Privacy Policy

Last updated: December 31, 2025

At Synthetic Insights LLC ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how Aria ("the App") collects, uses, and protects your information, including healthcare data accessed through Epic MyChart and other FHIR-enabled providers.

Our Privacy Commitment

Aria is built on the principle that your data belongs to you. We designed Aria from the ground up to process as much as possible on your device, minimizing data that ever leaves your control. When you choose to enable cloud AI processing, your data is de-identified before transmission and we enforce zero data retention with all cloud providers. Your healthcare data is never sold and is never shared with third parties for marketing purposes.

Healthcare Data Access (Epic MyChart & FHIR)

Aria integrates with Epic MyChart and other healthcare providers through industry-standard FHIR (Fast Healthcare Interoperability Resources) R4 APIs. This section specifically addresses how we handle your healthcare data.

Data We Access Through Epic MyChart

When you authorize Aria to connect to your Epic MyChart account, we may access:

Data Type Examples Processing
Patient Demographics Name, date of birth, contact info On-Device Only
Conditions & Diagnoses Medical history, active conditions On-Device Only
Medications Current prescriptions, past medications On-Device Only
Lab Results Blood tests, diagnostic results On-Device Only
Vital Signs Blood pressure, heart rate, BMI On-Device Only
Allergies Drug allergies, food allergies On-Device Only
Immunizations Vaccination records On-Device Only
Procedures Surgical history, medical procedures On-Device Only
Clinical Notes Provider notes, visit summaries On-Device Only
Encounters Visit history, appointments On-Device Only

How We Process Healthcare Data

Default: On-Device Processing

By default, all AI analysis of your health data occurs entirely on your iPhone or iPad:

  • On-Device AI: Health analysis uses Apple's Neural Engine for private, local processing
  • Local Storage: Your health records are encrypted and stored only on your device
  • No Cloud by Default: Healthcare cloud processing is disabled until you explicitly enable it
  • No Marketing Use: Your health data is never used for advertising or sold to third parties

Optional: Cloud AI Processing (Requires Your Consent)

For enhanced analysis capabilities, you may choose to enable cloud AI processing in Settings. When enabled:

  • De-Identification Required: All data is de-identified before transmission using our multi-stage privacy pipeline:
    • Stage 1: Regex-based detection of medical identifiers (MRNs, provider IDs, insurance IDs)
    • Stage 2: Named Entity Recognition (NER) for names, locations, organizations
    • Stage 3: AI-assisted detection for subtle identifying information
    • Stage 4: Context-aware filtering to minimize false positives
  • Hard-Blocked Data: Certain sensitive data types are NEVER sent to cloud services:
    • Social Security Numbers
    • Credit card and bank account numbers
    • Medical Record Numbers (MRNs)
    • Health plan and insurance IDs
  • Zero Data Retention (ZDR): We enforce zero data retention with all cloud AI providers. Your queries are not stored, logged, or used for model training. This is enforced at the API level via provider-specific ZDR parameters.
  • Provider Requirements: We only use cloud AI providers that support zero data retention policies (currently OpenRouter with models from Anthropic and OpenAI)

⚠️ Important: Cloud Processing is Opt-In

Cloud AI processing for healthcare data is disabled by default. You must explicitly enable it in Settings → Privacy → Cloud AI Processing. You can disable it at any time, and your preference is stored locally on your device.

OAuth 2.0 Authentication

When you connect to Epic MyChart:

  • You are redirected to Epic's secure login page
  • You authenticate directly with Epic (we never see your Epic password)
  • Epic provides Aria with time-limited access tokens
  • Access tokens are stored securely in your device's iOS Keychain
  • You can revoke access at any time through the Aria app or your Epic MyChart portal

Data Retention for Healthcare Data

  • Healthcare data is retained locally on your device until you disconnect from the provider or delete the app
  • Access tokens expire automatically and are refreshed only when you use the app
  • You can manually clear all health data at any time through Settings
  • Uninstalling the app removes all stored healthcare data

Other Information We Collect

Information You Provide

  • Account information (email, name) if you create an account
  • Content you share with Aria through conversations
  • Preferences and settings you configure

Information Processed On-Device

The following data is processed entirely on your device and never transmitted to our servers:

  • Voice recordings and transcriptions
  • Health and fitness data from Apple HealthKit
  • Calendar and event information
  • Location data
  • Contacts information
  • Memory associations and personal insights
  • All healthcare data from Epic MyChart and other FHIR providers

Information Processed in the Cloud

When you enable cloud AI features, some data may be processed using third-party large language model (LLM) providers:

Data Type Cloud Processing Protections Applied
General Queries Cloud (if enabled) PII detection, tokenization, ZDR
Healthcare Queries Cloud (opt-in only) Full de-identification, ZDR, HIPAA safeguards
SSN, Credit Cards, Bank Info Never Hard-blocked from all cloud transmission
Sync Data (if enabled) iCloud End-to-end encryption

Cloud AI Providers We Use

When cloud processing is enabled, queries are routed through OpenRouter, which provides access to:

  • Anthropic Claude: Claude Sonnet 4.5, Claude Opus 4.5 (with zero data retention)
  • OpenAI: GPT-4o and related models (API tier with zero data retention)

All providers are contractually required to support zero data retention for API requests. We do not use consumer-facing AI services that may retain your data.

