Privacy Policy

Last updated: April 3, 2026

At Synthetic Insights LLC ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how Aria ("the App") collects, uses, and protects your information, including healthcare data, financial data, productivity data from Google and Microsoft services, and information processed by on-device and cloud AI systems.

Our Privacy Commitment

Aria is built on the principle that your data belongs to you. We designed Aria from the ground up to process as much as possible on your device, minimizing data that ever leaves your control. When you choose to enable cloud AI processing, your data is de-identified before transmission and we enforce zero data retention with all cloud providers. Your healthcare data is never sold and is never shared with third parties for marketing purposes. Your financial data from Plaid is accessed in read-only mode and raw account numbers are never stored on our servers.

1. Healthcare Data Access (Epic MyChart, Aetna & FHIR)

Aria integrates with Epic MyChart, Aetna, and other healthcare providers through industry-standard FHIR (Fast Healthcare Interoperability Resources) R4 APIs. This section specifically addresses how we handle your healthcare data.

Data We Access Through Healthcare Providers

When you authorize Aria to connect to your healthcare accounts, we may access:

Data Type	Examples	Processing
Patient Demographics	Name, date of birth, contact info	On-Device Only
Conditions & Diagnoses	Medical history, active conditions	On-Device Only
Medications	Current prescriptions, past medications	On-Device Only
Lab Results	Blood tests, diagnostic results	On-Device Only
Vital Signs	Blood pressure, heart rate, BMI	On-Device Only
Allergies	Drug allergies, food allergies	On-Device Only
Immunizations	Vaccination records	On-Device Only
Procedures	Surgical history, medical procedures	On-Device Only
Clinical Notes	Provider notes, visit summaries	On-Device Only
Encounters	Visit history, appointments	On-Device Only
Insurance Coverage	Benefits, claims, coverage details (Aetna)	On-Device Only

How We Process Healthcare Data

Default: On-Device Processing

By default, all AI analysis of your health data occurs entirely on your iPhone or iPad:

On-Device AI: Health analysis uses Apple's Neural Engine for private, local processing
Local Storage: Your health records are encrypted and stored only on your device
No Cloud by Default: Healthcare cloud processing is disabled until you explicitly enable it
No Marketing Use: Your health data is never used for advertising or sold to third parties

Optional: Cloud AI Processing (Requires Your Consent)

For enhanced analysis capabilities, you may choose to enable cloud AI processing in Settings. When enabled:

De-Identification Required: All data is de-identified before transmission using our multi-stage privacy pipeline:
- Stage 1: Regex-based detection of medical identifiers (MRNs, provider IDs, insurance IDs)
- Stage 2: Named Entity Recognition (NER) for names, locations, organizations
- Stage 3: AI-assisted detection for subtle identifying information
- Stage 4: Context-aware filtering to minimize false positives
Hard-Blocked Data: Certain sensitive data types are NEVER sent to cloud services:
- Social Security Numbers
- Credit card and bank account numbers
- Medical Record Numbers (MRNs)
- Health plan and insurance IDs
Zero Data Retention (ZDR): We enforce zero data retention with all cloud AI providers. Your queries are not stored, logged, or used for model training. This is enforced at the API level via provider-specific ZDR parameters.
Provider Requirements: We only use cloud AI providers that support zero data retention policies (currently OpenRouter with models from Anthropic and OpenAI)

Important: Cloud Processing is Opt-In

Cloud AI processing for healthcare data is disabled by default. You must explicitly enable it in Settings → Privacy → Cloud AI Processing. You can disable it at any time, and your preference is stored locally on your device.

OAuth 2.0 Authentication for Healthcare

When you connect to Epic MyChart or Aetna:

You are redirected to the provider's secure login page
You authenticate directly with the provider (we never see your password)
The provider issues Aria time-limited access tokens
Access tokens are stored securely in your device's iOS Keychain
You can revoke access at any time through Aria or your provider's patient portal

2. Apple HealthKit Data

Aria integrates with Apple HealthKit to access health and fitness data stored on your device. This section describes our practices in compliance with Apple's HealthKit guidelines.

Apple HealthKit Commitment

Aria's use of HealthKit data complies with Apple's requirements. We access HealthKit data in read-only mode. HealthKit data is processed entirely on your device and is never transmitted to our servers, shared with third parties, or used for advertising purposes.

