Privacy Policy

RadLogs Ltd operates the RadLogs service at radlogs.app. We are the data controller for the personal data you provide to us.

Contact: hello@radlogs.app

Account data: Your email address, display name, and specialty when you register.

Usage data: Follow-up entries you create including accession numbers, imaging findings, modality, interval, due dates, notes, and any images you upload.

Technical data: IP address, browser type, and usage logs for security and performance monitoring.

Payment data: If you subscribe to a paid plan, payment is processed by Stripe. We do not store card details.

RadLogs is designed to be used with accession numbers and imaging findings only — not patient names, dates of birth, or other identifying patient data. Please do not enter patient identifiers.

To provide the Service: Storing and displaying your follow-up entries, sending reminder emails, and maintaining your account.

To communicate with you: Sending follow-up reminders, product updates, and security notifications. You can opt out of non-essential emails in Settings.

To improve the Service: Aggregated, anonymised usage data helps us understand how the product is used. We never sell data or use it for advertising.

We process your data on the following bases:

• Contract: Processing necessary to provide the Service you have signed up for.
• Legitimate interests: Security monitoring, fraud prevention, and product improvement.
• Consent: Marketing communications, which you may withdraw at any time.

Your data is stored in Supabase (hosted on AWS, EU West region). Images are stored in Supabase Storage with private access controls — only you can access your uploaded images.

All data is encrypted in transit (TLS) and at rest. Access to production data is restricted to authorised personnel only.

We retain your data for as long as your account is active. Upon deletion, data is removed within 30 days.

We use the following third-party services to operate RadLogs:

Under GDPR and applicable law, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data (via Settings)
• Delete your account and all associated data (via Settings → Security → Delete account)
• Export your data in a portable format
• Object to processing based on legitimate interests
• Withdraw consent for marketing communications at any time

To exercise any of these rights, email hello@radlogs.app. We will respond within 30 days.

RadLogs uses strictly necessary cookies for authentication session management only. We do not use tracking, analytics, or advertising cookies.

Your data may be processed in the United States (Vercel, Stripe) and the European Union (Supabase EU West). Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses).

RadLogs is intended for use by healthcare professionals and is not directed at children under 18. We do not knowingly collect data from minors.

We may update this policy from time to time. We will notify you of material changes by email. Continued use of the Service after changes constitutes acceptance.

For privacy-related queries: hello@radlogs.app

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.