PRIVACY & SECURITY
Your Data. Your Control. Zero Compromise.
CaptiVet is the only veterinary AI scribe with zero analytics, zero tracking, and zero advertising. We built privacy into every layer of our product — because your clinical data deserves the same protection as human medical records.
The Zero Policy
Most AI tools monetize your data in ways you never agreed to. We took the opposite approach.
Zero Analytics
We do not track how you use CaptiVet. No usage analytics, no behavioral tracking, no session recording, no feature usage metrics, no A/B testing on your workflow. We have no analytics dashboard because we collect no analytics data. Period.
Zero Tracking
No cookies. No advertising pixels. No Google Analytics. No Hotjar. No Mixpanel. No third-party tracking scripts of any kind. We do not know which pages you visit, how long you spend in the app, or what buttons you click. Your workflow is yours alone.
Zero Advertising
We will never sell your data to advertisers. We will never show you ads. We will never share your information with data brokers. Our only revenue comes from your subscription. That alignment of incentives is by design.
Encryption at Every Layer
Your data is protected whether it is sitting on a server, moving between systems, or displayed on your screen.
AES-256 at Rest
All stored data is encrypted with AES-256 — the same standard used by banks and government agencies. Even if storage were breached, your data would be unreadable.
TLS 1.3 in Transit
Every connection between your device, our servers, and API providers is encrypted with TLS 1.3 — the latest and most secure transport protocol available.
Clipboard Auto-Clear
When you copy a SOAP note to your clipboard, CaptiVet automatically clears it after 30 seconds. No clinical data lingers on your device where it could be accidentally pasted elsewhere.
Encrypted Audio Upload
Audio recordings are encrypted before upload to Cloudflare R2 storage. With BYOK enabled, audio is sent directly to Deepgram for transcription and never stored on our infrastructure at all.
BYOK: Your Keys, Your Data, Your Control
Bring Your Own Key is the most private way to use AI documentation. Here is how it works:
With BYOK enabled, you provide your own API keys for Deepgram (speech-to-text) and Google Gemini (SOAP note generation). When you record an appointment:
- Your audio goes directly from your device to Deepgram using your API key. CaptiVet orchestrates the request but never sees or stores the audio.
- The transcript goes directly to Google Gemini using your API key. CaptiVet sends the prompt structure but your clinical content flows device-to-API.
- The generated SOAP note appears in your app for review, editing, and export to your PIMS.
The result: CaptiVet never sees, stores, or has access to your audio recordings, transcripts, or SOAP notes. We handle authentication and workflow orchestration. Your clinical data stays between your device and the AI providers you pay directly.
This is not just a privacy feature — it is a fundamentally different architecture. Most AI scribes route all your data through their servers, store it, and may use it to train their models. With BYOK, that entire data pathway is eliminated.
What We Store vs. What We Don't
What We Store
- Account credentials (email address, hashed password)
- Subscription status and billing information
- App preferences and settings
- Your BYOK API key references (encrypted, never stored in plaintext)
This is the minimum data required to operate the service. Nothing more.
What We Don't Store (with BYOK)
- Audio recordings — sent directly to Deepgram
- Transcripts — generated by Deepgram, sent to Gemini
- SOAP notes — generated by Gemini, delivered to your device
- Patient data — names, conditions, treatments
- Client information — pet owner PII
- Usage analytics — we collect none
- Behavioral data — we track none
Compliance and Certifications
- SOC 2 Type II — Certification in progress. Our infrastructure and practices are being audited against the Trust Services Criteria for security, availability, and confidentiality.
- HIPAA-Aligned Practices — While veterinary data is not subject to HIPAA, we follow HIPAA-aligned security practices because we believe animal patient data deserves equal protection. This includes encryption at rest, encryption in transit, access controls, and audit logging.
- GDPR-Ready — Our data handling practices comply with GDPR requirements for users in the European Union, including data minimization, right to deletion, and explicit consent.
- Zero Data Harvesting Policy — We do not use your clinical data to train AI models, improve our product, or for any purpose other than delivering the SOAP note you requested. This is a contractual commitment, not just a policy.
How CaptiVet Compares on Privacy
Most veterinary AI scribes collect extensive data. We collect none.
| Privacy Feature | CaptiVet | Other AI Scribes |
|---|---|---|
| Tracks user behavior | No | Yes |
| Collects usage analytics | No | Yes |
| Third-party ad tracking | No | Common |
| BYOK option available | Yes | No |
| Data encryption standard | AES-256 | Varies |
| Clipboard auto-clear | 30 seconds | No |
| Uses your data to train AI | Never | Often |
Ready to Try the Privacy-First AI Scribe?
See how CaptiVet handles your data differently. Zero tracking, zero analytics, zero compromise.