HealthKit Data Types We Access

Activity: Steps, distance, active energy, exercise minutes, stand hours
Body Measurements: Weight, height, BMI, body fat percentage
Vitals: Heart rate, resting heart rate, blood pressure, respiratory rate, blood oxygen
Nutrition: Dietary intake, water consumption
Sleep: Sleep duration, sleep stages, sleep schedule
Mobility: Walking speed, step length, stair ascent/descent
Reproductive Health: Cycle tracking data (if shared by the user)

How We Use HealthKit Data

To provide personalized health insights and trend analysis within the app
To correlate fitness data with healthcare provider data for a complete health picture
To power on-device AI health recommendations

How We Do NOT Use HealthKit Data

We do not transmit HealthKit data to any external server or cloud service
We do not share HealthKit data with third parties for any purpose
We do not use HealthKit data for advertising, marketing, or data mining
We do not sell HealthKit data under any circumstances
We do not store HealthKit data in iCloud (even if iCloud sync is enabled for other Aria data)

3. Financial Data (Plaid)

Aria integrates with Plaid to provide financial insights and budgeting features. This section describes how we access, process, and protect your financial data.

How Plaid Works

When you connect a financial institution, you authenticate directly with your bank through Plaid Link, a secure widget provided by Plaid Inc. We never see your banking credentials. Plaid acts as the intermediary between your bank and Aria.

Financial Data We Access

Through Plaid, Aria may access the following data products (all in read-only mode):

Plaid Product	Data Accessed	Processing
Transactions	Transaction history, merchant names, categories, amounts	Encrypted Local
Enrich	Enhanced transaction metadata (logos, categories, counterparties)	Encrypted Local
Investments	Holdings, securities, investment transactions	Encrypted Local
Liabilities	Loan balances, credit card balances, interest rates	Encrypted Local
Recurring Transactions	Recurring charges, subscriptions, regular income	Encrypted Local

Financial Data Security

Read-Only Access: Aria can only read your financial data. We cannot initiate transactions, transfer funds, or modify your accounts
No Raw Account Numbers: Full account numbers and routing numbers are never stored on your device or our servers
Token Encryption: Plaid access tokens are encrypted using AES-256-GCM and stored in a local encrypted database (GRDB)
No Server-Side Storage: Your financial data is stored only on your device. Our Cloudflare gateway passes tokens through to Plaid without persisting them
PCI DSS v4.0 Compliance: Our financial data handling follows PCI DSS v4.0 standards
Token Revocation: You can disconnect any financial institution at any time, which immediately revokes the Plaid access token

Plaid's Role

Plaid Inc. is an independent service provider that connects your bank to Aria. Plaid has its own privacy policy governing how they handle your data. We encourage you to review Plaid's End User Privacy Policy for details on their data practices.

4. Google Workspace Integration

Aria can connect to your Google account to help manage your email, calendar, files, and tasks. This section describes the Google data we access and how we comply with Google's API policies.

Google Services and Scopes

Service	Access Level	What We Access
Gmail	Read & Send	Email messages, subjects, senders, attachments metadata
Google Calendar	Read & Write	Events, scheduling, attendees, reminders
Google Drive	Read Only	File names, metadata, document content for search
Google Tasks	Read & Write	Task lists, task items, due dates, completion status

Authentication

Google integration uses OAuth 2.0 with PKCE (Proof Key for Code Exchange). You authenticate directly with Google's login page. We never see or store your Google password. OAuth tokens are stored in your device's iOS Keychain with hardware-backed encryption.

Google API Services User Data Policy Compliance

Google Limited Use Disclosure

Aria's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

We only use Google data to provide and improve user-facing features visible to you in the app
We do not transfer Google data to third parties except as necessary to provide the app's features, comply with law, or as part of a merger (with notice)
We do not use Google data for serving advertisements
We do not allow humans to read your Google data except with your consent, for security purposes, to comply with law, or when aggregated and anonymized for internal operations

5. Microsoft 365 Integration

Aria can connect to your Microsoft 365 account to help manage your email, calendar, cloud storage, and team communications via the Microsoft Graph API.

Microsoft Services and Access

Service	Access Level	What We Access
Outlook Mail	Read & Send	Email messages, subjects, senders, attachments metadata
Outlook Calendar	Read & Write	Events, scheduling, attendees, reminders
OneDrive / SharePoint	Read & Write	Files, folders, document content, sharing metadata
Microsoft Teams	Read Only	Chat messages, channel messages

Authentication

Microsoft integration uses OAuth 2.0 with PKCE via Microsoft Identity Platform. You authenticate directly with Microsoft's login page. We never see or store your Microsoft password. OAuth tokens are stored in your device's iOS Keychain.

Data Handling

Microsoft data is processed on your device whenever possible
When cloud AI is used to summarize emails or draft responses, the content is de-identified before transmission
We do not store copies of your Microsoft data on our servers
You can disconnect Microsoft at any time, which revokes all access tokens

6. On-Device AI Architecture

Aria uses a multi-tier AI architecture designed to maximize on-device processing and minimize cloud data transmission.

