Fiolo stores the medical history of your patients and the personal data of their owners. Here is exactly how we look after it — and the documents that put it in writing.
Your data is hosted on infrastructure within the European Economic Area. Where a provider processes data outside the EEA, the transfer is covered by Data Privacy Framework certification or Standard Contractual Clauses — see the sub-processor register for specifics.
Backups run at least every 24 hours, are archived on independent server infrastructure, and are kept for at least 14 days.
Every change to patient records and clinic data is versioned — who changed what, and when.
Each clinic's data is strictly scoped to its own organization. Your records are never visible to another clinic.
Availability is a contractual commitment in our Terms of Service, not a marketing claim.
All traffic between your browser and Fiolo is encrypted with TLS.
Compliance you can hold us to — every commitment below is part of the contract every clinic gets:
Fiolo is developed together with a working rehabilitation clinic, and every release is published in our public changelog.
See what shipped recentlyWrite to us — security and privacy questions go straight to the people who build Fiolo, not a ticket queue.
