Privacy Policy

FeelGuide is a professional referral network operated by FeelGuide, Inc. This Policy explains what information we collect when you use the FeelGuide website, mobile applications, and related services (the “Platform”), how we use it, who we share it with, and the choices you have. It applies to clinicians, affiliate specialists, and supporters with FeelGuide accounts, and to visitors to our marketing pages.

If a section of this Policy conflicts with a separate agreement we have signed with you (e.g., a Data Processing Addendum), the separate agreement controls for that subject.

FeelGuide is not a HIPAA covered entity, and we are not your HIPAA Business Associate. We are a directory and a peer-to-peer professional network — not an EHR, telehealth provider, or scheduling/billing platform for clinical care.

The Platform is not designed to receive identifiable Protected Health Information (PHI), and you are contractually responsible (under our Terms) for not putting it there. Do not include client names, addresses, dates of birth, identifying photographs, or any other identifiers in your profile, in messages, in posts, or in files you upload to the Faye assistant. The Referral Board passes posts through an AI screen that flags suspected PHI; this is a backstop, not a substitute for your own redaction.

If you choose to use FeelGuide in a way that involves PHI despite this guidance, you do so under your own HIPAA compliance program — we have not signed a Business Associate Agreement with you and our processors have not signed one with us for FeelGuide use.

We collect three categories of information:

• Information you give us. Identity and contact details (legal name, professional name, email, phone, password, profile photo, video introduction); professional credentials (license number, license type, license state, NPI, profession, supervisor credentials for pre-licensed accounts, professional bio); practice information (office address, city, state, ZIP, derived latitude/longitude, telehealth flag, accepting-new-clients flag, session rates, insurance panels, capacity); preferences (specialties, modalities, age groups served, communities served, languages); content you post (Referral Board posts, events, listings, messages to other users); files you upload to Faye (PDFs, CSVs, business-card images, screenshots); billing details collected by Stripe (we receive subscription status and the last four digits of your card — never the full card number).
• Information we generate. Verification results from state-board scrapers (currently for FL, PA, OH, NJ, MI, OR, CT, WI, IN, MO, CA, IL, LA, and VA, with more to come), NPI cross-checks, peer-vouching outcomes, admin review notes, your Rapport Score (derived from verification, completeness, endorsements, and activity), referrals sent and received, message activity, sign-in events, and last-login timestamps.
• Information collected automatically. Device, browser, and operating system; IP address; approximate geolocation derived from IP; pages visited and features used; cookies and similar technologies described in Section 10.

We do not intentionally collect information from anyone under 18. If we learn we have, we delete it.

We use your information to:

• Operate the Platform — create and authenticate your account, deliver search and directory results, route referrals and messages, run the Rapport Score, the Referral Board PHI screen, and the Faye assistant.
• Verify credentials — query state-board portals, the NPI registry, and peer-vouching networks against the license information you give us.
• Secure the Platform — detect abuse, prevent fraud, enforce our Terms, respond to security incidents, send security alerts and verification codes.
• Communicate with you — send transactional email and in-app notifications (required for service), and send marketing email (digests, announcements, partner programs) you have not opted out of.
• Bill paid subscriptions through Stripe and reconcile comped or trial access.
• Improve the Platform — analyze aggregate usage, debug, and develop new features. We do not use the content of your private messages, the contents of files you upload to Faye, or your account profile to train third-party AI models.
• Comply with law — respond to lawful requests, exercise legal rights, and protect users and the public.

Under GDPR/UK GDPR, our lawful bases are contract (operating your account), legitimate interests (security, abuse prevention, product improvement, B2B marketing of our own service), legal obligation (recordkeeping and lawful requests), and consent (where required, including for marketing where opt-in is the legal standard).

We do not sell your information and we do not share your phone number with any outside party for marketing. We share information only as follows:

• With other FeelGuide users — your public profile (name, credentials, profession, photo, city/state, specialties, listings) is visible to other users on the network. Messages you send are visible to their recipients. Referral Board posts are visible to all eligible users.
• With service providers (subprocessors) — each is contractually limited to using information only to provide its service to us:
  • Supabase — database, authentication, file storage.
  • Vercel — web and API hosting.
  • Twilio — SMS for two-factor authentication and account recovery.
  • Postmark — transactional and marketing email delivery.
  • Stripe — payment processing and subscription management.
  • Anthropic (Claude) — AI processing for the Faye assistant, the Referral Board PHI screen, and other AI features. Files you upload to Faye are sent to Anthropic for OCR and entity extraction. We do not retain those files in our database after extraction, and under our agreement with Anthropic for API use, Anthropic does not use them to train its models. Anthropic may retain content briefly for safety screening as described in their API terms.
  • Verification sources — public state-licensing boards, the NPI registry, and similar professional registries. These are public databases; queries are read-only and outbound.
  • Analytics and error monitoring — limited operational telemetry (e.g., Vercel Analytics, error logs) configured to exclude private content where reasonably possible.
• For legal reasons — to comply with valid legal process (subpoena, court order, warrant), to enforce our Terms, to investigate fraud or abuse, or to protect the rights, safety, or property of FeelGuide, our users, or the public.
• For business transfers — in connection with a merger, acquisition, financing, or sale of assets, in which case the recipient will be bound by terms at least as protective as this Policy.

We never put your phone number into ad networks, data brokers, or marketing exchanges. Full stop.

Your phone number is collected for two-factor authentication, account recovery, and limited service notifications you have opted into. We use Twilio to deliver SMS.

