Privacy Policy

• We collect what we need to run your account and generate care plans: your email, your sign-in info, the scenario fields you type, and the drafts you save.
• We do not handle PHI. Saffi is for fictional school scenarios only. The app blocks inputs that look like real-patient identifiers.
• We do not sell your data and do not use your inputs to train third-party AI models.
• We use a handful of named processors (auth, database, AI, email, payments, hosting) to run the service.

• Account data: email address, name (if you provide one), and authentication identifiers from our auth provider.
• Scenario data: the fictional patient scenario fields you fill in (chief complaint, vitals, meds, etc.) and the conversation history with Saffi tied to each draft.
• Plans and edits: care plan drafts saved to your library and any edits you make.
• Billing data: if you purchase a paid tier, Stripe collects payment-method details directly. We receive only the metadata needed to provision your tier (Stripe customer ID, receipt email, tier purchased, amount).
• Usage data: basic logs (timestamps, requested endpoints, error codes) for reliability and abuse prevention.
• Referrals: if you arrive via a referral link, a short-lived cookie attributes you to the inviter so we can credit them on launch day.

• No PHI.Saffi's scenario inputs block patterns that look like SSNs, phone numbers, or dates of birth. Do not enter real patient information; the service is for fictional educational scenarios only.
• No tracking pixels or advertising IDs. We do not run third-party ad networks on the site.
• No card data. Stripe handles payment-card data directly; we never see your card number.

• To create and maintain your account.
• To generate the care plan drafts you ask for and save them so you can come back to them.
• To process payments and provision the tier you bought.
• To send transactional email (welcome, receipt, support).
• To prevent abuse and keep the service reliable.

We use the following processors. Each receives only the data needed for its role.

• Clerk (authentication): email, sign-in credentials, session.
• Supabase (database, hosted on AWS): account records, scenarios, care plan drafts, waitlist entries.
• Anthropic(AI provider): the scenario you submit and the conversation context are sent to Anthropic to generate the care plan response. Anthropic's data-handling terms apply.
• Stripe (payments): name, email, payment-method data, billing address.
• Resend (email delivery): your email address and the contents of transactional emails we send you.
• Vercel (hosting): basic request logs.

We do not sell your personal information. We do not share it with advertisers. We only disclose information to government or legal authorities when required by valid legal process and, where permitted, we will notify you first.

• Account, scenarios, and drafts: kept while your account is active. Delete your account at any time to remove them.
• Billing records: kept as required by tax and accounting law (typically up to 7 years).
• Server logs: rotated within 30 days.

You can:

• Access a copy of the personal data we hold about you.
• Correct inaccurate data.
• Delete your account and associated data.
• Object to or restrict certain processing, where applicable under your local law (GDPR, CCPA).
• Lodge a complaint with your local data protection authority.

Email rnsaffi@gmail.com with any request. We respond within 30 days.

Saffi is intended for users 18 and older. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, email us and we will delete it.

We use only essential cookies: a sign-in session cookie (set by our auth provider) and a short-lived referral cookie (set if you arrive via a referral link). No analytics or advertising cookies.

We use TLS in transit, encrypted-at-rest storage on managed providers, and least-privilege access controls. No system is perfect; if we learn of a breach affecting your data, we will notify you and the appropriate authorities as required by law.

Our processors are based primarily in the United States. If you access Saffi from outside the US, your data will be transferred to and processed in the US under the safeguards each processor provides.

We may update this policy from time to time. Material changes will be announced by email or in-app at least 14 days before they take effect.

Privacy questions or requests: rnsaffi@gmail.com.