Privacy Policy

Last updated: June 21, 2026

1. Information We Collect

We collect: your email address (for account creation), payment information (processed by Stripe — we never see card numbers), and the session notes and client codes you submit for note generation.

2. What We Do NOT Store

We do not store Protected Health Information (PHI). Our system is designed so that real patient names, dates of birth, social security numbers, and other PHI should never be entered. Client identifiers you enter are codes or initials of your own choosing.

3. How We Use Your Data

Your note inputs are sent to Anthropic's Claude API to generate structured clinical notes. Anthropic's data use policy applies to API calls. We store generated notes in your account so you can access your history. We do not use your notes to train AI models.

4. Data Security

All data is encrypted in transit (TLS) and at rest. We use Supabase for database hosting with row-level security ensuring users can only access their own data.

5. Data Retention

Your notes are retained as long as your account is active. You may delete your notes at any time. Upon account deletion, all associated data is permanently removed.

6. Third-Party Services

We use: Anthropic (AI processing), Stripe (payment processing), Supabase (database and authentication), Vercel (hosting). Each has their own privacy policy.

7. Your Rights

You may request deletion of your account and all associated data at any time by emailing support@clinicalnoteai.com.

8. Contact

Privacy questions: support@clinicalnoteai.com