Zero Data Retention (ZDR) Explained

Zero Data Retention means cloud AI providers:

  • Do not store your queries or responses after processing
  • Do not use your data to train or improve their AI models
  • Do not log personally identifiable information
  • Process requests ephemerally (in-memory only)

ZDR is enabled by default in Aria and enforced via API-level parameters with each cloud request.

How We Use Your Information

  • To provide and improve Aria's features and functionality
  • To help you understand and manage your health data through natural language queries
  • To personalize your experience based on your preferences
  • To send you important updates about the App (with your consent)
  • To respond to your support requests

What We Do NOT Do

  • We do NOT sell your personal or health data to anyone, ever
  • We do NOT share your data with advertisers or data brokers
  • We do NOT allow your data to be used for AI model training (ZDR enforcement)
  • We do NOT send identifiable health data to cloud services (de-identification required)
  • We do NOT enable cloud processing for sensitive data without your explicit consent
  • We do NOT use consumer AI services (only API-tier services with ZDR support)
  • We do NOT store your cloud AI queries on our servers

Data Storage and Security

Your data is protected using multiple layers of security:

  • Device Encryption: All data is stored using iOS encryption with your device passcode
  • Keychain Storage: Sensitive credentials (OAuth tokens, API keys) are stored in the iOS Keychain with hardware-backed encryption
  • Biometric Protection: Optional Face ID/Touch ID protection for sensitive features
  • End-to-End Encryption: If you enable iCloud sync, data is encrypted end-to-end using your device keys
  • Secure Communications: All network communications use TLS 1.3 encryption

Data Sharing

We do not sell your personal or healthcare data. We do not share your personal data with third parties for their marketing purposes.

We may share data only in the following limited circumstances:

  • With your explicit consent
  • To comply with legal obligations or valid legal process
  • To protect our rights, privacy, safety, or property
  • In connection with a merger or acquisition (you would be notified)

HIPAA Compliance

While Aria is a consumer health application and not a covered entity under HIPAA, we implement HIPAA-aligned safeguards to protect your healthcare data:

Technical Safeguards

  • Access Controls: Biometric authentication (Face ID/Touch ID) for accessing health data
  • Encryption: AES-256 encryption for data at rest; TLS 1.3 for data in transit
  • Audit Logging: Local audit logs of health data access (stored only on your device)
  • Automatic Logoff: Session timeouts for sensitive health features

Privacy Safeguards

  • Minimum Necessary: We only access health data categories you explicitly authorize
  • De-Identification: When cloud processing is enabled, we follow the HIPAA Safe Harbor method for de-identification
  • Consent Management: Granular consent controls for different data processing purposes
  • Right to Revoke: You can disconnect from healthcare providers and delete data at any time

Cloud Processing Safeguards

When you enable cloud AI processing for healthcare queries:

  • All 18 HIPAA identifiers are detected and removed or tokenized before transmission
  • Zero Data Retention (ZDR) is enforced with all cloud AI providers
  • Only de-identified clinical concepts are transmitted (conditions, symptoms, lab types—not values with identifiers)
  • Responses are validated before display to catch any inadvertent PHI leakage

Your Rights

You have the right to:

  • Access: View all personal and health data stored in the app
  • Delete: Remove your data at any time through Settings
  • Export: Export your data in standard formats
  • Disconnect: Revoke healthcare provider access at any time
  • Opt Out: Opt out of marketing communications
  • Withdraw Consent: Withdraw consent for data processing

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights

European Residents (GDPR)

European residents have additional rights under GDPR including data portability, restriction of processing, and the right to lodge a complaint with a supervisory authority.

Children's Privacy

Aria is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes through the App or via email. The "Last updated" date at the top indicates when the policy was last revised.

Contact Us

If you have questions about this Privacy Policy, your data, or how we handle healthcare information, please contact us at:

Privacy Inquiries:
privacy@aria-assistant.ai

General Support:
support@aria-assistant.ai

Synthetic Insights LLC
United States