Privacy Policy

Effective Date: January 9, 2026

TrainBase ("we," "us," or "our") provides a training platform that helps medical practices maximize efficiency and speed onboarding through AI-powered video creation. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

1. Information We Collect

2.1 Account Information

Name and contact details
Payment information (processed through Stripe)
Subscription tier and account preferences

2.2 Content You Create

Screen recordings of your workflows and systems
Audio recordings from your microphone
Mobile video uploads of clinical environments and procedures
Text scripts and training materials

2.3 Guest User Information

For users accessing our Guest Pass feature:

Temporary video recordings
Device and browser information
Usage analytics (anonymized)

3. How We Use Your Information

3.1 Service Delivery

Process your recordings into training videos
Generate AI voiceovers and scripts
Provide face redaction and content editing
Deliver subscription services and hardware components

3.2 AI Processing

We use artificial intelligence to:

Transcribe audio recordings
Generate synthetic voiceovers
Edit and enhance video content
Redact sensitive information from recordings

4. Third-Party Service Providers

We work with trusted partners to deliver our services:

Stripe: Processes all subscription payments and billing.
ElevenLabs: Generates synthetic voice audio from text scripts.
Cloud Hosting: Secure data storage and processing infrastructure.

5. Data Retention and Deletion

5.1 Guest Users

Guest recordings are automatically deleted after 24 hours if not claimed.
No account creation required for guest access.

5.2 Subscribers

Content remains available for the duration of your active subscription.
Account data retained for business/legal purposes after cancellation.
You may request data deletion at any time.

6. HIPAA Compliance

6.1 Protected Health Information (PHI)

We understand that medical training content may contain PHI. We operate as a Business Associate under HIPAA and:

Maintain appropriate safeguards for PHI [cite: 50]
Provide Business Associate Agreements (BAA) to covered entities
Recommend using simulated patients and dummy data when possible

6.2 Security Measures

Encrypted data transmission and storage
Access controls and audit logging
Regular security assessments and updates

7. Guest User Disclaimer

Important Notice for Guest Users:

Guest recordings are temporary and deleted after 24 hours.
Do not record real patient data or PHI in Guest Mode.
Guest sessions are not covered by HIPAA protections.
Create an account to claim and preserve your content.

8. Data Security

We implement industry-standard security measures including:

Encryption in transit and at rest
Regular security monitoring
Limited access controls
Incident response procedures

9. Contact Information

For questions about this Privacy Policy or your data:

TrainBase Privacy Team
Email: privacy@trainbase.com

For HIPAA-related inquiries or to request a Business Associate Agreement, contact our Privacy Officer at the above email address.