Privacy Policy
Last updated June 20, 2026
This Privacy Policy describes how CareNook handles information when you use our website and application. By using the Service, you agree to the practices described here.
1. Who we are
CareNook ("CareNook," "we," "us") provides a sales and marketing CRM for home-care, home-health, and hospice agencies. This Privacy Policy explains what information we collect through our website and application (the "Service") and how we use and protect it.
2. Information we collect
Account information you provide, such as your name, email address, organization name, and role.
Business data you enter into the Service, including referral sources and their contacts, visits, referrals, campaigns, notes, and related sales activity.
Audio you choose to record for AI visit notes, which is transcribed and then summarized.
Usage and device information automatically collected when you use the Service, such as log data, IP address, browser type, and pages viewed.
Payment information, which is processed by our payment provider; we do not store full card numbers.
3. How we use information
We use the information we collect to:
- Provide, operate, secure, and improve the Service.
- Generate AI features you request, such as visit-note summaries and referral-source briefs.
- Process subscriptions, billing, and account management.
- Communicate with you about your account, support requests, and product updates.
- Detect, prevent, and respond to fraud, abuse, and security incidents.
4. Service providers (subprocessors)
We rely on a small set of trusted vendors to run the Service. They process data only on our instructions and under contractual safeguards:
- Supabase — application database, authentication, and storage.
- Vercel — application hosting and delivery.
- Anthropic — AI processing for visit notes and source briefs.
- Deepgram — speech-to-text transcription for voice notes.
- Stripe — subscription billing and payment processing.
We do not sell your personal information.
5. Protected health information (HIPAA)
CareNook is built around referral-source relationships and sales activity rather than patient clinical records. To the extent your use of the Service involves protected health information (PHI), we will enter into a Business Associate Agreement (BAA) with your organization, and we maintain administrative, technical, and physical safeguards consistent with that role. You are responsible for limiting the PHI you enter into free-text fields to what is necessary.
6. Data security
We use encryption in transit, access controls, and row-level security to protect data. No method of transmission or storage is completely secure, but we work to protect your information and to promptly address vulnerabilities.
7. Data retention
We retain your information for as long as your account is active and as needed to provide the Service. After account closure we delete or de-identify data within a reasonable period, except where retention is required by law or for legitimate business purposes such as resolving disputes and enforcing agreements.
8. Your choices and rights
You may access, correct, export, or request deletion of your data by contacting us. Depending on your location, you may have additional rights under applicable privacy laws. Your organization's administrator may also manage access and data on your behalf.
9. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the date above and, where appropriate, notify you through the Service.
10. Contact us
Questions about this Privacy Policy or your data can be sent to privacy@carenook.app.