Back to Home

Privacy Policy

Last updated: March 14, 2026

HelperCraft.ai ("HelperCraft," "we," "us," or "our") is committed to protecting the privacy of our clients and their patients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.

1. Information We Collect

Information You Provide

  • Contact information (name, email address, phone number, practice name) submitted through our contact form
  • Business information related to your medical or dental practice during onboarding
  • Communications you send to us via email or other channels

Information Collected Automatically

  • Device and browser information (browser type, operating system, screen resolution)
  • Usage data collected through privacy-first, cookie-free analytics that does not track individuals across sites
  • IP addresses (processed for security and fraud prevention)

2. How We Use Your Information

  • To respond to inquiries and provide requested services
  • To onboard your practice and configure AI automation systems
  • To improve our website and services
  • To send relevant service communications
  • To protect against fraudulent or unauthorized activity

3. Patient Data

When providing AI automation services to your practice, we may process patient communications on your behalf. In this capacity, we act as a Business Associate under HIPAA. All patient data is handled in accordance with our HIPAA Compliance Policy and applicable Business Associate Agreements.

We do not sell, rent, or share patient data with third parties for marketing purposes. Patient data is used solely to deliver the services contracted by your practice.

4. Google API Services — Gmail User Data

HelperCraft.ai integrates with Google API Services, specifically the Gmail API and Google Calendar API, to provide email automation and scheduling features for your practice. This section describes how we handle data obtained through Google APIs.

What Google User Data We Access

When you connect your Google account, we may access the following data depending on the scopes you authorize:

  • Gmail messages and message metadata (sender, recipient, subject, date, labels) for the purpose of reading, drafting, and sending patient communications on your behalf
  • Google Calendar events and availability for the purpose of scheduling and managing patient appointments

How We Use Google User Data

  • To read incoming patient emails and route them through our AI triage and draft-response system
  • To draft and, when authorized, send email replies to patient inquiries on behalf of your practice
  • To read calendar availability and create, update, or cancel appointments as directed by your practice

We do not use Google user data for any purpose other than providing and improving the user-facing features described above.

Storage of Google User Data

Google user data processed by our systems is handled in memory during active processing and may be temporarily cached in encrypted storage on HIPAA-compliant infrastructure to fulfill the requested operation. We do not permanently store the full contents of your Gmail messages or calendar events beyond what is necessary to deliver our services. Cached data is automatically purged according to our data retention schedule.

Sharing of Google User Data

We do not sell, rent, or share Google user data with third parties for marketing, advertising, or any unrelated purpose. Google user data may only be shared with:

  • HIPAA-compliant sub-processors that are strictly necessary to provide the services described above, under binding data processing agreements
  • Law enforcement or regulatory bodies when required by applicable law

Google API Services Limited Use Disclosure

HelperCraft.ai's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use data obtained via Google APIs to provide or improve user-facing features that are prominent in HelperCraft.ai's user interface.
  • We do not transfer Google user data to third parties unless it is necessary to provide or improve these user-facing features, the transfer is with the user's consent, it is necessary for security purposes (e.g., investigating abuse), or it is required to comply with applicable law.
  • We do not use or transfer Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
  • We do not allow humans to read Google user data unless we have obtained the user's affirmative agreement to view specific messages or data, it is necessary for security purposes (e.g., investigating a bug or abuse), it is necessary to comply with applicable law, or the data is aggregated and anonymized for internal operations in accordance with applicable privacy requirements.

Revoking Access to Google Data

You may revoke HelperCraft.ai's access to your Google account at any time through your Google Account permissions settings. You may also contact us at privacy@helpercraft.ai to request deletion of any Google user data we have stored. Upon revocation or deletion request, we will promptly remove all cached Google user data from our systems, except where retention is required by law.

5. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS/SSL) for all data transmissions
  • Deployment on HIPAA-compliant cloud infrastructure with built-in DDoS protection
  • Access controls and authentication for all administrative systems
  • Regular security assessments and monitoring

6. Third-Party Services

We use the following third-party services that may process your data:

  • HIPAA-compliant cloud infrastructure providers for hosting and data processing
  • HIPAA-eligible AI model services for processing practice communications (under strict data processing agreements)
  • Email and calendar integration services for practices using Gmail or other providers

A detailed list of subprocessors is available upon request.

7. Data Retention

We retain contact form submissions for as long as necessary to fulfill the purposes for which they were collected. Practice and patient data is retained in accordance with the terms of our service agreements and applicable legal requirements.

8. Your Rights

You have the right to:

  • Request access to the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Withdraw consent where processing is based on consent
  • Revoke HelperCraft.ai's access to your Google account data via your Google Account permissions settings

To exercise any of these rights, contact us at privacy@helpercraft.ai.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, contact us at privacy@helpercraft.ai.