Alpha Sophia

Alpha Sophia Plugin Privacy Policy

Privacy policy for the Alpha Sophia Claude plugin

Effective Date: June 23, 2026
Last Updated: June 23, 2026
This Alpha Sophia Plugin Privacy Policy explains how Alpha Sophia Technologies GmbH, Am Gänschenwald 19a, 51467 Bergisch Gladbach, Germany, “Alpha Sophia,” “we,” “us,” or “our,” collects, uses, shares, and protects personal data in connection with the Alpha Sophia plugin, connector, tool, skill, MCP server, or related integration for Claude, the “Plugin.”
For purposes of this Privacy Policy, “Anthropic” means Anthropic, PBC. “Claude” means the Claude products and services made available by Anthropic. Claude is a product of Anthropic. “Plugin Marketplace” means any Anthropic-managed or Anthropic-supported marketplace, directory, catalog, or submission flow through which plugins for Claude may be discovered, reviewed, installed, or used. “Customer” means the company or organization that has an Alpha Sophia account or agreement. “Authorized User” means an individual authorized by a Customer to use Alpha Sophia or the Plugin. “Personal Data” means information that identifies or can reasonably be linked to an individual.
This Privacy Policy applies to the Plugin and Alpha Sophia’s processing of Plugin-related data. It does not govern Anthropic’s operation of Claude, the Plugin Marketplace, or Anthropic accounts, workspaces, logs, settings, or systems. Anthropic’s own terms and privacy notices apply to Anthropic’s products and services.
1. How the Plugin works
The Plugin allows Authorized Users to access Alpha Sophia functionality from within Claude. Depending on the enabled features, an Authorized User may ask Claude to use the Plugin to search, retrieve, summarize, analyze, or interact with information available through Alpha Sophia.
When the Plugin is used, Claude may send Alpha Sophia a request. That request may include an Input, prompt, query, tool call, account identifier, authentication token, requested data fields, usage metadata, and related technical information. Alpha Sophia may then return results, content, or other Outputs to Claude for display or further use in the Authorized User’s Claude environment.
Information sent to or returned through Claude may become part of the relevant Claude conversation, workspace, files, logs, or records, depending on Anthropic’s products, Customer settings, administrator settings, and applicable Anthropic terms. Customers and Authorized Users are responsible for ensuring that their Claude environment is approved for the data and use case involved.
2. Personal Data we collect
We may collect the following categories of Personal Data in connection with the Plugin:
Account and user data, such as name, business email address, company, role, Alpha Sophia account details, organization ID, user ID, subscription status, permissions, and administrator settings.
Authentication and security data, such as access tokens, API keys, session identifiers, login status, permission scopes, timestamps, IP address, device information, security logs, and audit logs.
Plugin usage data, such as Inputs, prompts, tool calls, query parameters, filters, requested records, API requests and responses, feature usage, error messages, access logs, and usage frequency.
Customer-provided content, such as search criteria, notes, account lists, business context, CRM-related information, or other information submitted by a Customer or Authorized User through Claude or the Plugin.
Alpha Sophia platform data, such as professional and business information about healthcare professionals, healthcare organizations, and related entities. This may include names, professional identifiers, specialties, affiliations, practice locations, organization information, business contact details, professional activities, market categories, analytics, and derived insights.
Support and communications data, such as support requests, correspondence, troubleshooting information, and related communications.
The Plugin is intended for business use only. Do not submit patient records, protected health information, sensitive personal data, payment card data, government identifiers, passwords, or confidential third-party data that you are not authorized to use.
3. How we use Personal Data
We use Personal Data to:
  • provide, operate, authenticate, secure, and maintain the Plugin;
  • verify permissions and enforce Customer subscription limits;
  • process Inputs, prompts, tool calls, and requests;
  • return Alpha Sophia results and Outputs to Claude;
  • administer accounts, support, billing, and Customer relationships;
  • monitor, debug, audit, and improve the Plugin and Alpha Sophia platform;
  • detect and prevent misuse, unauthorized access, excessive exports, scraping, data exfiltration, credential compromise, prohibited AI use, fraud, or unlawful activity;
  • enforce Alpha Sophia’s agreements, fair-use rules, data-use restrictions, and security requirements;
  • comply with applicable laws, legal process, sanctions, export-control rules, healthcare compliance obligations, privacy obligations, and contractual obligations; and
  • create aggregated, de-identified, or statistical information that does not identify a specific individual.
4. AI and model-training commitments
Alpha Sophia does not use Customer Content, Plugin Inputs, Plugin Outputs, or Customer-provided content to train public AI models or third-party foundation models.
Alpha Sophia does not permit service providers acting on our behalf to use Customer Content, Plugin Inputs, Plugin Outputs, or Customer-provided content to train their own public AI models or third-party foundation models.
