Privacy Policy

Updated on Aug 1st, 2025

BRIO Health (“we,” “us,” or “our”)is committed to protecting your privacy. This Privacy Policy explains what information we collect from users of the BRIO Health platform, how we use and share that information, and the measures we take to safeguard your data. BRIO Health is an AI-powered healthcare information platform for medical studentsand professionals. Please note: BRIO Health is not a healthcareprovider and does not collect personal health records or provide medicaladvice – it is an information service only.

1. Information We Collect

Account Information: When you create a BRIOHealth account, we collect basic personal information such as your name, emailaddress, username, and password. This information is used to identify you andenable your access to our services. We do not collect sensitive health or medical data about you or any patients – please do not submit personalhealth information through our platform.

Usage Data: We automatically collect certaininformation when you use our platform, including:

  • Technical Data: IP address, browser type, device information, and operating system.
  • Usage Details: Dates and times of access, pages or features used, search queries, andinteractions with the platform.
  • Cookies and SimilarTechnologies: We use cookies and similar trackingtools to remember your preferences, keep you logged in, and analyze how you useour site (see Cookies & Tracking below for more details).

User Communications: If you contact us (forexample, by email or support channels) or provide feedback, we will collect andretain such correspondence and contact details (like your email address) inorder to respond to you and improve our services.

AI Query Content: When you input questions orcontent into BRIO Health’s AI tools (such as queries to our Large LanguageModel assistant), we collect the content of those queries. Important: Do not include personally identifiable information (e.g. names, contact details)or confidential health information in your queries, as these may be processedby our AI system.

2. How We Use YourInformation

We use the collected information for the following purposes:

  • Provide and Improve Services: To create and manage your account, authenticate your login, anddeliver the features of the BRIO Health platform. We also analyze usagepatterns to improve site functionality, user experience, and our AIperformance.
  • AI-Powered Responses: Content you submit (questions or prompts) is used to generateAI-powered informational responses. Our system may process your query throughan AI model to provide a helpful answer.
  • Service Communication: To send you important notices about your account, such as welcomeemails, service updates, security alerts, or changes to terms and policies. Wemay also send optional newsletters or educational content if you havesubscribed to them (you can opt out at any time).
  • Customer Support: To respond to your inquiries, troubleshoot issues, and providetechnical support or feedback.
  • Compliance and Prevention: To enforce our Terms and Conditions and other policies, preventfraudulent or illegal activities (such as misuse of the platform), and complywith applicable legal obligations.

We do not use your personal data for advertising or marketingwithout consent, and we do not sell your personal information to third parties. Any use of data is solely for providing and enhancing the BRIO Health services and as otherwise described in this Policy.

3. Use of AI andGoogle LLM Services

BRIO Health utilizes advanced artificial intelligence systems,including Google’s Large Language Model (LLM) or similar AI services, to powercertain features of our platform. This means that when you ask a question orinteract with our AI tools, the content of your query may be securelytransmitted to a third-party AI service (such as Google’s AI) forprocessing and generating a response. We include this AI integration to provideyou with detailed, helpful answers and a better user experience.

Data Handling and Privacy: Any data sent tothe AI service is limited to what is necessary to generate a useful answer. We do not share your account registration information (like your name or email) with the AI; only the query content and relevant context are processed. The AI service may temporarily retain the input data to generate the output, but we have agreements and technical measures in place to ensure your data ishandled securely and not used for any purpose other than delivering theresponse you requested. For instance, we rely on reputable providers (such as Google) that commit to not using your data to train their general models or forunrelated purposes without permission.

Confidentiality: While we strive to protectyour privacy, please understand that using the AI features involves sendingyour query to an external service. We take steps to anonymize or excludepersonal identifiers in such queries whenever possible. However, if you voluntarilyinclude personal data in a query, that data will be visible to the AIprocessing system. We recommend that you do not include sensitive personalinformation (such as health records, personal identifiers, or confidentialdetails) in any queries to our AI. BRIO Health and our AI providers will treatany data received through the AI feature as confidential and protected underthis Privacy Policy.

Transparency: We want to be clear that an AI(not a human) generates the answers to your questions on our platform. Whilethe AI is a powerful tool, it may occasionally produce inaccurate or incompleteinformation. (Please see our Terms and Conditions for more on the limitationsof AI-generated content.) We continuously monitor and tune the AI’sperformance, but users should use their own judgment and not rely on AI outputsfor critical decisions without verification.

