Version: 1.0.0 | Effective Date: March 2026 | Last Updated: March 3, 2026
ProstPlan AI is operated by [Entity Name / Developer], hereinafter "Controller". Controller / DPO contact: [insert email]
| Category | Examples | Legal Classification |
|---|---|---|
| Authentication Data | Email, name (via OAuth), provider ID | Personal data |
| Numeric Clinical Data | PSA, Gleason, ISUP, prostate volume, PI-RADS | Health data (sensitive) |
| Medical Reports (PDF) | Biopsy and MRI reports | Health data (sensitive) + PHI |
| Usage Data | Access timestamps, actions performed, modules used | Operational metadata |
| Audit Data | Calculation logs, physician changes, input hashes | Operational metadata |
| Feedback Data | Error reports, problem type, description | Personal data |
| Purpose | Legal Basis (GDPR) | Legal Basis (LGPD) |
|---|---|---|
| Authentication and access control | Art. 6(1)(b) — contract performance | Art. 7, I — consent |
| PDF data extraction (via Gemini API) | Art. 9(2)(a) — explicit consent | Art. 11, I — specific consent |
| Clinical calculations (PRECE, PLND, etc.) | Art. 9(2)(h) — preventive medicine | Art. 11, II(f) — health protection |
| Audit and traceability | Art. 6(1)(c) — legal obligation | Art. 7, II — legal obligation compliance |
Principles applied: Minimisation, Purpose limitation, Storage limitation (PDFs not persisted), Integrity and confidentiality (TLS 1.3, AES-256), Privacy by Design.
Explicit consent is obtained on first access to the Service and after each material update to the Privacy Policy.
Subprocessors: Supabase (AWS) — authentication, Edge Functions; Google Cloud (Gemini API) — PDF extraction; Cloudflare — frontend hosting.
| Data Type | Period |
|---|---|
| Authentication data | While account is active |
| Report PDFs | No persistence — discarded after extraction |
| Audit logs | 5 years |
| Consent records | 5 years after relationship ends |
Encryption in transit (HTTPS/TLS 1.3), encryption at rest (AES-256), OAuth 2.0 authentication, optional MFA, Row Level Security, rate limiting.
Under GDPR and LGPD, the User has the right to: Access, Rectification, Erasure, Portability, Objection, Restriction, Consent withdrawal. To exercise your rights: contact the Controller. Response time: GDPR up to 30 days; LGPD up to 15 business days.
The Service uses localStorage for clinical cases, language preference and version control. It does not use tracking, advertising or analytics cookies.
Material changes will be communicated via in-app modal on next login. New consent will be requested if the change affects the legal basis or data categories processed.
To exercise your rights or for questions: Email: [insert DPO / controller email]. Form: Available in-app ("Report" button).
| Version | Date | Change |
|---|---|---|
| 1.0.0 | March 2026 | Initial version |