Privacy Policy

Last updated: February 26, 2026

1. Introduction

ButterNote ("we," "our," or "us") is committed to protecting your privacy and the privacy of your patients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web dashboard (collectively, the "Service").

We designed ButterNote with privacy as a core principle. Patient health information (PHI) is processed locally on your device and never transmitted to our servers in identifiable form.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address and authentication credentials when you create an account.
  • Profile Information: Professional information you choose to provide, such as your name and medical specialty.

2.2 Information Processed Locally

  • Audio Recordings: Patient encounter recordings are processed entirely on your device using on-device AI. These recordings never leave your device.
  • Transcriptions: Speech-to-text conversion happens locally using Whisper AI. Raw transcriptions containing PHI remain on your device.
  • Patient Health Information: Any PHI in your notes is automatically detected and redacted before any data leaves your device.

2.3 Information Synced to Cloud

  • De-identified Notes: Only notes that have been automatically de-identified (PHI redacted) are synced to our secure cloud servers.
  • Usage Analytics: Anonymous usage statistics to improve the Service (e.g., feature usage, crash reports).

3. How We Use Your Information

  • To provide and maintain the Service
  • To sync your de-identified notes across devices
  • To authenticate your account
  • To send important service notifications
  • To improve and optimize the Service
  • To respond to your inquiries and support requests

4. Data Security

We implement robust security measures to protect your information:

  • On-Device Processing: PHI is processed locally and never transmitted to external servers.
  • Encryption: All data transmitted to our servers is encrypted using TLS 1.3.
  • Secure Storage: Cloud data is stored in encrypted databases with strict access controls.
  • Automatic Redaction: Our AI automatically detects and redacts PHI before cloud sync.

5. HIPAA Compliance

ButterNote is designed with HIPAA principles in mind. By processing PHI entirely on-device and only syncing de-identified data, we minimize the risk of PHI exposure. However, as a healthcare professional, you are responsible for:

  • Reviewing all notes before finalizing them
  • Ensuring PHI redaction is complete before syncing
  • Maintaining appropriate device security (passcode, biometrics)
  • Complying with your organization's policies regarding mobile device usage

6. Data Retention

  • On-Device Data: Audio recordings, raw transcriptions, and unredacted notes remain on your device until you delete them.
  • Cloud Data: De-identified notes are retained in the cloud until you delete them or close your account.
  • Account Deletion: Upon account deletion, all associated cloud data is permanently removed within 30 days.

7. Third-Party AI Processing

ButterNote uses OpenAI's API to generate clinical notes from your transcripts. Before any transcript data is sent to OpenAI:

  • All patient health information (PHI) is automatically detected and removed on your device, including patient names, dates of birth, phone numbers, Social Security numbers, medical record numbers, and other identifiers.
  • Only the de-identified transcript is transmitted to OpenAI for note generation.
  • Your original audio recordings and raw transcripts are never sent to OpenAI or any external service.
  • You must provide explicit consent in the app before any data is sent to OpenAI for the first time.

OpenAI processes this de-identified data solely to generate your clinical note and does not use it to train their models. For more information, see OpenAI's privacy practices.

8. Data Sharing

We do not sell your personal information. We may share information only in the following circumstances:

  • AI Note Generation: De-identified transcript data is sent to OpenAI to generate clinical notes, as described in Section 7 above.
  • Service Providers: With trusted third parties who assist in operating our Service (e.g., cloud hosting), bound by confidentiality agreements.
  • Legal Requirements: If required by law, subpoena, or government request.
  • Safety: To protect the rights, safety, or property of ButterNote, our users, or others.

9. Your Rights

You have the right to:

  • Access and download your data
  • Correct inaccurate information
  • Delete your account and associated data
  • Opt out of non-essential communications
  • Request information about our data practices

10. Children's Privacy

The Service is intended for healthcare professionals and is not directed to individuals under 18. We do not knowingly collect information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@butternote.com