Privacy Policy
Effective date: July 4, 2026
Vene Health (“Vene,” “we,” “us,” or “our”) builds software that helps caregivers stay close to a loved one through voice calls, wearables, and the devices they already use. This Privacy Policy explains what we collect, how we use it, and the choices you and your loved one have. It applies to our caregiver mobile application, the companion application installed on a loved one’s phone, our web dashboard for care organizations, our website, and our backend services (collectively, the “Service”).
1. Information We Collect
Account information. Name, email, phone number, and authentication credentials used to create and manage your account or your loved one’s account.
Conversation data. Audio from calls between Vene and your loved one, whether in the app or over a regular phone call, is processed in real time and is not recorded or stored. Written transcripts of each conversation are created and retained so future conversations stay in context. If you or your loved one text with Vene over iMessage or SMS, those messages are retained the same way.
Personal context and memory. Information you or your loved one choose to share so Vene can be specific to them. Family names, voice memos, daily routines, comforts, fears, and things to gently steer away from.
Health and wearable data. Heart rate, heart rate variability, sleep, breathing, activity, and similar metrics from any wearable or health platform your loved one chooses to connect through our wearable data partner, Terra. Supported platforms may include Apple Health, Google Fit, Fitbit, Garmin, Oura, or WHOOP. Caregivers may also record care context such as conditions, medications, doctor visits, and care observations.
Medical records. If you or your loved one choose to connect a healthcare provider through our medical records partner, Fasten Health, we receive medical records such as conditions, medications, allergies, immunizations, lab results, and visit history. Records are imported only after your loved one or their authorized caregiver signs in to the provider and consents.
Smart home and device data. If and when your loved one connects a supported smart home platform, limited state and control data from that platform. As we add integrations, this may include Google Home, Alexa, Apple HomeKit, Philips Hue, Sonos, Ring, SmartThings, Home Assistant, and similar. We collect nothing from a platform until it is connected with explicit consent.
Caregiver circle and organization data. Names, contact details, and roles of the people you invite to share visibility or take turns being on call. If a home care agency or other organization sets up Vene, the patient and caregiver rosters it uploads, including names, phone numbers, and email addresses.
Billing information. Subscription status and billing history. Payments are processed by Stripe; we receive a payment reference and never store full card numbers.
Communications and invite data. Phone numbers and email addresses used to deliver verification codes, invitations, and account messages, along with the invite links we generate. If you text or call the Vene phone line, we receive your phone number and the content of that conversation.
Device and usage information. Device identifiers, push notification tokens, operating system, app version, IP address, and basic usage telemetry needed to operate, secure, and improve the Service.
Website data. If you join our waitlist, the email address you submit, verified with Google reCAPTCHA. Our website also uses Google Analytics cookies to measure how visitors use it.
2. How We Use Information
- Calls and conversation. Powering Vene’s conversations with you and your loved one over in app calls, regular phone calls, and text messages, including listening, speaking, and remembering them across conversations.
- Proactive check-ins. Combining wearable readings, daily rhythms, your scheduled check-ins, and your direct requests to decide when Vene should reach out.
- In-call actions. Performing the actions your loved one consents to in the moment, such as sending you a note or adjusting connected devices where smart home integrations are available.
- Caregiver notifications. Letting you know when something seems off, with the relevant context, so you can decide what to do next.
- Care summaries and trends. Preparing caregiver updates, doctor visit briefings and summaries, wellbeing and engagement trends drawn from conversations, health data, and care activity, and cognitive trends drawn from voice conversations.
- Account, billing, and communications. Managing subscriptions, processing payments through Stripe, and sending verification codes, invitations, and account emails.
- Quality and safety monitoring. Reviewing AI prompts and responses, including conversational context, through observability tooling so we can debug problems, evaluate quality, and keep the agent safe.
- Service improvement. Improving Vene’s voice, judgment, and reliability using aggregated and de-identified data. We do not sell personal data and we do not use your conversations to train third party foundation models.
3. Service Providers
We work with a small set of service providers to operate Vene. Each is bound by data protection terms and processes data only as needed to provide their portion of the Service.
- Deepgram. Speech to text for live conversations.
- Cartesia. Text to speech for live conversations in English, Spanish, and most supported call languages.