• We do not sell your phone number. Period.
• We do not rent, lease, share, or otherwise disclose your phone number to any third party for marketing or promotional purposes, including affiliates.
• We use SMS only for the purposes above. Message frequency varies by activity on your account. Message and data rates may apply.
• You can text STOP to opt out of optional SMS at any time, and text HELP for help. Opting out of SMS does not remove your phone number from your account; to remove it, update or delete it in Settings → Profile or Settings → Security.
• Mobile opt-in data and consent are never shared with any third party for any purpose, including with our own affiliates, except as strictly necessary to deliver the SMS itself (Twilio as carrier).

We use automated and AI-assisted processing for these features:

• Rapport Score (trust score). An algorithmic score derived from verification, completeness, peer endorsements, and platform activity. Presented for context; not a guarantee of fit or clinical quality. You can ask us to explain the inputs to your score.
• Referral Board PHI screen. An AI classifier flags posts that may contain PHI. Flagged posts may be held or returned for redaction.
• Profile and onboarding suggestions. Generated text suggestions that you choose to accept or ignore.
• License-board scrapers. Automated, read-only checks against state-board portals using the license number you provided.
• Faye assistant. Powered by Anthropic. When you upload a file to Faye, the file is sent to Anthropic’s Claude API for OCR and contact extraction. Extracted contacts are returned to your account so you can choose who to invite. We do not retain the uploaded file in our database after extraction. Under our agreement with Anthropic for API use, your file is not used to train Anthropic’s models; Anthropic may retain it briefly for safety screening before deletion, per their published API terms.

None of these features make legal or otherwise materially consequential decisions about you on their own; admin review is the final step where it matters (verification approval, content removal, account suspension). California residents have rights regarding automated decision-making technology described in Section 11.

• Active accounts. We retain your account information for as long as your account is active.
• Account deletion. You can delete your account at Settings → Danger Zone. Deletion sets your account to a soft-deleted state for 7 days. During the 7-day grace window, signing back in cancels the deletion. After 7 days, we hard-delete your account row and cascade through related tables: profile, listings, messages you authored (the other side’s message thread will retain that you participated under your last display state with an “account deleted” marker), referrals, endorsements, vouches, files in Faye uploads that were not already discarded, and analytics events tied to your account ID.
• Records we may retain longer. Billing records (for tax and audit), security and abuse logs, anonymized aggregate analytics, and records we are required by law to keep. None of these are used to re-identify you for marketing.
• Backups. Encrypted database backups roll off on a 30-day cycle; deleted records age out of backups within that window.
• Files uploaded to Faye. Not retained in our database after extraction. Anthropic’s brief safety-screening retention applies on their side per their API terms.

We use HTTPS in transit, encryption at rest, role-based access controls, two-factor authentication, audit logs on administrative actions, and least-privilege keys for our subprocessors. We restrict employee access to production data on a need-to-know basis. No system is perfectly secure, and we cannot guarantee absolute security, but we work to keep your information safe and we will notify you of a breach affecting your information as required by law.

Report security concerns to security@feelguide.network.

We use a small number of cookies and similar technologies for: session authentication, CSRF protection, remembering your preferences (e.g., theme), and limited first-party analytics. We do not use cross-site advertising cookies or sell information to ad networks. Where required by law, we present a cookie banner; you can also control cookies via your browser settings. Blocking authentication cookies will prevent you from signing in.

You have the following rights regardless of where you live, subject to the verification we do to make sure a request is really from you:

• Access — see the information we hold about you. Most of it is visible directly in Settings → Profile.
• Correct — edit your profile, listings, and preferences in-app. For data you cannot edit yourself (e.g., verification audit notes), email privacy@feelguide.network.
• Delete — use Settings → Danger Zone or email privacy@feelguide.network. The 7-day grace window in Section 8 applies.
• Export — request a copy of your account data in a portable format.
• Opt out of marketing email — use the unsubscribe link in any marketing email or Settings → Notifications.
• Opt out of optional SMS — reply STOP. Required authentication SMS continues unless you remove your phone number.

California residents (CCPA / CPRA). You have the right to know the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the categories of recipients; the right to correct inaccurate personal information; the right to delete personal information, subject to legal exceptions; the right to limit our use of “sensitive personal information” (we use it only for purposes permitted without an opt-out under California law — primarily account security, fraud prevention, and providing the service you requested); the right to opt out of “sale” or “sharing” — we do not sell or share personal information for cross-context behavioral advertising, so there is nothing to opt out of; the right to information about automated decision-making technology (see Section 7); and the right not to be discriminated against for exercising these rights. To exercise any of these, email privacy@feelguide.network. We will verify your identity using your account credentials.

EU/UK/EEA residents (GDPR / UK GDPR). In addition to the rights above, you have the right to restrict or object to processing, the right to withdraw consent where we rely on consent (without affecting prior processing), and the right to lodge a complaint with your supervisory authority. Our lawful bases are described in Section 4. We do not transfer personal data outside the EEA/UK without an adequacy decision, Standard Contractual Clauses, or another lawful transfer mechanism.

Authorized agents may submit requests on your behalf with written authorization.

FeelGuide is operated from the United States. If you use the Platform from outside the U.S., you understand your information will be processed in the U.S. and other countries where our service providers operate. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses (or successor mechanisms) with our subprocessors.

The Platform is for adults practicing as professionals or training to. We do not knowingly collect information from anyone under 18. If you believe a minor has used the Platform, email privacy@feelguide.network and we will delete the account.

We may update this Policy from time to time. We will post the updated Policy here and update the “Last updated” date. For material changes, we will give you advance notice by email or an in-app banner at least 14 days before the changes take effect. Continued use of the Platform after the effective date constitutes acceptance.

• Privacy questions: privacy@feelguide.network
• Security: security@feelguide.network
• General legal: legal@feelguide.network
• Mailing address: published at /contact before launch.