Privacy Policy
This policy page is now written as a complete product page. It explains what data the Clinical Rounds workspace captures in the prototype and what the final application will protect once the interfaces move into the Next and Supabase implementation.
Clinical Rounds may process account details, institution metadata, generator prompts, generated case artifacts, preview states, learner session records, analytics summaries, faculty review notes, and internal debug references. In the prototype layer these items are represented as interface structures; in the production application they will map to authenticated user records, case rows, version tables, and audit surfaces.
The platform is designed to support diagnosis-focused learning. Data is collected to generate cases, preserve session continuity, review learner decisions, identify reasoning patterns, support institutional faculty workflows, and maintain operational visibility for deployment and debugging. We do not present this workspace as a public content feed; it is a controlled clinical learning environment.
Institutional users should have visibility only into the workspaces, cohorts, and review views appropriate to their role. Once we move the prototype into the real application, retention periods, deletion workflows, and export controls should be enforced through authenticated services rather than static pages. Support or institutional administrators may request correction, export, or removal review for stored records in accordance with program requirements.
The final application is expected to protect this workflow with real authentication, role-based access, secured environment variables, server-side data access, and managed persistence. The current HTML prototypes are intentionally presentation-first. They define the product surface and information model, not the final security implementation.