Anthropic’s processing of data in Claude is governed by Anthropic’s own terms, privacy notices, product settings, workspace settings, and Customer agreements with Anthropic. Alpha Sophia does not control Anthropic’s processing of data in Claude.
Customers and Authorized Users may not use the Plugin to transmit Alpha Sophia platform data to any AI system, model, tool, workspace, or third-party service except as permitted by Alpha Sophia and the applicable Customer agreement.
5. How we share Personal Data
We may share Personal Data with the following categories of recipients:
Anthropic and Claude environments, as necessary for the Plugin to function and return Outputs to Claude.
Customers and administrators, where the Plugin is used through a Customer account, workspace, or subscription.
Service providers, such as hosting, infrastructure, security, logging, monitoring, support, analytics, authentication, billing, legal, and compliance providers that process data on our behalf.
Data licensors and compliance recipients, where limited disclosure is necessary to comply with contractual, audit, security, or legal obligations relating to licensed or restricted data. We do not identify any such licensors in this Privacy Policy.
Legal and safety recipients, such as courts, regulators, law enforcement, auditors, insurers, advisors, or other parties where disclosure is necessary to comply with law, enforce agreements, protect rights, investigate misuse, or respond to security incidents.
Transaction parties, if Alpha Sophia is involved in a merger, acquisition, financing, reorganization, sale of assets, insolvency, or similar transaction.
We do not sell Plugin user account data or Customer-provided Plugin content. Alpha Sophia’s broader B2B platform may make professional profile information available to authorized business customers under applicable agreements and laws. Where applicable law treats that activity as a “sale,” “sharing,” or similar disclosure, individuals may have opt-out rights.
6. Retention
We retain Personal Data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law, contract, audit obligation, dispute, security need, or compliance requirement.
Authentication tokens are retained until they expire, are revoked, are replaced, or are no longer needed. Plugin logs and audit records are typically retained for up to 24 months unless a longer period is required for legal, security, audit, or compliance reasons. Professional profile data may be retained, updated, corrected, suppressed, or deleted in accordance with Alpha Sophia’s data practices and applicable law.
7. Security
Alpha Sophia uses reasonable technical and organizational measures designed to protect Personal Data against unauthorized access, loss, misuse, alteration, and disclosure. These measures may include access controls, encryption in transit, encryption at rest where appropriate, logging, monitoring, least-privilege permissions, confidentiality obligations, vulnerability management, and incident-response procedures.
No system is completely secure. Customers and Authorized Users are responsible for protecting their devices, Claude workspaces, Alpha Sophia credentials, API keys, tokens, permissions, and any data exported or copied from the Plugin.
8. International transfers
Alpha Sophia is based in Germany. Personal Data may be processed in the European Economic Area, the United States, and other jurisdictions where Alpha Sophia, Customers, service providers, or integration providers operate. Where required, Alpha Sophia uses appropriate transfer safeguards, such as data-processing agreements, standard contractual clauses, supplementary measures, or other lawful transfer mechanisms.
9. Your privacy rights
Depending on your location and the Personal Data involved, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, or opt-out of certain processing.
To exercise privacy rights, contact:
legal@alphasophia.com
Please include enough information for us to verify your request and locate the relevant data. If your request relates to a Customer’s use of Alpha Sophia, we may refer the request to that Customer or cooperate with that Customer as required by law and contract.
10. Professional profile data
If Alpha Sophia maintains a professional profile about you, you may contact us to request access, correction, deletion, suppression, or objection to processing, subject to applicable law, verification, contractual obligations, and legitimate business or legal grounds.
To submit a request about professional profile data, email:
legal@alphasophia.com
Please include your full name, professional email if available, professional identifier if available, organization, state or country, and enough detail for us to locate the relevant profile.
11. Healthcare and restricted-use notice
The Plugin is not intended for clinical diagnosis, patient treatment, emergency use, patient-level decision-making, insurance eligibility decisions, employment decisions, credit decisions, or other legally restricted decisions.
Unless Alpha Sophia has expressly signed a separate written agreement covering protected health information, Alpha Sophia is not acting as a HIPAA business associate in connection with the Plugin. Do not submit protected health information or patient-level information to the Plugin.
12. Children
The Plugin is intended for business users and is not directed to children. We do not knowingly collect Personal Data from children under 16 through the Plugin.
13. Changes
We may update this Privacy Policy from time to time. The updated version will be posted with a revised “Last Updated” date. Where required by law or contract, we will provide additional notice of material changes.
14. Contact
Alpha Sophia Technologies GmbH
Am Gänschenwald 19a
51467 Bergisch Gladbach
Germany
Email: legal@alphasophia.com