Clareo Health
Back to Home

Privacy Policy

Effective Date:

Privacy Policy

Effective date: March 1, 2026

Clareo ("Clareo," "we," "us") helps patients and caregivers turn medical conversations into clear summaries and next steps. Privacy and trust are core to that mission.

This Privacy Policy explains what information we collect, how we use it, how we share it, and your choices.

Key points

  • You control sharing. We do not share your identifiable health information with other people or organizations for their own independent use unless you choose to share it. We do share information with service providers that help us operate Clareo under contractual restrictions.
  • No third-party model training on your identifiable data. We do not allow our AI vendors to use your Personal Data to train their models.
  • We protect sensitive health data with strong security. We use encryption in transit and at rest and apply additional protections for sensitive content like recordings and transcripts.
  • You can delete your data. You can request deletion of your account and associated content. We explain what deletion means (including backups) below.
  • You are responsible for how you use and share your information. Clareo provides tools, but you control your data and decisions.

1) What this Privacy Policy covers

This Privacy Policy covers how we handle Personal Data we collect when you use Clareo's apps and websites (the "Services"). It does not cover third-party services we don't own or control.

Personal Data means information that identifies or can reasonably be linked to you. Some Personal Data in Clareo may be sensitive (for example, health-related information).

Clareo may introduce features that allow users to invite others or share access to their content. In those cases, additional controls and disclosures may apply.

2) Important note about HIPAA

When we provide the Services directly to consumers, we generally are not acting as a HIPAA covered entity or business associate. If we offer a separate product or pilot where we act on behalf of a healthcare provider or health plan (for example, under a business associate agreement), different terms and notices may apply to that program. That means HIPAA's Notice of Privacy Practices does not automatically apply to Clareo.

Even so, we treat your health-related information as highly sensitive and apply strong privacy and security practices designed for healthcare-adjacent use cases.

3) Information we collect

Information you provide

  • Account data: name (optional), email, password (stored using secure hashing), and preferences
  • User content: recordings, uploaded audio, transcripts, notes, edits, tags, and other information you choose to store in Clareo
  • Support communications: messages you send to support, surveys, and feedback you provide (including thumbs up/down on summaries, if available)

Information we generate to provide the service

  • AI outputs: summaries, "next steps," suggested questions, structured data fields, and other derived content generated from your recordings/transcripts/notes
  • Product signals: diagnostics that help us detect errors and improve reliability (for example, whether a transcription failed)

Information collected automatically

  • Device & usage data: IP address, device type, browser/app version, approximate location derived from IP, and app interaction logs
  • Cookies / similar technologies (website): used for essential functionality and analytics (see "Cookies" below)

Payment data (if you subscribe)

If you purchase a subscription, payment is processed by a third-party payment processor (for example, Stripe). We receive limited billing signals (such as subscription status and timestamps) but do not store full payment card numbers.

4) How we use your information

We use Personal Data to:

Provide the Services

  • Create and manage your account
  • Record, upload, store, and display your notes and appointment content
  • Generate transcripts and summaries and present them back to you

Improve safety, reliability, and performance

  • Debug, monitor, and prevent abuse
  • Improve transcription and summarization quality
  • Conduct internal analytics to improve the product

Communicate with you

  • Send account notices, service updates, security alerts, and support messages
  • Send product newsletters or marketing emails (you can opt out)

Comply with legal obligations

  • Address lawful requests
  • Protect rights, safety, and integrity of our users and Services

5) AI, model training, and vendor limits

Because Clareo processes sensitive health-related content, we use strict guardrails:

  • We do not allow third-party AI providers to train their models using your Personal Data.
  • We use AI vendors and infrastructure providers only under agreements that restrict use of your data to providing services to Clareo.
  • Where available, we configure AI processing to minimize retention by vendors.

Clareo product improvement:

We may use aggregated or de-identified information to understand product performance and improve Clareo (for example, error rates, general feature usage patterns). We do not use identifiable recordings, transcripts, or health content to train third-party AI models.

If we ever introduce an optional program that uses de-identified content for model improvement in a broader way, we will (a) clearly disclose it, and (b) provide an easy opt-out.

6) How we share information