Privacy Policy
Last updated: January 2026
Our Commitment to Your Privacy
SendHEP is built by healthcare professionals who understand the importance of data privacy. We've designed our system to minimize data collection while maximizing usefulness for clinicians.
What We Collect
Account Information
Email address and password (encrypted) for authentication purposes.
Exercise Programs
The exercise content you create, stored to enable sharing via link.
Usage Data
Basic analytics to improve the service (e.g., program creation counts).
What We Do NOT Collect
- ✓ No Client PHI: Client identifiers you enter stay on YOUR device only. They are never transmitted to our servers.
- ✓ No Client Names: Share links contain only exercise data, not client information.
- ✓ No Tracking Cookies: We don't use advertising cookies or sell your data.
HIPAA Considerations
SendHEP is designed to be HIPAA-friendly by not storing Protected Health Information (PHI) on our servers. Client identifiers remain in your browser's local storage only. The shareable exercise program links contain no client-identifiable information.
However, as a healthcare provider, you are responsible for ensuring your use of any tools complies with your organization's HIPAA policies and procedures.
Data Storage & Security
Your account and program data is stored securely using Supabase, which provides enterprise-grade security including encryption at rest and in transit. Our servers are located in the United States.
Your Rights
You can export your data, delete your account, or request information about what we store at any time by contacting us at support@sendhep.com.
Changes to This Policy
We may update this policy from time to time. Significant changes will be communicated via email or in-app notification.
Contact Us
Questions about privacy? Email us at support@sendhep.com.