Privacy Policy
Contents
- Information We Collect
- How We Use Information
- Third-Party Service Providers
- Speech to Text API
- AI Model Processing
- Cloud Infrastructure
- Subscription & Billing
- Independent Platform Policies
- Subprocessor Updates
- International Transfers
- Account Deletion
- How We Share Information
- AI & Automated Processing
- Data Retention
- Data Deletion Requests
- Data Security
- Your Privacy Rights
- Children's Privacy
- International Users
- Third-Party Links
- Changes to This Policy
- California Privacy (CCPA/CPRA)
- California Privacy Notice
- Do Not Track Signals
- AI Disclosures & Governance
- Contact Us
This Privacy Policy describes how Bonner Veterinary Media LLC and its subsidiaries and affiliates ("Bonner," "us," "we," or "our") may collect, use, and share your personal information in connection with our website at www.woofnote.com and any other websites we own and operate that link to this Privacy Policy (collectively, the "Site") together with our web-based application, mobile application, products, services, social media pages, events, emails, and other electronic communications (collectively, the "Services"), and the choices you have with respect to your personal information. Bonner is based in Alabama, United States.
1. Information We Collect
A. Audio Recordings and Conversation Data
- Recorded veterinary exam conversations
- Transcriptions of recorded audio
- Generated outputs (SOAP notes, dental charts, lab interpretations, discharge instructions)
- Metadata related to recordings (timestamps, session identifiers)
B. Veterinary Clinical Data
- Veterinary practice details and role
- Email address
- Animal health information, medical histories, diagnoses, treatment plans
- Lab results and interpretations
- Clinical observations documented during exams
C. Pet Owner and User Information
- Name, email address, phone number
- Account credentials
- Communication preferences
D. Payment and Subscription Information
- Billing details and transaction history
- Subscription status and plan details
- Payment processing is handled by Stripe (we do not store full payment card numbers)
E. Device and Usage Information
- IP address, browser type, operating system
- Usage logs and interaction data
- Performance and diagnostic data
2. How We Use Information
A. Provide and Operate the Service
- Deliver AI-powered veterinary documentation tools
- Process and store exam recordings and outputs
- Maintain user accounts and system functionality
B. AI Response Generation
Bonner's AI feature transcribes audio recordings and clinical inputs of veterinary exams using speech-to-text, then analyzes the transcript to generate structured SOAP notes, dental findings, lab interpretations, and client summaries. It also powers a compliance checker that audits notes against AVMA medical record standards. Bonner redacts identifying information (owner names, emails, addresses) before sending transcripts for AI processing.
C. Subscription Management
- Process payments and manage billing
- Administer subscriptions and renewals
D. Improve and Maintain the Service
- Monitor system performance and reliability
- Train and refine internal models and workflows (using de-identified or aggregated data where feasible)
E. Security and Fraud Prevention
- Detect unauthorized access or misuse
- Prevent fraud and abuse of the platform
F. Customer Support
- Respond to inquiries and technical issues
- Provide onboarding and user assistance
G. Legal and Compliance
- Comply with applicable laws and regulations
- Enforce terms of service and contractual obligations
3. Third-Party Service Providers and Data Processors
We engage third-party vendors to support our operations. These providers process data on our behalf under contractual obligations that include confidentiality and data protection requirements. Categories include:
- AI processing providers
- Cloud hosting and infrastructure providers
- Payment processors
- Analytics and monitoring tools
4. Speech to Text API
All audio recordings are processed using third-party speech-to-text technology provided by Deepgram, including its Nova-3 Medical model, which converts audio into text transcripts.
5. AI Model Processing
Bonner uses third-party AI models, including Google's Gemini API, to process and generate outputs. The Services may transmit inputs (audio, transcripts, clinical data). We implement safeguards to minimize unnecessary data exposure.
AI Output Limitations
- AI-generated content may contain inaccuracies or omissions
- Outputs are intended to assist veterinary professionals — not replace clinical judgment
- Users are responsible for reviewing and verifying all generated content before use
6. Cloud Infrastructure and Hosting
We use cloud service providers, including Supabase and Amazon Web Services (AWS), to store and process data. Data is stored in secure cloud environments. Infrastructure providers may process data as part of hosting and system operations. We implement access controls and encryption safeguards.