By using BRIO Health’s AI features, you acknowledge that your querycontent will be processed by an AI service and consent to such processing. Ifyou have questions about this AI integration or how your data is handled, feelfree to contact us using the information in the Contact Us sectionbelow.

4. Cookies & Tracking Technologies

Cookies: BRIO Health uses cookies (small textfiles stored on your device) and similar tracking technologies to enhance andpersonalize your experience. For example, cookies allow us to: keep you loggedin as you navigate the site, remember your preferences (such as language ordisplay settings), and collect aggregate data about site traffic andinteractions. We may use both session cookies (which expire when you close yourbrowser) and persistent cookies (which remain for a set period or untildeleted) for these purposes.

Analytics: We use third-party analytics services (such as Google Analytics or similar tools) to collect information about how users interact with our site. These analytics providers may set cookies or use other identifiers to compile reports for us on website activity(e.g., number of visitors, pages viewed, time spent, referral sources). This information helps us understand user interests and improve our content and layout. Analytics data is generally collected in aggregate form and does not identify you personally. We do not allow analytics providers to use the data they collect from our site for their own purposes beyond providing these services to us.

Managing Cookies: You have control overcookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies or alert you when a cookie isbeing placed. Please note that if you disable cookies, some features of the BRIOHealth site may not function properly (for example, you may not stay logged inor some preferences may not be remembered). Our cookie usage is solely intendedto improve site functionality and user experience – we do not use cookies for third-partytargeted advertising.

5. Data Sharing and Third-Party Services

We do not sell or rent your personal data. However, we do share certaininformation with trusted third parties in order to operate our services, underthe conditions described below:

  • Service Providers: We employ third-party companies and individuals to facilitate ourservices (for example, cloud hosting providers, data storage services,analytics services, and the AI platform providers mentioned above). Theseservice providers process data on our behalf and are contractually obligated toprotect it and use it only for the purposes of delivering their services to us. For instance, our platform is hosted on secure servers, and we use Google’s AI infrastructureto process AI queries.
  • Business Transactions: If BRIO Health is involved in a merger, acquisition, reorganization,or sale of assets, your information may be transferred as part of thattransaction. We will ensure any acquiring entity honors the commitments of this Privacy Policy or provide you notice and choices before your data istransferred under a different policy.
  • Legal Compliance: We may disclose your information if required to do so by law or in good faith belief that such action is necessary to comply with applicable laws, regulations, legal processes, or governmental requests. We may also disclose information to enforce our Terms and user agreements, address fraud or security issues, or protect the rights, property, or safety of BRIO Health, our users,or the public. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction as permitted by law.
  • Aggregated or De-Identified Data: We may share information that has been aggregated (combined with data of other users) or de-identified (stripped of personal identifiers) in a manner that does not personally identify you. For example, we might publish usage trends or statistics (e.g., total number of users from each region, popular question topics) to showcase our service or foracademic research. Such data would not include anything that could belinked back to you individually.

Aside from the purposes above, we will not share your personal data with third parties without your consent. If in the future we intend toshare information for new purposes (such as marketing partnerships), we will update our Privacy Policy accordingly and provide you with choices where required by law.

6.International Users and Data Transfers

BRIO Health is accessible to users around the world. By using ourservices, you acknowledge that your personal information may be stored andprocessed in countries other than your own, including the United States, and our servers or service providers (like Google) may be located in multiple global locations. This means your data could be transferred to, or accessed from, jurisdictions that may have different data protection laws than those in your home country.

Data Protection: Regardless of where your datais processed, we will take appropriate measures to ensure your personal information is protected in accordance with this Privacy Policy. We rely on standard legal mechanisms for international data transfers, such as contracts incorporating standard data protection clauses, to ensure that any personal data leaving your country still receives an adequate level of protection.

Global Applicability: This Privacy Policy isintended to apply to all users of BRIO Health, no matter where you are located. We strive to uphold privacy standards that respect the principles of major data protection regulations worldwide. However, please note that we are not currently certified or formally compliant with specific jurisdictional privacylaws (see Compliance & Regulatory below for more details). Byproviding us with your information or using our service, you consent to thetransfer of your data to the countries where we or our service providersoperate, and understand that those jurisdictions may have different privacylaws than your own.

