1. Therapist Information

Serene collects information about therapists to support their work, streamline operations, and ensure secure access. We collect:

• Personal Details

  Includes your full name, email, and phone number. These are required for account creation, communication, and security notifications.

• Professional Credentials

  Licensure numbers, certifications, areas of specialization, and practice affiliations. This enables trust and helps clients identify appropriate care providers.

• Timezone & Location Data

  Used for scheduling accuracy, session reminders, and timezone alignment when managing appointments across different regions.

All therapist data is stored securely and is never shared with third parties without explicit consent. You control your profile, visibility, and the details shared with clients.

2. Client Information Managed by Therapists

Therapists using Serene may collect and record client data for therapeutic purposes. This data includes:

• Client Name

  Used to identify records and manage session notes. Clients may be listed by first name or anonymized identifiers if preferred.

• Email & Phone

  Used to deliver appointment confirmations, reminders, and communication between therapist and client.

• Client Timezone

  Ensures session times are presented accurately to both parties regardless of location.

• Session Notes & History

  Allows therapists to track progress, document observations, and build continuity of care. All entries are editable and under therapist control.

All client data entered into Serene is encrypted using industry-standard protocols (AES-256) and is accessible only to the therapist who created it. Therapists may update or delete this data at any time. Learn more about our security practices

3. Session Notes and Recordings

Serene offers multiple methods for creating session documentation, each with specific data handling procedures:

• Live Session Recording

  Therapists can record therapy sessions in real-time with client consent. Audio is captured via your microphone, securely uploaded for transcription, and then automatically converted into structured notes (SOAP, BIRP, or custom formats). The raw recording file is permanently deleted after transcription completes—typically within 6-15 minutes.

• Document Uploads

  Therapists may upload handwritten or typed session notes for AI-assisted formatting and summarization. Uploaded files are processed to extract clinical content, then permanently deleted. Only the structured, formatted note content is retained.

• Manual Note Entry

  Therapists can create notes directly in the platform using blank templates, SOAP/BIRP structured formats, or chat-based AI assistance. No recordings or uploads are involved—all content is entered and stored as text.

• Session Analytics

  When recording sessions, Serene generates analytics including session duration, speaking time ratios, emotion patterns, and discussion themes. These insights are derived from transcriptions and stored as metadata linked to session notes.

4. Telehealth Video Sessions

Serene provides HIPAA-compliant telehealth video functionality for conducting remote therapy sessions. Here's what we collect and how we protect your sessions:

• Video Call Data

  Video and audio streams are transmitted using end-to-end encryption. Sessions are NOT recorded by Serene unless you explicitly choose to use the session recording feature (which follows the recording policy in Section 3 above).

• Session Metadata

  We collect session start time, duration, participant names, and connection quality metrics to ensure platform reliability. This metadata does not include conversation content.

• Device & Connection Information

  To facilitate video calls, we access your camera, microphone, and internet connection. No device data is stored beyond what's necessary for the duration of the session.

5. Client Portal

The Client Portal is a secure space where therapists can share materials with clients and clients can upload documents or complete forms. The portal involves specific data collection:

• Portal Access & Activity

  Each client portal is assigned a unique, secure ID. We track when clients access their portal, what forms they complete, and what documents they upload.

• Shared Content

  Therapists control what appears in each client's portal (intake forms, treatment resources, educational materials). Only the assigned therapist can add, view, or remove content. Clients cannot access other clients' portals or data.

• Notifications

  Clients receive email or SMS notifications when new items are added to their portal. These notifications contain only generic information (e.g., 'You have a new form to complete') and a secure link—no sensitive clinical data is included in messages.

Client portal data is encrypted and accessible only to the therapist who created it and the specific client to whom it belongs. Portals are automatically created when a therapist assigns the first item to a client.

6. Intake Forms and Client Submissions

Serene's AI-powered intake form builder allows therapists to create customized forms that clients complete before their first session. This feature involves the following data collection:

• Form Builder & Templates

  Therapists use our AI form builder to design intake forms based on their practice needs (e.g., standard intake, couples therapy, child therapy). Form templates are generated using AI but do NOT use any client or therapist data from your practice for training.

• Client Form Responses

  When clients complete intake forms, their responses are saved to their client record. This may include personal information (name, contact details, date of birth), medical history, mental health concerns, emergency contacts, and insurance details—depending on what the therapist requests.

• Form Assignment & Tracking

  Intake forms can be automatically assigned to services. When a client books a service with an assigned form, they receive a notification to complete it before their session. We track completion status and send reminders based on therapist settings.

7. Treatment Plans and Mental State Examinations

Serene provides structured tools for tracking treatment goals and conducting mental status assessments:

Treatment Plans

• Goal Tracking

  Therapists create treatment goals for each client, including goal title, detailed description, intervention approach, target dates, and completion status. All goal data is stored as structured clinical documentation.

• Progress Monitoring

  Goals can be marked as complete or incomplete, updated as treatment evolves, and deleted when no longer relevant. Therapists maintain full control over all treatment planning data.

Mental State Examinations (MSE)

• Standardized Assessments

  Therapists can record comprehensive MSE assessments including appearance, behavior, mood, affect, thought content/process, perception, cognition, insight, judgment, and risk assessment. These are clinical observations documented at specific points in time.

