← Back to LEVIO

Privacy Policy

Last updated: February 2026

1. Introduction

LEVIO ("we", "our", "the Service") is a medical documentation platform that uses artificial intelligence to assist healthcare professionals with clinical documentation. We are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) and applicable data protection laws.

2. Data We Collect

We collect and process the following categories of data:

  • Account information: Name, email address, medical specialty, license number
  • Audio recordings: Voice recordings of medical consultations (with patient consent)
  • Transcripts: Text transcriptions generated from audio recordings
  • Clinical notes: AI-generated and manually edited medical documentation
  • Patient information: Patient names, medical record numbers, dates of birth, gender, contact information
  • Usage data: Audit logs, access timestamps, feature usage patterns

3. Purpose of Processing

We process your data for the following purposes:

  • Clinical documentation: Transcribing consultations and generating clinical notes
  • AI-assisted analysis: Providing diagnostic suggestions and clinical summaries
  • Service operation: User authentication, settings management, and platform functionality
  • Compliance: Maintaining audit trails as required by healthcare regulations
  • Service improvement: Improving transcription accuracy and AI model performance

The legal basis for processing is: (a) performance of a contract (providing the service), (b) legitimate interest (improving the service), and (c) legal obligation (medical record-keeping requirements).

4. Data Retention

Medical records and clinical documentation are retained for a default period of 7 years, in accordance with medical records retention laws. This period is configurable based on your jurisdiction's requirements. Audio recordings may be deleted sooner at your request. Account data is retained for the duration of your account and deleted upon account closure (subject to legal retention requirements).

5. Third-Party Data Processors

We use the following third-party processors to deliver our services:

  • AI Transcription Service — Audio transcription service. Audio data is transmitted securely for real-time transcription. Audio is processed transiently and is not retained after processing.
  • AI Analysis Service — Clinical analysis and note generation. Transcript text is sent for AI processing. API data is not used for model training.
  • Supabase — Database hosting and authentication. All data at rest is encrypted. Infrastructure is hosted in secure data centers with SOC 2 compliance.

6. AI Transparency

LEVIO uses artificial intelligence at multiple stages of clinical documentation. We believe in full transparency about how AI is used and its limitations.

6.1 AI Technologies Used

  • Real-time speech-to-text transcription: Audio from consultations is streamed in real-time to secure servers for transcription. Audio is processed transiently and is not retained after processing.
  • Clinical analysis and note generation: Transcript text is sent to an AI service for diagnostic suggestions, clinical summaries, drug interaction checks, and clinical note generation. API data is not used for model training.

6.2 Limitations of AI

  • AI-generated suggestions, diagnoses, and clinical notes are not a substitute for professional clinical judgment.
  • All AI outputs must be reviewed and verified by a qualified healthcare professional before being used in patient care.
  • AI models can produce inaccurate or incomplete results. The clinician retains full responsibility for all clinical decisions.

6.3 Patient Notification

Healthcare professionals using LEVIO are required to inform patients that AI technology is used during the consultation for transcription and clinical analysis. Patient consent for AI-assisted processing is obtained alongside recording consent before each consultation begins.

7. Data Transfers & Security

Data may be transferred to servers located outside your country of residence. All transfers are protected by appropriate safeguards including encryption in transit (TLS 1.2+) and at rest (AES-256). We implement industry-standard security measures including:

  • End-to-end encryption for audio streaming
  • Row-level security on all database tables
  • Multi-factor authentication support
  • Comprehensive audit logging
  • Regular security assessments

8. Your Rights

Under GDPR, you have the following rights:

  • Right of access: Request a copy of all your personal data
  • Right to rectification: Correct inaccurate personal data
  • Right to erasure: Request deletion of all your data ("right to be forgotten")
  • Right to data portability: Export your data in machine-readable format (JSON)
  • Right to restrict processing: Limit how we use your data
  • Right to object: Object to processing based on legitimate interest

You can exercise your rights directly through the Settings page (data export, data deletion) or by contacting us at the address below.

9. Contact Information

For data protection inquiries, requests, or complaints:

  • Email: privacy@levio.ai
  • Data Protection Officer: dpo@levio.ai

You also have the right to lodge a complaint with your local data protection supervisory authority.

Terms of Service·Back to LEVIO