Legal

Privacy Policy

Last updated: April 2026

Zero patient data storage

HistoCraft does not store any patient data, health records, or diagnostic information on its servers. All patient-related data is processed exclusively in your browser.

1. Our Core Privacy Commitment

  • HistoCraft does NOT store any patient data, patient-identifiable information, or health-related data on its servers. This is a fundamental architectural decision, not merely a policy choice.
  • All patient-related data entered into the application (including patient names, specimen descriptions, diagnostic findings, microscopy descriptions, conclusions, and report content) is processed exclusively within your web browser. This data is never transmitted to, received by, or stored on HistoCraft's servers.
  • When you close your browser tab or navigate away from the application, all patient-related data is permanently discarded from browser memory.
  • HistoCraft cannot access, recover, or reconstruct any patient data because it was never transmitted to our servers in the first place.
  • This architecture means that HistoCraft does not process "special categories of personal data" (health data) as defined in Article 9 of the General Data Protection Regulation (GDPR).

2. Information We Do Collect

  • Account information: your name and email address, provided when your account is created. This is required for authentication (magic link login) and account management.
  • Subscription information: your subscription plan, billing period, and payment provider reference (e.g., PayPal subscription ID). We do not store credit card numbers, bank account details, or other payment instrument data. All payment processing is handled by our payment provider (PayPal).
  • Application preferences: your chosen theme, editor settings, and template language preference. These are stored to personalize your experience.
  • Device and session information: IP address, browser type, and session identifiers, collected for security purposes (rate limiting, session management, and protection against unauthorized access).
  • We do NOT collect: patient names, patient identifiers, specimen data, diagnostic content, report content, medical images, or any other health-related information.

3. Legal Basis for Processing (GDPR Article 6)

  • Contractual necessity (Article 6(1)(b)): we process your account information and preferences to provide the HistoCraft service as agreed when you created your account.
  • Legitimate interest (Article 6(1)(f)): we process IP addresses and session data for security purposes (preventing unauthorized access, rate limiting, and fraud detection). This processing is proportionate and does not override your fundamental rights.
  • Legal obligation (Article 6(1)(c)): we may process certain data to comply with applicable legal obligations, such as tax and accounting requirements for paid subscriptions.
  • We do not rely on consent as a legal basis for processing because all our processing is either necessary for the service, required for security, or mandated by law.

4. How We Use Your Information

  • To authenticate your identity using magic link emails and maintain your session.
  • To manage your subscription and provide access to the features included in your plan.
  • To personalize your experience with your stored preferences (theme, editor settings, template language).
  • To protect the security and integrity of the service through rate limiting, session management, and monitoring for unauthorized access.
  • To send transactional emails: magic login links and, if applicable, subscription-related notifications. We do not send marketing emails.
  • To comply with legal obligations and respond to lawful requests from competent authorities.

5. Data Sharing

  • We do not sell your data. We have never sold user data and will never do so.
  • We do not share your data with advertisers, marketing companies, data brokers, or any third parties for commercial purposes.
  • We do not use your data to train artificial intelligence or machine learning models.
  • Payment processing: when you subscribe, your payment is processed by PayPal. PayPal receives only the information necessary to process your payment (email address, subscription plan). PayPal's handling of your data is governed by PayPal's own privacy policy.
  • Google Drive: if you use the optional "Import from Google Drive" feature, you authenticate directly with Google. HistoCraft only accesses the specific file you select. No Google Drive data is stored on our servers. See Section 9 for details.
  • Legal requirements: we may disclose information if required by law, court order, or to protect the rights, safety, or property of our users or the public.

6. Data Storage & Security

  • Your account data is stored in encrypted databases hosted on secure infrastructure within the European Union.
  • All data in transit is encrypted using TLS (Transport Layer Security).
  • Database backups are encrypted at rest and automatically deleted after 30 days.
  • Access to production systems is restricted to authorized personnel and protected by SSH key authentication.
  • We do not store passwords. Authentication is handled exclusively through magic links sent to your verified email address.
  • We conduct regular security reviews, including rate limiting, CSRF protection, Content Security Policy (CSP), input sanitization, and session management.