If you are accessing BRIO Health from the European Union, UnitedKingdom, or other regions with laws governing data collection and use, we will endeavor to comply with applicable legal requirements. For example, where required, we will obtain your consent for certain cookies or processing, andhonor valid requests regarding your data (see Your Rights section). We appreciate our international users and aim to be transparent about how wehandle data globally.

7. Data Security

Wetake the security of your personal information seriously. BRIO Healthimplements reasonable security measures to protect your data fromunauthorized access, alteration, disclosure, or destruction. These measuresinclude:

  • Encryption: We use encryption to protect data in transit (e.g., SSL/TLS protocols for our website to secure data transfer between your browser and our servers). We also employ encryption or hashing for stored passwords and sensitive data at rest, so that even if data were accessed improperly, it would be unreadable.
  • Access Controls: We restrict access to personal data to authorized personnel who needit to operate, develop, or improve our services. All employees or contractorswith such access are subject to confidentiality obligations.
  • Security Monitoring: Our systems are monitored for potential vulnerabilities and attacks.We routinely update our software and infrastructure to address security issuesand use firewalls and other technologies to prevent intrusion.
  • Third-Party Security: When using third-party services (such as hosting or AI processing), weselect reputable providers with strong security practices. We also ensure viacontracts that they maintain adequate security standards.

Whilewe strive to protect your data, please understand that no method oftransmission over the Internet or electronic storage is 100% secure. Thus,we cannot guarantee absolute security of your information. We encourage you touse a strong, unique password for your BRIO Health account and to notify usimmediately if you suspect any unauthorized access to your account. We willpromptly investigate any security incidents and notify users and authorities asrequired by law in the event of a data breach.

8. Your Rights and Choices

We believe in user rights and transparency regarding personalinformation. Depending on your location and applicable law, you may have someor all of the following rights regarding your personal data:

·      Access and Portability: You have the right to request a copy of the personal data we holdabout you. We will provide this information, in a common electronic format,subject to verification of your identity.

  • Rectification: If any personal information we have about you is inaccurate oroutdated, you have the right to request that we correct or update it. You canalso update certain information (like your account profile details) directlythrough your account settings.
  • Deletion: You can request that we delete the personal data we hold about you.Keep in mind there may be legal or legitimate business reasons we might retaincertain data (for example, records of transactions or communications may bekept for legal compliance or internal purposes). If you request deletion, wewill remove your personal data that is not required to be retained and willinform you if any data must be kept and why. Deleting your data may result inthe termination of your account and inability to use the service.
  • Withdrawal of Consent: If we are processing your personal data based on your consent (forexample, optional marketing emails), you have the right to withdraw thatconsent at any time. This will not affect the lawfulness of any processingalready conducted before your withdrawal.
  • Objection and Restriction: You have the right to object to certain processing (such as directmarketing) or ask us to restrict processing in certain circumstances (forinstance, if you contest the accuracy of data or have pending legal claimsinvolving the data).
  • Opt-Out of Communications: If you receive promotional or informational emails, you can opt out byfollowing the unsubscribe instructions in those emails or by contacting us.Please note that you cannot opt out of essential service-related emails (likepassword reset requests or important account notices).

To exercise any of these rights, please contact us using theinformation in the Contact Us section. We will respond to your requestin accordance with applicable law (typically within 30 days). For yourprotection, we may take steps to verify your identity before fulfilling yourrequest. There is usually no fee for reasonable requests, but if your requestsare unfounded or excessive, we may charge a reasonable fee or refuse to act onthe request as permitted by law.

Please note that while we will make every effort to honor yourrequests, some rights may not be absolute. For example, we might not be able todelete data that is required to fulfill a contract with you, that we arelegally obligated to keep, or that has been anonymized. If we cannot fulfill arequest, we will explain the reasons in our response.

