Privacy Policy

Last updated: March 23, 2026

1. Overview

DotPhraser (“we,” “us,” or “our”) provides an AI-powered dot phrase drafting tool at dotphraser.com and app.dotphraser.com. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using DotPhraser you agree to the practices described here.

2. No PHI — Do Not Enter Patient Data

DotPhraser is a template drafting tool. We do not store, process, or transmit Protected Health Information (PHI) as defined by HIPAA. You must not enter any patient names, dates of birth, medical record numbers, diagnoses, or any other patient-identifiable information into DotPhraser. Prompt text you enter is sent to Anthropic’s API solely to generate a response and is not stored by DotPhraser.

3. Information We Collect

Account data. When you sign up we collect your email address, used for authentication via magic link. Your email is stored in our Supabase database hosted in the United States.

Usage data. We record the count of dot phrase generations per user per month for free-tier enforcement. We do not log the content of your prompts or generated phrases.

Saved phrases. If you choose to save a generated phrase to your library, the phrase body and optional metadata (name, trigger, specialty, note type) are stored in our Supabase database under your user ID. You can delete any saved phrase at any time.

Billing data. Subscription payments are processed by Stripe. DotPhraser stores only your Stripe customer ID and subscription plan status. We never see or store full payment card numbers.

4. Prompt Data and Anthropic

Generation requests are sent to the Anthropic API. DotPhraser does not log prompt or completion text. Anthropic’s own data handling practices are governed by their Privacy Policy. Anthropic’s API usage policies prohibit using API outputs to train competing models.

5. Data Storage and Location

Account, usage, and phrase data are stored in a Supabase PostgreSQL database. Supabase infrastructure is hosted on AWS in the United States. Data is encrypted at rest and in transit. Row-level security policies ensure each user can only access their own data.

6. Data Retention

Your account data and saved phrases are retained as long as your account is active. If you delete your account, your data will be removed within 30 days. Usage count records are retained for 13 months for billing and abuse prevention purposes, then deleted.

7. Third-Party Services

DotPhraser uses the following third-party services:

  • Supabase — database and authentication
  • Anthropic — AI phrase generation
  • Stripe — subscription billing
  • Vercel — application hosting

Each service operates under its own privacy policy. We share only the minimum data required for each service to function.

8. Cookies and Local Storage

DotPhraser uses browser cookies for authentication session management (set by Supabase Auth). We also use browser localStorage to remember whether you have dismissed the SmartLink caveat banner. We do not use advertising cookies or third-party tracking scripts.

9. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by emailing contact@dotphraser.com. You can delete your saved phrases directly from your library. You can cancel your subscription at any time through your account settings or by contacting us.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email to registered users. Continued use of DotPhraser after the effective date constitutes acceptance of the updated policy.

11. Contact

Questions about this Privacy Policy? Email contact@dotphraser.com.