Privacy Policy

Last updated: April 2026

Carelyx ("we", "our", or "us") provides a clinical workflow platform designed for oncology clinics. We are committed to protecting the privacy and security of patient and user data.

Sections: 1. Data We Collect 2. How We Use Data 3. Storage & Security 4. Data Sharing 5. Retention 6. User Rights 7. AI Processing 8. Compliance 9. Changes 10. Contact

1. Data We Collect

We may collect the following types of data:

Patient data (name, diagnosis, treatment, symptoms)
User account data (name, email, role)
Usage data (system activity, logs)

2. How We Use Data

Data is used to:

Provide and operate the Carelyx platform
Enable clinical workflows and patient tracking
Generate AI-based insights and alerts
Improve system performance and reliability

3. Data Storage & Security

All data is stored on secure infrastructure in the EU (London region).

We use encryption in transit (HTTPS) and at rest. Access is controlled via role-based permissions.

4. Data Sharing

We do not sell, rent, or share patient data with third parties.

Data may be processed by infrastructure providers strictly for system operation.

5. Data Retention

Data is retained while your account is active.

Upon account closure, data is permanently deleted within 30 days unless legally required otherwise.

6. User Rights

You have the right to:

Access your data
Request correction
Request deletion
Export your data

7. AI Processing

Carelyx uses AI to analyze structured patient data and generate insights.

AI outputs are designed to be explainable and assist clinical decision-making — not replace it.

8. Compliance

Carelyx is designed with GDPR principles and healthcare data protection standards in mind.

Formal certifications are in progress (target: Q2 2026). See Security & Compliance for details.

9. Changes

We may update this policy from time to time. Updates will be posted on this page.

10. Contact

For privacy-related inquiries, contact: [email protected]