Privacy Policy

Last updated: June 2026

1. Overview

Brief My Doctor ("we," "our," "us," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process your information, including sensitive health information.

Brief My Doctor is not a HIPAA-covered entity, but we implement HIPAA-grade security practices to protect your medical information. By using Brief My Doctor, you acknowledge that your health data will be processed to generate appointment preparation summaries.

2. Information We Collect

Health Information

When you use Brief My Doctor, you voluntarily provide symptoms, medical conditions, and appointment details.

Technical Information

IP address (hashed for rate limiting), browser type, and timestamps.

No Personal Identification

We do NOT collect name, email, phone, account credentials, or payment information (unless voluntarily provided via waitlist).

3. How We Use Your Information

We use your information solely to generate appointment prep summaries, enforce rate limits (1 lifetime free prep per IP), and improve Brief My Doctor. We NEVER sell or share your health information.

4. Data Retention & Deletion

Your health information is deleted immediately after processing. Your symptom input is processed in real-time by Claude AI and permanently deleted from our servers within seconds. The generated summary is stored only on your device.

Rate-limit tracking (IP hash + usage count) is retained for 7 days, then deleted.

5. Third-Party Services

Anthropic Claude AI: Processes your health input. Review: https://www.anthropic.com/privacy

Vercel: Hosts our web application. Review: https://vercel.com/legal/privacy-policy

Supabase: Stores rate-limit data (IP hash only, not health information). Review: https://supabase.com/privacy

6. Security

HTTPS encryption, immediate data deletion, no long-term storage of sensitive data, rate limiting, and regular security audits. No system is impenetrable — contact us immediately if you suspect a breach.

7. Your Rights

You have the right to request a summary of rate-limit data, request deletion of your IP hash, and contact us with privacy concerns.

Email: [email protected]

8. Children's Privacy

Brief My Doctor is not intended for children under 13. We do not knowingly collect information from minors.

9. International Users

Brief My Doctor is hosted in the US (us-east-1). By using Brief My Doctor, you consent to your data being processed in the United States. EU/GDPR users can request data deletion at [email protected]

10. Changes to This Policy

We may update this Privacy Policy occasionally. Continued use of Brief My Doctor constitutes your acceptance of changes.

11. Contact Us

Email: [email protected]

Legal Notice: This Privacy Policy is informational. Consult a healthcare attorney for compliance questions.