Privacy Policy
This page contains our complete privacy policy. You can review it here or download a copy for your records.
Privacy Policy
Effective Date: 5/29/2025, Last Updated: 10/20/2025
1. Introduction
Clerie.ai ("we," "us," "our," or "Company") provides an Electronic Health Record (EHR) platform designed specifically for wellness providers, enhanced with artificial intelligence capabilities ("Service").
- We are committed to protecting the privacy and security of your personal health information (PHI) and personal data
- This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our EHR platform
- Applies to healthcare providers, wellness professionals, and patients whose information is stored in our system
2. Scope and Applicability
This Privacy Policy applies to:
- Healthcare providers and wellness professionals who use our platform
- Patients whose health information is stored in our system
- Administrative staff and other authorized users
- All data processed through our AI-assisted features
- We serve as a Business Associate under HIPAA and maintain compliance with HIPAA regulations. Learn more about HIPAA compliance on the HHS websiteHHS website
3. Information We Collect
We collect and process the following types of information:
- Protected Health Information (PHI): Patient demographics, medical history, clinical notes, appointments, billing information, medication records, lab results, and wellness assessments
- User Account Information: Professional credentials, contact information, user preferences, and authentication data
- Technical Information: Device details, IP addresses, browser information, usage patterns, and system logs
- AI Processing Data: Clinical documentation, historical patient data, diagnostic codes, and communication patterns
4. How We Use Your Information
We use your information for the following purposes:
- Primary Healthcare Purposes: Treatment, payment, healthcare operations, care coordination, and population health analysis
- AI-Enhanced Features: Documentation suggestions, clinical insights, treatment protocols, and workflow optimization
- Google Calendar Integration: We use Google Calendar data solely to provide calendar synchronization features, including displaying your calendar events, syncing appointments, and managing your schedule within our EHR platform. This data is used exclusively to enhance the calendar functionality you see and use in our application.
5. AI Processing and Machine Learning
Our AI processing practices include:
- AI models are trained on de-identified, aggregated healthcare data (excluding Google Calendar data, which is used only for calendar functionality)
- Individual patient data is never used to train AI models without explicit consent
- Real-time AI processing maintains the same security standards as other PHI handling
- AI recommendations are clearly marked as computer-generated suggestions
6. Information Sharing and Disclosure
We may share PHI in the following circumstances:
- With Healthcare Providers: To support coordinated patient care
- For Payment Purposes: With insurance companies and billing services
- Legal Requirements: When required by law or regulatory mandate
- With Business Associates: Who maintain appropriate privacy and security protections
7. Data Security and Protection
We implement comprehensive security measures:
- Technical Safeguards: Encryption, access controls, network security, and secure backups
- Administrative Safeguards: Staff training, access management, and incident response procedures
- Physical Safeguards: SOC 2 certified data centers with restricted access and monitoring
8. Google API Services User Data Policy
Our use of information received from Google APIs will adhere to Google's API Services User Data Policy, including the Limited Use requirements.
- Google Calendar data is used solely to provide and improve calendar synchronization features within our EHR platform
- We do not use Google user data for advertising, marketing, or any purpose other than providing our core calendar functionality
- Google user data is not used to train AI models or for general platform improvement beyond the specific calendar features
- All Google API usage complies with Google's Limited Use requirements and API Services User Data PolicyGoogle API Services User Data Policy
9. Google User Data Retention and Deletion
We implement specific data retention and deletion practices for Google user data:
- Google Calendar integration data (OAuth tokens, refresh tokens, webhook subscriptions) is immediately deleted when users disconnect their Google Calendar integration
- When users delete their accounts, all Google Calendar integration data is permanently removed from our systems within 30 days
- Google Calendar events are not stored in our database - they are fetched on-demand for display purposes only and are not retained locally
- We do not retain Google user data beyond what is necessary for the calendar synchronization functionality
- Users can request deletion of their Google Calendar integration data at any time through our platform settings
10. Your Rights
You have the following rights regarding your information:
- Access: Request copies of your health information
- Amendment: Request corrections to inaccurate information
- Restriction: Request limitations on use or disclosure
- Accounting: Receive an accounting of disclosures
- Notification: Be notified of privacy practices and breaches
- Complaint: File complaints regarding privacy violations
11. Contact Information
For privacy-related inquiries:
- Privacy Officer:nathan@clerie.ai
- Security Team:security@clerie.ai
- General Inquiries:support@clerie.ai
- Website:ehr.clerie.ai/privacy-policy