Privacy Policy

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (used for login and communication)
• Full name
• Password (encrypted and never stored in plain text)
• Phone number (optional)

1.2 Clinic and Patient Data

You provide and control all data entered into the Service, including:

• Clinic information (name, address, contact details)
• Patient records (name, date of birth, phone number, address, gender)
• Appointment details (date, time, duration, notes, cost)
• Medical history and observations (as entered by you)

Important: You are the data controller for all patient data. We are the data processor. You are responsible for obtaining proper consent from patients to store their information.

1.3 Payment Information

Payment processing is handled by Paddle, our secure payment processor. We do NOT store your credit card details or full payment information on our servers. We only receive:

• Subscription status (active, cancelled, past_due)
• Paddle customer ID and subscription ID
• Plan type (Monthly or Yearly)
• Transaction amounts (for billing history display)

1.4 Usage and Technical Data

• IP address (for security and fraud prevention)
• Browser type and version
• Device information
• Login timestamps and activity logs
• User preferences (language, timezone, theme, currency)

1.5 OAuth Authentication (Google Sign-In)

If you use Google Sign-In, we receive:

• Your Google email address
• Your name
• Google account ID (used to link your account)

We do not access your Google Drive, Gmail, or other Google services.

2. How We Use Your Information

• Provide and maintain the Service: Enable core features like patient management, appointments, and analytics
• Process payments and manage subscriptions: Via Paddle payment processor
• Authenticate and secure your account: JWT tokens, password reset, session management
• Send important notifications: Password reset emails, account security alerts
• Provide customer support: Respond to your inquiries via email
• Improve and optimize the Service: Fix bugs, add features, analyze usage patterns
• Prevent fraud and abuse: Rate limiting, security monitoring, suspicious activity detection

3. Data Storage and Security

3.1 Encryption

• All data transmitted between your browser and our servers is encrypted using SSL/TLS (HTTPS)
• Passwords are hashed using bcrypt with salt rounds
• Database stored securely with access controls

3.2 Access Controls

• Only you can access your patient data (ownership verification on every request)
• Our engineers cannot access your patient data without explicit authorization
• Role-based access control for multi-user accounts (future feature)

3.3 Backups

• Automated daily backups of all data
• Backups stored in secure, redundant locations
• Point-in-time recovery available

3.4 Security Measures

• Rate limiting to prevent brute force attacks
• XSS (Cross-Site Scripting) prevention
• CSRF protection
• Security headers (HSTS, CSP, X-Frame-Options)
• Regular security audits and updates
• IDOR (Insecure Direct Object Reference) protection

4. Data Sharing and Disclosure

4.1 We DO NOT sell your data

We never sell, rent, or trade your personal information or patient data to third parties for marketing purposes.

4.2 Third-Party Service Providers

We share limited data with trusted partners who help us operate the Service:

• Paddle (Payment Processing): Processes subscription payments. See Paddle's Privacy Policy.
• Cloud hosting provider: Stores encrypted data on secure servers
• Email service (Resend): Sends transactional emails (password resets, security alerts)

All third parties are contractually obligated to protect your data and use it only for the specified purposes.

4.3 Legal Requirements

We may disclose your information if required by law, such as:

• To comply with a subpoena, court order, or legal process
• To protect the rights, property, or safety of PatientsLog, our users, or the public
• In connection with fraud prevention or security investigations

5. Your Rights and Choices

5.1 Access and Export

• You can access all your data anytime through the application
• Export functionality is planned (coming soon) - contact support for data export

5.2 Correction and Updates

• You can edit your account information in Settings → Personal Info
• You can update patient records and clinic information anytime

5.3 Deletion

• Delete individual patient records: Available in the Patients section
• Delete your entire account: Settings → Personal Info → Delete Account (requires password confirmation)
• After account deletion, data is retained for 90 days for recovery purposes, then permanently deleted

5.4 Preferences

You can control:

• Language preference (English, Spanish, French, Portuguese)
• Timezone
• Theme (Light/Dark mode)
• Currency display
• Default appointment duration

5.5 Marketing Communications

Currently, we only send transactional emails (password resets, security alerts). We do not send marketing emails. If we add marketing communications in the future, you will be able to opt out.

6. GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to access: Request a copy of your data - Contact support@patientslog.com
• Right to rectification: Correct inaccurate data - Edit directly in the app or contact support
• Right to erasure: Request deletion of your data - Use in-app deletion or contact support
• Right to data portability: Receive your data in a machine-readable format - Contact support@patientslog.com
• Right to object: Object to data processing - Contact support@patientslog.com
• Right to lodge a complaint: File complaint with your data protection authority

7. HIPAA Compliance (US Healthcare Providers)

Business Associate Agreement (BAA): If you are subject to HIPAA and use PatientsLog to store Protected Health Information (PHI), we can provide a Business Associate Agreement (BAA). Contact support@patientslog.com to request one.

Your Responsibilities:

• Obtain patient consent before entering their data
• Use strong passwords and enable two-factor authentication (when available)
• Log out when leaving your device unattended
• Train staff on HIPAA requirements

8. Children's Privacy

Our Service is intended for healthcare professionals aged 18 and older. We do not knowingly collect personal information from children under 13. If you are under 18, please do not create an account.

Note: While you may store information about pediatric patients in the system, those patients are not users of the Service.

9. International Data Transfers

Your data may be stored and processed in data centers located in United States and European Union. We ensure adequate protections are in place for international transfers in compliance with GDPR and other applicable laws.

10. Data Retention

• Active accounts: Data retained as long as your subscription is active
• After cancellation: 90 days retention period, then permanent deletion
• Backups: Backup copies may exist up to 30 days after permanent deletion
• Legal requirements: Some data may be retained longer if required by law

11. Cookies and Tracking

We use essential cookies to:

• Keep you logged in (session management)
• Remember your preferences (language, theme)
• Ensure security (CSRF protection)

We do NOT use tracking cookies for advertising or analytics at this time.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

• Email notification
• In-app notification
• Updated "Last Updated" date at the top of this policy

Continued use of the Service after changes constitutes acceptance.

13. Contact Us

For privacy-related questions or to exercise your rights:

Email: support@patientslog.com

Subject Line: "Privacy Inquiry" or "GDPR Request"

Response Time: We aim to respond within 48 hours for privacy requests