- ElevenLabs. Text to speech for a smaller set of supported call languages, speech to text for some languages, transcription of voice memos, and previews of the voices Vene can speak with.
- Groq and Cerebras. Language models that generate Vene’s responses during live conversations.
- Microsoft Azure. Language, vision, and audio models for background analysis, encrypted storage for media and session data, and operational logging.
- LiveKit. Real time audio infrastructure for the call layer, including the telephone connection when Vene speaks with you or your loved one over a regular phone call.
- Spectrum. Delivery of Vene’s text conversations over iMessage and SMS.
- Zep. Hosted long term memory that stores the personal context and conversational profile you and your loved one share with Vene.
- Terra. Wearable and health platform connections, including Apple Health, Google Fit, Fitbit, Garmin, Oura, WHOOP, and similar, accessed only with explicit consent.
- Fasten Health. Healthcare provider record connections. Brokers patient authorized access so records can be imported only with explicit consent.
- Smart home platforms. If and when your loved one connects them, Google Home, Alexa, Apple HomeKit, Philips Hue, Sonos, Ring, SmartThings, Home Assistant, and similar, accessed only with explicit consent.
- Twilio. Text message delivery for verification codes and invitations.
- Stripe. Payment processing and subscription billing.
- Langfuse. Observability for our AI systems. Receives prompts and responses, including conversational context, for quality and safety monitoring.
- Tavily. Web search Vene performs to bring current information into a conversation. Tavily receives only the search query, never your account information, though a query may reflect a topic raised in conversation.
- AppsFlyer. Invitation links and install attribution for our mobile apps. We do not use it for advertising.
- Google. Analytics to measure how visitors use our website, reCAPTCHA to protect our forms, and Sheets to store waitlist signups.
- Apple. Push notification delivery to caregiver and loved one devices.
- Tavus and LemonSlice. If and when video calls with a visual avatar are enabled, these providers generate the avatar video during a session.
- Resend. Email delivery for waitlist and account communications.
4. Data Security
We use industry standard practices to keep information safe.
- TLS 1.3 encryption for data in transit.
- AES 256 encryption for data at rest.
- Role based access controls and routine security reviews. Access to personal data is limited to the employees who need it to operate the Service, and access to health information requires additional, individually granted permission.
- Audit logs that record access to health information, including who accessed it, what was accessed, and when.
- Redaction of conversation content and personal identifiers from our operational logs.
- Signing out of the mobile app clears cached personal data and temporary recordings from the device.
Vene is not currently a HIPAA Covered Entity or Business Associate, and information you or your loved one share with the Service is not protected by HIPAA. We protect it instead through the safeguards above and the commitments in this policy. We are actively working toward HIPAA compliance and are building our security and privacy program to meet its standards; we will update this policy if our status under HIPAA changes.
If a breach of security affects unsecured, identifiable health information, we will notify affected users, the Federal Trade Commission, and, where required, state regulators and the media, as required by the FTC Health Breach Notification Rule and applicable state law, without unreasonable delay and within the timelines those laws set.
5. Conversation Data
Call audio, whether in the app or over a regular phone call, is processed in real time and is not recorded or stored. Written transcripts of each conversation, including text conversations with Vene over iMessage or SMS, are stored in our database and with our memory provider so future conversations stay in context. You or your loved one may request deletion of any stored conversation at any time by contacting us at team@venehealth.com, and deleting a loved one’s account removes their stored transcripts. We do not sell conversation data and we do not use it to train third party foundation models.
6. Memory Data
Vene stores personal context such as names, routines, and preferences so each call feels familiar. Caregivers can review, edit, and delete stored memories from inside the app, and you or your loved one can ask us to clear memory entirely at any time by contacting us at team@venehealth.com. Clearing memory does not affect other categories of data unless you also request that.
7. Your Rights
You and your loved one have the right to:
- Access. Request a copy of your personal data.
- Delete. Request deletion of your personal data and account information at any time. Shared loved-one and care-circle records may remain available to other authorized members as described below.
- Correct. Ask us to fix personal data that is inaccurate.
- Withdraw consent. Stop further data collection or disconnect any integration at any time.
- Portability. Receive your data in a structured, commonly used format.
To exercise any of these rights, contact us at team@venehealth.com. We respond to access and portability requests within forty five days. We will never discriminate against you for exercising your rights, and you may use an authorized agent to submit a request on your behalf.
