Privacy Policy
Last updated: [DATE]
Draft v1 — starting point, not legal advice. Review with a qualified attorney before publishing. Bracketed […] items are placeholders.
Columbia Software Works LLC ("we," "us") operates PatientPapers (the "Service"). This policy explains what we collect, what we do not, and your choices. It applies to the PatientPapers website and application.
1. The most important point: patient data never leaves your device
PatientPapers is built so that the patient and form data you enter is stored only on your device. We do not receive, transmit, or store that data on our servers. We never see the patients you document or the contents of the forms you complete. If you lose or reset your device, that local data is gone and we cannot recover it — use the in-app export to keep your own backup.
Because we never receive protected health information (PHI), we are not a HIPAA "business associate" with respect to your use of the Service. You remain responsible for your own HIPAA and privacy obligations.
2. What we do collect
We collect only what we need to run the Service:
- Account information — your name, email address, professional role, and the credentials/identity details you enter to set up your provider profile (e.g., name, practice details). Provider-profile content used to fill forms is stored locally on your device; account-level identifiers we use to manage your account are limited to what's needed for login and support.
- Billing information — handled by our payment processor, Stripe. We receive limited billing metadata (such as subscription status and the email on file); we do not receive or store your full payment card number.
- Usage analytics — privacy-safe, aggregate usage signals (for example, counts of features used or forms completed) used to improve the Service. These contain no patient data and no form contents.
- Support communications — information you send us when you contact support.
3. What we do not collect
- Patient identities, conditions, or any form contents.
- Full payment card numbers.
- Location tracking, advertising identifiers, or data sold to third parties — we do not sell your data.
4. Service providers (subprocessors)
We use a small number of vendors to operate the Service. None of them receive patient data:
- Cloudflare — hosting, content delivery, and storage of the blank form library and your billing/license records (no PHI).
- Stripe — payment processing.
- [Email provider] — to send account and (with your consent) product emails.
- [Document-AI / LLM provider] — only if and when the optional custom-form feature is used, and only to analyze blank forms you choose to scan in. Blank forms contain no patient data. Forms containing patient information are never sent to this or any other third party.
5. Cookies and tracking
We use only the cookies necessary to operate the site and keep you signed in, plus minimal privacy-safe analytics. We do not use advertising or cross-site tracking cookies. [If you serve EU/UK visitors, add a consent mechanism.]
6. Email and marketing
If you join a waitlist or opt in to product updates, we will email you and you can unsubscribe at any time via the link in every message. We comply with applicable anti-spam laws (including CAN-SPAM); our mailing address appears below.
7. Your rights and choices
Depending on where you live (including under the CCPA/CPRA), you may have the right to access, correct, or delete the account and billing data we hold, and to opt out of marketing. To exercise these rights, contact us at [privacy@patientpapers.app]. Note: we cannot access or delete patient/form data stored locally on your device, because we never hold it — you control that directly on your device.
8. Data retention and security
We retain account and billing data for as long as your account is active and as required for legal and accounting purposes, then delete or anonymize it. We use reasonable administrative and technical safeguards to protect the limited data we hold. No method of transmission or storage is perfectly secure.
9. Children
The Service is intended for licensed professionals and is not directed to children. We do not knowingly collect personal information from children.
10. Changes and contact
We may update this policy and will post the new effective date. Material changes will be communicated as required by law.
Columbia Software Works LLC · [mailing address] · [privacy@patientpapers.app]