Privacy Policy

Last updated: March 31, 2026

VisitRecall, Inc. ("VisitRecall," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and mobile application.

Information We Collect

Website Analytics: We use Firebase Analytics to understand how visitors interact with our website. This may include anonymous usage data such as pages visited and referral sources.

App Usage: When using the VisitRecall app, we collect:

• Audio recordings of your doctor visits (stored securely on your device and optionally in the cloud)
• Transcripts and AI-generated summaries
• Health questions and conversations with our AI assistant
• Next steps and follow-up items
• Health information you choose to input
• Device information for app functionality
• Usage analytics to improve the app

How We Use Your Information

• To send you a text message when VisitRecall launches
• To provide transcription and AI-powered summaries
• To answer your health questions using AI
• To enable sharing with family members you authorize
• To communicate with you about updates and features
• To ensure the security of your data
• To improve our services

AI Processing and Third-Party Services

VisitRecall uses artificial intelligence and third-party services to provide our features:

AI Services:

• OpenAI, Inc. (Whisper): We send your audio recordings to OpenAI's Whisper service for transcription into text
• Anthropic, PBC (Claude): We send your visit transcripts, health questions, and related context to Anthropic's Claude service for analysis, summaries, and question answering
• If you attach documents (photos or PDFs), text extracted from those documents may be sent to Anthropic for analysis
• Both providers are contractually prohibited from using your data to train their AI models
• We obtain your explicit consent within the app before sending any data to these providers

Data Shared with AI Providers

The following data may be sent to our AI providers for processing:

• Audio recordings of your doctor visits (sent to OpenAI for transcription)
• Visit transcripts (sent to Anthropic for analysis and summaries)
• Health information you provide, including medical conditions, medications, and health history (sent to Anthropic as context for personalized AI responses)
• Document text from photos or PDFs you attach (sent to Anthropic for analysis)
• Questions you ask about your visits or health (sent to Anthropic for answering)

All data is transmitted using encryption (TLS/HTTPS). We only send the minimum data necessary to provide each feature.

Firebase and Google Cloud Services:

• Firebase Authentication: Manages user sign-in and account security
• Cloud Firestore: Stores your transcripts, summaries, questions, and profile data
• Firebase Storage: Stores your audio recordings in the cloud
• Google Analytics: Helps us understand how users interact with the app to improve the experience
• Firebase Crashlytics: Collects crash reports and diagnostic data to help us fix bugs and improve app stability

Apple Services:

• Apple Speech Recognition: We use on-device speech recognition to convert audio to text before AI processing

We only send the minimum data necessary to provide our services. We do not sell your data to third parties or use it for advertising purposes.

Data Storage and Security

• Audio recordings are stored locally on your device and optionally synced to secure cloud storage
• Transcripts and summaries are stored securely with encryption
• All data is encrypted in transit (TLS/HTTPS) and at rest (AES-256)
• Data transmitted to our servers and third-party services is encrypted
• We implement industry-standard security measures to protect your information

Family Sharing

VisitRecall allows you to share your health information with family members you authorize:

• You control who can see your visit summaries, next steps, and questions
• Family members must create their own account to view shared information
• You can revoke access at any time
• Shared data is subject to the same security protections as your personal data

Data Sharing

We do not sell your personal information. We only share data with:

• AI service providers (OpenAI, Inc. and Anthropic, PBC) to transcribe recordings, generate summaries, and answer health questions
• Cloud infrastructure providers (Firebase/Google Cloud) who help us operate our services
• Family members you explicitly authorize through the app
• When required by law or to protect our rights

Your Rights and Data Control

You have the right to:

• Access your personal data at any time through the app
• Delete all your data permanently using the "Delete All My Data" feature in the app's Profile settings
• Export your recordings and health information
• Opt out of marketing communications
• Revoke family sharing access at any time
• Correct inaccurate data

Restriction on use in legal proceedings: While you retain full access to your data for personal health management, insurance and billing disputes, and family sharing, our Terms of Service prohibit the use of recordings, transcripts, summaries, or any other VisitRecall content as evidence in legal claims or proceedings against healthcare providers. Please review Section 5 of our Terms of Service for full details.

How to Delete Your Data

You can delete all your data at any time:

1. Open the VisitRecall app
2. Go to Profile tab
3. Scroll to "Your Data" section
4. Tap "Delete All My Data"
5. Confirm by typing "DELETE"

This will permanently remove all your recordings, transcripts, summaries, questions, next steps, profile information, and cloud-stored audio files. This action cannot be undone.

Data Retention

We retain your data for as long as you maintain an active account. When you delete your data using the in-app deletion feature:

• All your data is permanently deleted from our servers within 30 days
• Backups containing your data are purged within 90 days
• Some anonymized, aggregated analytics data may be retained for service improvement

Children's Privacy

VisitRecall is not intended for use by children under 13. We do not knowingly collect personal information from children under 13.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect
• The right to delete your personal information
• The right to opt-out of the sale of personal information (we do not sell your data)
• The right to non-discrimination for exercising your privacy rights

Contact Us

If you have questions about this Privacy Policy, your data, or wish to exercise your privacy rights, please contact us at:

privacy@visitrecall.com

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will notify you through the app or via email.