9. Compliance & Regulatory Considerations

BRIO Health is committed to handling user data responsibly and in linewith widely accepted privacy principles. However, at this time we are not formally regulated by or fully compliant with specific privacy laws such as HIPAA, GDPR, or CCPA. Here is what this means:

  • HIPAA: The U.S. Health Insurance Portability and Accountability Act (HIPAA) generallyapplies to healthcare providers, insurers, and related entities handlingprotected health information. BRIO Health is an informational platform and is nota “covered entity” under HIPAA, as we do not provide healthcare services orprocess personal health records. Therefore, we are not legally required tocomply with HIPAA rules[1]. Weadvise users not to submit any protected health information via our service. Inthe event that any health-related personal data is provided to us, we willtreat it with strict confidentiality and security, but such data is notprocessed under a HIPAA compliance framework.
  • GDPR: The EU General Data Protection Regulation (GDPR) provides rights andprotections to EU residents. BRIO Health is not currently subject to GDPRrequirements in a formal sense, either because we do not actively target ormonitor EU users in a way that invokes the law, or because our organization hasnot met the criteria for its applicability. Similarly, we are not currentlysubject to GDPR or CCPA regulatory compliance requirements[2]. That said, we aim to honor core GDPR principles such as transparency, dataminimization, and giving users control over their data (see Your Rights above). If you are an EU resident using our service, we will do our best toaccommodate your GDPR-related requests (such as data access or deletion) eventhough we may not be fully set up under EU law.
  • CCPA/CPRA: The California Consumer Privacy Act (as amended by the California Privacy Rights Act) grants California residents specific rights regarding their personal information. BRIO Health is a young platform and at present we do not meet the thresholds that would require compliance with CCPA (for example, we do not sell personal data and do not meet the revenue or data volume criteria).Nevertheless, if you are a California resident, you may contact us with any CCPA-related inquiries or requests, and we will voluntarily extend those privacy rights and protections to you whenever feasible. We do not sell or share personal information as defined in CCPA.
  • Other Jurisdictions: For other regions (such as Canada’s PIPEDA, Australia’s Privacy Act, etc.), BRIO Health is not formally certified under those regimes. However, we consistently aim to follow best practices in data protection and to respect user rights regardless of location.

In summary, while we are not currently in full compliance withspecific privacy regulations (HIPAA, GDPR, CCPA, etc.) due to the nature andscope of our service, we voluntarily adopt many of their principles.We treat your data with care, implement strong security, and strive to betransparent about our practices. As our platform grows, we intend to assess andimprove our compliance efforts. We appreciate your understanding and are happyto address any questions or concerns about how we handle data.

10. Children’s Privacy

BRIO Health is intended for adult users, particularly medical studentsand healthcare professionals. Our services are not directed to childrenand we do not knowingly collect personal information from individuals under theage of 13 (and in certain jurisdictions, under 16). If you are under 13, pleasedo not use our site or provide any personal information.

In the event that we learn we have collected personal data from a childunder the age of 13 without verified parental consent, we will take immediatesteps to delete that information from our servers. If you believe a child under13 may have provided us with personal information, please contact us and wewill promptly investigate and address the issue.

Parents or guardians who become aware that their minor child has usedour service or provided us with personal data should contact us so we canremove the information and terminate any accounts if necessary.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changesin our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will revise the “Last Updated” date at thetop of the Policy. If changes are significant, we may also provide a moreprominent notice (such as by email notification to registered users or byplacing a notice on our website).

We encourage you to review this Privacy Policy periodically to stayinformed about how we are protecting your information. Your continued use of BRIO Health after any changes to this Policy constitutes your acceptance of the updated terms. If you do not agree with any updates to the Policy, youshould discontinue use of our services and may request that we delete yourpersonal data.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

BRIO TEAM
Email: team@briohealth.ai

We will do our best to promptly respond to your inquiry and address any issues. Your privacy is important to us, and we welcome feedback on our practices.

Thank you for trusting BRIO Health. We are dedicated to protecting your personal information and providing a safe, informative experience for all our users.

Empowering medical and veterinary students, researchers, and healthcare professionals with AI-powered tools to search smarter, learn faster, and work more efficiently.

Text to Speech
Product
About Us
Career
Company
Get Involved
Help
Resources
Privacy Policy
Terms and Conditions
Utilities
Trusted by

Experience the power of Cores firsthand. Empower your team, streamline operations, & take your business to new heights. Join thousands of successful companies already leveraging our innovative solutions to achieve extraordinary results.

© 2024 Cores.
Designed by Nixar. Powered by Webflow.

© 2025 BRIO Health. All Rights Reserved.