Privacy Policy

Last updated: March 15, 2026

MyDotPhrases ("we", "our", "us") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data.

What We Collect

When you create an account and use MyDotPhrases, we collect:

• Account information: your email address and display name, used for authentication and identifying your account.
• Dot phrase content: the template text, shortcuts, titles, folder names, and team associations you create within the application.
• Usage data: phrase use counts and timestamps to power features like "Recent" and "Most Used" sorting.

What We Do NOT Collect

• Protected Health Information (PHI): MyDotPhrases stores only generic documentation templates with placeholder variables (e.g., [PATIENT_NAME]). Patient-specific data is entered only when you paste a completed phrase into your EMR. We never receive, process, store, or transmit PHI.
• Payment information: if you subscribe to a paid plan, payment is processed entirely by Stripe. We never receive or store your full credit card number. We only store your Stripe customer ID and subscription status so we can manage your plan.
• Advertising data: we do not use third-party advertising trackers or ad networks. We do not sell your data to advertisers.

How We Use Your Data

• To provide and maintain the MyDotPhrases service.
• To authenticate your account and enforce access controls.
• To enable team sharing features when you choose to join a team.
• To diagnose and fix bugs via error monitoring (Sentry).
• To understand aggregate usage patterns and improve performance via anonymous analytics (Vercel Analytics).
• To process payments and manage subscriptions for paid plans (Stripe).

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Data Storage & Security

• Your data is stored in Supabase (hosted on AWS) with row-level security (RLS), meaning your phrases are only accessible to you and any teams you join.
• All data is encrypted in transit (TLS) and at rest (AES-256).
• Authentication is handled by Supabase Auth with secure session management.

For more details, see our Security & HIPAA page.

Your Rights

You have the right to:

• Access your data: view all your phrases, folders, and templates in the dashboard.
• Export your data: export your entire phrase library as JSON at any time from the dashboard.
• Delete your data: delete individual phrases, folders, or your entire account from the settings page. Account deletion permanently removes all associated data.
• Correct your data: edit any phrase, folder, or account information at any time.

Analytics

We use Vercel Analytics and Vercel Speed Insights to understand aggregate usage patterns and page performance. These tools collect anonymous, non-personally-identifiable data such as page views, web vitals, and device type. No cookies are set for analytics purposes, and no data is shared with advertisers.

Cookies

We use only essential cookies required for authentication and session management. We do not use advertising or cross-site tracking cookies.

Third-Party Services

• Supabase: database hosting, authentication, and storage. Supabase Privacy Policy
• Vercel: application hosting, deployment, analytics, and performance monitoring. Vercel Privacy Policy
• Stripe: payment processing for paid plans. Stripe Privacy Policy
• Sentry: error monitoring (no PII is sent to Sentry). Sentry Privacy Policy

Children's Privacy

MyDotPhrases is designed for licensed healthcare professionals. We do not knowingly collect data from individuals under 18.

Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top of this page reflects the most recent revision.

Contact

Questions about this privacy policy? Email us at privacy@mydotphrases.com.