Effective Date: February 15, 2026
Voxxo ("we," "our," or "us") operates the veterinary scribe application available at voxxo.ai and as a mobile application (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, share, and protect your information when you use our Service. By using the Service, you agree to the practices described in this policy.
When you create an account, we collect your email address and password (encrypted). You may also sign in via Google or Apple OAuth, in which case we receive your email and basic profile information from the provider. We also collect optional profile information such as your name, veterinary title, clinic name, clinic address, and phone number that you choose to provide.
The Service allows you to record audio of veterinary consultations. Audio recordings are temporarily uploaded to our servers solely for transcription processing. Once transcription is complete, the audio files are automatically deleted. We do not retain audio recordings long-term. Audio is stored locally on your device during recording and only uploaded upon submission.
Important — Recording Consent: You are responsible for obtaining consent from all parties present during a recorded consultation before initiating recording. Several U.S. states (including California, Florida, Illinois, and others) require all-party consent for audio recording. The Service provides a recording indicator, but the legal obligation to obtain consent rests with you.
Our transcription providers may process voice characteristics from audio recordings to perform speaker diarization (identifying different speakers). We do not create, store, or maintain voiceprint profiles or biometric templates. Audio recordings are deleted after transcription as described in Section 2.2. To the extent any biometric identifiers are transiently processed during transcription, they are not retained by us or, to our knowledge, by our transcription providers beyond the processing session.
Audio recordings are transcribed using third-party transcription services (see Section 5). The resulting transcripts, along with SOAP notes, discharge instructions, and other documentation generated by our AI systems, are stored in our database and associated with your account.
Depending on how you use the Service, we may store the following types of veterinary medical data associated with your account:
You may upload photos and file attachments (such as PDFs, images, or lab results) to patient records and communication records. These files are stored in secure cloud storage and are associated with your account. When you delete a record, associated photos and attachments are also deleted.
The Service includes an AI chat feature that allows you to interact with AI models. Chat conversations, including messages you send and AI responses, are stored in our database and associated with your account. If you use the optional web search feature within chat, your search queries are sent to a third-party search provider (Tavily).
If you choose to enable email delivery of discharge instructions, you may provide a Gmail app password. This password is encrypted using AES-256-GCM before storage and is only used to send emails on your behalf. You can remove your email credentials at any time through settings.
Payment processing is handled by Stripe (web) and Apple In-App Purchase via RevenueCat (iOS). We do not store your full credit card number, CVV, or other sensitive payment details on our servers. These payment processors collect and store payment information in accordance with their own privacy policies and PCI DSS requirements.
We collect usage data related to your use of the Service, including the types of API requests made (transcription, generation, chat, translation), the AI models used, token counts, and associated costs. This data is used for billing, enforcing usage limits, and improving the Service. We do not use third-party analytics or tracking services (such as Google Analytics).
We generate and store a persistent device identifier in your browser's local storage for cross-device recording synchronization. We also collect general device and browser information necessary for providing the Service.
We use your information for the following purposes:
The Service allows you to generate shareable links for discharge instructions. These links are accessible to anyone who has the link, are secured with a 128-bit token, and expire automatically after 7 days. Shared links may include translated versions. You are responsible for sharing these links only with intended recipients.
We use the following categories of third-party services to operate Voxxo. Each service processes data only as necessary for its designated purpose:
We access all AI providers via their commercial APIs with data processing terms that prohibit the use of your data for model training. Your transcripts and medical data are processed solely to generate responses and are not retained by these providers beyond the processing session.
The following services are only used when you activate specific features:
Cookies: Voxxo does not use cookies for tracking or advertising. We do not use any third-party analytics, advertising, or tracking cookies.
Local Storage: We use your browser's local storage for essential Service functionality, including:
IndexedDB: We use IndexedDB (browser-based storage) to temporarily store audio recording segments and cached files for offline functionality.
No Third-Party Tracking: We do not use Google Analytics, Segment, Mixpanel, or any other third-party analytics or tracking service. We do not serve ads or share data with advertising networks.
We implement industry-standard security measures to protect your data, including:
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
Voxxo is based in the United States. Your data is stored on servers located in the United States (via Supabase, hosted on Amazon Web Services). If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer. For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on Standard Contractual Clauses and/or your explicit consent as the legal basis for such transfers.
In the event of a data breach that affects your personal information, we will notify you in accordance with applicable law. Where required, we will provide notice within the timeframe mandated by your jurisdiction (e.g., 30 days for California residents, 72 hours to supervisory authorities for EEA residents under GDPR). Notification will include a description of the breach, the types of data affected, and steps you can take to protect yourself.
Depending on your location, you may have the following rights regarding your personal data:
If you are a California resident, you have the following additional rights:
Categories of personal information collected in the last 12 months: Identifiers (name, email); commercial information (subscription and payment records); internet/electronic activity (usage data, device identifiers); professional information (veterinary credentials, clinic information); audio/visual data (temporary audio recordings, photos); and inferences drawn from the above (AI-generated documentation). We collect this information directly from you and from our service providers (payment processors, authentication providers).
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We disclose personal information to service providers (listed in Section 5) solely for business purposes.
If you are located in the EEA, UK, or Switzerland, you have the following additional rights:
Automated Decision-Making: The Service uses AI to generate veterinary documentation from transcripts. This constitutes automated processing. The output is always presented as a draft for your review and is never used as the sole basis for decisions affecting individuals. You may request human review of AI-generated content by editing it before use.
Residents of Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, and other states with comprehensive privacy laws may have similar rights to those described above, including the right to access, correct, delete, and port personal data, and the right to opt out of the sale of personal data and targeted advertising. We do not sell personal data or engage in targeted advertising. To exercise any rights, contact us at the address below.
To exercise any of these rights, please contact us at support@voxxo.ai. We will respond to verifiable requests within 45 days (or such shorter period as required by applicable law).
You can delete your account and all associated data at any time directly within the app:
When you delete your account, all of the following are permanently removed: your profile and clinic information; all patient records, SOAP notes, and discharge instructions; all communication records; all transcripts; all photos and file attachments; all chat conversations; all tasks, cases, and calendar events; all hospitalization and treatment records; your settings and preferences; your usage logs; and your Stripe subscription (automatically canceled).
Apple Subscriptions: If you subscribed through the iOS app, you must also cancel your subscription through Apple Settings, as Apple does not allow third parties to cancel subscriptions on your behalf.
If you are unable to access the app or need assistance with account deletion, you can request deletion by emailing support@voxxo.ai.
Voxxo is designed for veterinary use. Veterinary medical records are generally not subject to HIPAA (Health Insurance Portability and Accountability Act), which applies to human health information. Voxxo acts as a data processor on behalf of veterinary practices; the veterinary practice retains ownership of all medical records created using the Service.
Notwithstanding the inapplicability of HIPAA, we implement robust security measures (described in Section 8) to protect your data. We also comply with applicable state veterinary medical records confidentiality laws, which vary by state. You are responsible for ensuring your use of the Service complies with the record-keeping requirements of your jurisdiction.
Voxxo uses artificial intelligence to generate veterinary documentation. We believe in being transparent about how AI processes your data:
The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
We may update this Privacy Policy from time to time. For material changes, we will notify you by email (if we have your email address) and/or by posting a prominent notice in the Service prior to the change becoming effective. We will update the "Effective Date" at the top of this page. Your continued use of the Service after the effective date of a revised policy constitutes acceptance. Where required by applicable law, we will obtain your consent before making material changes to how we process your data.
If you have questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us at: support@voxxo.ai