CalmGuide

Privacy Policy

Last updated March 27, 2026

1. Privacy at a Glance

CalmGuide is designed with privacy as a foundation — not an afterthought. Here is the short version:

  • Your patient's name is never sent to our servers — it stays in your browser only
  • Patient profiles are stored on our servers linked only to an access code, not to you
  • We do not require an account, email address, or any personal identifier
  • We use one functional cookie (theme preference) — no tracking or advertising cookies
  • Your conversations are processed by AI services (OpenAI and/or Anthropic) and are not used to train AI models

2. What We Collect

Patient Profile (server-side)

When you complete the profile setup, we store the following on our servers, linked only to your access code:

  • Disease stage and diagnosis
  • Behavioral patterns and triggers
  • Known calming strategies
  • Safety concerns and mobility notes
  • Communication preferences

This information is associated with an 8-character access code. We have no way to connect it to your identity.

A note on what to enter

We encourage you to use clinical and behavioral descriptions only — not personal identifiers. Profile fields are designed for information like “moderate Alzheimer’s, sundowning after 5pm” not names, dates of birth, or addresses.

Please avoid entering:

  • The patient's full name, date of birth, or home address
  • Medical record numbers, insurance IDs, or doctor names
  • Your own name, email, or contact information

The patient name field in the app is stored in your browser only and is never sent to our servers. However, any text entered into profile description fields is stored server-side linked to your access code. We cannot guarantee confidentiality of PII you choose to include in those fields.

Crisis Queries (transient)

When you use Crisis Mode, your description of the situation and the patient profile are sent to Anthropic's Claude API to generate guidance. We log a summary of the conversation (access code, timestamp, brief title) for conversation history. The full conversation content is not stored on our servers beyond what is shown in your history.

Technical Data

Standard server logs may include IP addresses, request timestamps, and HTTP status codes for operational and security purposes. This data is not used to identify or profile users.

3. What We Don't Collect

  • Your name or the patient's name — name is stored in your browser only, never sent to us
  • Email address — no account system exists
  • Payment or billing information — the service is free
  • Location data
  • Device identifiers or advertising IDs
  • Cross-site tracking data

4. How We Use Your Information

We use the information we collect solely to:

  • Retrieve your patient profile when you enter your access code
  • Inject the patient profile into AI prompts to generate personalized guidance
  • Display your conversation history on the home screen
  • Operate, maintain, and improve the security of the service

We do not sell, rent, or share your information with third parties for advertising, marketing, or any commercial purpose.

5. AI Processing

CalmGuide uses third-party AI services to generate guidance. The specific providers may change, but currently include:

  • OpenAI — for generating chat responses (Crisis Mode and Learn Mode) and for embedding your queries to retrieve relevant caregiving guidance
  • Anthropic (Claude) — available as an alternative provider for generating chat responses

What is sent to these services

When you use Crisis Mode or Learn Mode, the following may be sent to the active AI provider:

  • Your description of the current situation or your practice response
  • The patient's clinical profile (disease stage, behavioral patterns, etc.)
  • Relevant caregiving guidance retrieved from our knowledge base
  • A system prompt that defines how the AI should respond

The patient's name is not included in any data sent to these services.

Knowledge base (RAG)

To provide more accurate guidance, CalmGuide maintains a knowledge base of publicly available caregiving content from trusted sources including the Alzheimer's Association, Mayo Clinic, HelpGuide, Family Caregiver Alliance, and the CDC. When you submit a query, a short summary of your message is sent to OpenAI's embedding service to find relevant guidance from this knowledge base. This embedding request contains only your query text — not your patient profile or personal information.

AI provider privacy policies

These providers process data under their own privacy policies. Per their API terms, data submitted via their APIs is not used to train their models:

6. Cookies & Local Storage

Cookies

We use one cookie:

  • calmguide_theme — stores your display preference (light or dark mode). This is a functional cookie with no expiry for 1 year. It is not used for tracking.

We do not use analytics cookies, advertising cookies, or third-party tracking pixels.

Browser Local Storage

Your browser's local storage holds:

  • Patient name — stored locally so it can be displayed in the app. Never transmitted to our servers.
  • Access code— stored so you don't need to re-enter it on each visit.

You can clear this data at any time by clearing your browser's local storage or using your browser's privacy/incognito mode.

7. Data Retention & Deletion

Patient profiles are retained indefinitely while associated with an active access code. Since we cannot identify you, we cannot proactively delete your profile — but you can request deletion by providing your access code (see Your Rights).

Conversation history summaries are retained to support the home screen history feature. Server logs are retained for up to 30 days for operational purposes.

8. Data Security

We take reasonable steps to protect your information:

  • All data is encrypted in transit (HTTPS/TLS)
  • Patient profiles are stored in a database accessible only via authenticated API calls
  • Access codes are the sole credential linking a browser to a profile — there is no account to compromise

No system is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. The design of CalmGuide — no names, no emails, no accounts — limits the sensitivity of any data breach.

9. Your Rights

You have the right to:

  • Access — request the profile data associated with your access code
  • Correction — update your patient profile at any time via the app
  • Deletion — request deletion of the profile associated with your access code

Because we have no way to verify your identity, deletion requests require you to provide your access code. Contact us at the email below with your request.

10. Children's Privacy

CalmGuide is intended for adult caregivers (18+). We do not knowingly collect information from anyone under 18. If you believe a minor has used the service, contact us and we will delete the associated data.

11. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page reflects the most recent revision. Continued use of the service after changes constitutes acceptance.

For significant changes we will update the date prominently. We encourage you to review this policy periodically.

12. Contact Us

For privacy questions, data access or deletion requests, or any concerns about how we handle your information:

[email protected]

See also our Terms of Service.

Terms of ServicePrivacy Policy