App Privacy Policy

Introduction

Notiro (‘we,’ ‘our,’ or ‘us’) is committed to protecting the privacy and security of our users. This Privacy Policy describes how we collect, use, store, share, and protect your personal and medical information when you use the Notiro mobile application and related services.

By using Notiro, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the app.

Information We Collect

Personal Information

Your name, email address, phone number, job title, and professional credentials provided during registration or account setup.

Medical and Clinical Information

Patient encounter notes, transcripts, and clinical documentation generated or processed through the app. This may include protected health information (PHI) as defined under HIPAA.

Voice Recordings

Audio recordings captured during clinical encounters for the purpose of generating clinical documentation. See the Data Retention section for details on how long recordings are kept.

Usage and Technical Information

Device type, operating system, IP address, app version, session duration, feature usage patterns, and crash/diagnostic data.

Communications

Messages or requests submitted to our support team.

How We Use Your Information

  • To deliver and operate core features of Notiro, including AI-assisted clinical documentation.
  • To authenticate your identity and maintain account security.
  • To communicate with you about updates, service changes, and support responses.
  • To analyze usage trends and improve app performance and functionality.
  • To comply with legal obligations and protect our rights.

Data Retention

We retain your data only for as long as necessary to fulfill the purposes described in this policy or as required by law.

Data Type
Retention Period
Account & profile information
Duration of account + 2 years post-termination
Clinical documentation & PHI
Minimum 6 years (per HIPAA requirements)
Voice recordings & audio transcripts
30 days from date of capture, then permanently deleted
Usage & analytics data
Up to 24 months
Support communications
Up to 2 years from last interaction

Voice Recordings

Voice recordings captured during clinical encounters are retained for 30 days from the date of recording. After this period, all audio data is permanently and securely deleted from our servers. Voice recordings are used solely for the purpose of generating clinical documentation and are not used for any other purpose, including model training, without your explicit consent.

Upon expiration of the applicable retention period, or upon a verified deletion request, your data is securely deleted or irreversibly anonymized in accordance with our data deletion protocols.

Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your information, including:

  • End-to-end encryption for data in transit (TLS 1.2+)
  • Encryption at rest for all stored data
  • Role-based access controls
  • Regular security assessments and audits

While we take all reasonable steps to protect your information, no method of transmission or storage is 100% secure.

Sharing of Information

We do not sell, rent, or trade your personal or medical information. We may share information only in the following limited circumstances:

Service Providers

Trusted third-party vendors who assist in operating the app (e.g., cloud hosting, analytics), bound by confidentiality agreements.

Healthcare Organizations

Where Notiro is used under an organizational or enterprise agreement, relevant data may be shared with the contracting entity.

Legal Compliance

When required by law, court order, or governmental authority.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, with prior notice provided to you.

HIPAA Compliance

Notiro processes protected health information (PHI) on behalf of covered entities and acts as a Business Associate under HIPAA. We maintain a Business Associate Agreement (BAA) with applicable enterprise clients and follow all required safeguards under the HIPAA Privacy and Security Rules.

Your Rights and Choices

Depending on your location and applicable law, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data (subject to legal retention requirements)
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a data protection authority

To exercise any of these rights, please contact us at [email protected].

Children's Privacy

Notiro is intended for use by licensed healthcare professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable regulations. We will notify you of material changes by posting the updated policy within the app and updating the ‘Last Updated’ date above. Continued use of the app following notice of changes constitutes your acceptance.

Contact Us

For questions, concerns, or data requests related to this Privacy Policy, please contact:

Notiro
Email: [email protected]
Website: https://notiro.ai/app-privacy-policy