Privacy Policy

Last updated: March 2026

1. Information We Collect

When you use Hypno Bunny, we collect:

  • Account information: email address, display name, and hashed password.
  • Clinical data: client records, session notes, scripts, progress metrics, and reports that you create within the platform.
  • Usage data: application settings and preferences stored locally in your browser.

2. How We Use Your Information

  • To provide and operate the clinical practice management features.
  • To authenticate your identity and protect your account.
  • To process AI-assisted requests (script generation, research queries, report generation) through third-party AI providers.

3. Data Storage & Security

  • Clinical data is stored in a PostgreSQL database. You are responsible for securing your deployment environment.
  • Passwords are hashed using bcrypt with a cost factor of 12.
  • Session tokens are signed using a secret key and expire after 4 hours.
  • Offline data is stored locally in your browser using IndexedDB and is not transmitted unless you initiate a sync.

4. Third-Party AI Providers

When you use AI features (script generation, research, reports), your prompts and relevant clinical context are sent to third-party AI providers (e.g., OpenRouter, which routes to models like Claude or GPT). You should review the privacy policies of these providers and ensure compliance with your professional obligations regarding client data.

5. Data Isolation

Each practitioner's data is isolated. You can only access clients, sessions, scripts, and reports that belong to your account. Administrative users have additional access for platform configuration only.

6. Data Retention

Your data is retained as long as your account is active. You may request deletion of your account and associated data by contacting the platform administrator.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, or delete your personal data. Contact the platform administrator for data requests.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date above.

9. Contact

For privacy-related questions, please contact the platform administrator.

← Back to Login