Privacy Policy
STRUCTA MED ('we', 'our', 'the Service') is a clinical decision support platform. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR / DSGVO). By using STRUCTA MED, you agree to this policy. Last updated: April 2026.
1. Data We Collect
We collect: (a) Account data — email address, subscription plan, usage counts. (b) Analysis history — clinical text, lab values, and AI-generated summaries that you submit for analysis. (c) Technical data — IP address, browser type, and access logs for security purposes. We do not collect data you do not explicitly submit.
2. Legal Basis for Processing
We process your data based on: (a) Contract performance — to provide the analysis service you requested. (b) Legitimate interest — to maintain security and improve the service. (c) Consent — for optional features. Laboratory and clinical data constitutes special category data under Art. 9 GDPR. By submitting such data, you explicitly consent to its processing for the purpose of generating your analysis results.
3. Data Storage & Retention
Account data is stored for the duration of your account. Analysis history (submitted lab data and results) is stored in your personal case history to allow you to review past analyses. No PDF files are stored on our servers — they are processed in memory and discarded immediately. You may delete individual analyses at any time from your history. Upon account deletion, all associated data is permanently removed.
4. Data Security
We implement the following technical measures: (a) All data is transmitted via HTTPS/TLS encryption. (b) Database access is protected by Row Level Security (RLS) — each user can only access their own data. (c) No medical data is shared with third parties. (d) AI processing is performed via Anthropic API — submitted text is processed per their data processing agreement and is not used to train models.
5. Your Rights under GDPR
You have the right to: Access your data (Art. 15 GDPR) — request a copy of all data we hold about you. Rectification (Art. 16) — correct inaccurate data. Erasure (Art. 17) — request deletion of your account and all associated data. Portability (Art. 20) — receive your data in a structured format. Objection (Art. 21) — object to processing. To exercise any right, contact: support@structamed.com. We will respond within 30 days.
6. Account & Data Deletion
You may delete your account at any time from your profile settings. Upon deletion, all analysis history, account data, and associated records are permanently and irreversibly deleted from our systems within 30 days. To request manual deletion, contact support@structamed.com.
7. Cookies
STRUCTA MED uses only essential cookies required for authentication and session management. We do not use tracking, advertising, or analytics cookies. No cookie consent banner is required as we only use strictly necessary cookies.
8. Contact & Data Controller
Data Controller: STRUCTA MED. Email: support@structamed.com. Website: structamed.com. For any privacy-related requests, contact us at support@structamed.com.