4-Tier AI Model Strategy

Tier	Technology	Processing	Used For
Tier 1 (Primary)	Apple Foundation Models	On-Device Only	General assistant tasks, text generation, summarization
Tier 2 (Speech)	WhisperKit	On-Device Only	Voice transcription, speech-to-text
Tier 3 (Semantic)	Nomic Embeddings	On-Device Only	Semantic search, memory retrieval, document matching
Tier 4 (Cloud, Optional)	Anthropic Claude / OpenAI GPT-4o	Cloud (opt-in)	Complex reasoning, advanced analysis (when local models are insufficient)

Privacy by Design

Tiers 1-3 run entirely on your device using Apple's Neural Engine. No data leaves your device for these tiers. Tier 4 (cloud) is opt-in only, requires your explicit consent, and enforces de-identification and Zero Data Retention (ZDR) with all cloud providers.

Cloud AI Providers (Tier 4 Only)

When cloud processing is enabled, queries are routed through OpenRouter, which provides access to:

Anthropic Claude: Claude Sonnet 4.5, Claude Opus 4.5 (with zero data retention)
OpenAI: GPT-4o and related models (API tier with zero data retention)

All providers are contractually required to support zero data retention for API requests. We do not use consumer-facing AI services that may retain your data.

Zero Data Retention (ZDR) Explained

Zero Data Retention means cloud AI providers:

Do not store your queries or responses after processing
Do not use your data to train or improve their AI models
Do not log personally identifiable information
Process requests ephemerally (in-memory only)

ZDR is enabled by default in Aria and enforced via API-level parameters with each cloud request.

7. Other Information We Collect

Information You Provide

Account information (email, name) if you create an account
Content you share with Aria through conversations
Preferences and settings you configure

Information Processed On-Device

The following data is processed entirely on your device and never transmitted to our servers:

Voice recordings and transcriptions (WhisperKit, on-device)
Health and fitness data from Apple HealthKit
Calendar and event information
Location data
Contacts information
Memory associations and personal insights
All healthcare data from Epic MyChart, Aetna, and other FHIR providers
Financial transaction data from Plaid

Information Processed in the Cloud

When you enable cloud AI features, some data may be processed using third-party large language model (LLM) providers:

Data Type	Cloud Processing	Protections Applied
General Queries	Cloud (if enabled)	PII detection, tokenization, ZDR
Healthcare Queries	Cloud (opt-in only)	Full de-identification, ZDR, HIPAA safeguards
Email / Calendar Summaries	Cloud (if enabled)	De-identification, ZDR
SSN, Credit Cards, Bank Info	Never	Hard-blocked from all cloud transmission
HealthKit Data	Never	Processed on-device only, per Apple policy
Raw Financial Data	Never	Account numbers never transmitted
Sync Data (if enabled)	iCloud	End-to-end encryption via CloudKit

8. How We Use Your Information

To provide and improve Aria's features and functionality
To help you understand and manage your health data through natural language queries
To provide financial insights, budgeting analysis, and spending summaries
To manage your email, calendar, and productivity across Google and Microsoft services
To personalize your experience based on your preferences
To send you important updates about the App (with your consent)
To respond to your support requests

            What We Do NOT Do
            We do NOT sell your personal, health, or financial data to anyone, ever
We do NOT share your data with advertisers or data brokers
We do NOT allow your data to be used for AI model training (ZDR enforcement)
We do NOT send identifiable health data to cloud services (de-identification required)
We do NOT enable cloud processing for sensitive data without your explicit consent
We do NOT use consumer AI services (only API-tier services with ZDR support)
We do NOT store your cloud AI queries on our servers
We do NOT transmit HealthKit data off your device
We do NOT store raw financial account numbers

          

9. Authentication and Account Security

Aria supports multiple authentication methods to protect your account:

Sign in with Apple: Apple-managed authentication with private email relay option
Google OAuth 2.0: Authentication via Google Identity with PKCE
Microsoft OAuth 2.0: Authentication via Microsoft Identity Platform with PKCE
Biometric Gate: Face ID or Touch ID required to access the app after initial login
Device Passcode Fallback: When biometrics are unavailable

All authentication tokens are stored in the iOS Keychain with hardware-backed encryption. Sessions automatically timeout for sensitive features. Biometric re-authentication is required when the app returns from background.

10. Data Storage and Security

Your data is protected using multiple layers of security:

Device Encryption: All data is stored using iOS encryption with your device passcode
Keychain Storage: Sensitive credentials (OAuth tokens, API keys) are stored in the iOS Keychain with hardware-backed encryption
Biometric Protection: Face ID/Touch ID required to access the app and sensitive features
Financial Data Encryption: Plaid access tokens encrypted with AES-256-GCM in a local encrypted database
End-to-End Encryption: If you enable iCloud sync, data is encrypted end-to-end using CloudKit and your device keys
Secure Communications: All network communications use TLS 1.3 encryption
No Server-Side Storage: We do not operate backend servers that store your personal data. All processing flows through stateless gateways (Cloudflare Workers)

11. Data Sharing

We do not sell your personal, healthcare, or financial data. We do not share your personal data with third parties for their marketing purposes.

