← All posts

Our Approach to Privacy: Why Your Health Data Stays Yours

How Seenly uses row-level security and privacy-first architecture to ensure your health data is never accessible to anyone but you.

When you record a conversation with your doctor, you’re capturing some of the most personal information imaginable. Diagnoses, symptoms, medication details, family history — it all comes up. We take the responsibility of handling that data seriously.

This post explains the specific technical and philosophical choices we’ve made to protect your privacy.

Data isolation by design

Every piece of data in Seenly — recordings, transcriptions, summaries, symptom logs, medication lists — is protected by row-level security (RLS) policies at the database level. This means that the database itself enforces that you can only access your own data.

This isn’t application-level access control where a bug could expose records. It’s a database-level guarantee. Even if someone found a vulnerability in our application code, the database would still refuse to return another user’s data.

What we can’t see

We deliberately designed Seenly so that our team cannot access your health data. We don’t have admin overrides that bypass RLS. We don’t log transcription content. When you delete a recording, it’s gone.

This creates some operational trade-offs — we can’t manually debug issues by looking at your data, for instance — but we believe that trade-off is worth making.

Transcription and AI processing

When your recording is transcribed and summarised, it’s processed through our edge functions and returned directly to your account. We don’t store intermediate processing results, and we don’t use your data to train AI models.

Your choices

You’re always in control:

  • Delete any recording, transcription, or summary at any time
  • Export your data in standard formats
  • Close your account and all associated data is permanently removed

The harder path

Building with privacy-first constraints is genuinely harder. Features that would be straightforward with looser data access become complex engineering challenges. But healthcare data isn’t the place to take shortcuts.

We believe trust is earned through architecture, not promises. If you have questions about our privacy practices, we’re always happy to discuss them in detail.