Privacy Policy

Account information: your name, email address, role, facility name, and (optionally) a profile photo and state license number.

Resident records entered by our customers: care notes, moods, medications and administration logs, tasks, incident reports, uploaded documents (e.g. IEPs, court and medical paperwork), and structured identity/insurance fields including date of birth and—when provided—Social Security numbers.

Billing information: handled by our payment processor (Stripe). We store a customer/subscription identifier and plan status, never full card numbers.

Technical information: standard log data such as IP address, browser type, and timestamps needed to operate and secure the service.

We use information to provide, maintain, secure, and improve the service, including:

• Operating the dashboard, charting, messaging, and reporting features.
• Generating optional AI summaries of resident activity for facilities on a paid plan.
• Processing subscriptions and preventing fraud and abuse.
• Maintaining audit trails for compliance and security.

We do not sell personal information, and we do not use resident records to train AI models.

Group homes may store PHI in HavenLog. We treat this data as confidential and apply minimum-necessary access controls. Where a Business Associate Agreement (BAA) is in place, we handle PHI in accordance with it.

Sensitive identifiers such as Social Security numbers are encrypted at the application layer; only the last four digits are shown for verification, and any reveal of a full value is recorded in an immutable audit log.

Within a facility: records are visible to that facility's staff according to their role. Confidential records are limited to admins and managers.

External share links: a facility admin may create read-only, expiring links to share a resident's status with caseworkers, CASA, or social workers. These show only what the admin chooses and can be revoked at any time.

Service providers (sub-processors): we share data with vetted providers strictly to operate the service:

• Supabase — database, authentication, and file storage.
• Stripe — subscription billing and payments.
• Anthropic — generates AI summaries for paid facilities (only the relevant resident context is sent; not used for model training).
• Google — optional sign-in (OAuth) when you choose it.

Legal: we may disclose information if required by law or to protect the rights, safety, and security of users and the public.

Each facility's data is isolated using database row-level security. Files are stored in a private bucket and served only through short-lived, signed links—never public URLs. Every document view, PHI access, and incident change is written to an append-only audit trail. See our Security page for more detail.

We retain account and resident records for as long as the facility's account is active, and as needed to comply with legal, regulatory, and licensing obligations. Audit records are retained to preserve an accurate compliance history. Upon verified request and subject to those obligations, we will delete or return facility data.

You can update your profile and facility details in Settings, and reset your password at any time. Depending on your jurisdiction, you may have rights to access, correct, or delete personal information. For resident records, requests should be directed to the facility that controls the data; we will assist our customers in fulfilling valid requests.

HavenLog is used by professional caregivers to document care for minors in their custody. Records about minors are entered by authorized staff under the facility's legal authority; HavenLog does not knowingly collect information directly from children.

We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above and, where appropriate, communicated to account admins.