Privacy Policy
Last updated: 2026-07-05
This policy describes how Read Your Scan handles your data. Health data is special-category personal data; we process it only with your explicit consent and to provide the service you request.
What we process
- Account data: email and authentication identifiers.
- Imaging you upload — de-identified in your browser(converted to NIfTI) before it is stored.
- Analyses, generated reports, and your questions and answers.
- Billing records (via Stripe; we do not store card numbers).
How we use it
- To reconstruct and display your studies and to generate explanations you request.
- To operate accounts, credits, and payments.
- We do not sell your data or share it with third parties except the processors needed to run the service.
Processors
We rely on infrastructure and model providers (e.g. hosting, database and storage, and AI providers) under data-processing agreements. Before handling protected health information at scale, these are covered by the appropriate agreements (e.g. HIPAA BAAs) — see the compliance notes in the project documentation.
Security
Data is encrypted in transit and at rest. Access is restricted and sensitive actions are audit-logged.
Your rights
- Export your data as JSON from your account page.
- Delete your data or your entire account at any time.
- Withdraw consent by deleting your account.
Contact
For privacy requests, contact the address listed on the site.