Soap Notes logo

Privacy Policy — Soap Notes for Gmail

Effective Date: July 14, 2026

Last Updated: July 16, 2026

This policy explains what the Soap Notes for Gmail Chrome extension (“the extension”) does with information. It is published by Soap Notes (“we”, “us”). Questions: info@soapnotes.online.

The Short Version

The extension adds a button to Gmail's compose window that inserts your Soap Notes booking links and available times into an email. It does not collect personal information, does not read or store your emails, contacts, or any client/patient data, and does not use advertising or tracking. Everything it stores stays in your browser.

1. What the Extension Accesses

On your Soap Notes dashboard (app.soapnotes.online): the extension reads a single value your dashboard publishes to the browser's local storage — the public booking slug and display name of the organization you are signed in to. This is how it connects to your account without a separate login. It does not read your login credentials or access token, and it reads nothing else on that site.

In Gmail (mail.google.com): the extension adds a “Soap Notes” button to the compose toolbar and, when you use it, inserts booking links or a table of available times into the body of the email you are writing. It does not read, collect, transmit, or store the content of your emails, your recipients, your contacts, or any other Gmail data. It never sends the email — you do, using Gmail as normal.

From the Soap Notes API: the extension requests your organization's publicly available event types and their open times — the same information shown on your public booking page — so it can list them and build links. Only your organization's public booking identifiers (its slug, and the relevant creator and event slugs) are sent to make these requests.

2. What the Extension Stores

The extension stores the following locally, in your browser only (chrome.storage.local), and nowhere else:

  • the connected organization's public booking slug and display name;
  • the event type you most recently inserted, so it can be offered first.

This information never leaves your device except as part of the public API requests described above. You can erase it at any time by removing the extension or clearing its storage.

3. What the Extension Does NOT Do

  • It does not collect personally identifiable information.
  • It does not access protected health information (PHI), notes, or any client/patient records.
  • It does not read, store, or transmit your emails, drafts, contacts, or attachments.
  • It does not store your Soap Notes password or access token.
  • It does not use cookies, analytics, advertising, or third-party trackers.
  • It does not sell or share any information with third parties.
  • It does not load or execute remote code.

4. Permissions, and Why

  • storage — to remember your connected organization and last-used event type locally so you don't re-enter anything each session.
  • Access to mail.google.com — to add the button to Gmail's compose toolbar and insert links/times into your draft.
  • Access to app.soapnotes.online — to read the connected organization's public slug that your dashboard publishes.
  • Access to the Soap Notes API host — to fetch your public event types and available times.

5. Data Retention and Deletion

Locally stored values persist until you remove the extension, clear its storage, or sign out of your dashboard (which disconnects it). We do not operate any separate store of extension data to delete.

6. Changes

If this policy changes materially, we will update the effective date above and, where appropriate, notify users through the extension or dashboard.

7. Contact Us

If you have any questions about this policy, pleaseContact us, or reach us directly at info@soapnotes.online.

This page covers the Soap Notes for Gmail extension specifically. For our full data practices, see our general Privacy Policy.