• Proper credential management

• Compliance with applicable privacy and healthcare laws

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Continued use of RxMux after updates constitutes acceptance of the revised Privacy Policy.

15. Contact Information

Kepler Data Science Pte. Ltd.
#02-01, 68 Circular Rd.
Singapore.
Website: https://rxmux.com
Contact: info@rxmux.com

RxMux is the "Clinical Decision Support System" for modern medicine. The name combines Rx (the medical prescription/practice) with Mux (Multiplexer), representing a platform that organises complex, fragmented healthcare data into a unified stream for review by Doctors.