← Back to Practice Voice

Privacy Policy

Last updated: February 19, 2026

Practice Voice ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your information when you use the Practice Voice platform. By using our services, you consent to the practices described below.

1. Information We Collect

Account information. When you create an account, we collect your name, email address, and password (stored as a secure hash).

Practice information. During onboarding, we collect professional details including your credentials, practice name, specialties, therapeutic modalities, city, state, target audience, and optional "about me" text. This information is used to generate your website content.

Website content. We store all content on your website, including AI-generated text, uploaded images (headshot, office photos), and any edits you make.

Payment information. When you subscribe, payment is processed by Stripe. We store your Stripe customer ID and subscription ID but do not store credit card numbers or bank details on our servers. See Stripe's privacy policy for how they handle payment data.

Usage data. We automatically collect basic technical data needed to operate the service, such as IP addresses (for rate limiting and security), browser type, and access timestamps.

Contact form submissions. When visitors submit contact forms on websites built with Practice Voice, we collect the visitor's name, email, phone number (optional), and message. This data is stored on behalf of the website owner (the therapist).

2. How We Use Your Information

We use the information we collect to:

  • Create and maintain your account
  • Generate personalized website content using AI
  • Host and publish your website
  • Process subscription payments
  • Send transactional emails (account verification, password reset, payment notifications)
  • Deliver contact form submissions from visitors to the respective therapist
  • Prevent abuse through rate limiting and security measures
  • Improve and maintain the Platform

We do not sell your personal information. We do not use your data for advertising purposes.

3. AI Content Generation

Your practice information is sent to OpenAI's API to generate website content. This includes your specialties, modalities, tone preference, location, and about-me text. OpenAI processes this data according to their API data usage policy. We do not send your email, password, payment information, or contact form submissions to AI services.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Vercel — hosting and deployment
  • Neon — PostgreSQL database hosting
  • Stripe — payment processing
  • Resend — transactional email delivery
  • OpenAI — AI content generation
  • Vercel Blob — image storage

Each service operates under its own privacy policy. We select providers with strong security and data protection practices.

5. Cookies and Local Storage

We use essential cookies required for the Platform to function, including authentication session cookies. We do not use tracking cookies, advertising cookies, or third-party analytics. No cookie consent banner is needed as we only use strictly necessary cookies.

6. Data Security

We implement appropriate measures to protect your data, including:

  • Passwords are hashed using bcrypt and never stored in plain text
  • All data is transmitted over HTTPS (TLS encryption)
  • Database access is restricted and encrypted at rest
  • Rate limiting is applied to prevent brute-force attacks
  • Payment data is handled entirely by Stripe (PCI DSS compliant)

No system is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security of your data.

7. Data Retention

We retain your account and website data for as long as your account is active. If you delete your account, your personal data, website content, and contact form submissions are permanently removed from our systems. We may retain anonymized, aggregated data that cannot identify you for analytics purposes.

8. Contact Form Data

When visitors submit contact forms on therapist websites built with Practice Voice, we act as a data processor on behalf of the therapist (the data controller). The submission data is stored securely and shared only with the respective therapist via email notification. Contact forms include a visible warning that they should not be used to transmit confidential health information.

9. Your Rights

You have the right to:

  • Access your personal data stored in our systems
  • Correct inaccurate information through your account settings or by contacting us
  • Delete your account and all associated data through the Settings page
  • Export your website content at any time
  • Withdraw consent by closing your account

To exercise any of these rights, use the in-app settings or contact us at the email address below.

10. Children's Privacy

The Platform is intended for use by licensed professionals who are at least 18 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child has provided us with personal information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Platform. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at admin@practicevoice.com.