• Overview: Odiview (the “Service”) processes patient imaging and report data for clinical documentation. This policy explains how we handle personal and medical information.
  • Data We Collect: account details (name, email, role) and examination data, images uploaded or captured, device info (model, OS, IP).
  • Use of Data: authenticate users, generate clinical reports/pdfs and maintain security (fraud detection, backups).
  • Sharing: Supabase hosting, analytics, email/SMS providers, and regulators when legally required. Vendors act under data-processing agreements; no third-party advertising.
  • Storage & Retention: encrypted at rest/in transit; keep data while the account is active or as mandated by medical record laws, then delete or anonymize.
  • International Transfers: servers may reside outside your country; we rely on SCCs or equivalent safeguards.
  • User Rights: access, correction, deletion, portability, restriction, objection.
  • Security: RBAC, MFA, logging, vulnerability management. Report incidents to us immediately.
  • Children: service intended for licensed professionals; no direct child accounts.
  • Updates: version/date stamp; notify via in-app banner or email 30 days before material changes.