Last updated: April 2026
Heerio collects the minimum information necessary to operate the check-in service. For each practice, we store the practice name and professional names. When a client checks in and confirms their arrival, we create a temporary arrival record containing only the provider selected and a timestamp. No client information of any kind is recorded — not names, not initials, not any identifying information whatsoever.
Arrival records exist only for the duration of the waiting room moment. Each record is permanently deleted within 60 minutes of creation. We do not maintain any history of client visits and do not build any profile of individuals who use the kiosk.
Heerio currently delivers arrival notifications via web push and email. Notifications contain no client information — professionals receive only an alert that someone has confirmed they are waiting for them. Client details are only accessible through the secure Heerio dashboard.
Heerio uses the following third-party services to operate:
Heerio collects zero client information. Clients tap their provider’s name and confirm their arrival — nothing else is recorded. The arrival record contains only which provider was notified and when, and is automatically deleted after 60 minutes. We do not store client names, initials, clinical notes, diagnosis, or session content of any kind. Practices remain responsible for their own HIPAA compliance obligations and should evaluate how Heerio fits into their broader privacy and security policies. We recommend consulting your compliance officer if you have questions. In the event of a security incident involving practice or provider data, we will notify affected parties promptly and in accordance with applicable federal and state law.
Heerio does not use tracking cookies or third-party analytics. The kiosk and dashboard pages do not load any advertising or behavioral tracking scripts.
Questions about this policy? support@heerio.app