Privacy policy

Scope

This policy applies to clinic account data, practitioner profiles, clinic configuration, billing metadata, and patient directory records stored in the Portal.

It does not replace the Onset iOS app privacy policy for patient app users. Patients control what they share from the app into the Portal.

Information we collect

• Practitioner account details you provide at signup (name, email, clinic name, title, specialty, and optional affiliate short code).
• Clinic configuration such as branding, team membership, protocol templates, and fitness templates you create.
• Patient directory fields your clinic enters (encrypted name, email, and notes) plus protocol assignments and clinic-held wellness organization data.
• Patient-shared data that patients choose to sync from the Onset app after connecting (for example adherence, labs, or check-ins, subject to patient consent settings).
• Operational logs including SHIELD audit events, support tickets you submit through the in-portal Help tool, and security/rate-limit records.
• Billing identifiers and subscription status processed through Stripe when you upgrade to Clinic Pro.

How we use information

We do not sell clinic or patient directory data. We do not use Portal data for third-party advertising.

• Provide, secure, and maintain the Portal for your clinic organization workflows.
• Send transactional email such as patient invites, billing notices, weekly summaries (Pro), and support ticket confirmations.
• Improve reliability, prevent abuse, and investigate support or security issues.
• Process subscription payments and manage Clinic Pro entitlements.

Patient directory protection

• Patient names, emails, and notes are stored using AES-256-GCM encryption before database persistence.
• Duplicate patient checks use a one-way email hash rather than plaintext email search.
• Production deployments may route encrypt, decrypt, and hash operations through a separate privacy vault service.

When we share information

• Service providers that help us operate the Portal under contractual safeguards (see Subprocessors below).
• When required by law, legal process, or to protect rights, safety, and security.
• With your direction, such as when you invite a patient or export clinic-held records you request.

Subprocessors

• Supabase — authentication, database, storage, and edge functions for Portal operations.
• Stripe — subscription checkout, billing portal, and payment event processing for Clinic Pro.
• SendGrid — transactional email delivery for invites, billing alerts, and support notifications.

Retention and deletion

We retain clinic and patient directory data while your clinic account is active and as needed for security, billing, and legal obligations.

Deleting a patient relationship removes clinic-held copies of assignments and patient-shared Portal data for that relationship. It does not delete a patient's personal Onset app account or on-device data.

Closing a clinic permanently deletes patient directory and clinic protocol data stored in the Portal for your organization. Export patient directory data from Settings before closure if you need a local copy for your records.

Your choices

• Update practitioner and clinic profile information in Settings.
• Export patient directory data from Settings where available.
• Contact us to request assistance with account deletion or data questions.

Security

We use encryption, access controls, Row Level Security, audit logging, and server-side authorization checks designed to protect clinic and patient directory data. No online service can guarantee absolute security.

Children

The Portal is intended for authorized clinic staff age 18 or older. We do not knowingly collect information from minors through the Portal.

Changes to this policy

We may update this policy as the Portal evolves. The effective date at the top indicates the latest revision. Continued use after an update means you accept the revised policy.

Contact

Privacy questions about the Clinic Portal: privacy@theonset.app

General support: support@theonset.app