7. Subscription Management and Billing
All payment processing services connected with your use of the Services are provided to you by Stripe, a third-party payment processor. We accept payment from users in the form of credit cards. Stripe independently collects and processes payment data for the web-based version of our software. WoofNote does not store any credit card or banking information. We are not responsible nor have any liability if you suffer any damages of any kind from your use of the products and services offered by Stripe. You agree that you are subject to the terms and conditions and privacy policies of Stripe: stripe.com/legal/consumer and stripe.com/privacy.
We may also store your billing address to calculate any sales tax due in the United States, to maintain records that may be used for investigations of potentially fraudulent credit card transactions, and to print on your invoices. We may collect commercial information such as your purchase history, including records of products or services you have purchased, provided, returned, or are considering purchasing from us.
8. Independent Platform Policies
Third-party services integrated into Bonner operate under their own privacy policies. We are not responsible for their independent practices.
9. Subprocessor Updates
We may update our list of subprocessors from time to time. Continued use of the Service constitutes acceptance of such updates.
10. International Transfers
The Services are only available in the United States. We implement safeguards for cross-border transfers where required. By using the Service, you consent to such transfers.
11. Account Deletion and Data Deletion Requests
You may delete your account at any time directly in the app under: Settings → Delete Account.
When you delete your account: your profile will be removed, your conversation history will be deleted or de-identified, and your preferences will be removed.
11.1 Exceptions (Required Retention)
We may retain limited information where necessary for: legal compliance, fraud prevention, dispute resolution, billing verification, and backup and recovery systems. We will handle retained information in accordance with this Privacy Policy.
Important: You must cancel through the WoofNote app/settings or through Stripe's customer portal.
12. How We Share Information
We may share information in the following circumstances:
A. Service Providers
With vendors who assist in operating the Service.
B. AI and Infrastructure Providers
With Gemini API and AWS for processing and hosting.
C. Analytics and Performance Providers
To monitor and improve system functionality.
D. Legal Requirements
When required by law, subpoena, or regulatory request.
E. Business Transfers
In connection with mergers, acquisitions, or asset sales.
F. Protection of Rights
To protect the rights, safety, and integrity of Bonner, users, or others.
13. AI and Automated Processing Disclosure
Bonner uses automated systems to process and generate veterinary documentation. Decisions are not made solely by AI without human review. Outputs are assistive tools for licensed professionals. Users retain full responsibility for final clinical documentation.
14. Data Retention
We retain Personal Data as follows:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account & Profile Data | Subscription Term + 3 years | Contract / Legal Obligation |
| Veterinary Clinical Data & AI Outputs (exam recordings, SOAP notes, dental charts, lab interpretations, WoofPlans) | Subscription Term + 3 years | Contract |
| Audio Recording Data | 180 days from recording | Consent / Legitimate Interest |
| Payment Transaction Records | 7 years from transaction | Legal Obligation (tax / audit) |
| Usage & Analytics Logs | 2 years | Legitimate Interest |
| Support Communications | 3 years from close of inquiry | Legitimate Interest |
| AI Model Inputs & Outputs (Deepgram, Gemini API) | Not retained beyond session; governed by third-party API terms | Third-Party Processor Policy |
After expiry of the applicable retention periods, your personal information will be deleted or anonymized. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data. In some cases, we may retain certain information (e.g., insights about Services use) in a depersonalized or aggregated form.
15. Account Deletion and Data Deletion Requests
Users may request: account deletion and deletion of stored recordings and data. Requests can be submitted via the contact information below.
Exceptions (Required Retention)
We may retain certain data where necessary to: comply with legal obligations, resolve disputes, and enforce agreements.
16. Data Security
We implement reasonable administrative, technical, and physical safeguards, including:
- Encryption in transit (TLS)
- Encryption at rest
- Access controls and authentication measures
- Monitoring for unauthorized access
No system is completely secure, and we cannot guarantee absolute security.
