When you create an account, we collect:
When you upload a case for analysis, the case text is sent to third-party AI providers for processing. Our privacy parser automatically strips personally identifiable information before it is transmitted to any AI service. This includes names, dates of birth, addresses, phone numbers, Social Security numbers, email addresses, medical record numbers, and other common personal identifiers.
Case text sent to AI providers is de-identified first (see above). After each analysis, HomeoBrain prompts you to save the case to your account (one click, or skip) so you can revisit it and use the AI chat. Saved case text is encrypted at rest, and the text used for the in-app search index is de-identified before indexing. We do not use case data for training or analytics. You can delete any saved case at any time. You are also welcome to upload case files that have already been de-identified.
When you save a case (you are prompted after each analysis, and you choose whether to start a new patient file or add to an existing one), HomeoBrain stores, encrypted at rest: the case text and analysis results, an optional patient name or label you provide, and a case date. The name is encrypted and used only to group a patient's follow-up sessions. The case text used for the in-app search index is de-identified (all 18 HIPAA Safe Harbor identifiers removed) before indexing. You remain responsible for having a lawful basis to enter patient information; we recommend using initials or a code (e.g., "Case #42") rather than a full name.
You have full control over saved data: you can view, manage, and permanently delete any saved case at any time from within the application. Deletion is immediate, irreversible, and also removes the case from the search index.
HomeoBrain uses a single session cookie to keep you logged in. This cookie is essential for the application to function and expires after 30 days of inactivity.
We do not use:
All payment processing is handled by Stripe. When you subscribe or make a payment, your card details are entered directly into Stripe's secure payment form. We never see, receive, or store your credit card number, CVV, or full card details. We only receive a confirmation of payment status and a truncated card identifier (e.g., "Visa ending in 4242") from Stripe for your records.
HomeoBrain relies on the following third-party services:
Each of these services operates under its own privacy policy. Case data sent to AI providers is used solely for generating your analysis results and is subject to each provider's data handling terms. The vast majority of case processing is handled by Anthropic's Claude models.
You have the right to:
To exercise any of these rights, you can use the in-app settings or contact us.
HomeoBrain is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will promptly delete it.
We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. We encourage you to review this page periodically to stay informed about how we handle your data.
If you have any questions or concerns about this Privacy Policy or your data, please contact us.