Is Corti safe with your data?

Corti

Corti ApS

57/100

Partial disclosure · medium confidence

Corti earns a C (57/100) because it discloses its data practices only in part.

#114

of 177 apps ranked

score · Healthcare avg 43

+14

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Corti publishes a detailed GDPR-style policy on data-subject rights and international transfers. It says nothing about whether customer inputs or audio recordings are used to train its models, and it never describes itself as an AI product. Those silences on training and AI disclosure, plus vague retention and no breach-notification clause, keep it in the C band. The major gaps are all silence rather than adverse reservations, so no dealbreaker applies.

What Corti's privacy policy says about your data

Strong data-subject rights

The policy grants access, deletion, portability in a structured machine-readable format, rectification, and objection. It routes self-service access, update, and deletion through account settings.

Silent on model training

This is a healthcare audio platform, yet the policy never states whether inputs or recordings are used to train models and offers no training opt-out. All four training indicators score zero on silence.

Named transfer safeguards

Corti names adherence to the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Frameworks, certified to the U.S. Department of Commerce. It also commits to a government-access standard limited to valid requests by public authorities.

Vague retention and no breach notice

Retention is described only as for as long as is necessary, with no day count or deletion timeline. The security section commits only to commercially reasonable measures and has no breach-notification clause.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

Corti privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights5 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatDisclosed

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion1 of 4 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsPartial

Commits to collecting only the data it needsDisclosed

Third-party sharing3 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementPartial

Does not sell or share data for advertising, or offers opt-outPartial

Names a safeguard for international data transfersDisclosed

States a standard for government and law-enforcement accessDisclosed

Transparency2 of 4 disclosed

Discloses that you are interacting with AISilent

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesDisclosed

Is versioned and dated, with change noticePartial

Sensitive data and children2 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsPartial

Commits to breach notificationSilent

Names a certification or a privacy contactPartial

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: text, audio
Processes biometrics: No
Policy last updated: 2026-06-16
Region scored: Global / US-default
Assessed: 2026-06-20

Read Corti's privacy policy

Other healthcare apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.