Our Role: Service Provider, Not Custodian
Under Canadian privacy law:
- Your clinic is the accountable organization under PIPEDA and applicable provincial legislation. Your clinic determines what information is collected through the Widget and how it is used.
- BookingBridge acts as your service provider, processing only the information necessary to deliver the Widget and route leads to your clinic.
- Your clinic is responsible for obtaining visitor consent for follow-up communications in compliance with CASL.
No patient health data stored
The Widget never collects, stores, or transmits clinical records, diagnoses, insurance data, or any personal health information.
Canadian-first compliance
Built around PIPEDA and Ontario privacy law. No HIPAA โ that's a US framework. We comply with what actually applies to Canadian clinics.
CASL compliant lead capture
Visitor-initiated lead submission constitutes express consent under CASL. Your clinic follows up โ we just deliver the lead.
API keys never exposed
All AI calls route through a Cloudflare Worker proxy. No API credentials are ever present in client-facing code.
Your data, your Google Sheet
Lead data logs to a Google Sheet in your own Google account. BookingBridge does not hold a copy of your leads.
AI is administrative only
The Widget never diagnoses, never provides clinical advice, and never overrides professional judgment. It books appointments and answers FAQ.
What Data We Handle โ and What We Don't
What BookingBridge processes
- Visitor-submitted lead information: name, contact, service interest, preferred time
- Real-time conversation content โ processed by Anthropic's Claude API to generate responses, not stored by BookingBridge
- Clinic configuration information: services, hours, booking links, FAQ content
โ What BookingBridge never accesses
- Clinical notes, chart data, or treatment records
- Diagnoses or medical history
- Insurance information or billing details
- Intake forms, assessments, or clinical questionnaires
- Any booking system, patient management software, or EMR
- Payment card information (handled by Stripe only)
Canadian Regulatory Alignment
PIPEDA (Federal)
BookingBridge is designed around the ten fair information principles of PIPEDA, including accountability, limiting collection, consent, safeguards, and individual access rights. Our privacy contact is Mudit Mogla at info@bookingbridge.ca.
PHIPA (Ontario)
For Ontario clinics, BookingBridge operates as a service provider. We limit our handling of any personal information to what is strictly necessary to deliver the Widget, and we notify clients promptly of any security incident.
CASL (Anti-Spam Legislation)
Lead capture through the Widget is visitor-initiated, which constitutes express consent under CASL for the clinic to follow up. Clinics are responsible for maintaining consent records and honouring opt-outs in all subsequent communications. BookingBridge does not send any communications to patients on behalf of clinics.
A Note on HIPAA
HIPAA is a United States federal law. It does not apply to Canadian clinics serving Canadian patients. Canadian clinics are governed by PIPEDA and provincial health privacy laws. If your clinic treats US patients, contact us to discuss whether additional measures are appropriate.
AI Transparency
BookingBridge uses Anthropic's Claude API to power Widget responses. Here is how we use AI responsibly:
- The Widget operates within a strict system prompt that limits it to booking guidance and FAQ only
- It never diagnoses, never provides clinical advice, and always recommends consulting a practitioner
- Insurance information is always qualified with "coverage varies โ verify with your insurer"
- Conversation data is processed in real time and not stored by BookingBridge
- We do not use clinic or patient data to train AI models
- Clinics can request Widget content updates at any time โ we respond within 5 business days
Security Safeguards
- TLS encryption โ all data in transit is encrypted using industry-standard TLS
- API proxy architecture โ all AI calls route through a Cloudflare Worker so API credentials are never visible in browser source code
- No patient database โ BookingBridge maintains no database of patient or visitor records
- Clinic-owned lead storage โ leads log to a Google Sheet in your own Google account only
- Breach notification โ in the event of a security incident, BookingBridge will notify affected clients within 72 hours of confirmation
Sub-Processors
BookingBridge relies on the following third-party services. Each operates under its own published privacy commitments:
- Anthropic (Claude API) โ AI response generation. anthropic.com/privacy
- Cloudflare โ API proxy, Widget hosting, DNS. cloudflare.com/privacypolicy
- Google (Sheets, Gmail) โ Lead data storage and email delivery. policies.google.com/privacy
- Resend.com โ Transactional email. resend.com/legal/privacy-policy
- Stripe โ Payment processing. stripe.com/privacy
Shared Responsibility
Your Clinic
- Obtaining visitor consent for follow-up under CASL
- Providing accurate clinic information for Widget configuration
- Notifying BookingBridge of any changes to services, hours, or booking links
- Following up on leads in a timely, compliant manner
- Meeting all professional College obligations for your practice
- Responding to patient access and deletion requests
BookingBridge
- Encrypting all data in transit
- Never accessing clinical records or health data
- Limiting AI scope to booking guidance and FAQ only
- Delivering leads securely to your clinic only
- Updating Widget content within 5 days of a correction request
- Notifying you of security incidents within 72 hours
International Data Transfer
BookingBridge's infrastructure relies on third-party services whose servers are located in the United States (Anthropic, Cloudflare, Stripe). Data may be transferred to and processed in the United States. PIPEDA permits cross-border processing when adequate safeguards are in place. BookingBridge implements these safeguards through encryption, access controls, and sub-processor selection. By using our Services, you acknowledge this cross-border transfer.
Questions or Concerns
If you have questions about how BookingBridge handles data, or want to discuss your clinic's specific privacy requirements before onboarding, contact us directly.
Privacy contact: Mudit Mogla
Email: info@bookingbridge.ca
Website: bookingbridge.ca
Location: Ottawa, Ontario, Canada
This page provides general information about BookingBridge's privacy and security practices and is not legal advice. Clinics should consult their own legal counsel regarding specific provincial obligations.