Privacy Policy

Arlo is operated by Medifusion Pro Ltd. We provide software that supports clinicians with documentation during patient consultations. We take data protection seriously and process personal data in line with the General Data Protection Regulation. This policy explains how we collect, use, and protect personal data when you use our website and services.

  1. Our Role
    Arlo is a business to business service used by healthcare professionals. For patient data, the clinician or clinic is the data controller, Medifusion Pro Ltd acts as a data processor, and we process data only on the instructions of our customers. For account and billing data, Medifusion Pro Ltd acts as the data controller.
  2. Information We Collect
    a. Account and Business Information
    Name, email address, phone number, organisation and billing details, login and account credentials.
    b. Patient Data (processed on behalf of customers)
    Clinical notes, recordings, transcripts, referral letters, summaries, uploaded documents, and any data entered into the platform by the clinician.
    c. Payment Information
    Payments are processed by third party providers such as Stripe. We do not store full card details.
    d. Technical and Usage Data
    IP address, browser type, device information, usage patterns, feature interaction, session data, cookies and similar technologies.
  3. How We Use Information
    We use data to provide and operate the Service, generate clinical documentation using AI, maintain account access and customer support, process payments and manage subscriptions, improve product performance and reliability, and ensure security and prevent misuse. We do not use patient data for advertising.
  4. Lawful Basis
    For account data, we rely on contract performance and legitimate interests. For patient data, our customers determine the lawful basis, typically provision of healthcare services or explicit patient consent. Customers are responsible for obtaining appropriate consent.
  5. AI Processing
    Arlo uses AI to generate clinical documentation from recorded or uploaded data. Outputs are generated automatically and may contain errors. Clinicians must review and approve all content. The Service does not provide medical advice, diagnosis, or treatment decisions. No automated decisions are made about patients.
  6. Data Retention
    Audio recordings are deleted after processing into text. Transcripts and generated documents are stored for a limited period, typically up to 30 days, unless configured otherwise by the customer. Account and billing data are retained as required for legal and financial obligations. Backup data is retained for a limited period for security and recovery purposes. Customers control retention settings where available.
  7. Security
    We use appropriate technical and organisational measures to protect data, including encryption in transit and at rest, access controls and authentication safeguards, secure cloud infrastructure including providers such as Amazon Web Services, and monitoring and logging to detect unauthorised access. Access to data is restricted to authorised personnel only.
  8. Sharing of Data
    We do not sell personal data. We may share data with service providers who support our operations such as hosting, analytics, and payment processing, professional advisors where necessary, and authorities where required by law. All service providers are bound by data protection obligations.
  9. International Transfers
    Where data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or transfers to countries with adequate protection decisions.
  10. Data Processing Agreement
    We provide a Data Processing Agreement that governs how we handle patient data on behalf of our customers. This forms part of our contractual terms.
  11. Your Rights
    If you are a customer or user, you may have the right to access your personal data, correct inaccurate data, request deletion, restrict or object to processing, and request data portability. If you are a patient, you should contact your clinician directly. We assist our customers in responding to such requests.
  12. Cookies
    We use cookies to maintain sessions, analyse usage, and improve functionality. You can manage cookies through your browser settings. Some features may not function if cookies are disabled.
  13. Third Party Links
    Our Service may contain links to external websites. We are not responsible for their privacy practices.
  14. Children
    The Service is not intended for children under 13. We do not knowingly collect data from children.
  15. Data Breaches
    If a data breach occurs, we will notify affected customers without undue delay and take appropriate action in line with legal requirements.
  16. Changes to This Policy
    We may update this policy from time to time. Updates will be posted on this page.
  17. Contact
    Medifusion Pro Ltd, Upper Main Street, Donegal Town, Co. Donegal, Ireland
    Email: info@getarlo.io

Your Next Note Writes Itself

Join hundreds of practitioners already saving hours every week with Arlo.
Try Arlo For Free
Try Arlo For Free
CTA Deshboard Image
Pages
Home
Home
About
Blog
Pricing
Pricing
Blog Details
Contact us
Contact us
Contact us
© 2025 Medifusion Pro Ltd. All Rights Reserved
| Privacy Policy