• MSE Insights Tracker

  Serene visualizes changes across multiple MSE assessments over time, helping therapists identify patterns, track progress, and recognize early warning signs. This analysis uses only the therapist's own documented assessments for that specific client.

• Discussion Topics (AI-Generated)

  After session notes are approved, our AI analyzes notes to identify recurring themes and discussion topics. These are linked to specific sessions, helping therapists track what subjects have been explored over time. Topic generation uses only data from individual client records.

All treatment planning and assessment data is encrypted, stored securely, and accessible only to the therapist who created it. This information is never shared with third parties or used for purposes beyond clinical care within your practice.

8. AI Technology and Analytics

Serene incorporates AI technology to assist therapists in reducing administrative workload and improving clinical documentation. Here's how we use AI and protect your privacy:

AI Features in Serene

• Transcription Services

  We use third-party AI services to convert audio recordings into text transcriptions. These providers process audio temporarily and do not retain recordings or transcriptions after processing. We only work with HIPAA-compliant transcription partners.

• Note Generation & Formatting

  AI analyzes transcriptions or uploaded notes to generate structured clinical notes (SOAP, BIRP, etc.). This processing happens in real-time for your specific session and is NOT used to improve the AI model.

• Intake Form Builder

  Our AI helps therapists create customized intake forms based on form descriptions and therapy type (e.g., 'couples therapy intake' or 'child assessment form'). The AI uses general clinical knowledge, NOT data from your practice or any Serene users.

• Session Analytics & Topic Extraction

  AI identifies discussion themes, emotion patterns, and talking ratios from session transcriptions. These insights are generated exclusively from your own client's data and are never aggregated or used across different practices.

9. Data Security and Confidentiality

Protecting your data is foundational to everything we do at Serene. We implement multiple layers of security to ensure confidentiality and integrity:

Infrastructure Security

• Trusted Cloud Partners

  We use Google Cloud Platform (Firebase) for hosting and data storage. Google Cloud is HIPAA-compliant, SOC 2 certified, and undergoes regular third-party security audits.

• Isolated Data Storage

  Each therapist's data is logically isolated. You can only access data you created or data explicitly shared with you by other therapists through team collaboration features.

• Regular Security Audits

  We conduct regular security assessments, vulnerability scans, and penetration testing to identify and address potential risks before they become threats.

10. Data Sharing and Access Control

At Serene, we believe that mental health professionals should retain full control over their practice data. Here's how data access works:

Therapist Control

All information entered into the platform—whether about a client, session, or note—is entirely under the therapist's control. You can:

• • Keep all data completely private (default setting)
• • Share specific client records with other verified therapists on your team
• • Grant view-only or edit permissions when sharing
• • Share treatment materials with clients via their secure portal
• • Revoke access at any time

Client Access via Portal

Clients do not have access to internal therapist notes unless explicitly shared by the therapist. Through their Client Portal, clients can only:

• • View intake forms assigned to them
• • Upload documents requested by their therapist
• • Access educational materials shared by their therapist
• • View their upcoming appointments (if enabled by therapist)

Team Collaboration

When therapists work in teams, they can choose to share client records with specific team members. When collaboration is initiated:

• • Only explicitly shared data is visible to team members
• • Sharing permissions are transparent and can be reviewed anytime
• • The original therapist retains ownership and can revoke access
• • All team members must have verified Serene accounts

11. Cookies and Analytics

Serene uses cookies and similar technologies to provide essential functionality and improve your experience. Here's what we collect:

Essential Cookies

These cookies are necessary for the platform to function and cannot be disabled:

• • Authentication cookies to keep you logged in securely
• • Session management to maintain your workspace state
• • Security tokens to prevent unauthorized access and CSRF attacks

Analytics and Performance

We use anonymized analytics to understand platform usage and improve performance:

• • Aggregated usage statistics (e.g., how many users access certain features)
• • Error tracking to identify and fix bugs
• • Performance monitoring to ensure fast load times

You can manage cookie preferences through your browser settings. Note that disabling essential cookies will prevent you from using Serene.

12. Your Rights and Data Control

You have full control over your data on Serene. Under HIPAA, GDPR, and other privacy regulations, you have the following rights:

• Right to Access

  You can view, download, and export all data stored in your Serene account at any time through the platform interface.

• Right to Correction

  You can update, edit, or correct any information in your account, including client records, session notes, and profile information.

• Right to Deletion

  You can delete specific client records, session notes, or your entire account. Once deleted, data is permanently removed from our systems within 30 days (except where legal retention is required).

• Right to Data Portability

  You can export your data in common formats (CSV, PDF) to transfer to another platform or for your records.

• Right to Object

  You can object to certain data processing activities. Contact us to discuss specific concerns about how your data is processed.

13. Policy Updates and Contact Information

From time to time, we may update this Privacy Policy to reflect new features, legal requirements, or changes in our data practices. When we make significant changes:

• • We will notify you through the platform dashboard
• • You will receive an email notification to your registered address
• • The effective date at the top of this policy will be updated
• • We will provide a summary of key changes

We encourage you to review this policy periodically to stay informed about how we protect your information.