17. Your Privacy Rights
Depending on your location, you may have rights to: access personal information, correct inaccurate data, request deletion, restrict or object to processing, and data portability. Requests can be submitted at support@woofnote.com.
18. Children's Privacy
Bonner is not intended for use by individuals under the age of 13. We do not knowingly collect personal information from children.
19. International Users
If you access the Service from outside the United States, you acknowledge that your information may be transferred to and processed in the U.S.
20. Third-Party Links and Services
The Service may contain links to third-party websites or services. We are not responsible for their privacy practices.
21. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Updates will be posted with a revised "Last Updated" date.
22. California Privacy Disclosures (CCPA/CPRA)
California residents have the right to: know what personal information is collected and how it is used, request deletion of personal information, correct inaccurate information, and opt out of certain data sharing practices. We do not sell personal information as defined under California law.
23. California Privacy Notice (CCPA/CPRA)
Categories of Information Collected
- Identifiers (name, email)
- Commercial information (subscriptions)
- Internet activity (usage data)
- Professional information (veterinary practice details)
Purposes
- Service delivery
- Analytics
- Security
- Legal compliance
If you wish to have Bonner not sell your personal information to a third party, please email us at: support@woofnote.com.
24. Do Not Track Signals
Bonner does not currently respond to browser "Do Not Track" signals.
25. AI Disclosures and Disclaimers
The Services use artificial intelligence technologies to generate responses and insights. AI systems may produce inaccurate outputs, may rely on probabilistic models, and should not be relied upon as professional advice. Users remain responsible for decisions made based on AI-generated content.
Artificial Intelligence Governance and State Law Compliance
We design and operate our artificial intelligence systems with consideration for emerging state and federal laws governing artificial intelligence systems, automated decision-making, and consumer protection. These laws may include, among others: the Colorado Artificial Intelligence Act (SB 205), the California Generative AI Training Data Transparency Law (AB 2013), the California Transparency in Frontier Artificial Intelligence Act (SB 53), and the California AI Transparency Act and related amendments.
Colorado Artificial Intelligence Act Compliance
The Colorado Artificial Intelligence Act establishes requirements for developers and deployers of certain "high-risk" artificial intelligence systems used in consequential decision-making. Where applicable, we implement reasonable governance practices designed to align with the principles of this law, including responsible AI development, risk management and documentation, consumer transparency, and human oversight.
California Artificial Intelligence Transparency Compliance
California has enacted multiple laws intended to increase transparency around artificial intelligence systems. Where required by applicable law, we provide disclosures informing users that the Services use artificial intelligence technologies, that users may interact with AI-generated content, and that AI outputs may not always be accurate or complete. Because we use third-party AI model providers, training data disclosures are typically provided by those model developers.
New York Artificial Intelligence and Automated Decision-Making Compliance
New York has introduced and is actively developing laws and regulations governing artificial intelligence systems. Where applicable, we align our practices with these requirements, including bias audits, candidate and user notice, and transparency requirements. We monitor ongoing legislative and regulatory developments in New York and may update our practices to align with new requirements as they become effective.
AI-Generated Content Identification
Certain jurisdictions may require AI-generated content to include disclosures or provenance signals indicating that content was generated using artificial intelligence. Where applicable and technically feasible, we may implement mechanisms designed to identify or disclose AI-generated outputs.
Algorithmic Fairness and Non-Discrimination
We seek to design AI systems consistent with widely recognized responsible AI principles, including fairness and non-discrimination, transparency, reliability, security, and human oversight. Our systems are intended to assist users by providing informational analysis and educational insights, not automated decision-making affecting legal rights.
Regulatory Updates
Artificial intelligence regulation continues to evolve rapidly across U.S. states and internationally. We may update our AI governance practices, disclosures, and policies as new laws or regulations take effect.
AI Governance Framework
Our internal AI governance practices may include: evaluation of third-party AI providers, monitoring for misuse of AI systems, testing and monitoring of AI outputs, responsible AI development practices, and internal policies governing AI deployment. These practices are intended to support the responsible development and operation of AI-enabled services.