Private by design

Privacy Policy

Therapy data is not ordinary data. This policy explains exactly what BeeThere and the BeeThere EHR Sync extension collect, why, and how it stays protected.

Last updated: July 6, 2026

1. Who we are and what this covers

BeeThere is a private clinical workflow tool for therapists. This policy explains how we collect, use, and protect information when you use the BeeThere web application and the BeeThere EHR Sync Chrome extension (together, the "Services").

BeeThere is designed for licensed mental health professionals. You, the therapist, remain the custodian of your clients’ records; BeeThere processes that information only to provide the Services to you.

2. Information we collect

Account information: your name, email address, and authentication credentials, used to create and secure your account.

Clinical content you create: client profiles, session notes, note templates, and related documentation you enter into BeeThere. This may include personal and health-related information about your clients. We collect it only because you enter it, and only so we can store and display it back to you.

Settings and preferences: your default EHR, note formats, and similar configuration.

Technical information: basic logs (such as request timestamps and error reports) needed to keep the Services secure and reliable. We do not use advertising trackers.

3. The Chrome extension (BeeThere EHR Sync)

The extension has one purpose: transferring session notes you already saved in BeeThere into the matching note fields of your Electronic Health Record (EHR) system, at your explicit request.

When you click "Sync", the extension reads the structure of the EHR note page you have open, matches your note sections to its fields, and fills them in. It does not read, collect, or transmit the content of EHR pages to our servers, and it does not track your browsing.

The extension stores your session token and preferences locally on your device so you stay signed in. It communicates only with BeeThere’s own servers and our authentication provider to fetch your clients and notes.

Access to EHR websites other than the defaults is granted only if you add a custom EHR and explicitly approve access to that one site in Chrome.

Our use of information received through the extension complies with the Chrome Web Store User Data Policy, including its Limited Use requirements.

4. How we use information

To provide the Services: storing your documentation, generating drafts you request, and syncing notes to your EHR.

To secure and maintain the Services: authentication, fraud prevention, debugging, and support.

We do not sell your data. We do not use your notes, transcripts, or client information to train outside AI systems. We do not use your data for advertising.

5. Storage and security

Your data is stored with our cloud database provider (Appwrite Cloud) with encryption in transit (TLS) and encryption at rest enabled on sensitive fields such as client details and note content.

Every record is scoped to your account: authentication is required for all requests, and you can only access records you own.

No method of transmission or storage is completely secure, but we work to protect your information with safeguards appropriate to the sensitivity of clinical data.

6. When we share information

Service providers: infrastructure vendors (such as our database and hosting providers) that process data on our behalf under confidentiality obligations, only as needed to run the Services.

Your EHR: when you use the extension to sync a note, the note content is written into your EHR page in your own browser session. We never send your data to an EHR ourselves.

Legal requirements: we may disclose information if required by law, and we will limit any disclosure to what is legally necessary.

We never share client records with advertisers, data brokers, or any third party for their own purposes.

7. Retention and your rights

We keep your data for as long as your account is active. You can delete clients, sessions, and notes at any time from within the app; deleted records are removed from our production database.

Depending on where you live (including under GDPR and CCPA), you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at the address below and we will respond within the timelines required by law.

If you close your account, we will delete your stored data within a reasonable period, except where retention is required by law.

8. Children

BeeThere accounts are for licensed professionals and are not directed to children under 13 (or the equivalent minimum age in your jurisdiction). Clinical records a therapist keeps about minor clients are entered and controlled by the therapist as part of their professional practice.

9. Changes to this policy

We may update this policy as the Services evolve. If we make material changes, we will notify you through the app or by email before the changes take effect. The "Last updated" date above always reflects the current version.

Contact

Questions about your data?

Reach us at [email protected] and we will get back to you promptly.