Skip to content

Security & Privacy Info

Where is VetNotes hosted?

VetNotes is hosted on Google Cloud Platform, a ISO27001 certified company.

Where is data stored?

Data, including audio recordings, transcripts and summaries, are stored securely in Australia, on Google Cloud Platform databases. Note that Google Cloud is IRAP certified - i.e. the effectiveness of its security controls meet the Australian Government’s security requirements.


Is Data protected and encrypted?

Yes, all data, including audio and text, is encrypted both at rest and in transit. VetNotes receives an A+ rating from Qualys.

This means that your data is encoded into a format that can only be accessed with the correct decryption key, preventing unauthorised access.


Do I need client's consent to record their voice?

In most places, yes, you need consent to record someone's voice. Generally, verbal consent is sufficient. Many Vets choose to ask consent a second time after they have started recording, so they have a record of the consent (on the transcript, and in the audio file). 

Generally, Vets ask something similar to "Do you mind if I record this consult? This app will help me with note taking." Clients are typically very happy to oblige and help out their Vet.

We often hear "this call will be recorded for training purposes", when we call our bank/phone carrier/etc, so people are generally happy to have their voice recorded. 

Note - the above is not legal advice, and legalities vary by jurisdiction.


AI Providers

In order to provide VetNotes, data is securely shared with AI providers that programmatically transcribe and process clinical notes. These providers:

  • Do not use VetNotes’ data to train models.
  • Do not retain data after a task is completed.

VetNotes utilises AI technology offered by OpenAI, the company that created ChatGPT. OpenAI has been evaluated by a third-party security auditor and is SOC 2 Type 2 compliant. 

Employees at provider companies cannot access, view or edit any data sent or received from VetNotes.


Access control

Only a user can access the data associated with their account. Data for each account is logically separated within the database. Every database query is validated against security policies.

Data retention

No data is retained after a user deletes their account. When a user deletes their account, all data associated with their account is irreversibly deleted.



OpenAI security information: