Skip to main content
Your Data, Your Control

Privacy Policy

Effective April 2026medevidex.io[email protected]
01

What we collect

When you create an account, we collect the information you provide: email address, display name, title, institution, specialty, country, and age group. If you sign in with Google, we receive your email address and profile photo from Google.

We also collect basic usage data: when you sign in, the number of queries you make, and credits consumed. This data is used solely for account management and service operation.

02

What we do not collect

We do not collect, store, or process the content of your uploaded documents beyond what is necessary to provide the service. Specifically:

  • Document text is processed to generate searchable chunks and embeddings, stored in your tenant-isolated environment
  • We do not read, review, or analyse your document content for any purpose other than serving your queries
  • We do not use your documents or queries to train, fine-tune, or modify any AI model
03

How we use your data

Your account information is used to: operate your account, manage your subscription and credits, send transactional emails (verification codes, password resets), and provide customer support when you contact us.

We do not use your data for marketing, advertising, or profiling. We do not sell or share your personal information with third parties for their own purposes.

04

Data storage & security

Your data is stored on infrastructure that we operate and control. Document data is stored in a tenant-isolated database — each user's content is technically separated from all other users.

We use industry-standard security measures including encrypted connections (HTTPS), HttpOnly session cookies, and access controls. However, no system is perfectly secure, and we cannot guarantee absolute security of your data.

05

Third-party services

Medevidex uses the following third-party services in the course of providing the platform:

  • Supabase — authentication and database (self-hosted instance)
  • Stripe — payment processing for subscriptions
  • LLM providers — AI inference for chat responses (your document content is sent to the LLM provider at query time only, under their data processing terms, and is not retained for training)
  • Resend — transactional email delivery
  • Cloudflare — DNS, CDN, and tunnel services

We select third-party providers that offer strong data protection commitments. Your full document content is never stored by these services — only the minimum data required for each service's function is shared.

06

Data retention & deletion

Your account data is retained for as long as your account is active. When you delete a document, all associated data (text chunks, embeddings, figure images) is permanently removed from our systems.

When you delete your account, all personal data, uploaded documents, and derived content are permanently destroyed. This process is irreversible.

07

Your rights

You have the right to: access the personal data we hold about you (visible on your profile page), correct inaccurate information, delete your account and all associated data, and export your data upon request.

To exercise any of these rights, contact us at [email protected].

08

Cookies

Medevidex uses a minimal set of cookies essential for the service to function. For full details, see our Cookie Policy.

09

Children's privacy

Medevidex is designed for healthcare professionals and is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors.

10

Changes to this policy

We may update this privacy policy from time to time. Significant changes will be communicated via email or an in-app notification. The effective date at the top of this page indicates when the policy was last revised.

11

Contact

For privacy-related questions or requests, contact us at [email protected].