Your privacy and the confidentiality of your medical data are central to this application. We follow strict privacy-by-design principles to ensure your information is secure, private, and never retained beyond what is necessary to generate your requested analysis.
Data Handling
- Uploaded files (PDF, JPG, TXT) are processed temporarily in server memory and are never stored permanently.
- Reports are generated on-demand and made immediately available for on-screen viewing and download.
- Upon logout, any server-side report file is automatically deleted.
- No personal identifiers or medical content are stored, reused, or shared with any party.
- Data is processed strictly for primary use β generating your requested report. It is not stored, reused, or applied to secondary research or AI model training.
- Data Minimization & Provenance: In accordance with the final EHDS Regulation (2025), all health-related inputs are processed only for the explicit purpose of providing an interpretation. No metadata, identifiers, or provenance information are retained or made available for secondary use.
- We comply with the principles of the European Health Data Space (EHDS), ensuring that you remain in full control of your health data at all times.
- You have the right to data portability. Upon request, we can provide your uploaded content and generated report in a standardized format (e.g., PDF, JSON/FHIR export).
Third-Party Services
- The application integrates with trusted providers for authentication, AI processing, and secure payments.
- All third-party services are fully compliant with GDPR and other international data protection standards.
- No uploaded content or identifiable user data is shared beyond what is strictly necessary to fulfill the user's request.
Security
- All data transmission is encrypted using HTTPS.
- API keys, tokens, and credentials are securely managed via environment variables on the server.
- No user credentials or medical content are logged, stored, or visible to the development team.
Your Rights and Data Privacy
- This application is designed to require minimal data.
- No uploaded lab reports or test files are stored β all processing occurs in real time and is automatically discarded after analysis.
- Only essential data (e.g., name, email, and Supabase session data) is retained for authentication purposes, and users can request its deletion at any time.
- Users can request deletion of their account and all associated data by
emailing with the subject line "Data Deletion Request".
All personal information will be permanently deleted within 30 days.
Financial transaction records required for compliance may be retained for up to 90 days before anonymization.
- For any request concerning EHDS or GDPR rights (access, correction, deletion, portability), please email with the subject line βData Rights Request.β
Standards and Compliance
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- HIPAA-inspired safeguards for protecting health-related data
- European Health Data Space (EHDS) β fully aligned for primary use only, with no secondary data sharing or reuse.
- Cross-border safeguards: No health data is transferred outside the European Economic Area except to subprocessors that guarantee equivalent protection under GDPR Art. 46.
Educational Use Disclaimer
AI LabTest provides educational insights only and is not intended to diagnose, treat, or replace professional medical advice.
All interpretations are informational and should not be used for clinical or diagnostic purposes.
For medical evaluation or treatment, always consult a qualified healthcare provider.
Note: This application is not a HIPAA-covered entity and does not provide medical advice, diagnosis, or treatment.
β¬ Understand Your Lab Results in Seconds β¬
Try ai-labtest.com β
