MedicalBenchmark

Data Protection

Privacy Policy

We are committed to transparency and the protection of your personal data. Discover how we manage your information.

Last updated: January 2025

1. Data Controller

MedicalBenchmark is the data controller for the personal data you provide us. You can contact us at any time to exercise your rights or resolve any privacy-related questions.

2. Data We Collect

We collect the following types of data:

  • Account data: Name, email address, and profile picture when you register or sign in with Google.
  • Usage data: Information about how you interact with our platform, including pages visited and actions taken.
  • Technical data: IP address, browser type, device, and operating system.

3. Purpose of Processing

We use your data to:

  • Manage your account and provide access to the platform.
  • Improve our services and develop new features.
  • Send you account-related communications (if requested).
  • Comply with legal obligations.
  • Analyze platform usage in aggregate and anonymous form.

4. Legal Basis

The processing of your data is based on:

  • Contract execution: To provide you access to the platform and its services.
  • Consent: For the use of non-essential cookies and marketing communications.
  • Legitimate interest: To improve our services and ensure platform security.

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Service providers: Such as Clerk for authentication and Convex for data storage.
  • Authorities: When required by law.

6. Your Rights (GDPR)

As a user in the European Union, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data.
  • Portability: Receive your data in a structured format.
  • Objection: Object to the processing of your data.
  • Restriction: Restrict the processing of your data.

To exercise these rights, contact us through the channels indicated on our contact page.

7. Data Retention

We retain your data while you maintain an active account. If you delete your account, we will delete your personal data within 30 days, except when retention is necessary for legal obligations.

8. Security

We implement technical and organizational measures to protect your data, including encryption in transit (HTTPS), secure authentication, and storage on secure servers.

9. Changes to this Policy

We may update this policy periodically. We will notify you of any significant changes through the platform or by email.

10. Contact

If you have questions about this privacy policy or wish to exercise your rights, you can contact us through our contact page.