Privacy Policy
How we collect, use, and protect your personal information in accordance with GDPR.
Last Updated: January 15, 2026
Digital Pathology Solutions is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
1. Information We Collect
Personal Information
We may collect personal information that you voluntarily provide to us when you register for our services, express interest in obtaining information about us or our products, or otherwise contact us. This includes names, email addresses, phone numbers, job titles, and organization names.
We may also collect professional credentials, institutional affiliations, and specialty areas when you create an account for our clinical tools. This information helps us customize your experience and ensure you have access to the appropriate features for your role and qualifications.
Usage Data
We automatically collect certain information when you visit, use, or navigate our services. This information may include device and usage information, such as your IP address, browser type, operating system, access times, and pages viewed.
Our diagnostic tools may also process anonymized tissue samples and pathology images that you submit for analysis. This data is used solely for providing our services and, with your consent, may contribute to improving our AI algorithms through machine learning.
2. How We Use Your Information
We use the information we collect to provide, maintain, and improve our services; to communicate with you about products, services, and events; to respond to your inquiries and provide customer support; to detect, prevent, and address technical issues and security threats; and to comply with legal obligations.
We also use your information to personalize your experience, recommend relevant features and content, conduct research and development to improve our AI models, and send you important updates about our services, including security alerts and policy changes. Marketing communications are only sent with your explicit consent.
4. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.
Our security measures include AES-256 encryption for data at rest, TLS 1.3 for data in transit, multi-factor authentication, role-based access controls, regular penetration testing, and continuous monitoring for suspicious activities. We maintain SOC 2 Type II compliance and undergo annual third-party security audits.
5. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.
Specifically, account information is retained for the duration of your account plus 7 years for legal compliance. Diagnostic data is retained according to applicable medical records retention requirements, which may vary by jurisdiction. You may request deletion of your data at any time, subject to legal retention requirements.
6. Your Rights (GDPR)
If you are a resident of the European Economic Area, you have certain data protection rights including the right to access, correct, or delete your personal information; the right to restrict or object to processing; the right to data portability; and the right to withdraw consent at any time.
To exercise any of these rights, please contact our Data Protection Officer using the contact information provided below. We will respond to your request within 30 days as required by GDPR. In some cases, we may need to verify your identity before processing your request. You also have the right to lodge a complaint with a supervisory authority.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
When transferring data outside the European Economic Area, we use Standard Contractual Clauses approved by the European Commission, ensure the receiving country has an adequacy decision, or implement other appropriate safeguards as required by GDPR. Our primary data centers are located in the EU, with backup facilities in secure jurisdictions.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.
For material changes to this policy, we will provide prominent notice at least 30 days before the changes take effect. This may include email notification, a banner on our website, or in-app notifications. Your continued use of our services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.
10. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at:
Our Data Protection Officer can assist you with privacy-related inquiries, data subject access requests, and any concerns about how we handle your personal information. We are committed to resolving complaints and addressing your concerns promptly and transparently.