Privacy Policy

Last updated: 21 February 2026

1. General

CodeSoft Lab LLC, owner and operator of the BrainRM application, is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR - EU 2016/679) and applicable national data protection law. This policy explains how we collect, use and protect your data.

2. Data We Collect

We collect the following categories of data:

  • Account information: Name, email, phone, specialty
  • Patient data: Full name, contact details, medical history (entered by you)
  • Usage data: Login information, actions performed on the platform
  • Technical data: IP address, browser type, device

3. Purpose of Processing

Your data is used to:

  • Provide and improve our services
  • Manage your account
  • Send notifications and reminders
  • Provide technical support
  • Comply with legal obligations

4. Legal Basis for Processing

Processing is based on the contractual relationship (provision of the service), your explicit consent, our legitimate interests and compliance with legal obligations.

5. Data Security

We apply technical and organizational security measures, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Role-based access control (RBAC)
  • Row-level security policies (RLS)
  • Regular backups
  • Audit logs

6. Your Rights

Under the GDPR, you have the right to:

  • Access: Find out which of your data we hold
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Receive your data in a readable format
  • Objection: Object to the processing
  • Withdrawal: Withdraw your consent at any time

7. Disclosure to Third Parties

We do not sell or disclose your data to third parties for commercial purposes. We may share data only with service providers necessary for the operation of the platform (e.g. hosting, email), under strict confidentiality agreements.

8. Retention Period

Your data is retained for as long as your account is active and for 5 years after its deletion, unless the law requires a longer period (e.g. medical records).

9. Cookies

We use only essential cookies for the operation of the platform (authentication, preferences). We do not use tracking or advertising cookies.

10. Contact

For questions about data protection or to exercise your rights, contact us at info@codesoftlab.com.