7. Your Rights Under GDPR

  • As a data subject under the General Data Protection Regulation (EU 2016/679), you have the following rights regarding your personal data:
  • Right of access (Article 15): you can request a copy of all personal data we hold about you. Since we only store account data (name, email, preferences), this is straightforward.
  • Right to rectification (Article 16): you can update or correct your personal information at any time through your account profile page.
  • Right to erasure (Article 17): you can request deletion of your account and all associated data. We will comply within 30 days. Since we do not store patient data, there is no patient data to delete.
  • Right to data portability (Article 20): you can request your account data in a structured, machine-readable format.
  • Right to restrict processing (Article 18): you can request that we limit how we use your data in specific circumstances.
  • Right to object (Article 21): you can object to processing of your data based on legitimate interest.
  • Right to lodge a complaint: you have the right to lodge a complaint with your national data protection authority. In Romania, this is the ANSPDCP (Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal) at www.dataprotection.ro.
  • To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Retention

  • Active accounts: your account data (name, email, preferences) is retained as long as your account is active.
  • Inactive subscriptions: if your subscription expires and is not renewed, your account remains accessible with reduced features.
  • Account deletion: when you request account deletion, all personal data is permanently removed within 30 days.
  • Backup rotation: encrypted backups that may contain account data are automatically deleted within 30 days of creation.
  • Security logs: IP addresses and session data retained in security logs are automatically purged after 90 days.
  • Patient data: not applicable. We do not store patient data, so there is no patient data to retain or delete.

9. Third-Party Services — Google Drive

  • HistoCraft offers an optional "Import from Google Drive" feature that allows you to import documents directly from your Google Drive account into the editor.
  • When you use this feature, you authenticate with Google using your own Google account through a standard OAuth 2.0 flow. HistoCraft never sees or stores your Google password.
  • HistoCraft only accesses the specific file you select through the Google Picker interface. We do not browse, index, or access any other files in your Google Drive.
  • The selected file is downloaded temporarily in your browser to convert it into editor-compatible content. No copy of the original file is stored on our servers.
  • We do not store Google OAuth tokens beyond the current browser session. Tokens are used solely to download the selected file and are discarded immediately after.
  • You can revoke HistoCraft's access to your Google account at any time by visiting your Google Account permissions page (myaccount.google.com/permissions).
  • HistoCraft's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

10. Cookies & Tracking

  • We use only strictly necessary cookies that are essential for the application to function. These include:
  • Authentication cookies: session tokens that keep you logged in. These are httpOnly, secure, and expire when your session ends.
  • Security cookies: CSRF (Cross-Site Request Forgery) protection tokens.
  • Preference cookies: your theme and editor settings.
  • We do NOT use: advertising cookies, tracking cookies, social media cookies, third-party analytics cookies (Google Analytics or similar), fingerprinting techniques, or any other non-essential tracking technologies.
  • Because all our cookies are strictly necessary for the service to function, we are not required to obtain cookie consent under the EU ePrivacy Directive. However, we believe in full transparency about the technologies we use.

11. International Data Transfers

  • Your data is stored and processed within the European Union. We do not transfer personal data outside the EU/EEA.
  • Third-party services (PayPal, Google Drive) may process data in accordance with their own privacy policies and data transfer mechanisms. Both companies maintain EU-approved data transfer safeguards.

12. Children's Privacy

  • HistoCraft is designed for licensed healthcare professionals. The service is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors.

13. Data Controller

  • The data controller for your personal data is HistoCraft, operated from Romania.
  • For all privacy-related inquiries, including exercising your GDPR rights, contact us at [email protected].
  • Supervisory authority: Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal (ANSPDCP), B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, Bucharest, Romania. Website: www.dataprotection.ro.

14. Changes to This Policy

  • We may update this privacy policy from time to time. We will notify you of significant changes by email or through the application.
  • The date at the top of this page indicates when the policy was last updated.
  • Continued use of the service after changes constitutes acceptance of the updated policy.

Have questions about our privacy practices?