Privacy Policy

Last updated: [DATE]

1. Introduction

This Privacy Policy explains how JanusMed ("Company", "we", "us") collects, uses, stores, and protects personal data when you use our services ("Service").

We are committed to protecting your privacy and ensuring transparency about how your data is handled.

2. Scope of This Policy

This Policy applies to:

  • Users of the Service
  • Personal data provided directly by users
  • Health-related data uploaded by users

This Policy does not apply to third parties authorized by you to access your data (such as healthcare professionals), whose use of data is governed by their own professional obligations.

3. Data We Collect

3.1 Data You Provide Directly

  • Account information (name, email)
  • Health-related documents (e.g., exams, lab results, reports)
  • Manually entered health metrics
  • Authorization settings for data sharing

3.2 Automatically Collected Data

  • Device and browser information
  • Log data (access times, IP address)
  • Security and audit logs

We do not collect data from healthcare providers or institutions without your direct action.

4. Health and Sensitive Data

Health data uploaded to the Service is considered sensitive personal data.

You control:

  • What data is uploaded
  • Who can access it
  • When access is revoked

We process such data only to provide the Service as requested by you.

5. How We Use Your Data

We use your data to:

  • Provide and operate the Service
  • Store, organize, and display your health information
  • Enable user-authorized data sharing
  • Improve security and prevent abuse
  • Comply with legal obligations

We do not sell personal or health data.

6. Automated Processing and AI

The Service may use automated systems, including artificial intelligence, to:

  • Extract structured data from uploaded documents
  • Generate summaries for organizational purposes

These processes:

  • Are informational only
  • Do not provide medical advice
  • Do not replace original documents

7. Legal Bases for Processing

Depending on jurisdiction, we rely on:

  • Your explicit consent
  • Your role as data subject and controller
  • Legitimate interests related to security and service operation
  • Compliance with legal obligations

8. Data Sharing

We share data only:

  • With parties you explicitly authorize
  • With service providers necessary to operate the Service (under confidentiality obligations)
  • When required by law

All access is logged and auditable.

9. Data Retention

We retain personal data:

  • For as long as your account remains active
  • Or as required to comply with legal obligations

You may request deletion of your data, subject to applicable legal requirements.

10. Data Security

We implement reasonable technical and organizational measures, including:

  • Encryption at rest and in transit
  • Access controls
  • Monitoring and logging

No system is completely secure, and we cannot guarantee absolute security.

11. Data Breach Notification

In the event of a data breach affecting personal or health data, we will notify affected users and authorities as required by applicable law.

12. Your Rights

Depending on your location, you may have the right to:

  • Access your data
  • Correct inaccurate data
  • Export your data
  • Delete your data
  • Withdraw consent

Requests can be made via dpo@janusmed.app.

13. International Transfers

Your data may be processed or stored in countries other than your own.

We take steps to ensure adequate protection consistent with applicable laws.

14. Children's Privacy

The Service is not intended for children under the age of 13 (or equivalent minimum age under local law).

15. Changes to This Policy

We may update this Privacy Policy from time to time.

Material changes will be communicated through the Service.

16. Contact

For privacy-related questions, contact:

dpo@janusmed.app