Privacy Policy

1. Who We Are

MindBridge Technologies LLC provides HIPAA-first clinical documentation, practice management, telehealth, patient portal, form, billing, and AI-assisted workflow tools for behavioral health professionals. Our products include MindBridge CRM and MindBridge Lite.

2. Information We Collect

• Account information, including name, email address, organization name, and professional profile details supplied by the clinician.
• Clinical and practice data entered by authorized users, which may include protected health information handled under HIPAA and the Business Associate Agreement.
• Usage, device, audit, and security telemetry needed to operate, secure, and improve the service.
• Google user data only when a clinician chooses to connect Google Calendar or Gmail send workflows.

3. How We Use Information

• Provide and maintain the MindBridge Lite service.
• Support scheduling, documentation, telehealth, forms, billing, and patient portal workflows.
• Generate clinician-reviewed SAGE decision-support drafts and summaries.
• Operate security, audit, compliance, support, and account administration processes.

4. Google User Data

MindBridge uses Google user data only to provide the Google-connected feature the clinician activates. Calendar access is used for scheduling and availability workflows. Gmail send access is used only to send clinician-approved outbound messages. MindBridge does not sell Google user data, does not use Google user data for advertising, and does not use Google user data to train AI models.

5. AI Processing and Data Safety

SAGE is clinical decision support. Clinicians review and approve outputs before use. AI prompts and responses are routed through server-side governance controls. MindBridge does not train AI foundation models on customer clinical data.

6. Sharing

We do not sell personal information. We share data only with service providers needed to operate MindBridge, with the clinician's organization as configured by that organization, or when required by law. HIPAA-covered information is handled under the Business Associate Agreement.

7. Security and Retention

MindBridge uses encryption in transit, encryption at rest, tenant isolation, role-based access control, audit logging, and operational safeguards. Clinical record retention follows contractual, legal, HIPAA, and state-law requirements.

8. Your Rights and Choices

You may request access, export, correction, deletion, or privacy support by contacting us. Clinician customers can disconnect Google integrations in Settings or revoke access from their Google Account.

9. Contact

Privacy questions: privacy@mindbridgecrm.com. General support: info@mindbridgecrm.com.