shield Privacy Policy

How we protect
your information

Updated March 2, 2026

PharmaTools.AI ("we", "our", or "us") is committed to protecting your privacy and handling data responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit www.pharmatools.ai, use our progressive web apps, mobile applications (e.g., Patiently AI, HushMap), or interact with our AI-powered tools and services.

Introduction

Your privacy matters to us. This policy outlines how we handle data across our platforms, including Patiently AI and other AI-driven tools.

We design our products using privacy-by-design and data-minimisation principles, meaning we aim to collect the least amount of personal information necessary and apply safeguards such as on-device processing and temporary AI handling wherever possible.

Information we collect

2.1 Personal information

We may collect personal information you provide, including:

Name and email address when registering or subscribing
Payment details where applicable
Login credentials

2.2 Usage data

We automatically collect:

IP address, browser type, device type, and operating system
Interaction data relating to our website, PWAs, tools, or apps

This information helps maintain performance, security, and service reliability.

2.3 App-specific data (Patiently AI)

local_hospital Patiently AI data handling

Medical notes: Processed temporarily for simplification and not stored
On-device redaction: Where supported, identifiable information (such as dates, phone numbers, postcodes, or similar identifiers) may be removed locally on your device before AI processing
Medications and symptoms: Stored securely only to provide user functionality
Audio recordings: Processed for transcription and deleted after processing
App analytics: Aggregated, anonymised insights
Device information: Non-identifiable performance data

2.4 AI tool inputs and outputs

AI tools may process text or audio inputs and generate outputs such as summaries, explanations, or compliance feedback. Data is processed only to deliver the requested functionality and is not retained unless explicitly stated.

2.5 Security and abuse prevention

Security tools such as Captcha or rate-limiting systems may collect browser and IP information to prevent misuse.

How we use your information

We use information to:

Provide and improve services
Maintain platform safety and reliability
Respond to enquiries
Prevent fraud or abuse
Enhance product performance through aggregated analysis

3.1 AI processing

AI tools process data solely to deliver requested functionality
Identifiers may be removed locally before transmission where supported
Third-party AI processing providers may process submitted content temporarily
Outputs are generated automatically and may contain inaccuracies; they are designed to support, not replace, professional or clinical judgement

Legal basis for processing

Depending on the activity, processing may rely on:

Performance of a contract
Legitimate interests in operating and improving our services
User consent

Data retention

We retain data only as long as necessary:

AI tool inputs: Not stored after processing unless clearly stated
Audio recordings: Deleted after transcription
Medications and symptoms: Retained only for user functionality
Aggregated analytics: Fully anonymised and not identifiable

Disclosure of your information

We may share data with trusted processors including:

AI processing providers
Cloud hosting and infrastructure providers
Analytics or security services

We do not sell personal data. Data may also be disclosed where legally required.

Third-party services

Our platforms may use services such as:

OpenAI or similar AI providers
Perplexity (AI-powered search and reference verification)
Firebase / Google Cloud infrastructure
Railway (application hosting and deployment)
Resend (transactional email delivery)
Apple or Google authentication services
Mapping services for HushMap

These providers process data under their own privacy policies.

Data security and privacy by design

We apply layered safeguards including:

HTTPS encryption in transit
Secure cloud infrastructure
On-device redaction and data minimisation where available
Role-based access controls where applicable
Continuous review of privacy risks through internal assessments

Our design approach aligns with recognised privacy and security frameworks used in UK and international digital health environments.

Data Protection Impact Assessment

A DPIA has been completed for Patiently AI to evaluate risks related to processing health-related content and to implement appropriate safeguards.

Your rights

Depending on applicable law, you may have rights to:

Access, correct, or delete your data
Restrict or object to processing
Withdraw consent

Requests can be sent to: info@pharmatools.ai

Automated processing and AI transparency

Some tools use automated AI systems to generate outputs. These tools assist understanding or workflow support but do not provide medical diagnosis, regulatory determinations, or professional advice.

Users remain responsible for reviewing outputs and consulting qualified professionals where appropriate.

Children's privacy

Our tools are not intended for children under 13. If you believe personal data from a child has been submitted, please contact us so it can be removed.

International data transfers

Data may be processed internationally using trusted cloud infrastructure. Safeguards consistent with UK GDPR and applicable data protection standards are applied.

RefCheckr (web app & Word add-in)

fact_check RefCheckr data handling

Information we collect

Email address for authentication via magic link sign-in
Document text you select and submit for verification or search
Verification history and search queries
Subscription and billing information via LemonSqueezy
Usage counts for rate limiting

How we use it

Authenticate your session and manage your account
Process selected text through AI services (Perplexity) to verify claims against published evidence
Search PubMed, ClinicalTrials.gov, and drug labelling databases on your behalf
Track usage against plan limits

AI processing

Text you submit is sent to Perplexity AI for analysis and is subject to their privacy policy
RefCheckr does not store the content of your documents beyond the duration of the request
AI-generated outputs may contain inaccuracies and should be verified independently

Word add-in

The RefCheckr Word add-in reads only the text you explicitly select in your document
No document content is accessed, stored, or transmitted without your action
Authentication tokens are stored locally in your browser's localStorage

Data retention

Verification history is stored in your account for your reference
Document text submitted for verification is not retained after processing
Account data is deleted upon request

HushMap mobile app (iOS)

map HushMap data handling

Information we collect

Location data for venue mapping and reports
Sensory ratings, comments, and timestamps
Authentication data
Device performance information

How we use it

Provide personalised sensory insights
Share anonymised sensory reports globally with users
Improve features through aggregated analysis

Storage and sharing

Reports are stored on Google Firebase and visible to app users worldwide
Personal identity details are not displayed with reports
Authentication data remains private

Your controls

Location permissions can be revoked anytime
Data deletion requests can be submitted
Uninstalling removes local device data

Data retention

Local data removed upon uninstall
Community sensory reports retained to support the shared database
Account data deleted upon request

Updates

We may update this policy from time to time. The latest version will always be published on our website.

Questions about this Privacy Policy?

info@pharmatools.ai