← Back to EchoProb

Privacy Policy

1. Who We Are

EchoProb is a web-based clinical decision support (CDS) tool created by Andrew Malashock, RDCS, FASE. EchoProb accepts numeric echocardiographic measurements and returns probability-weighted grading assessments based on published guidelines. It is exempt from FDA device regulation under the 21st Century Cures Act (2016) Section 3060.

2. What We Collect

Data Type	Examples	Storage	Retention
Account data	Email, name, credential, institution	Supabase (PostgreSQL, AWS us-east-1)	Until account deletion
Echocardiographic measurements	EROA, VC, RegVol, LVEF, TAPSE	Not stored. Processed in memory, returned to your browser, then discarded.	None (stateless)
Study snapshots	Saved module results and numeric measurements, de-identified	Your device (browser localStorage) and Supabase (account-scoped, RLS-protected) so your studies sync across devices. A client-side scrub redacts common PHI patterns before any sync.	Until account deletion
Quiz Mode attempts	Submitted grade, score, difficulty	Supabase	Until account deletion
API audit logs	Endpoint, user ID, module, IP, status	Supabase	90 days, then deleted
Billing data	Subscription status, trial dates	Supabase (status only); Stripe (payment details)	Per Stripe retention policy
Analytics	Anonymous page views, feature events	Plausible Analytics (EU-hosted, cookieless)	Per Plausible retention policy

3. What We Do NOT Collect

• Protected Health Information (PHI): No patient names, dates of birth, medical record numbers, Social Security numbers, or any HIPAA-defined identifiers
• Medical images: No DICOM, ultrasound clips, still frames, or image data
• Medical signals: No ECG, waveform, or physiological signal data
• Location data: No GPS, geolocation, or facility identification
• Device identifiers: No serial numbers, hardware IDs, or biometric data

Your Responsibility

You are instructed at first login and at study creation to never enter protected health information. Use de-identified case labels (e.g., "Case A" or "EP-042"), not patient names or MRNs.

4. How Grading Works (Data Flow)

When you submit measurements, your browser sends them to our serverless grading function. The function processes the values in memory, computes a probability distribution, returns the results to your browser, and discards the input values. Measurement data is never stored, logged, or persisted on our servers.

5. Cookies and Analytics

EchoProb uses the following cookies and similar technologies:

• Essential cookies: Supabase authentication session (required for login). These are strictly necessary and do not require consent.
• Analytics: Plausible Analytics, a privacy-focused, cookieless analytics service. Plausible does not use cookies, does not collect personal data, and does not track users across sites. No consent banner is required. All analytics data is aggregated and anonymous.

We do not use advertising cookies, tracking pixels, or third-party remarketing.

6. Third-Party Processors

Service	Purpose	Data Shared
Supabase	Database, authentication	Account data, quiz attempts, audit logs
Netlify	Hosting, serverless functions	HTTP requests (no measurement data persisted)
Stripe	Payment processing	Email, subscription status
Sentry	Error monitoring	Error stack traces (no PII or measurements)
Resend	Transactional email	Email address (welcome email)
Plausible Analytics	Usage analytics (cookieless)	Anonymous page views, feature events

7. Data Security

• All traffic encrypted via HTTPS (TLS 1.2+)
• HSTS enabled with preload
• Content Security Policy headers on all responses
• Row-level security on all database tables
• Server-side input sanitization on all text fields
• Rate limiting on all API endpoints
• Scoring engine runs server-side only; never included in client bundle

8. HIPAA

EchoProb is not currently HIPAA-compliant and does not process, store, or transmit PHI. For institutional deployments requiring HIPAA compliance, a Business Associate Agreement (BAA) is planned for Q4 2026. The architecture is HIPAA-ready: measurement data is stateless, audit logging is in place, and all data is encrypted in transit.

9. Your Rights

You may:

• Access your data via the Profile page and Study Mode
• Export your study data via report PDF or clipboard
• Delete your account and all associated data from the Profile page
• Opt out of the leaderboard via the privacy toggle in Profile
• Analytics are cookieless and require no consent; no personal data is collected

When you delete your account, we permanently remove your profile, quiz history, learning stats, referral records, and audit log entries. Study snapshots stored on your device are not affected (they were never on our servers).

10. Data Retention

Data	Retention	Deletion
Account data	Until deletion or 2 years of inactivity	Account deletion (Profile page or email request)
Study snapshots	You control (device storage)	Clear browser data or delete in-app
Quiz attempts	Until account deletion	Cascade deleted with account
API audit logs	90 days	Scheduled cleanup
Rate limit records	5 minutes	Auto-purged

11. International Users

EchoProb is hosted in the United States (AWS us-east-1 via Supabase, Netlify CDN). If you access EchoProb from outside the US, your data may be transferred to and processed in the US. By using EchoProb, you consent to this transfer.

For EU/EEA users: we process data under legitimate interest (providing the service you requested) for essential functions, and under consent for analytics. You may exercise your GDPR rights by deleting your account in the app or contacting us.

12. Children

EchoProb is a professional clinical tool. It is not intended for users under 18.

13. Changes to This Policy

We will update this policy as features change (particularly for institutional licensing, HIPAA BAA, and international deployments). Material changes will be communicated via email or in-app notice. The effective date at the top of this page will always reflect the latest version.

14. Contact

Questions about this policy: amalashock@gmail.com