VetScribeBack to app →

Privacy & Data Security

How VetScribe handles your data

The Short Version

  • Your data is stored in a secure cloud database (PostgreSQL hosted by Supabase)
  • Audio recordings are automatically deleted after 30 days
  • All data is encrypted in transit using HTTPS/TLS
  • Each user can only access their own visits
  • We use third-party AI services to transcribe audio and generate notes — your data is sent to these services for processing (details below)
  • Veterinary records are not subject to HIPAA (which covers human health records) — we take your data security seriously regardless

How Your Data Is Stored

Database: Visit records, transcripts, SOAP notes, and account information are stored in a PostgreSQL database hosted by Supabase, a managed cloud platform.

Audio recordings: Uploaded to cloud object storage (Supabase Storage). A daily cleanup job automatically deletes recordings older than 30 days. Your transcript and SOAP notes remain available after the audio is deleted.

Web app: Hosted on Vercel, a US-based cloud platform with automatic HTTPS.

Encryption & Security

All communication between your device and VetScribe is encrypted using HTTPS/TLS — the same encryption standard used by banks and other secure services.

On mobile, your login credentials are stored using your device’s secure keychain (iOS Keychain / Android Keystore), which provides hardware-level protection.

Audio uploads use time-limited signed URLs that expire shortly after use, so files can only be uploaded through VetScribe.

Data at rest is protected by the default encryption provided by our cloud infrastructure providers.

Third-Party Services

VetScribe uses the following third-party services to process your data. We want to be transparent about exactly what each service receives.

Deepgram (Speech-to-Text)

Data sent: Raw audio recordings of your consultations

Purpose: Converts speech to text (transcription)

View their privacy policy →

Anthropic — Claude AI (Note Generation)

Data sent: Transcript text (not audio)

Purpose: Generates SOAP notes, discharge summaries, and processes refinement requests

Anthropic does not use data sent through their API to train models.

View their privacy policy →

Twilio (Phone Calls)

Data sent: Phone numbers and call audio

Purpose: Connects and records phone consultations (only used if you use the call feature)

View their privacy policy →

Supabase (Database & Storage)

Data sent: All visit data, transcripts, SOAP notes, audio recordings, and account information

Purpose: Provides database hosting and file storage

View their privacy policy →

Access Control

Every request to VetScribe is authenticated — your identity is verified using a secure token on every single API call.

You can only see your own visits. Each database query includes an ownership check to ensure you cannot access another user’s data.

A small number of admin accounts can view visit data for technical support and troubleshooting purposes.

Sharing

When you create a share link for a visit, a unique random token is generated. Anyone with the link can view the patient information, SOAP note, and transcript for that visit.

Share links do not currently expire — if you share a link, it will remain accessible. Be thoughtful about what you share and who you share it with.

Data Retention & Deletion

Audio recordings: Automatically deleted after 30 days. Once deleted, the audio cannot be recovered, but the transcript and SOAP notes remain available.

Visit records: Transcripts, SOAP notes, and patient information are retained as long as your account is active.

Account deletion: If you want your account and all associated data deleted, please contact us at support@vetscribe.app. Self-service data deletion is on our roadmap.

A Note About HIPAA

HIPAA (the Health Insurance Portability and Accountability Act) is a US federal law that applies to human health records. Veterinary medical records are not subject to HIPAA. They are governed by state veterinary practice acts, which vary by state.

VetScribe does not currently hold SOC 2, HIPAA, or GDPR certifications. While these are not required for veterinary software, we believe your patients’ records deserve strong protection and we apply reasonable security measures to safeguard your data.

Last updated: March 2026

Questions about your data? Contact us at support@vetscribe.app