Privacy Policy

Last updated: March 10, 2026

1. Introduction

CareNote ("we", "our", or "us") is a cloud-based clinical practice management software (SaaS). We are committed to protecting your personal information and your right to privacy. This Privacy Policy describes how we collect, use, store, and share your information when you use our service at carenote.app.

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, clinic name, and phone number when you create an account.
  • Patient Data: Patient records, visit notes, diagnoses, treatments, and attachments that you enter into the platform.
  • Payment Information: Payment records you create within the platform. Subscription payments are processed securely by our payment provider (Paddle).
  • Usage Data: Log data such as IP address, browser type, pages visited, and timestamps for service improvement.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the CareNote platform
  • Authenticate your account and manage access
  • Send transactional emails (visit confirmations, password resets)
  • Process subscription payments via Paddle
  • Improve our product and user experience
  • Respond to support requests

4. Data Storage & Security

Your data is stored on secure cloud infrastructure provided by Supabase (powered by AWS). All data is encrypted in transit (TLS/SSL) and at rest. We implement row-level security policies to ensure that each user can only access their own data. We do not sell, share, or provide your data to any third parties for marketing purposes.

5. Data Sharing

We only share your information with:

  • Supabase: Our database and authentication infrastructure provider.
  • Paddle: Our payment processor for handling subscriptions.
  • Amazon SES: Our email delivery service for sending visit notifications.

These providers process data only as needed to deliver their services and are bound by their own privacy policies.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Export your data at any time
  • Withdraw consent for optional data processing

To exercise these rights, contact us at support@carenote.app.

7. Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

8. Data Retention

We retain your data for as long as your account is active. If you request account deletion, we will permanently remove all your data within 30 days. Backups containing your data will be purged within 90 days.

9. Children's Privacy

CareNote is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the updated policy on this page and updating the "Last Updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at:
support@carenote.app