BentoBox is a documentation assistant, not a medical device. Do not enter PHI. No BAA currently offered — HIPAA-compliant tier coming soon.
← Back to home

Privacy Policy

Last updated: April 16, 2026

BentoBox Notes ("BentoBox," "we," "us," or "our") provides a clinical note generation platform at BentoBoxNotes.Rocks. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using our service you agree to this policy.

0. HIPAA status

BentoBox does not currently offer a Business Associate Agreement (BAA). A HIPAA-compliant tier is on our roadmap and will be a separate paid offering with explicit BAA acceptance required at enrollment. Until then, you must not enter Protected Health Information (PHI) into the service.

1. Information we collect

Account information

  • Name and email address you provide at sign-up
  • Hashed password (we never store passwords in plain text)
  • Account preferences, macros, presets, and configuration you create

Payment information

  • We use Stripe to process all payments. We do not store full credit card numbers, CVV codes, or bank details on our servers.
  • We store a Stripe customer ID and subscription ID to associate your account with your Stripe records.
  • Stripe's privacy policy applies to all payment data: stripe.com/privacy

Clinical notes and patient data ("PHI")

  • SOAP notes are generated in your browser and copied into your existing EHR.
  • We do not store, transmit, log, or process Protected Health Information (PHI) on our servers.
  • Templates, macros, and presets are stored as configuration only and should not contain patient identifiers.

Technical information

  • Authentication cookies (httpOnly, used to keep you signed in)
  • Standard server logs (IP address, browser type, request timestamps) for security and debugging
  • Error reports if something goes wrong in the application

2. How we use your information

  • To provide the note generation service and your account
  • To process subscription payments via Stripe
  • To send service-related emails (account confirmation, password reset, billing notices)
  • To detect and prevent fraud, abuse, or unauthorized access
  • To improve the product based on aggregate usage patterns

We do not sell your data, share it with advertisers, or use it to train AI models.

3. HIPAA and PHI — the Zero PHI Promise

Zero PHI Promise: BentoBox Notes never stores, transmits, or processes Protected Health Information on our servers. SOAP notes are generated client-side in your browser and you copy them into your EHR. We do not act as a Business Associate because we do not create, receive, maintain, or transmit PHI on your behalf.

You are responsible for ensuring that the templates, macros, and configuration you create do not contain patient identifiers, and that you handle the generated notes in accordance with HIPAA and your organization's policies. The service is currently provided “use-at-your-own-risk” and is not HIPAA-compliant; you agree at sign-up not to enter PHI.

Future scope: When direct EHR push-via-API launches (on the Pro roadmap), generated notes will transit our servers in order to reach your EHR. At that point the Zero PHI Promise evolves: the scope narrows to “no PHI at rest on our servers” and we will operate under a full HIPAA-compliant posture with a signed Business Associate Agreement (BAA) available to customers. This privacy policy will be updated before that feature ships, and you’ll always know what’s stored before it is.

4. Data sharing

We only share data with these categories of service providers, and only what they need to perform their function:

  • Stripe — payment processing
  • Resend — transactional email delivery
  • Hosting infrastructure — to run the application and database

We may also disclose information if required by law, subpoena, or to protect our legal rights.

5. Data retention and deletion

We keep your account data while your account is active. You can delete your account at any time, immediately and permanently, from your Profile page → Delete Account. Deletion removes your account, configuration, and Stripe customer record from our systems right away and cancels any active subscription. If you'd rather have us do it for you, email privacy@bentoboxnotes.rocks. Server logs are retained for up to 90 days for security and debugging purposes.

6. Security

  • Passwords hashed with bcrypt (cost factor 12)
  • Authentication via httpOnly, secure cookies
  • HTTPS/TLS encryption for all traffic
  • Stripe webhook signature verification on all payment events
  • Server-side validation on all subscription operations

No system is perfectly secure. If you suspect unauthorized access to your account, contact us immediately.

7. Your rights

Depending on your jurisdiction (including under GDPR and CCPA), you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your configuration and account data
  • Opt out of non-essential communications

You can self-serve account deletion and data export from your Profile page. For all other requests, contact us at the address in section 10.

8. Cookies

We use only essential cookies required to keep you signed in. We do not use third-party advertising or tracking cookies.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email or a notice in the app. Continued use after the effective date constitutes acceptance.

10. Contact

Questions about privacy or data requests: privacy@bentoboxnotes.rocks

Last updated: April 16, 2026. We may update this policy from time to time; we’ll notify account holders by email of material changes and require re-acceptance where appropriate.

This document is a starting template, not legal advice. Please review with qualified counsel before relying on it for live operations.