DRAFT — pending legal review. This placeholder text describes the product's intended posture and is not a final legal document. It must be replaced with counsel-reviewed content before any paid or production use.

Privacy Policy

Last updated (draft): June 24, 2026 (draft)

This Privacy Policy describes how MentalHealthSolutions.ai (the "Service") collects and handles information. The Service is a clinician-facing tool intended for de-identified use only.

1. No PHI is collected or stored

  • The Service is designed for de-identified, clinician-facing planning. Clinicians are instructed not to enter Protected Health Information (PHI) or any directly identifying client information.
  • We do not offer a Business Associate Agreement and the Service is not represented as a HIPAA-covered system. We make no claim of HIPAA, HITECH, 42 CFR Part 2, SOC 2, or ISO certification.
  • If a clinician enters identifying information in violation of our Acceptable Use policy, that data may transit our systems; we will assist with deletion upon request.

2. Information we do collect

  • Account information: name, email, professional role, and practice type you provide at sign-up.
  • Workspace content: de-identified intake selections, generated support-plan drafts, and referral resources you save to your workspace.
  • Operational data: sign-in events, error logs, and basic usage analytics needed to operate the Service.

3. How we use information

  • To provide and secure the Service and your workspace.
  • To generate the de-identified plan drafts you request, using a third-party AI provider.
  • To respond to support requests and to communicate service updates.

4. Sharing and subprocessors

We share data only with vetted subprocessors needed to run the Service, including a managed database/auth/storage provider and an AI inference provider. A current subprocessor list will be published with the counsel-reviewed final version. We do not sell personal information.

5. Retention and deletion

  • Workspace content is retained while your account is active.
  • You can export your data at any time from Settings.
  • Deleting your account permanently removes your profile, saved plans, and referral resources.

6. Security

  • Data is transmitted over TLS and stored with industry-standard at-rest encryption provided by our hosting provider.
  • Per-user row-level security restricts each clinician's data to their own account.
  • No system is perfectly secure; we do not warrant the absence of vulnerabilities.

7. Your choices

  • Access, export, or delete your data from Settings.
  • Reset your password via the sign-in screen.
  • Contact us via the in-app feedback link for any privacy request.

8. Children

The Service is not directed to children. Clinicians must not enter identifying information about any minor (or any other client).

9. International users

The Service is operated from the United States. Cross-border transfer and regional rights (e.g., GDPR, UK GDPR, CPRA) will be addressed in the counsel-reviewed final version.

10. Changes

We will post material changes to this Policy in-app and update the "Last updated" date.

11. Contact

Privacy questions: use the in-app feedback link.