8. Your California Privacy Rights
If you live in California, the California Consumer Privacy Act gives you specific rights over your personal information. The categories we collect are identifiers such as name, email, and phone number, commercial information such as subscription status, audio and electronic information such as conversation transcripts and text messages, health information, including medical records and wearable readings, which California treats as sensitive personal information, and inferences such as mood, wellbeing, and cognitive signals. We collect them from you, your loved one, your care circle or organization, connected devices and platforms, and your use of the Service, for the purposes described in Section 2, and we disclose them to the service providers listed in Section 3 and to the caregivers, care circle members, and care organizations you or your loved one authorize.
We do not sell personal information and we do not share it for cross context behavioral advertising, and we have not done either in the preceding twelve months. We use sensitive personal information only to provide the Service, so there is no sale or sharing to opt out of. If that ever changes, we will update this policy, provide a clear opt out, and honor universal opt out signals such as Global Privacy Control.
You may exercise your California rights to know, access, delete, correct, and limit the use of sensitive personal information by contacting us at team@venehealth.com.
9. Consumer Health Data
Some states, including Washington, Nevada, and Connecticut, give consumers specific rights over health data collected by services that are not covered by HIPAA. Vene collects consumer health data such as wearable readings, medical records a loved one connects, health conditions and medications shared by caregivers, and wellbeing signals inferred from conversations, and uses it only to provide the Service as described in this policy. We publish a separate Consumer Health Data Privacy Policy at venehealth.com/consumer-health-privacy that describes this data, the sources it comes from, who it is shared with, and how to exercise your rights, including how to appeal a decision we make about a request.
10. AI and Automated Processing
Vene’s agent is artificial intelligence, not a human, and the Service will tell you and your loved one so clearly. Conversations, whether they happen by voice or by text, are generated by the AI providers listed in Section 3, and transcripts are analyzed by language models to maintain memory, detect when something seems off, prepare caregiver updates and doctor visit summaries, and track wellbeing and engagement over time. Voice call transcripts may also be analyzed to track cognitive trends over time. The AI may surface alerts and suggestions, but a human caregiver always decides what to do next; we do not make decisions with legal or similarly significant effects about you by automated means alone.
If a conversation suggests a risk of suicide or self harm, the agent is designed to step out of normal conversation, encourage your loved one to speak with a real person and offer crisis support resources, and shift into a support mode that notifies caregivers. Our Terms of Service describe this safety protocol in more detail.
11. Users in the EEA and UK
Vene is operated from the United States and your data is processed there. If you use the Service from the European Economic Area or the United Kingdom, we process personal data to perform our contract with you, with your consent for health data and other special categories, and for our legitimate interests in operating and improving the Service. You have the rights to access, rectify, erase, restrict, and port your personal data, to object to processing, to withdraw consent at any time, and to lodge a complaint with your local supervisory authority. To exercise these rights, contact us at team@venehealth.com.
12. Data Retention
We retain personal data only as long as it is useful to provide the Service or as required by law. Conversation transcripts, memory, imported medical records, and connected device data are kept while the relevant Vene account, loved one, or care circle remains open. Canceling a paid subscription does not close your account or start account deletion. Raw data received from wearable platforms is deleted within thirty days of receipt; only the health metrics derived from it are kept. When you close your own account or request account deletion, we delete or anonymize your account data and personal identifiers, generally within thirty days, except where retention is required by law. Shared loved-one and care-circle records may remain available to other authorized care-circle members after your account is closed. Loved-one and care-circle data is deleted within thirty days when the loved one or care circle is deleted, or when it becomes orphaned with no authorized member remaining. You may cancel a pending account deletion before it is completed.
13. Children’s Privacy
Vene is intended for adults eighteen and older. We do not knowingly collect personal information from children under thirteen. If we learn that we have collected information from a child under thirteen, we will delete it promptly.
14. Changes to This Policy
We may update this Privacy Policy as the Service evolves. We will note material changes by updating the effective date at the top of this page and, where appropriate, by notifying you in the app or by email. Continued use of the Service after a change constitutes acceptance.
15. Contact Us
If you have any questions about this Privacy Policy or our data practices, contact us at:
Vene Health
San Francisco, CA
team@venehealth.com