Privacy Policy

Last updated: May 11, 2026

1. Who We Are

Bramha Workspace LLC ("Bramha Workspace," "we," "our," or "us") operates a suite of AI-powered clinical tools for licensed medical professionals, accessible at bramhaworkspace.com and its subdomains. We are based in Orlando, Florida.

Questions about this policy can be directed to: babupmohan@bramhaworkspace.com

2. Information We Collect

We collect the following categories of information:

  • Registration information: Name, email address, practice name, and geographic location when you create an account.
  • Payment information: Processed securely by Stripe. We do not store credit card numbers or full payment details.
  • De-identified clinical session data: When you use our clinical decision support tools, we log session metadata (disease type, severity category, therapy selection) in a de-identified form. No patient name, date of birth, MRN, or other personally identifiable patient information is collected or stored.
  • Usage data: Standard web analytics (page views, browser type, referral source) collected via server logs.

3. How We Use Your Information

  • To provide and improve our clinical tools and services
  • To manage your subscription and process payments via Stripe
  • To send service-related communications (account updates, important notices)
  • To analyze de-identified aggregate usage patterns for product improvement
  • To comply with applicable legal obligations

We do not sell your personal information to third parties.

4. Patient Data and HIPAA

Our tools are designed for use by licensed healthcare professionals and are intentionally built to avoid collecting protected health information (PHI). Clinical session logs contain only de-identified, population-level data points (e.g., disease category, severity) — never patient names, dates of birth, medical record numbers, or other HIPAA-defined identifiers.

Physicians are responsible for ensuring their use of these tools complies with applicable patient privacy laws and institutional policies.

5. Data Storage and Security

User registration and session data are stored in Supabase (PostgreSQL), hosted on AWS infrastructure with encryption at rest and in transit. Payment processing is handled by Stripe, which is PCI DSS-compliant. We apply role-based access controls and row-level security policies to limit data access.

6. Third-Party Services

We use the following third-party services:

  • Supabase — database and authentication
  • Stripe — payment processing
  • Vercel — hosting and deployment
  • OpenAI / Anthropic — AI model inference (no patient data is transmitted)

Each third party operates under its own privacy policy and security standards.

7. Your Rights

You may request at any time:

  • Access to the personal information we hold about you
  • Correction of inaccurate information
  • Deletion of your account and associated data
  • Cancellation of your subscription

To exercise these rights, contact us at babupmohan@bramhaworkspace.com.

8. Cookies

We use minimal cookies for session management and authentication state. We do not use tracking or advertising cookies. You can disable cookies in your browser settings, which may affect functionality.

9. Changes to This Policy

We may update this policy periodically. Significant changes will be communicated by updating the "Last updated" date and, where appropriate, via email. Continued use of our services after changes constitutes acceptance of the revised policy.

10. Contact

Bramha Workspace LLC
Orlando, Florida
babupmohan@bramhaworkspace.com