We may share data only in the following limited circumstances:

With your explicit consent
With service providers who process data on our behalf (Plaid for financial data, OpenRouter for cloud AI), subject to contractual protections
To comply with legal obligations or valid legal process
To protect our rights, privacy, safety, or property
In connection with a merger or acquisition (you would be notified)

12. HIPAA Compliance

While Aria is a consumer health application and not a covered entity under HIPAA, we implement HIPAA-aligned safeguards to protect your healthcare data:

Technical Safeguards

Access Controls: Biometric authentication (Face ID/Touch ID) for accessing health data
Encryption: AES-256 encryption for data at rest; TLS 1.3 for data in transit
Audit Logging: Local audit logs of health data access (stored only on your device)
Automatic Logoff: Session timeouts for sensitive health features

Privacy Safeguards

Minimum Necessary: We only access health data categories you explicitly authorize
De-Identification: When cloud processing is enabled, we follow the HIPAA Safe Harbor method for de-identification
Consent Management: Granular consent controls for different data processing purposes
Right to Revoke: You can disconnect from healthcare providers and delete data at any time

Cloud Processing Safeguards

When you enable cloud AI processing for healthcare queries:

All 18 HIPAA identifiers are detected and removed or tokenized before transmission
Zero Data Retention (ZDR) is enforced with all cloud AI providers
Only de-identified clinical concepts are transmitted (conditions, symptoms, lab types—not values with identifiers)
Responses are validated before display to catch any inadvertent PHI leakage

13. Data Retention and Deletion

Data Category	Retention Period	How to Delete
Healthcare Data (FHIR)	Until you disconnect the provider or delete the app	Settings → Connected Services → Disconnect
HealthKit Data	Until you revoke HealthKit permissions or delete the app	iOS Settings → Health → Data Access
Financial Data (Plaid)	Until you disconnect the financial institution	Settings → Connected Services → Disconnect
Google / Microsoft Data	Cached locally; cleared when you disconnect the service	Settings → Connected Services → Disconnect
Authentication Tokens	Session duration; revoked on logout or expiry	Automatic on logout; manual via Settings
Cloud AI Queries	Zero retention — not stored after processing	N/A (never persisted)
Conversation History	Until you manually clear it	Settings → Privacy → Clear History
App Preferences	Until you delete the app	Uninstall the app

Uninstalling Aria removes all locally stored data from your device. To ensure complete removal of third-party connections, disconnect all services in Settings before uninstalling.

14. Your Rights

You have the right to:

Access: View all personal and health data stored in the app
Delete: Remove your data at any time through Settings
Export: Export your data in standard formats
Disconnect: Revoke healthcare, financial, Google, or Microsoft access at any time
Opt Out: Opt out of cloud AI processing and marketing communications
Withdraw Consent: Withdraw consent for data processing at any time

15. California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you, the sources, purposes, and categories of third parties with whom we share it
Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions
Right to Correct: You may request correction of inaccurate personal information
Right to Opt-Out of Sale: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising
Right to Limit Use of Sensitive Personal Information: You may limit the use of sensitive personal information (such as health data) to purposes necessary to provide the services you request
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

To exercise these rights, contact us at privacy@aria-assistant.ai. We will respond to verifiable requests within 45 days.

16. European Residents (GDPR)

If you are a resident of the European Economic Area (EEA) or the United Kingdom, you have the following additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing: We process your data based on your consent (which you may withdraw at any time), the necessity to perform our contract with you (providing the App's services), and our legitimate interests (improving the App)
Right of Access: You may request a copy of all personal data we hold about you
Right to Rectification: You may request correction of inaccurate personal data
Right to Erasure: You may request deletion of your personal data
Right to Restriction: You may request that we restrict processing of your personal data
Right to Data Portability: You may request to receive your personal data in a structured, commonly used format
Right to Object: You may object to processing based on our legitimate interests
Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority

To exercise these rights, contact us at privacy@aria-assistant.ai.

17. Children's Privacy

Aria is not intended for children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will promptly delete it.

18. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes through the App or via email. The "Last updated" date at the top indicates when the policy was last revised.

Contact Us

If you have questions about this Privacy Policy, your data, or how we handle healthcare, financial, or productivity information, please contact us at:

Privacy Inquiries:
privacy@aria-assistant.ai

Security Issues:
security@synthetic-insights.ai

General Support:
support@aria-assistant.ai

Synthetic Insights LLC
94 Keats Ave, Hartsdale, NY 10530
United States